Salt Configuration ManagementSaltStack.com

Salt Marketing Points

●Simplicity - Basic Architecture

●Parallel execution

●Secure encryption / authentication

●Open Source: https://github.com/saltstack/salt

Architecture● Salt master: the central

management system.

● Salt minion: a managed system.

Execute Commands●salt ‘*’ cmd.run ‘ls -l /etc’

●salt ‘*’ disk.usage

●salt ‘*’ network.interfaces

Salt Command SyntaxSynopsissalt <target> <module.function> <arguments>

Flags

-E--pcre

Perl Compatible Reg. Exp. to match on minion name

-G--grain

Allows targeting by matching predefined values in minion machines

-C--compound

Allows combining criteria

Targeting●salt ‘minion1’ disk.usage

●salt ‘minion*’ disk.usage

●salt -G ‘os:Ubuntu’ test.ping

●salt -E ‘minion[0-9]’ test.ping

●salt -C ‘G@os:Ubuntu and minion*’ test.ping

More definitions...●Salt States - Scripts that use predefined functions that are run

against minions and tracked - preventing them from running multiple times.

●Top File - Configures which files to run against which minions

Predefined Functions?!? I want to do moreFunctions are just Python methods sorted into modules. You can write your own if you need to do anything too complicated or you can be lazy: https://github.com/saltstack-formulas

Sample Modules on GitHub

● Docker

● Jenkins

● Wordpress

● Apache

● mySQL

● Node

● ...even Salt

PillarData assigned to minions using targets

Think configurations for a machine

i.e. Ports, Usernames, Passwords, etc.

Configure different machines to look at different environments, hostnames, etc.

Applied by template or specified manually: salt '*' state.apply ftpsync pillar='{"ftpusername": "test"}’

IncludesDRY applies here too

EX top of salt state:

include: - mercurial

Ordering & RequisitesThings happen in order from the top file or based on includes…

To get fancy you can have the following:

Jinja - Magic ConditionalsWant to make Pillars more than statically assigned to minions?

Refresh the pillar variables and use them in a state file

What about my data or modifying files?

5 More Slides… EventsWhat kind of things can you get notified of

●Periodic Presence Updates - which minions are connected

●Minion Connected

●Minion Disconnnected

●State Completion

●Custom○ Salt-call event.send /my/test/event ‘{“data”: “my test event”}’

BeaconsTrigger events for non-salt related things

● File System Changes

● System Load

● Service Status

● Shell Activity (user login)

● Network and Disk Usage

Reacting to Events

References●https://docs.saltstack.com/en/getstarted/index.html

●https://docs.saltstack.com/en/latest/contents.html

●https://linux.die.net/man/1/salt

●https://github.com/saltstack/salt

●https://github.com/saltstack-formulas

●Images stolen shamelessly from Google Image Search