managing your saltstack minions with foreman
TRANSCRIPT
![Page 2: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/2.jpg)
![Page 3: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/3.jpg)
Foreman
![Page 4: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/4.jpg)
● Provision to anything from one interface with one process– Bare metal, oVirt, Libvirt, vmware, docker, EC2,
Rackspace, Digital Ocean, OpenStack, etc.
● Orchestration of all dependencies – not just preseed/kickstart/cloud-init
![Page 5: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/5.jpg)
● Manage Puppet, Chef, and Salt● For salt, provides:
– External node classifier (ENC) for tops system
– External pillar provider
![Page 6: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/6.jpg)
● System Inventories – showing grains and activity (i.e. state.highstate results). Ability to create trends and charts on the data.
● Reporting plugins for ABRT, OpenScap
![Page 7: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/7.jpg)
Distributed Architecture
● Smart Proxies located locally on Foreman itself or independent – used for orchestration of DNS, DHCP, etc.
● Smart Proxy manages the Salt Master.
![Page 8: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/8.jpg)
![Page 9: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/9.jpg)
Foreman Plugins
● Extensible– Both the Smart Proxy and Foreman have a plugin
architecture.● Foreman
– http://projects.theforeman.org/projects/foreman/wiki/Plugins● Smart Proxy
– http://projects.theforeman.org/projects/foreman/wiki/Smart-Proxy_Plugins
– Extend Foreman to do whatever you want!
![Page 10: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/10.jpg)
Foreman Plugins
● Rich ecosystem of plugins– Compute Resources:
● Digital Ocean, Docker, OpenNebula, etc.
– Configuration Management:● Chef, Salt
– Reporting● ABRT, Graphite, etc.
![Page 11: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/11.jpg)
Salt in Foreman
● First support in early 2014 via templates/parameters
● Two plugins– smart_proxy_salt
– foreman_salt
● Packaged for Debian & Red Hat family OS's– Maintain parity w/ whatever Foreman supports
![Page 12: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/12.jpg)
Minion Provisioning
● Assign a Salt master to a new host.● Foreman will do the work for you:
1.Add autosign entry
2.Install Salt packages
3.Trigger key acceptance
4.Remove Autosign
![Page 13: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/13.jpg)
Minion Destruction
● When you delete a host in Foreman, we clean up – delete the host from Salt (the accepted key).
![Page 14: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/14.jpg)
Key Management
● Full web interface to keys– Accept, reject, delete keys
● ...and autosign– Add autosign records (e.g. a domain managed
outside of Foreman)
![Page 15: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/15.jpg)
![Page 16: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/16.jpg)
![Page 17: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/17.jpg)
Salt States
● Assign to host groups (including full inheritance when using netsed host groups), or directly to individual hosts
![Page 18: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/18.jpg)
![Page 19: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/19.jpg)
Pillars
● Pillars <-> Foreman parameters– Add parameters to host, host groups, domains,
global, etc.
● Exposed to Salt via the “external pillars” feature● Currently limited to String values only
![Page 20: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/20.jpg)
Pillars!
![Page 21: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/21.jpg)
Master Tops
● Salt's Master tops system provides a way to generate the top file data for a highstate run from external sources
● Foreman uses the external_nodes module in Salt to deliver a YAML document with States and Pillars
![Page 22: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/22.jpg)
![Page 23: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/23.jpg)
States
} Pillars
![Page 24: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/24.jpg)
Highstate
● Run highstate directly from a node– 'Run Salt' button
● Results reported back to Foreman
![Page 25: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/25.jpg)
Highstate
![Page 26: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/26.jpg)
Reporting
● When running state.highstate, full reporting inside Foreman of the results!– What happened on my systems?
– File changes with diffs!
– Other metrics
![Page 27: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/27.jpg)
Grains
● Grains map to 'Foreman Facts'● Host grains are uploaded to Foreman● Browseable, chartable, searchable
![Page 28: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/28.jpg)
![Page 29: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/29.jpg)
![Page 30: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/30.jpg)
Future (Short Term)
● Foreman 1.8 will bring version 2.0 of the plugin– RESTful API for Salt in Foreman
– Hammer CLI Plugin
– Installer support (foreman-installer --salt-enable=true or similar)
![Page 31: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/31.jpg)
Longer Term
● Importing states/environnments from the master
● Arbitrary Salt commands● More than highstate results● State Groups (like Puppet config groups)● ???
![Page 32: Managing your SaltStack Minions with Foreman](https://reader034.vdocuments.net/reader034/viewer/2022042501/55a786e11a28ab7c188b46f1/html5/thumbnails/32.jpg)
Conclusion + Q&A
● Find us on Freenode!– #theforeman, #theforeman-dev
● Docs– http://github.com/theforeman/foreman_salt/wiki
● Bugtracker:– http://projects.theforeman.org/projects/salt
● Want to contribute?– http://theforeman.org/contribute.html