Encrypting your Pillar data is recommended because it contains your most valuable information like passwords and keys used in your infrastructure. Pillar data is held by the Salt master and only send through an encrypted bus to Minions when used in a state file. Encrypting your Pillar data can be done with GPG. This means that you encrypt the values with a public GPG key. This single public key is used by all the users within your organization to encrypt sensitive information. The private key is only available on the Salt master (not the Minions!). Without the private key the encrypted data can not be decrypted. My Pillar Path: /opt/salt/pillar/prod/ My Environment Path: /opt/salt/environments/prod/ [root@master ~]# mkdir -p /etc/salt/gpgkeys [root@master ~]# chmod 0700 /etc/salt/gpgkeys [root@master ~]# gpg --gen-key gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. T...
Welcome to your go-to blog for all things DevOps and cloud technologies! Dive into comprehensive guides on Red Hat certifications (RHCSA, RHCE, RHCSS, RHCVA, RHCDS, RHCA), along with essential tools like OpenStack, OpenShift, and Rancher. Learn how to streamline workflows, master Cloud Storage, and optimize virtualization with VMware. Enhance your networking skills with CCNA and explore cutting-edge practices in Linux, automation, cloud computing, and DevOps pipelines.