Skip to content

Latest commit

 

History

History
54 lines (35 loc) · 2.68 KB

File metadata and controls

54 lines (35 loc) · 2.68 KB

Pillar examples

This folder stores pillar examples to use in the Salt provisioning. To run an initial deployment without specific customization the usage of the pillar files stored in the automatic folder is recommended, as this files are customized with parameters coming from terraform execution. The pillar files stored there are able to deploy a basic functional set of clusters in all of the available cloud providers.

The usage of the pillar files is really simple. Basically, copy the content of the examples directories in the next locations.

  • pillar/hana for HANA configuration.
  • pillar/drbd for DRBD configuration.
  • pillar/netweaver for S/4HANA or NetWeaver configuration.

The next commands can be used for that:

cp pillar_examples/automatic/hana/*.sls pillar/hana
cp pillar_examples/automatic/drbd/*.sls pillar/drbd
cp pillar_examples/automatic/netweaver/*.sls pillar/netweaver

Besides this option, the terraform.tfvars pre_deployment variable will execute these operations if it's enabled before the deployment.

pre_deployment usage only works in clients using Linux

For more advanced options, continue reading.



Advanced pillar configuration

The salt execution formulas are implemented in different projects. You can find all of the pillar options in each of them.

Pillar encryption

Pillars are expected to contain private data such as user passwords required for the automated installation or other operations. Therefore, such pillar data need to be stored in an encrypted state, which can be decrypted during pillar compilation.

SaltStack GPG renderer provides a secure encryption/decryption of pillar data. The configuration of GPG keys and procedure for pillar encryption are described in the Saltstack documentation guide:

Note:

  • Only passwordless gpg keys are supported, and the already existing keys cannot be used.

  • If a masterless approach is used (as in the current automated deployment) the gpg private key must be imported in all the nodes. This might require the copy/paste of the keys.