![Page 1: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/1.jpg)
Getting Started with SaltManage tens of thousands of servers and communicate with each system in seconds
Eric Jackson
Senior Software Developer Distributed Storage
SUSE Linux GmbH
Pablo Suárez Hernández
Senior Software Engineer SUSE Manager
SUSE Linux GmbH
![Page 2: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/2.jpg)
2
Contents
- What is Salt? Why Salt?
- Salt Master and Minions
- Grains and Pillar
- States and Modules
- Salt Mine
- Runners
- Reactor
- Other Topics
![Page 3: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/3.jpg)
3
What is Salt?
- Remote execution engine
- Configuration management system
- Apply defined states
- Enable high-speed communication
- Provisioning and Orchestration
- Easy to extend. Salt Mine
- Python!
“A configuration management system which provides a high-speed communication working with large number of systems in a highly
scalable environment”
![Page 4: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/4.jpg)
4
Why Salt?
Salt Ansible Chef Puppet
Initial release 2011 2012 2009 2005
Configuration Language
YAML YAML Ruby/DSL DSL
Template Language
Jinja2 Jinja2 ERB ERB
Core Language Python Python Ruby Ruby
Agent-less Yes Yes - -
Pros/Cons
Execution speed and scalability. Very good Introspection. Strong
community. Difficult for new users.
Easy to learn. SSH based. Poor
introspection. Performance
speed.
Rich collection of recipes. Does not
support PUSH. Need to be
familiar with Ruby
Mature. Web UI. Ruby is needed.
Does not focus on simplicity.
![Page 5: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/5.jpg)
5
Why Salt?
“We had 10,000 lines of Puppet code and reduced that to roughly 1,000 in Salt” - Ryan Lane, Lyft
“We are running around 70,000 minions. When you keep doubling boxes like this, one does not simply scale” - Thomas Jackson, LinkedIn
“It is not about configuring Linux or Windows machine or configuring an operations or deployment. It is about development, testing, production and heterogeneity across all that.” - Ross Gardler, Microsoft Azure
![Page 6: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/6.jpg)
6
How to run Salt?
- Checkout from GitHub: https://github.com/saltstack/salt/
(current release 2016.3.3)
- Install from SLE & openSUSE repositories:
(2015.8.7 and 2016.3.2)
- Multiple running environments:– Master-less configuration
– No agent needed!
– master – minion
– “dumb” devices (salt-proxy)
– Multiple masters (syndic)
Commandsconfiguration
Results
![Page 7: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/7.jpg)
7
Using Salt without a master server (master-less)
# salt-call --local test.ping
# salt-call --local pkg.install apache2
# salt-call --local service.enable apache2
# salt-call --local state.apply mystate
Commandsconfiguration
Results
“We can use Salt locally to execute commands
and configurations”
![Page 8: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/8.jpg)
8
No agent: salt-ssh
SSH
Commandsconfiguration
Results
Master
No Agents!
Client machine
![Page 9: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/9.jpg)
9
Salt Master and Minions
Ports:4505-4506
Master
Minion
Minion
Minion
ØMQ
![Page 10: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/10.jpg)
10
The Salt Transport: ØMQ
Salt uses ZeroMQ as default transport protocol:
PUB channel (4505 tcp):– Implements a pub/sub socket. Encrypted payload is published by master which includes minion
targeting
• REQ channel (4506 tcp):– Implements a req/rep sockets. Fetching files and returning jobs from minions to master.
Also supports:– TCP transport
– RAET transport
![Page 11: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/11.jpg)
11
Master
Minion
ProxyMinions
“Dumb”Devices
Salt in “dumb” devices (salt-proxy)
![Page 12: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/12.jpg)
12
Salt with multiple masters (salt-syndic)
Master
Minions
Syndic
![Page 13: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/13.jpg)
13
Master
![Page 14: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/14.jpg)
14
Salt Master
The main daemon for managing the bus and components.
Installation:zypper install salt-master
Configuration:/etc/salt/master
/etc/salt/master.d/*.conf
![Page 15: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/15.jpg)
15
Salt Master
Useful settings:log_level: warning|debug
state_output: full|mixed
Files:/var/cache/salt/master/*
/var/log/salt/master
/run/salt/master
![Page 16: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/16.jpg)
16
Setting up a Salt Master
- /etc/salt/master (multiple environments)
# Files and state rootsfile_roots: base: - /srv/salt
# Pillar data rootspillar_roots: base: - /srv/pillar
(single environment)
file_roots: dev: - /srv/salt/dev/ prod: - /srv/salt/prod/ qa: - /srv/salt/qa/
pillar_roots: base: - /srv/pillar prod: - /srv/pillar/prod dev: - /srv/pillar/dev
![Page 17: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/17.jpg)
17
Minion
![Page 18: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/18.jpg)
18
Salt Minion
The agent running on each host.
Installation:zypper install salt-minion
Configuration:/etc/salt/minion
/etc/salt/minion.d/*.conf
/etc/salt/minion_id
![Page 19: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/19.jpg)
19
Salt Minion
Useful settings:log_level: warning|debug
master: salt
Files:/var/cache/salt/minion/*
/var/log/salt/minion
/run/salt/minion
![Page 20: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/20.jpg)
20
Salt Minion
A minion is not part of the Salt cluster until the master accepts its key.
Useful commands (to run in Master):salt-key -A
salt-key -A -y
salt-key -L
# salt-key -LAccepted Keys:minion0minion1Denied Keys:Unaccepted Keys:minion2Rejected Keys:
![Page 21: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/21.jpg)
21
Starting playing with Salt
salt ‘*’ test.ping
Useful commands:salt '*' test.ping
salt '*' cmd.run “date +%s.%N”
salt-run jobs.active
salt '*' saltutil.kill_job <jid>
salt-run manage.up
salt-run state.event pretty=True
target
module
function
# salt ‘*’ test.pingminion0: Trueminion1: True
![Page 22: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/22.jpg)
22
Grains
![Page 23: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/23.jpg)
23
Salt Grains
Data provided by the minion. Static for the life of the minion.
Commandssalt 'node1*' grains.items
salt 'node1*' grains.get kernelrelease
State file
{% set kernel = grains['kernelrelease'] | replace('-default', '') %}
kernel:
cmd.run:
- name: “echo Kernel is {{ kernel }}”
![Page 24: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/24.jpg)
24
Salt Grains
Custom grains can override core grains.
Precedence:/etc/salt/grains
/etc/salt/minion
/srv/salt/_grains
Caveats• Not immediately available, salt '*' saltutil.sync_grains
![Page 25: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/25.jpg)
25
Pillar
![Page 26: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/26.jpg)
26
Salt Pillar
Pillar files are essentially YAML files with an sls extension. Centralized configuration data filtered to each minion by the master.
Location• /srv/pillar
• /srv/pillar/top.sls
• Subdirectories do not affect data structure
/srv/pillar/ceph/cluster/node1.domain.slscluster: ceph
roles:
- master
![Page 27: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/27.jpg)
27
Salt Pillar
Display all pillar data for a specific minion.
Commandssalt 'node1*' pillar.items
node1.domain:
----------
cluster:
ceph
roles:
- master
![Page 28: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/28.jpg)
28
Salt Pillar
Using pillar data.
Commandssalt 'node1*' pillar.get roles
State file
tgt: {{ pillar.get('master_minion') }}
tgt: {{ salt['pillar.get']('master_minion') }}
{% set FAIL_ON_WARNING = salt['pillar.get']('FAIL_ON_WARNING', 'True') %}
{% for role in salt['pillar.get']('rgw_configurations', [ 'rgw' ]) %}
mon_initial_members = {{ salt['pillar.get']('mon_initial_members') | join(', ') }}
![Page 29: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/29.jpg)
29
Salt Pillar
Pillar data is not automatically available.
Commandssalt 'node1*' saltutil.pillar_refresh
node1.domain:
True
salt 'node1*' saltutil.refresh_pillarnode1.domain:
True
![Page 30: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/30.jpg)
30
The Pillar “top.sls” file
- /srv/pillar/top.sls
base: ‘*’: - common
vim: pkg.installed
/etc/hosts: file.managed: -source: salt://hosts
foo: bar
{% if grains['os_family'] == "Suse" %}suseToken: token-only-in-suse-minions{% endif %}
- /srv/pillar/common.sls
- /srv/pillar/common.sls
environment
targeting
sls file
“SLS files are JINJA2 templates rendering YAML output. We can
render output using pillars, grains or even salt functions”
![Page 31: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/31.jpg)
31
States
![Page 32: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/32.jpg)
32
Salt States
States are synonymous with the Salt state file. The extension is sls.
Location:/srv/salt/top.sls
/srv/salt/anything.sls
/srv/salt/project/thing1.sls
/srv/salt/project/thing2/init.sls
Caveat:• Not all sls files are the same
![Page 33: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/33.jpg)
33
Salt States
Template
/etc/ceph/ceph.client.admin.keyring:
file.managed:
- source:
- salt://ceph/.../ceph.client.admin.keyring
- user: root
- group: root
- mode: 600
Package and Service
lrbd:
pkg.installed:
- pkgs:
- lrbd
enable lrbd:
service.running:
- name: lrbd
- enable: True
![Page 34: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/34.jpg)
34
Salt States
Includes
include:
- .keyring
start mds:
service.running:
- name: ceph-mds@{{ grains['host'] }}
- enable: True
No operation
# No pools are created by default
nop:
test.nop
![Page 35: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/35.jpg)
35
Salt States
/srv/salt/anything.sls:salt '*' state.apply anything
salt '*' state.sls anything
/srv/salt/project/thing1.sls:salt '*' state.apply project.thing1
/srv/salt/project/thing2/init.sls:salt '*' state.apply project.thing2
![Page 36: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/36.jpg)
36
Salt States
Highstate can be considered a default setting for a salt cluster.
/srv/salt/top.sls:salt '*' state.highstate
Layman definitions:• Highstate: simply processed, human friendly output
• Lowstate: “compiled”, Salt master friendly output
![Page 37: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/37.jpg)
37
The States “top.sls” file
- /srv/salt/top.sls
base: ‘*’: - common
‘webserver*’: - apache - webnode
‘G@os_family:SUSE’: - certs
vim: pkg.installed
/etc/hosts: file.managed: -source: salt://hosts
apache: pkg.installed: [] service.running: - require: - pkg: apache
- /srv/salt/apache.sls
- /srv/salt/common.sls
environment
targeting
state
![Page 38: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/38.jpg)
38
State Modules
![Page 39: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/39.jpg)
39
State Modules
- alias
- apache
- archive
- bower
- cloud
- disk
- dockerng
- file
- grafana
- htpasswd
- iptables
- mount
- lvm
- pkg
- mysql_user
- network
- rsync
- selinux
“Salt State modules allows you to define custom configuration states for almost every component of your system”
- service
- snapper
- sysctl
- supervisord
- virt
- user
- group
...
frank: mysql_user.present: - host: localhost - password: bobcat
server1: host.present: - ip: 192.168.0.42 - names: - server1 - florida
/dev/sda: lvm.pv_present
my_vg: lvm.vg_present: - devices: /dev/sda
lvroot: lvm.lv_present: - vgname: my_vg - size: 10G - stripes: 5 - stripesize: 8K
![Page 40: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/40.jpg)
40
Salt State Module Example
/srv/salt/_states/mystatemodule.py
def __virtual__():
return 'fwmod' if 'network.connect' in __salt__ else False
def check(name, port=None, **kwargs):
ret = {'name': name,
'result': True,
'changes': {},
'comment': ''}
if 'test' not in kwargs:
kwargs['test'] = __opts__.get('test', False)
# check the connection
if kwargs['test']:
ret['result'] = True
ret['comment'] = 'The connection will be tested'
else:
results = __salt__['network.connect'](host, port, **kwargs)
ret['result'] = results['result']
ret['comment'] = results['comment']
return ret
![Page 41: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/41.jpg)
41
Salt State Module Example
Commandssalt 'node1*' saltutil.sync_states
salt 'node1*' state.apply testgoogle
State file
testgoogle:
fwmod.check:
- name: 'google.com'
- port: 80
- proto: 'tcp'
![Page 42: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/42.jpg)
42
Execution Modules
![Page 43: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/43.jpg)
43
Salt Execution Modules
- cmd
- iptables
- jenkins
- apache
- network
- disk
- dockerng
- git
- htpasswd
- junos
- kerberos
- ldap3
- lvm
- postfix
- mysql
- parted
- rsync
- selinux
“Execution modules allows you to manage and configure almost every component of your system”
- service
- snapper
- system
- supervisord
- virt
- zypper
- cron
- cp
...
# salt ‘*’ cmd.run dateminion0: Mon Sep 5 12:29:04 UTC 2016minion1: Mon Sep 5 12:29:03 UTC 2016
# salt ‘*’ service.restart apache2minion0: Trueminion1: False
# salt ‘minion0’ pkg.version vimminion0: 7.4.326-2.62
![Page 44: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/44.jpg)
44
Salt Module
Python scripts that return useful values or perform custom actions.
Uses:• Alter behavior of a state file (e.g. wait or retry)
• Encapsulate logic, simplify Jinja
• Retrieve dynamic information from minions
Commands• salt 'node1*' keyring.secret
• salt 'node1*' freedisks.list
![Page 45: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/45.jpg)
45
Salt Module Example
/srv/salt/_modules/keyring.py
def secret(filename):
if os.path.exists(filename):
with open(filename, 'r') as keyring:
for line in keyring:
if 'key' in line and ' = ' in line:
key = line.split(' = ')[1].strip()
return key
key = os.urandom(16)
hdr = struct.pack('<hiih',1,int(time.time()),
0,len(key))
return base64.b64encode(hdr + key)
def file(component, name=None):
if component == "osd":
return "/srv/salt/ceph/osd/cache/bootstrap.keyring"
if component == "igw":
return "/srv/salt/ceph/igw/cache/ceph." + name + ".keyring"
if component == "mds":
return "/srv/salt/ceph/mds/cache/" + name + ".keyring"
if component == "rgw":
return "/srv/salt/ceph/rgw/cache/" + name + ".keyring"
![Page 46: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/46.jpg)
46
Salt Module Example
Commandssalt 'node1*' saltutil.sync_modules
salt 'node1*' keyring.secret
salt 'node1*' keyring.file mds node1
State file{% set keyring_file = salt['keyring.file']('mds', grains['host']) %}
{{ keyring_file}}:
file.managed:
- source: ...
- context:
secret: {{ salt['keyring.secret'](keyring_file) }}
![Page 47: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/47.jpg)
47
Mines
![Page 48: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/48.jpg)
48
Salt Mine
Cache the output of a module. Complements grains.
Few steps:• Write a module
• Synchronize to minions
• Configure minions
Commandssalt 'node1*' freedisks.list
salt-call mine.get 'node1*' freedisks.list
salt 'node1*' mine.get 'node*' freedisks.list
![Page 49: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/49.jpg)
49
Salt Mine Example
/srv/salt/_modules/freedisks.py
def list():
drives = []
for path in glob('/sys/block/*/device'):
base = os.path.dirname(path)
device = os.path.basename(base)
# Skip partitioned drives
partitions = glob(base + "/" + device + "*")
if partitions:
continue
# Skip removable media
removable = open(base + "/removable").read().rstrip('\n')
if (removable == "1"):
continue
rotational = open(base + "/queue/rotational").read().rstrip('\n')
hardware =_hwinfo(device)
hardware['device'] = device
hardware['rotational'] = rotational
drives.append(hardware)
return drives
![Page 50: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/50.jpg)
50
Salt Mine Example
def _hwinfo(device):
results = {}
cmd = "/usr/sbin/hwinfo --disk --only /dev/{}".format(device)
proc = Popen(cmd, stdout=PIPE, stderr=PIPE, shell=True)
for line in proc.stdout:
m = re.match(" ([^:]+): (.*)", line)
if m:
if (m.group(1) == "Capacity"):
c = re.match("(\d+ \w+) \((\d+) bytes\)", m.group(2))
if c:
results[m.group(1)] = c.group(1)
results['Bytes'] = c.group(2)
else:
# Remove double quotes
results[m.group(1)] = re.sub(r'"', '', m.group(2))
return results
![Page 51: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/51.jpg)
51
Salt Mine Example
24: IDE 200.0: 10600 Disk
[Created at block.245]
...
Model: "HGST HTS721010A9"
Vendor: "HGST"
Device: "HTS721010A9"
Revision: "A3J0"
Serial ID: "JR100X6P2PWRME"
Device File: /dev/sdc
...
Size: 1953525168 sectors a 512 bytes
Capacity: 931 GB (1000204886016 bytes)
Config Status: cfg=new, avail=yes, need=no, active=unknown
Attached to: #14 (SATA controller)
![Page 52: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/52.jpg)
52
Salt Mine Example
/srv/salt/_modules/freedisks.py
Sync'ing:• salt '*' saltutil.sync_module
• salt '*' saltutil.sync_all
State file
load modules:
module.run:
- name: saltutil.sync_all
- refresh: True
![Page 53: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/53.jpg)
53
Salt Mine Example
/srv/salt/.../mine_functions/init.sls:
configure_mine_functions:
file.managed:
- name: /etc/salt/minion.d/mine_functions.conf
- source: salt://ceph/mine_functions/files/mine_functions.conf
manage_salt_minion_for_mine_functions:
service.running:
- name: salt-minion
- watch:
- file: configure_mine_functions
![Page 54: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/54.jpg)
54
Salt Mine Example
/etc/salt/minion.d/mine_functions.conf
mine_functions:
freedisks.list: [ ]
![Page 55: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/55.jpg)
55
Runners
![Page 56: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/56.jpg)
56
Salt Runner
A runner is conceptually similar to a stand-alone script. Unlike state files or modules, the runner executes on the master.
Uses:• Query salt state
salt-run jobs.active
salt-run manage.up
• Updating external systems
salt-run queue.insert myqueue abc
salt-run network.wol 52:54:00:1D:62:F7
![Page 57: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/57.jpg)
57
Salt Runner
Uses Continued:• Coordinate complex states across groups of minions
salt-run state.orchestrate orch.gateways
• Custom runners
salt-run filequeue.add queue=master complete
salt-run validate.pillar
• Jinja conditionals
{% if salt['saltutil.runner']('filequeue.check', name='complete', queue='master') == True %}
![Page 58: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/58.jpg)
58
Salt Runner: state.orchestrate
The state.orchestrate runner has a different sls file format that allows targeting of minions.
installation:
salt.state:
- tgt: 'I@roles:gateways'
- tgt_type: compound
- sls: gateways.packages
![Page 59: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/59.jpg)
59
Salt Runner: state.orchestrate
Imagine a redundant gateway setup where the application retrieves the configuration from an external source.
![Page 60: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/60.jpg)
60
Salt Runner: state.orchestrate
The dilemma is the configuration only needs to be stored once for all gateways. The import command is only available after package installation.
![Page 61: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/61.jpg)
61
Salt Runner: state.orchestrate
The manual steps are
• Install packages on each gateway
zypper in mypackage
• Initialize the external source
Import configuration
• Start application on each gateway
systemctl enable myservice
systemctl start myservice
![Page 62: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/62.jpg)
62
Salt Runner: state.orchestrate
The salt states are
• Install packages
zypper in mypackage
• Configure packages
Import configuration
• Start application
systemctl enable myservice
systemctl start myservice
/srv/salt/gateways/package/init.sls
installation:
pkg.installed:
- pkgs:
- mypackage
![Page 63: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/63.jpg)
63
Salt Runner: state.orchestrate
The salt states are
• Install packages
zypper in mypackage
• Configure packages
Import configuration
• Start application
systemctl enable myservice
systemctl start myservice
/srv/salt/gateways/import/init.sls
configure:
cmd.run:
- name: "client-cli {{ salt['pillar.get']('mysettings') }}"
- shell: /bin/bash
![Page 64: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/64.jpg)
64
Salt Runner: state.orchestrate
The salt states are
• Install packages
zypper in mypackage
• Configure packages
Import configuration
• Start application
systemctl enable myservice
systemctl start myservice
/srv/salt/gateways/start/init.sls
enable:
service.running:
- name: myservice
- enable: True
restart:
module.run:
- name: service.restart
- m_name: myservice
![Page 65: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/65.jpg)
65
Salt Runner: state.orchestrate
/srv/salt/orch/gateways.sls:
installation:
salt.state:
- tgt: "I@roles:gateways"
- tgt_type: compound
- sls: gateways.package
configure:
salt.state:
- tgt: "{{ salt.saltutil.runner('select.one_minion', roles='gateways') }}"
- sls: gateways.import
start:
salt.state:
- tgt: "I@roles:gateways"
- tgt_type: compound
- sls: gateways.start
![Page 66: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/66.jpg)
66
Salt Runner: state.orchestrate
To execute the orchestration runner
salt-run state.orchestrate orch.gateways
salt-run state.orch orch.gateways
![Page 67: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/67.jpg)
67
Reactor
![Page 68: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/68.jpg)
68
Salt Reactor
Listens for salt events and triggers an action
Examples:• Putting all minions into highstate
• Coordinating actions with reboots
![Page 69: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/69.jpg)
69
Salt Reactor
Reactor is part of the salt master. The configuration only allows simple globbing.
/etc/salt/master.d/reactor.conf
reactor:
- 'salt/minion/*/start':
- /srv/salt/reactor/highstate.sls
![Page 70: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/70.jpg)
70
Salt Reactor
Reactor sls files are different.
/srv/salt/reactor/highstate.sls
highstate_run:
cmd.state.highstate:
- tgt: {{ data['id'] }}
![Page 71: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/71.jpg)
71
Salt Reactor
Reactor sls files are different.
/srv/salt/reactor/highstate.sls
highstate_run:
cmd.state.highstate:
- tgt: {{ data['id'] }}
![Page 72: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/72.jpg)
72
Salt Reactor
Caution:• No circular dependency checking across events
– Reactor starts an orchestration which results in firing events that starts an orchestration...
• No synchronization primitives– Tasks run by the master are separate processes. Race conditions will happen
• No state machine– An error stops the workflow. No automatic retries.
![Page 73: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/73.jpg)
73
Other Topics
![Page 74: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/74.jpg)
74
Other Topics
Topics not covered:• Queues
• Tornado
• Thorium
• Engines
• Beacons
• Salt-api
• Renderers
![Page 75: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/75.jpg)
75
Salt Projects
SUSE Manager:• https://www.suse.com/products/suse-manager
SUSE Software Defined Storage:• Ceph
• DeepSea https://github.com/SUSE/DeepSea
![Page 76: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/76.jpg)
76
Recommended Sessions
Hear from a Customer:SUSE Manager 3 & Salt at Tyson Foods (CAS91938) - Weds 3pm & Fri 10:15am
Try a Hands-on Session:SUSE Manager for Smarties (HO91268) – Tues 2pm & Weds 4:45pm
Advanced Hands-on with SaltStack (HO91449) – Weds 10am & Thurs 2pm
Extending Salt for Fun and Profit (HO92263) – Tues 4:30pm & Thurs 2pm
Learn More:Managing Configuration Drift and Auditing with Salt (TUT89994) – Weds 2pm
![Page 77: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/77.jpg)
77
Questions?
![Page 78: Getting Started with Salt - suse.com Started with Salt ... Senior Software Developer Distributed Storage SUSE Linux GmbH ejackson@suse.com ... - Remote execution engine](https://reader033.vdocuments.site/reader033/viewer/2022051602/5af4df527f8b9a95468e8c00/html5/thumbnails/78.jpg)