Salt stack

50 %
50 %
Information about Salt stack

Published on November 26, 2013

Author: igalarzab



An introduction about how to use salt-stack and how to improve it developing new modules and states with Python

salt-stack Jose Ignacio Galarza @igalarzab

Index Why it’s so cool? How to use it? Developing for salt-stack

python + devops


infrastructure management


not a polling model, PUSHING

instructions send to the minions telling them what to do

PUB/SUB system on 4505 REP system on 4506

awesome diagram master SUB minion PUB minion REP minion

MessagePack to serialize the messages

everything is encrypted

it uses first public authentication keys for master needs to know public keys of the minions

then, it uses AES for communication * (symmetric, faster)

how to accept minion keys? $ salt-key Unaccepted Keys: minion_1 ! $ salt-key -a minion_1

let’s go! $ salt ‘*’ ! ! ! minion_1: True


controlled machines

receive instructions via PUB/SUB ZeroMQ

masterless configuration * (salt-call)


they provide the functionality

S3 pip apt ssh iptables pam nginx apache aliases mysql mount file upstart quota

execute them with the cli! $ salt ‘*’ ‘ls /’ ... $ salt ‘*’ state.highstate ...


manage or configure in your hosts what to

salt-stack states are just DATA * usually in YAML

they usually map to module functions

understanding states ! ! ! ! ! ! ! ! ! /etc/init/nginx.conf: file: - managed - template: jinja - user: root - require: - pkg: nginx

nginx:   pkg.installed:     - name: nginx   file:     - managed     - name: /etc/init/nginx.conf     - source: salt://nginx.conf     - require:       - pkg: nginx service:     - running     - enable: True - watch:       - file: /etc/nginx/nginx.conf

there are a lot of directives require watch extend include


save the minion output where to

mongo stdout redis SQL DB


language of the state configuration

YAML python JSON ...


configuration of the machine * read-only data ** populated at the beginning

using grains... {% if grains['os'] == 'RedHat' %} httpd: pkg: - installed {% elif grains['os'] == 'Debian' %} apache2: pkg: - installed {% endif %}

list the grains $ salt ‘*’ ... you can use them everywhere dev: ‘os:Debian’: - match: grain - python_server


think of pillar as a variable container

it’s data, just as same as the states

create a pillar of salt... {% if grains['os'] == 'RedHat' %} apache: httpd git: git {% elif grains['os'] == 'Debian' %} apache: apache2 git: git-core {% endif %}

and use it! apache: pkg: - installed - name: {{ pillar['apache'] }}

only salt-stack?

salt-bootstrap salt-cloud salt-vagrant halite

developing for salt-stack

developing modules

it’s like developing a normal python module! just create a file inside the _modules dir

every callable is exported* * (with some exceptions)

creating a module (for the pip-tools package) import re! ! import salt.utils! from salt.utils.decorators import memoize! ! REVIEW_RE = re.compile(‘([wd_-]+)==([d.]+) is available (you have ([d.]+))’)! ! ! @memoize! def _detect_install():! return salt.utils.which('pip-review')! ! ! def __virtual__():! return 'piputils' if _detect_install() else False!

creating a module (for the pip-tools package) ! def review(autoinstall=False):! command_ret = __salt__[''](! 'pip-review {0}'.format('-a' if autoinstall else '')! )! ! packages = command_ret.split('n')! updates = {}! ! for package in packages:! match = REVIEW_RE.match(package)! if match:! name, old_v, new_v = match.groups()! updates[name] = (old_v, new_v)! ! return updates!

syncing the modules $ salt-call saltutil.sync_modules ... and use it! $ salt-call machine: ---------- Jinja2: - 2.7.1 - 2.6

useful variables like: __salt__ __grains__ __outputter__

developing states

it’s (also) like developing a normal python module! just create a file inside the _states dir

every callable is exported* * (with some exceptions)

the renderer structure maps directly to the state python module

creating a state (for the pip-tools package) def keep_updated(name, min_version=None, max_version=None):! updatable_packages = __salt__['']()! pkg_info = updatable_packages.get(name, None)! ! ret = {! 'name': name,! 'result': pkg_info is not None,! }!

creating a state (for the pip-tools package) ! if package_info:! ret['comment'] = 'Update {0} from {2} to {1}'.format(! name, *pkg_info! )! ret['changes'] = {!          name: {! 'old': package_info[1],! 'new': package_info[0]! }! }! else:! ret['comment'] = 'Inexistent package {0}'.format(name)! ! if __opts__['test']:! ret['result'] = None!     else:! pass # Perform the update! ! return ret!

mapping the file ! Jinja2: pip_package: - keep_updated - min_version: 1.0 # # # # maps maps maps maps to to to to "name" argument pip_package state keep_updated funct min_version arg

and that’s all!


thank you!

Add a comment

Related presentations

Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...

In this presentation we will describe our experience developing with a highly dyna...

Presentation to the LITA Forum 7th November 2014 Albuquerque, NM

Un recorrido por los cambios que nos generará el wearabletech en el futuro

Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...

Microsoft finally joins the smartwatch and fitness tracker game by introducing the...

Related pages

SaltStack automation for CloudOps, ITOps & DevOps at scale

SaltStack systems & configuration management software delivers fast & scalable event-driven infrastructure automation & predictive cloud orchestration.
Read more


SaltStack¶ Salt, a new approach to infrastructure management, is easy enough to get running in minutes, scalable enough to manage tens of thousands of ...
Read more

GitHub - saltstack/salt: Software to automate the ...

README.rst What is SaltStack? SaltStack makes software for complex systems management at scale. SaltStack is the company that created and maintains the ...
Read more

SaltStack community

The SaltStack community is committed to keeping the Salt project focused, friendly, healthy and open.
Read more

Saltstack – Wikipedia

Saltstack (kurz: Salt) ist eine Open-Source-Software zur Automatisierung der Konfiguration von Serversystemen. Mit Salt lassen sich beispielsweise Software ...
Read more

Get Started Guide - SaltStack

Get Started Guide. Back to Help ... What is SaltStack? SaltStack is a revolutionary approach to infrastructure management that replaces complexity with speed.
Read more

SaltStack - Facebook

SaltStack is software built to unite, simplify, and automate data center operations. Salt is renown for its speed, scale and flexibility in managing and...
Read more

Salt Stack - How people build software · GitHub

GitHub is where people build software. More than 14 million people use GitHub to discover, fork, and contribute to over 35 million projects.
Read more

SaltStack - YouTube

SaltStack is the full systems and configuration management software stack for fast and scalable deployment and automation of any cloud. SaltStack is used ...
Read more

Salt (software) - Wikipedia, the free encyclopedia

SaltStack platform or Salt is a Python-based open source configuration management software and remote execution engine. Supporting the "Infrastructure as ...
Read more