Skip to content
/ docker-saltstack Public

Salt masters in Docker containers

License

LGPL-3.0, GPL-3.0 licenses found

Licenses found

LGPL-3.0
COPYING.LESSER
GPL-3.0
COPYING
6 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

digitalr00ts/docker-saltstack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

98 Commits
.travis
.travis
 
 
_config
_config
 
 
_files
_files
 
 
alpine
alpine
 
 
ubuntu
ubuntu
 
 
.travis.yml
.travis.yml
 
 
COPYING
COPYING
 
 
COPYING.LESSER
COPYING.LESSER
 
 
README.md
README.md
 
 

Repository files navigation

Build Status

Saltstack Docker Container

This is my effort to run SaltStack masters in Docker containers. Published on Docker Hub.

Features

  • Automated builds
  • Available as Alpine or Ubuntu
  • TLS for API enabled by default (self-signed cert generated if no cert found)
  • Docker's in container process manager tini baked in.

Extra notes

  • The images on the official SaltStack repo are not well maintained.
  • The base images, w/o SaltStack, are separated into their own repo.

Usage

Run

docker run -d --name saltstack digitalr00ts/saltstack

Build test

docker-compose -f .travis/compose-<distro>.yaml up -d --build

Todos

  • Better testing
  • Change curl/wget url to use ARG for branch
  • Ability to build Saltstack off commit
    • and point at any git url
  • Better documentation
    • Usage / paths

Notes / FAQ

Layers - How is this container put together?

Alpine Ubuntu
Upstream Alpine Upstream Ubuntu
digitalr00ts Base:alpine digitalr00ts Base:ubuntu
SaltStack Base:alpine SaltStack Base:ubuntu
SaltStack:alpine SaltStack:ubuntu
  1. We start with the upstream OS container image
  2. Then we have a small layer that is common to most digitar00ts containers to simplify infrastructure management.
  3. After we create a layer of common dependencies for SaltStack, regardless of version.
  4. Finally, the desired version of SaltStack is installed and any version dependant dependencies are installed.

Why are there multiple services in one container?

There salt services are tightly coupled, based on both functionality and version. Therefore, we felt a monolithic container was appropriate here.

Why do the e services run as root?

Salt requires root to access such things as PAM for authentication. While many best practices suggest to not run as root, we felt the loss in functionality was not worth the trade off. See https://docs.saltstack.com/en/latest/ref/configuration/nonroot.html

License

LGPL-3.0-or-later

This is free software: you can redistribute it and/or modify
it under the terms of the Lesser GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
any later version.

This is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
Lesser GNU General Public License for more details.

You should have received a copy of the Lesser GNU General Public License
along with Foobar.  If not, see <https://www.gnu.org/licenses/>.

Copyright 2017, 2018 digitalr00ts

Anchor.io

  • Alpine: Anchore Image Overview
  • Ubuntu: Anchore Image Overview

About

Salt masters in Docker containers

Resources

Readme

License

LGPL-3.0, GPL-3.0 licenses found

Licenses found

LGPL-3.0
COPYING.LESSER
GPL-3.0
COPYING
Activity
Custom properties

Stars

6 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages