Getting Started with Salt

Transcript

1. Getting started with Salt Stack Presented at Fort Collins Python

   Web meetup October 13, 2014 1 / 22

2. Who Am I? Senior Web Application Developer at Kansas State

   University (Full time Remote) Working with Django/Python for 4+ years Starting to dive into Dev Ops tools (Chef, Salt, Ansible) I do NOT have all the answers. Learning in progress Twitter: @derekstegelman GitHub: @dstegelman 2 / 22

3. What is salt stack? According to the Salt Stack Developers,

   salt stack is: Fast, scalable and flexible systems management software for data center automation, cloud orchestration, server provisioning, configuration management and more. Easy to use Very Fast Uses ZeroMQ over SSH (SSH is an available option) 3 / 22

4. Dev Ops! 4 / 22

5. What is IT automation, orchestration, etc.? Ability to express system

   configuration, 'state management' through code. Similar Solutions Chef Puppet Ansible 5 / 22

6. Why use these tools? 6 / 22

7. Why? Express configuration in code Your infrastructure can be kept

   in version control Shareable/Open Source your configurations Easily re-build entire environments Easily scale out changes to hundreds of thousands of machines 7 / 22

8. Salt Stack Methodology 8 / 22

9. Salt Master The salt master dictates what needs to be

   ran and what configurations to use. The salt master is the server in a server/client relationship. Usually a stand alone server Target specific minions or groups of minions via regex to determine what gets run on what target. 9 / 22

10. Salt Master Salt Minions Salt minions are your client nodes.

    These are the machinces that you'll be configuring. A salt minion simply needs to be able to find and identify it's master and it can begin recieving instructions. Minions just need to know where to find the master and how to connect (auth) Must be installed on all your receiving nodes (DB, Web Nodes, etc.) Minions have a given "role" by name that they use to identify themselves (db1, db2, etc.) 10 / 22

11. Salt States, Pillars, & Grains 11 / 22

12. Syntax Salt states are expressed as .sls in YAML syntax.

    Salt states are farily easy to understand there is exetensive documentation. This example salt state installs some standard apt packages for Python. p y t h o n - p k g s : p k g . i n s t a l l e d : - n a m e s : - p y t h o n 2 . 7 - d e v - p y t h o n - v i r t u a l e n v - p y t h o n - c r y p t o - p y t h o n - s e t u p t o o l s - l i b x m l 2 - d e v - l i b y a m l - d e v - l i b p q - d e v - l i b p q 5 - p y t h o n - p i p - l i b m y s q l c l i e n t - d e v - l i b x s l t - d e v 12 / 22

13. Syntax Templating You can easily create templates for your configuration

    files that salt can then copy and provide to your hosts. Salt users p i l l a r s to allow for configuration of these files Jinja2 for templating (Easy to learn) Becomes very useful when setting up repetative files for software like Nginx and Supervisor Can template within salt states (mysql/databse.sls) 13 / 22

14. Syntax Templating { % f r o m " m

    y s q l / m a p . j i n j a " i m p o r t m y s q l w i t h c o n t e x t % } i n c l u d e : - m y s q l . p y t h o n { % f o r d a t a b a s e i n s a l t [ ' p i l l a r . g e t ' ] ( ' m y s q l : d a t a b a s e ' , [ ] ) % } { { d a t a b a s e } } : m y s q l _ d a t a b a s e . p r e s e n t : - h o s t : l o c a l h o s t - c o n n e c t i o n _ u s e r : r o o t - c o n n e c t i o n _ p a s s : ' { { s a l t [ ' p i l l a r . g e t ' ] ( ' m y s q l : s e r v e r : r o o t _ p a s s w o r d ' , ' s o m e p a s s ' ) } } ' - c o n n e c t i o n _ c h a r s e t : u t f 8 { % e n d f o r % } 14 / 22

15. Syntax Templating Pillars Pillars allow you to setup variables that

    can then be used using your jinja2 tempaltes in states and in templates. Can setup a list of projects and then create databases from those lists Other uses (pillar/mysql.sls) 15 / 22

16. Syntax Templating Pillars m y s q l : s

    e r v e r : r o o t _ p a s s w o r d : ' s o m e p a s s ' b i n d - a d d r e s s : 1 2 7 . 0 . 0 . 1 p o r t : 3 3 0 6 u s e r : m y s q l # M a n a g e d a t a b a s e s d a t a b a s e : - d e r e k _ s t e g e l m a n _ c o m # M a n a g e u s e r s u s e r : - n a m e : p y _ d e v p a s s w o r d : ' 1 2 3 4 5 6 7 ' h o s t : l o c a l h o s t d a t a b a s e s : - d a t a b a s e : d e r e k _ s t e g e l m a n _ c o m g r a n t s : [ ' a l l p r i v i l e g e s ' ] # O v e r r i d e a n y n a m e s d e f i n e d i n m a p . j i n j a l o o k u p : s e r v e r : m y s q l - s e r v e r c l i e n t : m y s q l - c l i e n t s e r v i c e : m y s q l c o n f i g : / e t c / m y s q l / m y . c n f p y t h o n : p y t h o n - m y s q l d b 16 / 22

17. Syntax Templating Pillars Grains Grains give you details about the

    underlying operating system. Allows you to make different decisions or variables based upon what you are currently running mysql/map.jinja 17 / 22

18. Syntax Templating Pillars Grains { % s e t m

    y s q l = s a l t [ ' g r a i n s . f i l t e r _ b y ' ] ( { ' D e b i a n ' : { ' s e r v e r ' : ' m y s q l - s e r v e r ' , ' c l i e n t ' : ' m y s q l - c l i e n t ' , ' s e r v i c e ' : ' m y s q l ' , ' c o n f i g ' : ' / e t c / m y s q l / m y . c n f ' , ' p y t h o n ' : ' p y t h o n - m y s q l d b ' , } , ' R e d H a t ' : { ' s e r v e r ' : ' m y s q l - s e r v e r ' , ' c l i e n t ' : ' m y s q l ' , ' s e r v i c e ' : ' m y s q l d ' , ' c o n f i g ' : ' / e t c / m y . c n f ' , ' p y t h o n ' : ' M y S Q L - p y t h o n ' , } , ' G e n t o o ' : { ' s e r v e r ' : ' d e v - d b / m y s q l ' , ' c l i e n t ' : ' d e v - d b / m y s q l ' , ' s e r v i c e ' : ' m y s q l ' , ' c o n f i g ' : ' / e t c / m y s q l / m y . c n f ' , ' p y t h o n ' : ' d e v - p y t h o n / m y s q l - p y t h o n ' , } , ' F r e e B S D ' : { ' s e r v e r ' : ' m y s q l 5 6 - s e r v e r ' , ' c l i e n t ' : ' m y s q l 5 6 - c l i e n t ' , ' s e r v i c e ' : ' m y s q l - s e r v e r ' , ' c o n f i g ' : ' / u s r / l o c a l / e t c / m y . c n f ' , ' p y t h o n ' : ' p y m y s q l ' , ' m y s q l _ s i z e ' : ' m e d i u m ' , } , } , m e r g e = s a l t [ ' p i l l a r . g e t ' ] ( ' m y s q l : l o o k u p ' ) ) % } 18 / 22

19. Vagrant Vagrant has built in support for Salt states as

    a provisioning mechanisim. Salt states are run "masterless" Easily testable 19 / 22

20. Vagrant Demo 20 / 22

21. Conclusion Salt is easy to learn and easy to use,

    especially in a Vagrant/Masterless setup. Salt is a good way to manage your infrastructure, but often has lots of bloat for smaller setups. Salt is losing steam in the community in favor of ansible/chef. Good documentation Code and example salt states on https://github.com/pynoco/salt-talk Salt stack docs http://docs.saltstack.com/en/latest/ 21 / 22

22. Thanks/Questions?! Twitter: @derekstegelman Github: dstegelman 22 / 22