My goal was pretty simple: I have a debian-10-dev template originally cloned from debian-10, into which I incrementally installed quite a number of packages. I want to automate things, so I don’t have to redo that for debian-11 and further releases. I’m pretty new with Salt, and trying to make sense out of the doc and @unman’s examples.
I started to concentrate on a formula to get packages installed into a template, and I find that disturbingly complicated.
Following examples it is not hard to come up with something like this, let’s put it in /srv/formulas/base/virtual-machines-formula/qvm/debian-dev.sls
:
deb-dev-packages.installed:
pkg.installed:
- pkgs:
- autoconf
- automake
- build-essential
- clang
- g++
From this example I infered a command-line:
qubesctl --skip-dom0 --targets=debian-11-dev state.apply qvm.debian-dev
I must say I’m horrified having to specify --skip-dom0
, and when not specifying seeing a silent attempt to install all those packages in dom0, and also no error when making a typo in the VM name passed to --targets
.
I tried to understand why I would need a .top
file there, as all examples ship one alongside with the every .sls
file. I thought they could be used to specify the target qube’s name, but each time I tried qubesctl
ignored that it was not dom0
I specified in my .top
file. And finally I just removed it, and qubesctl
appears to do its job without a problem. Could someone shed some light here ?
From what I gather, I have to write separate formulas for the actions to be executed in dom0 (template cloning, any parameter adjustments) and for the ones to be executed in the new template (package installations, etc). This sounds sensible in a way, but I can’t see how they can be chained in a single invocation, ie. as is there is in fact little value to replace a call to qvm-clone
by one to qubesctl
with a 3-lines formula, if I also have to run a second qubesctl
to install the packages. Surely it must not be that complicated to come up with an example that would in one go clone the template and add packages to the clone ?
I’ve read a bit of SaltStack Challenges and Experiences, and from this small incursion in the world of Salt I think I can understand @restive’s criticisms, and can’t help to wonder if Salt is indeed the right tool for the task: at the very least, the learning curve is quite steep. And if those examples really reflect the best we can do from a user’s perspective, is it really worth it ?