saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add docs, don't run as service

Browse source
This commit is contained in:
twangboy 2023-06-11 13:01:35 -06:00 committed by Megan Wilhite
parent 7a802fbb6e
commit b0d14780fa
2 changed files with 360 additions and 191 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

165
doc/topics/windows/multi-minion.rst Normal file
View file

@ -0,0 +1,165 @@
=============================
Multi-Minion Setup on Windows
=============================
There may be a scenario where having a minion running in the context of the
current logged in user would be useful. For example, the normal minion running
under the service account would perform machine-wide, administrative tasks. The
minion runing under the user context could be launched when the user logs in
and would be able to perform configuration tasks as if it were the user itself.
This would be useful for setting user registry settings, for example.
The steps required to do this are as follows:
1. Create new root_dir
2. Set root_dir permissions
3. Create directory structure
4. Write minion config
We will now go through each of these steps in detail.
.. note::
We have created a powershell script that will configure an additional minion
on the system for you. It can be found in the root of the Salt installation.
The script is named ``multi-minion.ps1``. You can get help on how to use the
script by running the following in a PowerShell prompt:
``Get-Help .\multi-minion.ps1 -Detailed``
1. Create new ``root_dir``
--------------------------
The minion requires a root directory to store config, cache, logs, etc. The user
must have full permissions to this directory. The easiest way to do this is to
put the ``root_dir`` in the Local AppData directory (``$env:LocalAppData``).
.. code-block:: powershell
New-Item -Path "$env:LocalAppData\Salt Project\Salt" -Type Directory
2. Set ``root_dir`` permissions
-------------------------------
The user running Salt requires full access to the ``root_dir``. If you have
placed the root_dir in a location that the user does not have access to, you'll
need to give the user full permissions to that directory.
.. code-block:: powershell
$RootDir = "<new root_dir location>"
$User = "<user running salt>"
$acl = Get-Acl -Path "$RootDir"
$access_rule = New-Object System.Security.AccessControl.FileSystemAccessRule($User, "Modify", "Allow")
$acl.AddAccessRule($access_rule)
Set-Acl -Path "$RootDir" -AclObject $acl
3. Create directory structure
-----------------------------
Salt expects a certain directory structure to be present to avoid unnecessary
messages in the logs. This is usually handled by the installer. Since we're
running our own instance, we need to do it. Make sure the following directories
are present:
- root_dir\\conf\\minion.d
- root_dir\\conf\\pki
- root_dir\\var\\log\\salt
- root_dir\\var\\run
- root_dir\\var\\cache\\salt\\minion\\extmods\\grains
- root_dir\\var\\cache\\salt\\minion\\proc
.. code-block:: powershell
$RootDir = "<new root_dir location>"
$cache_dir = "$RootDir\var\cache\salt\minion"
New-Item -Path "$RootDir\conf" -Type Directory
New-Item -Path "$RootDir\conf\minion.d" -Type Directory
New-Item -Path "$RootDir\conf\pki" -Type Directory
New-Item -Path "$RootDir\var\log\salt" -Type Directory
New-Item -Path "$RootDir\var\run" -Type Directory
New-Item -Path "$cache_dir\extmods\grains" -Type Directory
New-Item -Path "$cache_dir\proc" -Type Directory
4. Write minion config
----------------------
The minion will need is own config, separate from the system minion config. This
config tells the minion where everything is as well as defines the master and
minion id. Create a minion config file named minion in the conf directory.
.. code-block:: powershell
New-Item -Path "$env:LocalAppData\Salt Project\Salt\conf\minion" -Type File
Make sure the config file has at least the following contents:
.. code-block:: yaml
master: <ip address, dns name, etc>
id: <minion id>
root_dir: <root_dir>
log_file: <root_dir>\val\log\salt\minion
utils_dirs:
- <root_dir>\var\cache\salt\minion\extmods
winrepo_dir: <root_dir>\srv\salt\win\repo
winrepo_dir_ng: <root_dir>\srv\salt\win\repo-ng
file_roots:
base:
- <root_dir>\srv\salt
- <root_dir>\srv\spm\salt
pillar_roots:
base:
- <root_dir>\srv\pillar
- <root_dir>\srv\spm\pillar
thorium_roots:
base:
- <root_dir>\srv\thorium
Run the minion
--------------
Everything is now set up to run the minion. You can start the minion as you
would normally, but you need to specify the full path to the config file you
created above.
.. code-block:: powershell
salt-minion.exe -c <root_dir>\conf
Register the minion as a service
--------------------------------
You can also register the minion as a service, but you need to understand the
implications of doing so.
- You will need to have administrator privileges to register this minion service
- You will need the password to the user account that will be running the minion
- If the user password changes, you will have to update the service definition
to reflect the new password
- The minion will run all the time under the user context, whether that user is
logged in or not
- This requires great trust from the user as the minion will be able to perform
operations under the user's name without the user knowing, whether they are
logged in or not
- If you decide to run the new minion under the Local System account, it might
as well just be a normal minion
- The helper script does not support registering the 2nd minion as a service
To register the minion as a service, use the ``ssm.exe`` binary that came with
the Salt installation. Run the following commands, replacing ``<service-name>``,
``<root_dir>``, ``<user_name>``, and ``<password>`` as necessary:
.. code-block:: powershell
ssm.exe install <service-name> "salt-minion.exe" "-c `"<root_dir>\conf`" -l quiet"
ssm.exe set <service-name> Description "Salt Minion <user_name>"
ssm.exe set <service-name> Start SERVICE_AUTO_START
ssm.exe set <service-name> AppStopMethodConsole 24000
ssm.exe set <service-name> AppStopMethodWindow 2000
ssm.exe set <service-name> AppRestartDelay 60000
ssm.exe set <service-name> ObjectName ".\<user_name>" "<password>"

386
pkg/windows/multi-minion.ps1
View file

@ -3,140 +3,160 @@
Script for setting up an additional salt-minion on a machine with Salt installed
.DESCRIPTION
This script will install an additional minion on a machine that already has a
This script will configure an additional minion on a machine that already has a
Salt installation using one of the Salt packages. It will set up the directory
structure required by Salt. It will also lay down a minion config to be used
by the Salt minion. Additionaly, this script will install and start a Salt
minion service that uses the root_dir specified in the minion config. You can
also pass the name of a service account to be used by the service.
by the Salt minion. Additionaly, this script can start the new minion in a
hidden window.
You can also remove the multiminion setup with this script.
This script should be run with Administrator privileges
This script does not need to be run with Administrator privileges
The following example will install a service named `salt-minion-mm10` that
starts with the LOCALSYSTEM account. It is the `-s` parameter that creates the
service:
If a minion that was configured with this script is already running, the script
will exit.
The following example will set up a minion for the current logged in account. It
configures the minion to connect to the master at 192.168.0.10
.EXAMPLE
PS>multi-minion.ps1 -Name mm10 -s
PS>multi-minion.ps1 -Master 192.168.0.10
PS>multi-minion.ps1 -m 192.168.0.10
The following example will install a service that starts with a user named
mmuser:
The following example will set up a minion for the current logged in account. It
configures the minion to connect to the master at 192.168.0.10. It will also
prefix the minion id with `spongebob`
.EXAMPLE
PS>multi-minion.ps1 -Name mm10 -s -m 192.168.0.10 -u mmuser -p secretword
PS>multi-minion.ps1 -Master 192.168.0.10 -Prefix spongebob
PS>multi-minion.ps1 -m 192.168.0.10 -p spongebob
The following example will set up config for minion that can be run in the
background under a user account. Notice the command does not have the `-s`
parameter:
The following example will set up a minion for the current logged in account. It
configures the minion to connect to the master at 192.168.0.10. It will also
start the minion in a hidden window:
.EXAMPLE
PS>multi-minion.ps1 -Name mm10 -m 192.168.0.10
PS>multi-minion.ps1 -Master 192.168.0.10 -Start
PS>multi-minion.ps1 -m 192.168.0.10 -s
The following example will remove a multiminion that has been installed with
this script:
The following example will remove a multiminion for the current running account:
.EXAMPLE
PS>multi-minion.ps1 -Name mm10 -d
PS>multi-minion.ps1 -Delete
PS>multi-minion.ps1 -d
#>
[CmdletBinding()]
param(
[Parameter(Mandatory=$true)]
[Alias("n")]
# The name used to create the service and root_dir. This is the only
# required parameter
[String] $Name,
[Parameter(Mandatory=$false)]
[Alias("m")]
# The master to connect to. This can be an ip address or an fqdn. Default
# is salt
[String] $Master = "salt",
[Parameter(Mandatory=$false)]
[Alias("r")]
# The root dir to place the minion config and directory structure. The
# default is %PROGRAMDATA%\Salt Project\Salt-$Name
[String] $RootDir = "$env:ProgramData\Salt Project\Salt-$Name",
[Parameter(Mandatory=$false)]
[Alias("u")]
# User account to run the service under. The user account must be present on
# the system. The default is to use the LOCALSYSTEM account
[String] $User,
[Parameter(Mandatory=$false)]
[Alias("p")]
# The password to the user account. Required if User is passed. We should
# probably figure out how to make this more secure
[String] $Password,
# The prefix to the minion id to differentiate it from the installed system
# minion. The default is $env:COMPUTERNAME. It might be helpful to use the
# minion id of the System minion if you know it
[String] $Prefix = "$env:COMPUTERNAME",
[Parameter(Mandatory=$false)]
[Alias("s")]
# Set this switch to install the service. Default is to not install the
# service
[Switch] $Service,
# Start the minion in the background
[Switch] $Start,
[Parameter(Mandatory=$false)]
[Alias("l")]
[ValidateSet(
"all",
"garbage",
"trace",
"debug",
"profile",
"info",
"warning",
"error",
"critical",
"quiet"
)]
# Start the minion in the background
[String] $LogLevel = "warning",
[Parameter(Mandatory=$false)]
[Alias("d")]
# Remove the specified multi-minion. All other parameters are ignored
# Remove the multi-minion in the current account. All other parameters are
# ignored
[Switch] $Remove
)
########################### Script Variables #############################
$ssm_bin = "$env:ProgramFiles\Salt Project\Salt\ssm.exe"
$user_name = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name.Split("\")[-1].ToLower()
$salt_bin = "$env:ProgramFiles\Salt Project\Salt\salt-minion.exe"
$service_name = "salt-minion-$($Name.ToLower())"
$default_root_dir = Resolve-Path -Path "$env:ProgramData\Salt Project\Salt"
$cache_dir = "$RootDir\var\cache\salt\minion"
$root_dir = "$env:LocalAppData\Salt Project\Salt"
$cache_dir = "$root_dir\var\cache\salt\minion"
$minion_id = "$Prefix-$user_name"
########################### Script Functions #############################
function Test-FileLock {
param (
[parameter(Mandatory=$true)]
# The path to the file to check
[string]$Path
)
if ((Test-Path -Path $Path) -eq $false) {
return $false
}
$oFile = New-Object System.IO.FileInfo $Path
try {
$oStream = $oFile.Open([System.IO.FileMode]::Open, [System.IO.FileAccess]::ReadWrite, [System.IO.FileShare]::None)
if ($oStream) {
$oStream.Close()
}
return $false
} catch {
# file is locked by a process.
return $true
}
}
################################ Remove ##################################
if ( $Remove ) {
Write-Host "######################################################################" -ForegroundColor Cyan
Write-Host "Removing multi-minion"
Write-Host "Name: $Name"
Write-Host "Service Name: $service_name"
Write-Host "Root Dir: $RootDir"
Write-Host "Root Dir: $root_dir"
Write-Host "######################################################################" -ForegroundColor Cyan
# Stop Service
$service_object = Get-Service -Name $service_name -ErrorAction SilentlyContinue
if ( $service_object -and ($service_object.Status -ne "Stopped") ) {
Write-Host "Stopping service: " -NoNewline
Stop-Service -Name $service_name *> $null
$service_object.Refresh()
if ( $service_object.Status -eq "Stopped" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
# Stop salt-minion service if running
$processes = Get-WmiObject win32_process -filter "name like '%salt-minion%'" | Select-Object commandline,handle
$processes | ForEach-Object {
if ( $_.commandline -like "*$root_dir*" ) {
Write-Host "Killing process: " -NoNewline
$process = Get-Process -Id $_.handle
$process.Kill()
if ( $process.HasExited ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
}
}
# Remove Service
$service_object = Get-Service -Name $service_name -ErrorAction SilentlyContinue
if ( $service_object ) {
Write-Host "Removing service: " -NoNewline
& $ssm_bin remove $service_name confirm *> $null
$service_object = Get-Service -Name $service_name -ErrorAction SilentlyContinue
if ( !$service_object ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
# Check for locked log file
# The log file will be locked until the running process releases it
while (Test-FileLock -Path "$root_dir\var\log\salt\minion") {
Start-Sleep -Seconds 1
}
# Remove Directory
if ( Test-Path -Path $RootDir ) {
Write-Host "Removing RootDir: " -NoNewline
Remove-Item -Path $RootDir -Force -Recurse
if ( Test-Path -Path $root_dir) {
Write-Host "Removing Root Dir: " -NoNewline
Remove-Item -Path $root_dir -Force -Recurse
if ( !(Test-Path -Path $RootDir) ) {
if ( !(Test-Path -Path $root_dir) ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
@ -145,43 +165,44 @@ if ( $Remove ) {
}
# Remind to delete keys from master
Write-Host "######################################################################" -ForegroundColor Cyan
Write-Host "Multi-Minion installed successfully"
Write-Host "Multi-Minion successfully removed"
Write-Host ">>>>> Don't forget to remove keys from the master <<<<<"
Write-Host "######################################################################" -ForegroundColor Cyan
exit 0
}
################################ Install #################################
# We don't want to share config with the current running minion
if ( $RootDir.Trim("\") -eq $default_root_dir ) {
Write-Host "WARNING: RootDir can't be default Salt rootdir" -ForegroundColor Red
exit 1
################################ EXISTING CHECK ################################
# See there is already a running minion
$running = $false
$processes = Get-WmiObject win32_process -filter "name like '%salt-minion%'" | Select-Object commandline,handle
$processes | ForEach-Object {
if ( $_.commandline -like "*$root_dir*" ) {
$running = $true
}
}
if ( $running ) {
Write-Host "######################################################################" -ForegroundColor Cyan
Write-Host "Multi-Minion"
Write-Host "A minion is already running for this user"
Write-Host "######################################################################" -ForegroundColor Cyan
exit 0
}
# Make sure password is set if user is passed
if ( $User -and !$Password ) {
Write-Host "WARNING: You must pass a password when defining a user account" -ForegroundColor Red
exit 1
}
################################### INSTALL ####################################
Write-Host "######################################################################" -ForegroundColor Cyan
Write-Host "Installing multi-minion"
Write-Host "Name: $Name"
Write-Host "Master: $Master"
Write-Host "Root Directory: $RootDir"
Write-Host "Create Service: $Service"
if ( $Service ) {
Write-Host "Service Account: $User"
Write-Host "Password: **********"
Write-Host "Service Name: $service_name"
}
Write-Host "Installing Multi-Minion"
Write-Host "Master: $Master"
Write-Host "Minion ID: $minion_id"
Write-Host "Root Directory: $root_dir"
Write-Host "######################################################################" -ForegroundColor Cyan
# Create file_roots Directory Structure
if ( !( Test-Path -path "$RootDir" ) ) {
Write-Host "Creating RootDir: " -NoNewline
New-Item -Path "$RootDir" -Type Directory | Out-Null
if ( Test-Path -path "$RootDir" ) {
# Create Root Directory Structure
if ( !( Test-Path -path "$root_dir" ) ) {
Write-Host "Creating Root Dir: " -NoNewline
New-Item -Path "$root_dir" -Type Directory | Out-Null
if ( Test-Path -path "$root_dir" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
@ -189,80 +210,67 @@ if ( !( Test-Path -path "$RootDir" ) ) {
}
}
# Set permissions
if ( $User ) {
Write-Host "Setting Permissions: " -NoNewline
$acl = Get-Acl -Path "$RootDir"
$access_rule = New-Object System.Security.AccessControl.FileSystemAccessRule($User, "Modify", "Allow")
$acl.AddAccessRule($access_rule)
Set-Acl -Path "$RootDir" -AclObject $acl
$found = $false
$acl = Get-Acl -Path "$RootDir"
$acl.Access | ForEach-Object {
if ( $_.IdentityReference.Value.Contains($User) ) {
$found = $true
}
}
if ( $found ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
}
# Child directories will inherit permissions from the parent
if ( !( Test-Path -path "$RootDir\conf" ) ) {
# Config dir
if ( !( Test-Path -path "$root_dir\conf" ) ) {
Write-Host "Creating config dir: " -NoNewline
New-Item -Path "$RootDir\conf" -Type Directory | Out-Null
if ( Test-Path -path "$RootDir\conf" ) {
New-Item -Path "$root_dir\conf" -Type Directory | Out-Null
if ( Test-Path -path "$root_dir\conf" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
}
if ( !( Test-Path -path "$RootDir\conf\minion.d" ) ) {
# Minion.d dir
if ( !( Test-Path -path "$root_dir\conf\minion.d" ) ) {
Write-Host "Creating minion.d dir: " -NoNewline
New-Item -Path "$RootDir\conf\minion.d" -Type Directory | Out-Null
if ( Test-Path -path "$RootDir\conf\minion.d" ) {
New-Item -Path "$root_dir\conf\minion.d" -Type Directory | Out-Null
if ( Test-Path -path "$root_dir\conf\minion.d" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
}
if ( !( Test-Path -path "$RootDir\conf\pki" ) ) {
# PKI dir
if ( !( Test-Path -path "$root_dir\conf\pki" ) ) {
Write-Host "Creating pki dir: " -NoNewline
New-Item -Path "$RootDir\conf\pki" -Type Directory | Out-Null
if ( Test-Path -path "$RootDir\conf\pki" ) {
New-Item -Path "$root_dir\conf\pki" -Type Directory | Out-Null
if ( Test-Path -path "$root_dir\conf\pki" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
}
if ( !( Test-Path -path "$RootDir\var\log\salt" ) ) {
# Log dir
if ( !( Test-Path -path "$root_dir\var\log\salt" ) ) {
Write-Host "Creating log dir: " -NoNewline
New-Item -Path "$RootDir\var\log\salt" -Type Directory | Out-Null
if ( Test-Path -path "$RootDir\var\log\salt" ) {
New-Item -Path "$root_dir\var\log\salt" -Type Directory | Out-Null
if ( Test-Path -path "$root_dir\var\log\salt" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
}
if ( !( Test-Path -path "$RootDir\var\run" ) ) {
# Run dir
if ( !( Test-Path -path "$root_dir\var\run" ) ) {
Write-Host "Creating run dir: " -NoNewline
New-Item -Path "$RootDir\var\run" -Type Directory | Out-Null
if ( Test-Path -path "$RootDir\var\run" ) {
New-Item -Path "$root_dir\var\run" -Type Directory | Out-Null
if ( Test-Path -path "$root_dir\var\run" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
}
# Extmods grains dir
if ( !( Test-Path -path "$cache_dir\extmods\grains" ) ) {
Write-Host "Creating extmods grains dir: " -NoNewline
New-Item -Path "$cache_dir\extmods\grains" -Type Directory | Out-Null
@ -273,6 +281,8 @@ if ( !( Test-Path -path "$cache_dir\extmods\grains" ) ) {
exit 1
}
}
# Proc dir
if ( !( Test-Path -path "$cache_dir\proc" ) ) {
Write-Host "Creating proc dir: " -NoNewline
New-Item -Path "$cache_dir\proc" -Type Directory | Out-Null
@ -286,60 +296,53 @@ if ( !( Test-Path -path "$cache_dir\proc" ) ) {
# Write minion config
Write-Host "Writing minion config: " -NoNewline
Add-Content -Force -Path "$RootDir\conf\minion" -Value "master: $Master"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "id: $Name"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "root_dir: $RootDir"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "log_file: $RootDir\var\log\salt\minion"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "utils_dirs: $RootDir\var\cache\salt\minion\extmods\utils"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "winrepo_dir: $RootDir\srv\salt\win\repo"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "winrepo_dir_ng: $RootDir\srv\salt\win\repo-ng"
Set-Content -Force -Path "$root_dir\conf\minion" -Value "master: $Master"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "id: $minion_id"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "root_dir: $root_dir"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "log_file: $root_dir\var\log\salt\minion"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "log_level_logfile: $LogLevel"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "file_roots:"
Add-Content -Force -Path "$RootDir\conf\minion" -Value " base:"
Add-Content -Force -Path "$RootDir\conf\minion" -Value " - $RootDir\srv\salt"
Add-Content -Force -Path "$RootDir\conf\minion" -Value " - $RootDir\srv\spm\salt"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "utils_dirs:"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " - $root_dir\var\cache\salt\minion\extmods\utils"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "winrepo_dir: $root_dir\srv\salt\win\repo"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "winrepo_dir_ng: $root_dir\srv\salt\win\repo-ng"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "pillar_roots:"
Add-Content -Force -Path "$RootDir\conf\minion" -Value " base:"
Add-Content -Force -Path "$RootDir\conf\minion" -Value " - $RootDir\srv\pillar"
Add-Content -Force -Path "$RootDir\conf\minion" -Value " - $RootDir\srv\spm\pillar"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "file_roots:"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " base:"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " - $root_dir\srv\salt"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " - $root_dir\srv\spm\salt"
Add-Content -Force -Path "$RootDir\conf\minion" -Value "thorium_roots:"
Add-Content -Force -Path "$RootDir\conf\minion" -Value " base:"
Add-Content -Force -Path "$RootDir\conf\minion" -Value " - $RootDir\srv\thorium"
Add-Content -Force -Path "$root_dir\conf\minion" -Value "pillar_roots:"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " base:"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " - $root_dir\srv\pillar"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " - $root_dir\srv\spm\pillar"
if ( Test-Path -path "$RootDir\conf\minion" ) {
Add-Content -Force -Path "$root_dir\conf\minion" -Value "thorium_roots:"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " base:"
Add-Content -Force -Path "$root_dir\conf\minion" -Value " - $root_dir\srv\thorium"
if ( Test-Path -path "$root_dir\conf\minion" ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
if ( $Service ) {
# Register salt-minion service using SSM
Write-Host "Registering service $service_name`: " -NoNewline
& $ssm_bin install $service_name "$salt_bin" "-c """"$RootDir\conf"""" -l quiet" *> $null
& $ssm_bin set $service_name Description "Salt Minion $Name" *> $null
& $ssm_bin set $service_name Start SERVICE_AUTO_START *> $null
& $ssm_bin set $service_name AppStopMethodConsole 24000 *> $null
& $ssm_bin set $service_name AppStopMethodWindow 2000 *> $null
& $ssm_bin set $service_name AppRestartDelay 60000 *> $null
if ( $User -and $Password ) {
& $ssm_bin set $service_name ObjectName ".\$User" "$Password" *> $null
# Start the minion
if ( $Start ) {
Write-Host "Starting minion process: " -NoNewline
Start-Process -FilePath "$salt_bin" `
-ArgumentList "-c","`"$root_dir\conf`"" `
-WindowStyle Hidden
# Verify running minion
$running = $false
$processes = Get-WmiObject win32_process -filter "name like '%salt-minion%'" | Select-Object commandline,handle
$processes | ForEach-Object {
if ( $_.commandline -like "*$root_dir*" ) {
$running = $true
}
}
$service_object = Get-Service -Name $service_name -ErrorAction SilentlyContinue
if ( $service_object ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
exit 1
}
Write-Host "Starting service: " -NoNewline
Start-Service -Name $service_name
$service_object.Refresh()
if ( $service_object.Status -eq "Running" ) {
if ( $running ) {
Write-Host "Success" -ForegroundColor Green
} else {
Write-Host "Failed" -ForegroundColor Red
@ -349,11 +352,12 @@ if ( $Service ) {
Write-Host "######################################################################" -ForegroundColor Cyan
Write-Host "Multi-Minion installed successfully"
Write-Host "Root Directory: $RootDir"
if ( $Service ) {
Write-Host "Service Name: $service_name"
} else {
if ( ! $Start ) {
Write-Host ""
Write-Host "To start the minion, run the following command:"
Write-Host "salt-minion -c `"$RootDir\conf`""
Write-Host "salt-minion -c `"$root_dir\conf`""
Write-Host ""
Write-Host "To start the minion in the background, run the following command:"
Write-Host "Start-Process -FilePath salt-minion.exe -ArgumentList `"-c`",'`"$root_dir\conf`"' -WindowStyle Hidden"
}
Write-Host "######################################################################" -ForegroundColor Cyan