Testing and Deploying Salt Formulas via Docker
A short overview, how docker can be used to test if a salt formula is sucessfully applicable to target architecture or distribution. This procedure is also applicable to single states or a highstate with minor modifications.
- Salt formula to test (use my dovecot formula to follow this tutorial)
Create target arch image with salt
We test the formula on debian wheezy, therefore we first create an image on that basis with salt minion installed.
FROM debian:wheezy MAINTAINER Martin Hoefling <email@example.com> # install salt RUN apt-get update RUN apt-get -y install wget RUN echo "deb http://debian.saltstack.com/debian wheezy-saltstack main" > /etc/apt/sources.list.d/saltstack.list RUN wget -q -O- "http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key" | apt-key add - RUN apt-get update RUN apt-get -y install salt-minion
The commands in the docker file add the saltstack repository and install the salt client on top of the debian wheezy base image.
Next, build the base image for our salt formula test:
docker build -t martinhoefling/salt:debian .
should result in somthing like
Successfully built 76ef5402c482
Write Docker test for salt formula
Again, we create a Dockerfile:
FROM martinhoefling/salt-minion:debian MAINTAINER Martin Hoefling <firstname.lastname@example.org> # push formula ADD dovecot /srv/salt/dovecot ADD pillar.example /srv/pillar/example.sls RUN echo "file_client: local" > /etc/salt/minion.d/local.conf RUN echo "base:" > /srv/pillar/top.sls RUN echo " '*':" >> /srv/pillar/top.sls RUN echo " - example" >> /srv/pillar/top.sls RUN salt-call --local state.sls dovecot | tee log.txt && grep "Failed: 0" log.txt
In this Dockerfile, the state and example pillar is copied first to the salt file_root and pillar_root. Next, the minion is prepared to run masterless with local file_client. Then, a top.sls including the example pillar information is created. Finally, salt-call is used to apply the formula.
Salt returns sucessfully, no matter if the state was applied without error or not (this behavior makes actually sense in most cases). However, in this case it should fail if an error occurs. Thus, we check the output, if
Failed: 0 is contained in the output.
Extending Dockerfile to create a deployable container
First of all, example.pillar has to be replaced by the actual configuration. Further we need to add modification strongly depends on the service started. In case of dovecot, adding:
CMD /usr/sbin/dovecot -F &
to the dockerfile should do the trick.