Salt: Enable ext_pillar for minions in master/minion mode
When using secret management systems like Confidant, it's better for minions to fetch their secrets directly, rather than having the master fetch the secrets, then distribute them to the minions. It would be nice to be able to use ext_pillar on minions directly, even if in master/minion mode (it already works in masterless). In this mode it should merge the pillars from the master with the ext_pillars from the minion.
ryan-lane
All 7 comments
Which would take precedence?
basepi
on 11 Nov 2015
Ideally configurable. Default should probably be the minion overrides the master, since minion is more specific.
ryan-lane
on 11 Nov 2015
ryan-lane
on 11 Nov 2015
+100 this will indeed solve all my problems with ext_git + gpg (which has tons of issues)
@basepi would you please change the tag to Boron otherwise we'll have to way till same period next year - is going to be late for Salt as a project imo since with this feature you can promote the integration with other solutions (like one form Ryan) or the security of master/ minions
DanyC97
on 11 Nov 2015
Hate to make "me too" comments but I would love to see this sooner than later. Fundamental part of secret sharing and potential differentiator for Salt.
rterbush
on 20 Nov 2015
we should be able to do this by adding ext_pillar lookup in the RemotePillar class in salt/pillar/__init__.py
thatch45
on 8 Jun 2016
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue.
![stale[bot] picture](https://avatars.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 28 Aug 2018
Related issues
layer3switch
路
3Comments
nixjdm
路
3Comments
zieba88
路
3Comments
Arguros
路
3Comments
mooperd
路
3Comments
Most helpful comment
we should be able to do this by adding ext_pillar lookup in the RemotePillar class in
salt/pillar/__init__.py