Summary¶
This document describes how to configure a Salt master to serve pillar data from a remote Git repository using gitfs/git_pillar.
Create pillar config file¶
On the Salt master, create /etc/salt/master.d/pillar_gitfs.conf with:
pillar_roots: {} # disable local pillar
git_pillar_provider: pygit2
ext_pillar:
- git:
- main git@github.com:<Username>/<Your repo name>.git:
- env: base # pillar env name to expose
- root: / # where in the repo your pillar tree starts
- pubkey: <PATH TO PUBLIC KEY>
- privkey: <PATH TO MATCHING PRIVATE KEY>
Restart salt master¶
The salt master must be restarted to load the new config file
systemctl restart salt-master
Build the pillar Git repository:¶
This example repository for the base environment defines a fileserver pillar with base_url and artifact_root values used by the Software packaging example.
Create directory structure and initialize Git:
mkdir pillar-example
cd pillar-example
git init -b main
mkdir -p fileserver
Create a top.sls:
base:
'*':
- fileserver
Create fileserver/init.sls:
fileserver:
base_url: http://192.168.50.21
artifact_root: artifacts
Commit the changes to your local git and push to your remote:
git add .
git commit -m "initial example pillar repo"
git remote add origin <your remote repo URL>
git push -u origin main
Refresh data on the Salt master:¶
salt-run git_pillar.update
Test pillar data is visible to a minion:¶
[root@saltmaster1]# salt 'win-test' pillar.items
win-test:
----------
fileserver:
----------
artifact_root:
artifacts
base_url:
http://192.168.50.21
Notes¶
- If the master can’t reach the repo or the SSH host key isn’t trusted,
git_pillar.updatewill fail. git_pillar_provider: pygit2requires pygit2/libgit2 installed on the master.