The EC2 cloud module is used to interact with the Amazon Elastic Cloud Computing.
my-ec2-config:
# The EC2 API authentication id, set this and/or key to
# 'use-instance-role-credentials' to use the instance role credentials
# from the meta-data if running on an AWS instance
id: GKTADJGHEIQSXMKKRBJ08H
# The EC2 API authentication key, set this and/or id to
# 'use-instance-role-credentials' to use the instance role credentials
# from the meta-data if running on an AWS instance
key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
# The ssh keyname to use
keyname: default
# The amazon security group
securitygroup: ssh_open
# The location of the private key which corresponds to the keyname
private_key: /root/default.pem
# Be default, service_url is set to amazonaws.com. If you are using this
# driver for something other than Amazon EC2, change it here:
service_url: amazonaws.com
# The endpoint that is ultimately used is usually formed using the region
# and the service_url. If you would like to override that entirely, you
# can explicitly define the endpoint:
endpoint: myendpoint.example.com:1138/services/Cloud
# SSH Gateways can be used with this provider. Gateways can be used
# when a salt-master is not on the same private network as the instance
# that is being deployed.
# Defaults to None
# Required
ssh_gateway: gateway.example.com
# Defaults to port 22
# Optional
ssh_gateway_port: 22
# Defaults to root
# Optional
ssh_gateway_username: root
# One authentication method is required. If both
# are specified, Private key wins.
# Private key defaults to None
ssh_gateway_private_key: /path/to/key.pem
# Password defaults to None
ssh_gateway_password: ExamplePasswordHere
provider: ec2
depends: | requests |
---|
Attach a volume to an instance
Return a dict of all available VM images on the cloud provider.
List all available locations
Return a dict of all available VM sizes on the cloud provider with relevant data. Latest version can be found at:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html
Return the block device mapping:
[{'DeviceName': '/dev/sdb', 'VirtualName': 'ephemeral0'},
{'DeviceName': '/dev/sdc', 'VirtualName': 'ephemeral1'}]
Copy a snapshot
Create a single VM from a data dict
Create and attach volumes to created node
Create an SSH keypair
Create a snapshot
Create a volume
CLI Examples:
salt-cloud -f create_volume my-ec2-config zone=us-east-1b
salt-cloud -f create_volume my-ec2-config zone=us-east-1b tags='{"tag1": "val1", "tag2", "val2"}'
Delete tags for a resource. Normally a VM name or instance_id is passed in, but a resource_id may be passed instead. If both are passed in, the instance_id will be used.
CLI Examples:
salt-cloud -a del_tags mymachine tags=mytag,
salt-cloud -a del_tags mymachine tags=tag1,tag2,tag3
salt-cloud -a del_tags resource_id=vol-3267ab32 tags=tag1,tag2,tag3
Delete an SSH keypair
Delete a snapshot
Delete a volume
Delete all/specified EBS volumes upon instance termination
CLI Example:
salt-cloud -a delvol_on_destroy mymachine
Describe a snapshot (or snapshots)
TODO: Add all of the filters.
Describe a volume (or volumes)
TODO: Add all of the filters.
Destroy a node. Will check termination protection and warn if enabled.
CLI Example:
salt-cloud --destroy mymachine
Detach a volume from an instance
Disable termination protection on a node
CLI Example:
salt-cloud -a disable_term_protect mymachine
Enable termination protection on a node
CLI Example:
salt-cloud -a enable_term_protect mymachine
Return the availability zone to use
Return the first configured instance.
Show the console output from the instance.
By default, returns decoded data, not the Base64-encoded data that is actually returned from the EC2 API.
Return password data for a Windows instance.
By default only the encrypted password data will be returned. However, if a key_file is passed in, then a decrypted password will also be returned.
Note that the key_file references the private key that was used to generate the keypair associated with this instance. This private key will _not_ be transmitted to Amazon; it is only used internally inside of Salt Cloud to decrypt data _after_ it has been received from Amazon.
CLI Examples:
salt-cloud -a get_password_data mymachine
salt-cloud -a get_password_data mymachine key_file=/root/ec2key.pem
Note: PKCS1_v1_5 was added in PyCrypto 2.5
Returns the PlacementGroup to use
Extract the provider name from vm
Return the salt_interface type to connect to. Either 'public_ips' (default) or 'private_ips'.
Returns the spot instance configuration for the provided vm
Return the ssh_gateway configuration.
Returns the SubnetId to use
Retrieve tags for a resource. Normally a VM name or instance_id is passed in, but a resource_id may be passed instead. If both are passed in, the instance_id will be used.
CLI Examples:
salt-cloud -a get_tags mymachine
salt-cloud -a get_tags resource_id=vol-3267ab32
Returns the Tenancy to use.
Can be "dedicated" or "default". Cannot be present for spot instances.
Return the IAM profile.
The IAM instance profile to associate with the instances. This is either the Amazon Resource Name (ARN) of the instance profile or the name of the role.
Type: String
Default: None
Required: No
Example: arn:aws:iam::111111111111:instance-profile/s3access
Example: s3access
Do not delete all/specified EBS volumes upon instance termination
CLI Example:
salt-cloud -a keepvol_on_destroy mymachine
Return the keyname
Return a list of the VMs that are on the provider
Return a list of the VMs that are on the provider
Return a list of the VMs that are on the provider. Only a list of VM names, and their state, is returned. This is the minimum amount of information needed to check for existing VMs.
Return a list of the VMs that are on the provider, with select fields
Return an optimized list of providers.
We want to reduce the duplication of querying the same region.
If a provider is using the same credentials for the same region the same data will be returned for each provider, thus causing un-wanted duplicate data and API calls to EC2.
Query an instance upon creation from the EC2 API
Queue a set of instances to be provisioned later. Expects a list.
Currently this only queries node data, and then places it in the cloud cache (if configured). If the salt-cloud-reactor is being used, these instances will be automatically provisioned using that.
For more information about the salt-cloud-reactor, see:
Reboot a node.
CLI Example:
salt-cloud -a reboot mymachine
Properly rename a node. Pass in the new name as "new name".
CLI Example:
salt-cloud -a rename mymachine newname=yourmachine
Put together all of the information necessary to request an instance on EC2, and then fire off the request the instance.
Returns data about the instance
Return the script deployment object
Return the security group
Returns the SecurityGroupId
Set tags for a resource. Normally a VM name or instance_id is passed in, but a resource_id may be passed instead. If both are passed in, the instance_id will be used.
CLI Examples:
salt-cloud -a set_tags mymachine tag1=somestuff tag2='Other stuff'
salt-cloud -a set_tags resource_id=vol-3267ab32 tag=somestuff
Do not delete all/specified EBS volumes upon instance termination
CLI Example:
salt-cloud -a show_delvol_on_destroy mymachine
Show the details from EC2 concerning an AMI
Show the details from EC2 concerning an AMI.
Can be called as an action (which requires a name):
salt-cloud -a show_instance myinstance
...or as a function (which requires either a name or instance_id):
salt-cloud -f show_instance my-ec2 name=myinstance
salt-cloud -f show_instance my-ec2 instance_id=i-d34db33f
Show the details of an SSH keypair
Show the details from EC2 concerning an AMI
Wrapper around describe_volumes. Here just to keep functionality. Might be depreciated later.
Return the ssh_interface type to connect to. Either 'public_ips' (default) or 'private_ips'.
Start a node
Stop a node
Wait for an instance upon creation from the EC2 API, to become available
Docs for previous releases are available on readthedocs.org.
Latest Salt release: 2014.7.2
22.5.5. salt.cloud.clouds.digital_ocean_v2