PyPI
Hulu
Rackspace
nbviewer
HP Cloud
Dah Intro
Dem Basicz
$ salt <TARGETS> module.function <ARGUMENTS>
Where in code?
salt/modules
salt/modules/test.py
Where in code?
$ salt '*' test.ping
web01.example.dev:
True
db01.example.dev:
True
Let's look at the code:
def ping():
return True
The minion runs the module locally and returns the values.
$ salt '*' test.echo foo
web01.example.dev:
foo
db01.example.dev:
foo
Let's look at the code:
def echo(text):
return text
The master passes the arguments for the modules to use upon execution.
I don't need to run it on every minion, GOSH!
A Manage Who?
$ salt '*' state.single module.function <ARGUMENTS>
Where in code?
salt/states
salt/states/git.py
Where in code?
$ salt 'web01*' state.single git.latest http://github.com/saltstack/salt.git target=/tmp/salt
web01.flexdeaf.dev:
----------
State: - git
Name: http://github.com/saltstack/salt.git
Function: latest
Result: True
Comment: Repository http://github.com/saltstack/salt.git cloned to /tmp/salt
Changes: new: http://github.com/saltstack/salt.git
revision: 2d4772cc61e88d3384444cdf225b1c7b6a49512c
Summary
------------
Succeeded: 1
Failed: 0
------------
Total: 1
Execute a state module from the command line with state.single
What Else Is Benefits?
Sharing Targetted Data
$ cat /srv/pillar/users.sls
users:
salt:
shell: /bin/bash
home: /home/salt
groups:
- salt
timoguin:
sudouser: True
shell: /bin/zsh
groups:
- admin
- dev
- salt
ssh_auth:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQA . . .
dotfiles: http://github.com/timoguin/dotfiles.git
psssttt. . . this data can also be generated via external systems. just enable an external pillar module that returns a dictionary
$ salt 'minion' cloud.create <CLOUD_CONFIG> <INSTANCE_NAME> <API_ARGUMENTS>
Where in code?
salt/cloud
$ cat /etc/salt/cloud.providers.d/do.conf
do:
api_key: <DIGITAL_OCEAN_API_KEY>
client_key: <DIGITAL_OCEAN_CLIENT_ID>
location: New York 2
provider: digital_ocean
ssh_key_file: /home/salt/.ssh/id_rsa
ssh_key_name: salt@master01
$ cat /etc/salt/cloud.profiles.d/digital_ocean.conf
ubuntu_512MB_ny2:
provider: do
image: Ubuntu 12.04.3 x64
size: 512MB
location: New York 2
private_networking: True
minion:
master: master01.foo.bar
grains:
role: crazymachine
$ salt '*' event.fire '{"data":"my event data"}' 'tag'
Where in code?
salt/modules/event.py
Where configured on master?
/etc/salt/master.d/reactor.conf
$ cat /etc/salt/master.d/reactor.conf
reactor:
- 'salt/minion/*/start':
- /srv/reactor/start.sls
- /srv/reactor/monitor.sls
- 'salt/cloud/*/destroyed':
- /srv/reactor/decommision.sls
- 'salt/key':
- /srv/salt/haproxy/react_new_minion.sls
- 'whatsup/cowabunga':
- /srv/salt/supahstate.sls
$ cat /srv/salt/haproxy/react_new_minion.sls
{% if data['act'] == 'accept' and data['id'].startswith('web') %}
add_new_minion_to_pool:
cmd.state.sls:
- tgt: 'haproxy*'
- arg:
- haproxy.refresh_pool
- 'pillar={new_minion: {{ data['id'] }}}'
{% endif %}
playing with Salt's remote execution modules
Where in code?
salt/output
Where in code?
salt/runners
=
Unique Job ID
$ salt-run jobs.list_jobs
'20140221224203119172':
Arguments:
- apache2
Function: service.enabled
Start Time: 2014, Feb 21 22:42:03.119172
Target: '*'
Target-type: glob
User: sudo_timoguin
$ salt-run jobs.list_jobs
'20140221224203119172':
Arguments:
- apache2
Function: service.enabled
Start Time: 2014, Feb 21 22:42:03.119172
Target: '*'
Target-type: glob
User: sudo_timoguin
$ salt-run jobs.lookup_jid 20140221224203119172
master01:
None
dev01:
None
log01:
None
web01:
None
redis01:
None
es01:
None
db01:
None
let's actually use all this data. . .
[insert diagram]
$ salt '*' state.low '{name: vim, state: pkg, fun: installed}'
How do I actually apply and enforce these states?
$ cat /srv/salt/top.sls
base:
'*':
- hosts
- users
'web*':
- apache
- websites
- kibana
'db*':
- postgres
- mysql
Generate and ingest external data through Salt's Master Tops system if ya wanna. . .
$ cat /srv/pillar/top.sls
base:
'*':
- users
'web*':
- apache
- websites
fileserver_backend:
- git
gitfs_remotes:
- git://github.com/saltstack/salt-states.git
- git+ssh://git@github.com/timoguin/private-states.git
- file:///root/silly-states.git
ext_pillar:
- git: master git+ssh://git@bitbucket.com/timoguin/pillar.git
<Includes declaration>
<Extends declaration>
<SLS ID>:
<State>:
- fun: <Function>
- args: <Args>
- <Requisites>
<SLS ID>:
<State>.<Function>:
- args: <Args>
- <Requisites>
java7-ppa:
pkgrepo.managed:
- ppa: webupd8team/java
- require_in:
- pkg: jdk7
module.run:
- name: pkg.refresh_db
jdk7-accept-license:
cmd.run:
- name: echo oracle-java7-installer shared/accepted-oracle-license-v1-1 select true | /usr/
- unless: "debconf-get-selections | grep -q shared/accepted-oracle-license-v1-1"
- user: root
jdk7:
pkg.installed:
- name: oracle-java7-installer
- requires:
- cmd: jdk7-accept-license
- pkgrepo: java7-ppa
git:
pkg.installed:
{% if grains['os'] == 'Ubuntu' %}
- name: git-core
{% else -%}
- name: git
{% endif -%}
Write a module with an ext_pillar function that returns a dictionary.
def ext_pillar( minion_id, pillar, *args, **kwargs ):
my_pillar = {}
# Do stuff
return my_pillar
External pillar is configured on the master
ext_pillar:
- hiera: /etc/hiera.yaml
- cmd_yaml: cat /etc/salt/yaml
- cmd_json: "echo {'arg':'value'}"
- reclass:
inventory_base_uri: /etc/reclass
Where in code?
salt/returners
Your life can be more than YAML!
Where in code?
salt/renderers
wut about practikal
@timoguin
timoguin on Freenode
867-5309
#salt on Freenode
reddit.com/r/saltstack