From 5435169751b378ffa21fdb3d8e6b0f2b591fa7c5 Mon Sep 17 00:00:00 2001
From: "W. Trevor King" <wking@tremily.us>
Date: Fri, 14 Nov 2014 13:15:57 -0800
Subject: [PATCH] salt-master: Add a Salt master image

You could use nsenter [1] instead of 'docker exec', but we should
point folks at the builtin approach.

[1]: https://github.com/jpetazzo/nsenter
---
 README.md                       |  1 +
 build.sh                        |  1 +
 salt-master/Dockerfile.template | 36 +++++++++++++++++++++++++++++++++
 salt-master/README.md           | 21 +++++++++++++++++++
 salt/README.md                  |  3 ++-
 5 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 salt-master/Dockerfile.template
 create mode 100644 salt-master/README.md

diff --git a/README.md b/README.md
index 52065c5..8aa6fd4 100644
--- a/README.md
+++ b/README.md
@@ -40,6 +40,7 @@ The dependency graph is:
                             |-- postgresql  (adds PostgreSQL)
                             |-- redis  (adds Redis)
                             |-- salt  (adds a Salt Stack install)
+                            |   |-- salt-master  (enables a Salt Stack master)
                             |   `-- salt-minion  (enables a Salt Stack minion)
                             |-- stunnel  (adds stunnel)
                             |-- thumbor  (adds Thumbor)
diff --git a/build.sh b/build.sh
index 972fd22..83870c3 100755
--- a/build.sh
+++ b/build.sh
@@ -67,6 +67,7 @@ REPOS="${REPOS:-
 	postgresql
 	redis
 	salt
+	salt-master
 	salt-minion
 	stunnel
 	thumbor
diff --git a/salt-master/Dockerfile.template b/salt-master/Dockerfile.template
new file mode 100644
index 0000000..5fae38c
--- /dev/null
+++ b/salt-master/Dockerfile.template
@@ -0,0 +1,36 @@
+# Copyright (C) 2013-2014 W. Trevor King <wking@tremily.us>
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice, this
+# list of conditions and the following disclaimer.
+#
+# * Redistributions in binary form must reproduce the above copyright notice,
+# this list of conditions and the following disclaimer in the documentation
+# and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+FROM ${NAMESPACE}/salt:${TAG}
+MAINTAINER ${MAINTAINER}
+#VOLUME ["${PORTAGE}:/usr/portage:ro", "${PORTAGE}/distfiles:/usr/portage/distfiles:rw"]
+
+RUN rc-update add salt-master default
+
+RUN sed -i 's|^\([[:space:]]*\)\(need net\)$|\1\2\n\1need logger|' /etc/init.d/salt-master
+RUN sed -i 's|^#\(log_file: file:///dev/log\)|\1|' /etc/salt/master
+RUN sed -i 's|^\(#log_level_logfile:.*\)$|\1\nlog_level_logfile: info|' /etc/salt/master
+
+EXPOSE 4505
+EXPOSE 4506
diff --git a/salt-master/README.md b/salt-master/README.md
new file mode 100644
index 0000000..c492446
--- /dev/null
+++ b/salt-master/README.md
@@ -0,0 +1,21 @@
+Run this [Salt Stack][salt] master image with:
+
+    $ docker run -d --name salt-master-0 --hostname salt \
+    >   -p 4505:4505 -p 4506:4506 wking/salt-master
+
+For details on setting up minion keys, see the âMinion keysâ section
+of the [salt-minion][] `README`.  To preserve accepted keys between
+container restarts, you can [volume-mount][] them from your host:
+
+    $ docker run -d --name salt-master-0 --hostname salt \
+    >   -v /etc/salt/pki/salt-master-0:/etc/salt/pki/master \
+    >   -p 4505:4505 -p 4506:4506 wking/salt-master
+
+You can use `docker exec` ([new in 1.3][docker-1.3], [docs][exec]) to
+connect to the master container when you need to run `salt` commands.
+
+[salt]: http://saltstack.com/community/
+[salt-minion]: ../salt-minion/
+[volume-mount]: http://docs.docker.com/userguide/dockervolumes/#mount-a-host-directory-as-a-data-volume
+[docker-1.3]: http://blog.docker.com/2014/10/docker-1-3-signed-images-process-injection-security-options-mac-shared-directories/
+[exec]: http://docs.docker.com/reference/commandline/cli/#exec
diff --git a/salt/README.md b/salt/README.md
index 69cb5b0..b0355c5 100644
--- a/salt/README.md
+++ b/salt/README.md
@@ -1,5 +1,6 @@
 This [Salt Stack][salt] image is mostly a base with shared content for
-the [salt-minion][] and salt-master containers.
+the [salt-master][] and [salt-minion][] containers.
 
 [salt]: http://saltstack.com/community.html
+[salt-master]: ../salt-master/
 [salt-minion]: ../salt-minion/
-- 
2.26.2