Add saltstack sls for RHEL

Author: retspen

conf/saltstack/centos_rhel/salt/libvirt/init.sls

@@ -0,0 +1,50 @@
+qemu-kvm:
+  pkg.installed
+
+libvirt:
+  pkg.installed
+
+/etc/libvirt/libvirtd.conf:
+  file.managed:
+    - user: root
+    - group: root
+    - mode: 644
+    - source: salt://libvirt/libvirtd.conf
+    - require:
+      - pkg: libvirt
+
+/etc/libvirt/qemu.conf:
+  file.managed:
+    - user: root
+    - group: root
+    - mode: 644
+    - source: salt://libvirt/qemu.conf
+    - require:
+      - pkg: qemu-kvm
+
+/etc/sysconfig/iptables:
+  file.managed:
+    - user: root
+    - group: root
+    - mode: 644
+    - source: salt://libvirt/iptables
+
+iptables:
+  service:
+    - dead
+    - running
+
+libvirtd:
+  service:
+    - running
+    - enable: True
+
+ksm:
+  service:
+    - running
+    - enable: True
+
+ksmtuned:
+  service:
+    - running
+    - enable: True

conf/saltstack/centos_rhel/salt/libvirt/iptables

@@ -0,0 +1,20 @@
+*nat
+:PREROUTING ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 5900:5930 -j ACCEPT
+#-A INPUT -m state --state NEW -m tcp -p tcp --dport 6800 -j ACCEPT
+-A INPUT -m state --state NEW -m tcp -p tcp --dport 16509 -j ACCEPT
+-A INPUT -j REJECT --reject-with icmp-host-prohibited
+-A FORWARD -i br0 -o br0 -j ACCEPT
+-A FORWARD -j REJECT --reject-with icmp-host-prohibited
+COMMIT