• Marin Crnković
  • 10+ years of experience
  • work @ web.burza

About me

Problem

  • shared development server
  • two (or more!) guys working on same file
  • first guy to save loses his changes

Solution

  • local development environment
  • light, throwaway VMs using Vagrant
  • configure VM for each project

Provisioning

  • ssh into the box
  • run a couple of commands
  • edit a couple of files
  • run some more commands
  • edit some more files
  • edit some commands
  • run some files

big players

  • Puppet
  • Chef
  • Ansible
  • SaltStack

Saltstack

  • Master
  • Minion
  • Execution modules
  • State modules
  • Pillars
  • Grains

...phew

Master

  • keeps states, pillars and top files
  • talks to minions via ZeroMQ, SSH or RAET

Minions

  • provide data about themselves (Grains)
  • listen for commands from Master
  • run execution modules

Top file

  • describes environments
  • defines set of states per minion
  • pillars have a top file too
# /srv/salt/top.sls
base:
  '*':
    - default
  'db*':
    - mariaDB

development:
  'app*':
    - mailcatcher

production:
  'app*':
    - smtp

State

  • describes state
# Short notation
apache2:
  pkg.installed
# Verbose
install_apache:
  pkg:
    - installed
    - name: apache2


Pillars

  • set of variables for state configuration
  • have own top file

Grains

  • minion environment information
  • OS, disk, RAM, CPU, GPU, ...
  • write your own
  • Config files are YAML
  • ...that are written in Jinja templating language
  • ...and Jinja == Twig
  • Option to use JSON, python, python DSL, pyobjects and more
  • XML is NOT supported. Go, SaltStack!

configuration

# /srv/salt/top.sls
base:
  '*':
    - apache

Top file

Basic example

# /srv/salt/apache.sls OR /srv/salt/apache/init.sls
apache:
  pkg.installed:
    - name: apache2

State configuration

# /srv/pillar/top.sls
base:
  'os:Debian':
    - match: grain
    - debian_packages
  'os:RedHat':
    - match: grain
    - redhat_packages

Pillar top file

Pillars and grains

# /srv/salt/apache.sls
apache:
  pkg.installed:
    - name: {{ pillar['pkgs']['apache'] }}

State configuration

# /srv/pillar/debian_packages.sls
pkgs:
  apache: apache2

# /srv/pillar/redhat_packages.sls
pkgs:
  apache: httpd

Pillars configuration

# /srv/salt/top.sls
base:
  '*':
    - website

Top file

Including and Extending

# /srv/salt/website/init.sls
include:
  - apache.install

extend:
  apache:
    service:
      - running
      - enable: True

Website

# /srv/salt/apache/install.sls
apache:
  pkg.installed:
    - name: {{ salt['pillar.get']('pkgs:apache', 'apache2') }}

Apache

# /srv/salt/nginx/init.sls
nginx:
  pkgrepo:
    - managed
    - name: deb http://nginx.org/packages/ubuntu/ trusty nginx
    - key_url: http://nginx.org/keys/nginx_signing.key

Package repository

Nginx example

  service:
    - running
    - watch:
      - pkg: nginx
      - file: /etc/nginx/nginx.conf

Configure service

  pkg:
    - installed
    - require:
      - pkgrepo: nginx

Install package

/etc/nginx/nginx.conf:
  file:
    - managed
    # /srv/salt/nginx/nginx.conf.jinja
    - source: salt://nginx/nginx.conf.jinja
    - user: root
    - group: root
    - mode: 644
    - template: jinja

Manage file

# /srv/salt/nginx/nginx.conf.jinja
user www-data;
worker_processes {{ 2 * grains['num_cpus'] }};
pid /run/nginx.pid;

Managed file template

Nginx example Continued

master $ salt '*' state.highstate
masterless-minion $ salt-call --local state.highstate
  • Installing and configuring packages is easy
  • So is starting and stopping services
  • And executing commands on remote servers
  • It is also possible to deploy servers in all major
    cloud providers (AWS, Linode, DigitalOcean, Rackspace, ...)

Conclusion

  • Configuration is a bunch of files
  • Version them to roll back server to previous state
  • Or fork the server
    https://github.com/saltstack-formulas

 

 

Conclusion

  • saltstack.com
  • http://docs.saltstack.com/en/latest/index.html
  • https://github.com/saltstack/salt-bootstrap

 

Thank you

Marin Crnković

@anorgan

https://joind.in/13779

 

 

Q/A

SaltStack

By Marin Crnković

SaltStack

  • 2,898