From 37de58ae7478621e38c492ba6de5d4b7c9f7a486 Mon Sep 17 00:00:00 2001
From: Anonymous <>
Date: Fri, 4 Aug 2023 14:22:51 +0000
Subject: [PATCH] [ADD] Added k8ssalt

---
 deploySalt.sh                    | 74 +++++++++++++++++++++++++++++++
 salt-master.yaml                 | 72 ++++++++++++++++++++++++++++++
 salt-minion.yaml                 | 37 ++++++++++++++++
 salt-multiregion-master-dev.yaml | 76 ++++++++++++++++++++++++++++++++
 4 files changed, 259 insertions(+)
 create mode 100755 deploySalt.sh
 create mode 100644 salt-master.yaml
 create mode 100644 salt-minion.yaml
 create mode 100644 salt-multiregion-master-dev.yaml

diff --git a/deploySalt.sh b/deploySalt.sh
new file mode 100755
index 0000000..564e285
--- /dev/null
+++ b/deploySalt.sh
@@ -0,0 +1,74 @@
+#!/bin/bash
+
+applySed=0
+
+checkReplicas() {
+    if [[ "$1" == "-r" ]]; then
+        shift
+        if [[ "$1" =~ ^[0-9]+$ ]]; then
+            replicas="$1"
+            applySed=1
+        else
+            echo "Error: Invalid REPLICAS value. Please provide a positive integer."
+            exit 1
+        fi
+        shift
+    else
+        replicas=1
+    fi
+}
+
+applySaltMinion() {
+    if [ "$applySed" -eq 1 ]; then
+        echo "Applying Salt-minion yaml with $replicas replicas..."
+        sed "s/replicas:.*/replicas: $replicas/" salt-minion.yaml | kubectl apply -f -
+    else
+        echo "Applying Salt-minion yaml..."
+        kubectl apply -f salt-minion.yaml
+    fi
+}
+
+deleteSalt() {
+    echo "Deleting Salt infrastructure..."
+    kubectl delete -f salt-minion.yaml
+    kubectl delete -f salt-master.yaml
+    echo "Salt infrastructure deleted."
+}
+
+waitUntilSaltMasterInitialized() {
+    attempts=0
+    max_attempts=10
+    while [ "$attempts" -lt "$max_attempts" ]; do
+        echo "Checking if Salt-master has initialized..."
+        sleep 5
+        if kubectl exec "$saltmaster" -it -- /bin/sh -c "salt-key -L" | grep -q "minion"; then
+            echo "Salt-master is up and running. Accepting minion keys..."
+            kubectl exec "$saltmaster" -it -- /bin/sh -c "salt-key -A -y"
+            break
+        fi
+        ((attempts++))
+    done
+}
+
+deploySalt() {
+    if [[ "$1" == "-d" ]]; then
+        deleteSalt
+    else
+        checkReplicas "$@"
+        applySaltMinion
+
+    echo "Applying Salt-master yaml..."
+    kubectl apply -f salt-master.yaml
+
+    echo "Checking for Salt-master pod name..."
+    saltmaster=$(kubectl get pods | grep salt-master | cut -d ' ' -f 1)
+    kubectl wait --for=condition=Ready "pod/$saltmaster" --timeout=300s
+
+    waitUntilSaltMasterInitialized
+
+    fi
+}
+
+clear
+# Call the main function
+deploySalt "$@"
diff --git a/salt-master.yaml b/salt-master.yaml
new file mode 100644
index 0000000..1fda32a
--- /dev/null
+++ b/salt-master.yaml
@@ -0,0 +1,72 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: salt-master
+  namespace: webserver
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: salt
+  template:
+    metadata:
+      labels:
+        app: salt
+    spec:
+      containers:
+        - name: salt
+          image: saltstack/salt
+          envFrom:
+            - configMapRef:
+                name: salt-master-config
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: salt-master-config
+  namespace: webserver
+data:
+  SALT_API_CONFIG: |
+    {
+      "rest_cherrypy": {
+        "port": 8000,
+        "ssl_crt": "/etc/pki/tls/certs/localhost.crt",
+        "ssl_key": "/etc/pki/tls/certs/localhost.key"
+      },
+      "external_auth": {
+        "sharedsecret": {
+          "salt": [
+            ".*",
+            "@wheel",
+            "@jobs",
+            "@runner"
+          ]
+        }
+      },
+      "sharedsecret": "saFGGAIGJitwajisajT612QTjq3ifap14"
+    }
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: salt-master-service
+  namespace: webserver
+spec:
+  selector:
+    app: salt    # Select the Pods based on their labels (should match the Deployment labels)
+  ports:
+    - name: rest
+      protocol: TCP
+      port: 8000    # Port for REST API
+      targetPort: 8000    # Port on the container to which REST API traffic will be forwarded
+    - name: minion
+      protocol: TCP
+      port: 4505    # Port for Salt Minion
+      targetPort: 4505    # Port on the container to which Salt Minion traffic will be forwarded
+    - name: master
+      protocol: TCP
+      port: 4506    # Port for Salt Master
+      targetPort: 4506    # Port on the container to which Salt Master traffic will be forwarded
+  type: ClusterIP    # This creates an internal ClusterIP Service
+  clusterIP: 10.43.14.232 
diff --git a/salt-minion.yaml b/salt-minion.yaml
new file mode 100644
index 0000000..00eb372
--- /dev/null
+++ b/salt-minion.yaml
@@ -0,0 +1,37 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: salt-minion
+  namespace: webserver
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: salt-miniondev
+  template:
+    metadata:
+      labels:
+        app: salt-miniondev
+    spec:
+      volumes:
+        - name: salt-miniondev-config
+          configMap:
+            name: salt-miniondev-config
+      containers:
+        - name: salt-miniondev
+          image: saltstack/salt
+          command: ["/bin/sh", "-c"]
+          args: ["salt-minion"]
+          volumeMounts:
+            - name: salt-miniondev-config
+              mountPath: /etc/salt/minion.d
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: salt-miniondev-config
+  namespace: webserver
+data:
+  default.conf: |
+    master: 10.43.14.232
diff --git a/salt-multiregion-master-dev.yaml b/salt-multiregion-master-dev.yaml
new file mode 100644
index 0000000..2eff052
--- /dev/null
+++ b/salt-multiregion-master-dev.yaml
@@ -0,0 +1,76 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: salt-master
+  namespace: webserver
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: salt
+  template:
+    metadata:
+      labels:
+        app: salt
+    spec:
+      containers:
+        - name: salt
+          image: saltstack/salt
+          envFrom:
+            - configMapRef:
+                name: salt-master-config
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: salt-master-config
+  namespace: webserver
+data:
+  SALT_API_CONFIG: |
+    {
+      "rest_cherrypy": {
+        "port": 8000,
+        "ssl_crt": "/etc/pki/tls/certs/localhost.crt",
+        "ssl_key": "/etc/pki/tls/certs/localhost.key"
+      },
+      "external_auth": {
+        "sharedsecret": {
+          "salt": [
+            ".*",
+            "@wheel",
+            "@jobs",
+            "@runner"
+          ]
+        }
+      },
+      "sharedsecret": "saFGGAIGJitwajisajT612QTjq3ifap14"
+    }
+ master.conf: |
+ {
+ "auto_accept": True
+ }
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: salt-master-service
+  namespace: webserver
+spec:
+  selector:
+    app: salt    # Select the Pods based on their labels (should match the Deployment labels)
+  ports:
+    - name: rest
+      protocol: TCP
+      port: 8000    # Port for REST API
+      targetPort: 8000    # Port on the container to which REST API traffic will be forwarded
+    - name: minion
+      protocol: TCP
+      port: 4505    # Port for Salt Minion
+      targetPort: 4505    # Port on the container to which Salt Minion traffic will be forwarded
+    - name: master
+      protocol: TCP
+      port: 4506    # Port for Salt Master
+      targetPort: 4506    # Port on the container to which Salt Master traffic will be forwarded
+  type: ClusterIP    # This creates an internal ClusterIP Service
+  clusterIP: 10.43.14.232