opentofu/website/docs/provisioners/salt-masterless.html.md
Martin Atkins e0d72930fa website: Warn against using provisioners
For a long time now we've been advising against the use of provisioners,
but our documentation for them is pretty prominent on the website in
comparision to the better alternatives, and so it's little surprise that
many users end up making significant use of them.

Although in the longer term a change to our information architecture would
probably address this even better, this is an attempt to be explicit about
the downsides of using provisioners and to prominently describe the
alternatives that are available for common use-cases, along with some
reasons why we consider them to be better.

I took the unusual step here of directly linking to specific provider
documentation pages about the alternatives, even though we normally try
to keep the core documentation provider-agnostic, because otherwise that
information tends to be rather buried in the provider documentation and
thus the reader would be reasonable to use provisioners just because we're
not giving specific enough alternative recommendations.
2019-09-05 16:09:06 -07:00

3.9 KiB

layout page_title sidebar_current description
docs Provisioner: salt-masterless docs-provisioners-salt-masterless The salt-masterless Terraform provisioner provisions machines built by Terraform

Salt Masterless Provisioner

Type: salt-masterless

The salt-masterless Terraform provisioner provisions machines built by Terraform using Salt states, without connecting to a Salt master. The salt-masterless provisioner supports ssh connections.

-> Note: Provisioners should only be used as a last resort. For most common situations there are better alternatives. For more information, see the main Provisioners page.

Requirements

The salt-masterless provisioner has some prerequisites. cURL must be available on the remote host.

Example usage

The example below is fully functional.


provisioner "salt-masterless" {
    "local_state_tree" = "/srv/salt"
}

Argument Reference

The reference of available configuration options is listed below. The only required argument is the path to your local salt state tree.

Optional:

  • bootstrap_args (string) - Arguments to send to the bootstrap script. Usage is somewhat documented on github, but the script itself has more detailed usage instructions. By default, no arguments are sent to the script.

  • disable_sudo (boolean) - By default, the bootstrap install command is prefixed with sudo. When using a Docker builder, you will likely want to pass true since sudo is often not pre-installed.

  • remote_pillar_roots (string) - The path to your remote pillar roots. default: /srv/pillar. This option cannot be used with minion_config.

  • remote_state_tree (string) - The path to your remote state tree. default: /srv/salt. This option cannot be used with minion_config.

  • local_pillar_roots (string) - The path to your local pillar roots. This will be uploaded to the remote_pillar_roots on the remote.

  • local_state_tree (string) - The path to your local state tree. This will be uploaded to the remote_state_tree on the remote.

  • custom_state (string) - A state to be run instead of state.highstate. Defaults to state.highstate if unspecified.

  • minion_config_file (string) - The path to your local minion config file. This will be uploaded to the /etc/salt on the remote. This option overrides the remote_state_tree or remote_pillar_roots options.

  • skip_bootstrap (boolean) - By default the salt provisioner runs salt bootstrap to install salt. Set this to true to skip this step.

  • temp_config_dir (string) - Where your local state tree will be copied before moving to the /srv/salt directory. Default is /tmp/salt.

  • no_exit_on_failure (boolean) - Terraform will exit if the salt-call command fails. Set this option to true to ignore Salt failures.

  • log_level (string) - Set the logging level for the salt-call run.

  • salt_call_args (string) - Additional arguments to pass directly to salt-call. See salt-call documentation for more information. By default no additional arguments (besides the ones Terraform generates) are passed to salt-call.

  • salt_bin_dir (string) - Path to the salt-call executable. Useful if it is not on the PATH.