Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Getting Started with Salt (PyCon 2014)

Peter Baumgartner
April 11, 2014
Technology
6
1.1k

Getting Started with Salt (PyCon 2014)

Salt is the new kid on the block in the configuration management space. Unlike the Ruby-based Chef and Puppet, Salt is written in Python, making it easy to debug and extend for Python developers.

This talk introduces Salt as well as exploring some of the things that make it unique.

Peter Baumgartner

April 11, 2014
Tweet

More Decks by Peter Baumgartner

See All by Peter Baumgartner
Just Enough Ops for Developers
ipmb
0
91
Prepping Your Project for Production
ipmb
2
700
Containerless Django
ipmb
5
1.3k
Django Deployments Done Right
ipmb
6
1.3k
High Performance Django: From runserver to Reddit hugs
ipmb
1
1.2k
Monitoring Infrastructure with SaltStack
ipmb
16
9.9k
Getting Started with Salt
ipmb
11
1.6k

Other Decks in Technology

See All in Technology
サーバーレスアーキテクチャを使って、小さく作って大きくする取り組み
daikimori
0
990
サーバーレス技術とDevSecOps: 安全かつ迅速なデプロイメントの新時代
gl_tsukasa
1
540
"SMB vs. EP" プロダクト特性の違いから考える「何をつくる?つくらない?」
miyashino
0
360
Autify Company Deck
autifyhq
1
25k
Dive Into The Cutting-edge LINE API Innovations
linedevth
1
140
仲間から嫌われがちだった私が、アジャイルに出会い、仲間から慕われるようになるまでの道のり / I was often disliked by my peers, but then I met Agile, How I came to be admired by my peers
pauli
0
560
AWS 初心者が取り組んだセキュリティ強化の2年間とこれから/Two years of security enhancement efforts by AWS beginners and the future
yayoi_dd
0
230
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
0
410
War for talent 時代の、古くて新しい仲間集めの形_~weak ties と strong tiesの力~
sadonosake
0
290
UIコンポーネントライブラリをうまく使うためにできること / components-with-designer
mottox2
4
2.2k
MySQLで処理するGIS 〜地球が丸いことを覚えたMySQL〜 Ver. 3?/mysql_gis_sphere
kochizufan
0
130
アジャイル開発と時代の流れに伴うサーバレスアーキテクチャの変化
yoshiitaka
5
3k

Featured

See All Featured
Fontdeck: Realign not Redesign
paulrobertlloyd
74
4.6k
Bootstrapping a Software Product
garrettdimon
PRO
299
110k
BBQ
matthewcrist
76
8.4k
Happy Clients
brianwarren
92
6.1k
Teambox: Starting and Learning
jrom
125
8.1k
The Power of CSS Pseudo Elements
geoffreycrofte
56
4.6k
jQuery: Nuts, Bolts and Bling
dougneiner
57
6.8k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
112
17k
The Cult of Friendly URLs
andyhume
71
5.3k
Faster Mobile Websites
deanohume
296
29k
Building Your Own Lightsaber
phodgson
97
5.2k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k

Transcript

  1. Getting Started with Salt.

    View Slide

  2. Peter Baumgartner
    Founder of Lincoln Loop

    View Slide

  3. What is SaltStack?

    View Slide

  4. “SaltStack delivers a dynamic
    infrastructure communication bus
    used for orchestration, remote
    execution, configuration
    management and much more.”

    View Slide

  5. SaltStack is:
    Configuration Management

    View Slide

  6. Configuration Management

    View Slide

  7. Before Configuration Management
    root@server:~# ls /etc/nginx/nginx*
    /etc/nginx/nginx.conf

    View Slide

  8. Before Configuration Management
    root@server:~# ls /etc/nginx/nginx*
    /etc/nginx/nginx.conf
    /etc/nginx/nginx.conf.OLD

    View Slide

  9. Before Configuration Management
    root@server:~# ls /etc/nginx/nginx*
    /etc/nginx/nginx.conf
    /etc/nginx/nginx.conf.OLD
    /etc/nginx/nginx.conf.BAK

    View Slide

  10. Before Configuration Management
    root@server:~# ls /etc/nginx/nginx*
    /etc/nginx/nginx.conf
    /etc/nginx/nginx.conf.OLD
    /etc/nginx/nginx.conf.BAK
    /etc/nginx/nginx.conf.20130617.bak

    View Slide

  11. View Slide

  12. After Configuration Management

    View Slide

  13. Getting Started with Salt.
    Version control your servers
    Self-documenting
    Repeatable
    Reusable
    Benefits

    View Slide

  14. SaltStack is:
    Remote Execution

    View Slide

  15. Remote Execution
    Run command(s)
    against remote server(s)
    !
    e.g. Fabric, Capistrano, Func

    View Slide

  16. Remote Execution Examples
    Deploy your code
    Run one-off scripts
    Critical package updates
    System monitoring

    View Slide

  17. Why Choose SaltStack?

    View Slide

  18. Familiar Tools
    Python
    YAML
    Jinja2

    View Slide

  19. Community
    Great Documentation
    (>800 pages)
    !
    Insanely responsive
    (IRC, GitHub)
    !
    Backed by for-profit org

    View Slide

  20. Why Choose SaltStack?

    View Slide

  21. Why Not Choose SaltStack?

    View Slide

  22. Caution
    Young Project
    Moves Fast
    Not SSH 

    (SSH support is “alpha”)

    View Slide

  23. Let’s Learn Salt!

    View Slide

  24. First...
    a vocabulary lesson

    View Slide

  25. Everything is Terrible
    Chef: knife, recipe, cookbook
    Puppet: terminus, metaparameters
    Ansible: playbook, inventory

    View Slide

  26. Everything is Terrible
    Chef: knife, recipe, cookbook
    Puppet: terminus, metaparameters
    Ansible: playbook, inventory
    !
    Salt might be the worst offender…

    View Slide

  27. Mas•ter
    ˈmastər (noun)
    Server that manages the whole stack
    (auth, states, pillars)

    View Slide

  28. Min•ion
    ˈminyən (noun)
    A server controlled by the master

    View Slide

  29. State
    stāt (noun)
    A declarative representation of
    system state

    (how you want the minion configured)

    View Slide

  30. Grain
    grān (noun)
    Static information about a minion
    (RAM, CPUs, OS, etc.)

    View Slide

  31. Pil•lar
    ˈpilər (noun)
    Variables for one or more minions 

    (ports, file paths, configuration parameters)

    View Slide

  32. View Slide

  33. Top File
    täp fīl (noun)
    Matches states or pillars to minions

    View Slide

  34. High•state
    hīstāt (noun)
    All the state data for a minion

    View Slide

  35. View Slide

  36. Let’s Really Get Started

    View Slide

  37. Installation Options
    Binaries for most distros
    Pip install (for bleeding edge)
    http://bootstrap.saltstack.org

    (it probably does what you want)

    View Slide

  38. Master Server
    root@master:~# apt-get install salt-master
    ...or run master-less

    View Slide

  39. Minion
    # apt-get install salt-minion
    # echo "salt 10.10.1.1" >> /etc/hosts
    # salt-key -a minion.lincolnloop.com
    Accept the minion key on the master
    Point minion to the master

    View Slide

  40. Write Your First
    State

    View Slide

  41. Install a Package
    nginx:
    pkg.installed
    /srv/salt/mystate.sls

    View Slide

  42. Create your
    Top File

    View Slide

  43. base:
    myserver:
    - mystate
    /srv/salt/top.sls 

    The Top File

    View Slide

  44. Highstate!

    View Slide

  45. # salt 'myserver' state.highstate
    # salt-call state.highstate
    ...or pull from the minion
    Push from the master
    Highstate
    ...or master-less
    # salt-call state.highstate --local

    View Slide

  46. [INFO ] Loading fresh modules for state activity
    [INFO ] Running state [nginx] at time 13:12:03.314726
    [INFO ] Executing state pkg.installed for nginx
    [INFO ] Executing command "dpkg-query --showformat='${Status} ${Package} $
    {Version} ${Architecture}\n' -W" in directory '/home/pete'
    [INFO ] Executing command 'grep-available -F Provides -s Package,Provides -e "^.+
    $"' in directory '/home/pete'
    [INFO ] Executing command 'apt-get -q update' in directory '/home/pete'
    [INFO ] Executing command ['apt-get', '-q', '-y', '-o', 'DPkg::Options::=--force-
    confold', '-o', 'DPkg::Options::=--force-confdef', 'install', 'nginx'] in directory
    '/home/pete'
    [INFO ] Executing command "dpkg-query --showformat='${Status} ${Package} $
    {Version} ${Architecture}\n' -W" in directory '/home/pete'
    [INFO ] In stalled Packages:
    libgd3 changed from absent to 2.1.0-2
    libxpm4 changed from absent to 1:3.5.10-1
    ttf-dejavu-core changed from absent to 2.33+svn2514-3ubuntu1
    nginx-common changed from absent to 1.4.1-3ubuntu1.3
    libvpx1 changed from absent to 1.2.0-2
    fonts-dejavu-core changed from absent to 2.33+svn2514-3ubuntu1
    nginx-full changed from absent to 1.4.1-3ubuntu1.3
    fontconfig-config changed from absent to 2.10.93-0ubuntu1
    libxslt1.1 changed from absent to 1.1.28-2
    libtiff5 changed from absent to 4.0.2-4ubuntu3
    libjpeg-turbo8 changed from absent to 1.3.0-0ubuntu1.1
    libjbig0 changed from absent to 2.0-2ubuntu1
    nginx changed from absent to 1.4.1-3ubuntu1.3
    libjpeg8 changed from absent to 8c-2ubuntu8
    libfontconfig1 changed from absent to 2.10.93-0ubuntu1
    !
    [INFO ] Loading fresh modules for state activity
    [INFO ] Completed state [nginx] at time 13:13:32.491024

    View Slide

  47. local:
    ----------
    ID: nginx
    Function: pkg.installed
    Result: True
    Comment: The following packages were installed/updated: nginx.
    Changes:
    ----------
    fontconfig-config:
    ----------
    new:
    2.10.93-0ubuntu1
    old:
    fonts-dejavu-core:
    ----------
    new:
    2.33+svn2514-3ubuntu1
    old:
    libfontconfig1:
    ----------
    new:
    2.10.93-0ubuntu1
    old:
    libgd3:
    ----------
    new:
    2.1.0-2
    old:
    libjbig0:
    ----------
    new:
    2.0-2ubuntu1
    old:

    View Slide

  48. libjpeg-turbo8:
    ----------
    new:
    1.3.0-0ubuntu1.1
    old:
    libjpeg8:
    ----------
    new:
    8c-2ubuntu8
    old:
    libtiff5:
    ----------
    new:
    4.0.2-4ubuntu3
    old:
    libvpx1:
    ----------
    new:
    1.2.0-2
    old:
    libxpm4:
    ----------
    new:
    1:3.5.10-1
    old:
    libxslt1.1:
    ----------
    new:
    1.1.28-2
    old:

    View Slide

  49. nginx:
    ----------
    new:
    1.4.1-3ubuntu1.3
    old:
    nginx-common:
    ----------
    new:
    1.4.1-3ubuntu1.3
    old:
    nginx-full:
    ----------
    new:
    1.4.1-3ubuntu1.3
    old:
    ttf-dejavu-core:
    ----------
    new:
    2.33+svn2514-3ubuntu1
    old:
    !
    Summary
    ------------
    Succeeded: 1
    Failed: 0
    ------------
    Total: 1

    View Slide

  50. View Slide

  51. View Slide

  52. Leveling Up Your
    States

    View Slide

  53. Create a User
    pete:
    user.present:
    - shell: /bin/bash
    - home: /home/pete
    - groups:
    - sudo

    View Slide

  54. Add an SSH Key
    pete:
    user.present:
    - shell: /bin/bash
    - home: /home/pete
    - groups:
    - sudo
    ssh_auth.present:
    - user: pete
    - source: salt://pete.pub
    - require:
    - user: pete

    View Slide

  55. Checkout a Repo
    [email protected]/ipmb/mysite.git:
    git.latest:
    - rev: develop
    - target: /usr/local/src/mysite
    - require:
    - pkg: git-core

    View Slide

  56. Run Arbitrary Commands
    python manage.py syncdb --noinput:
    cmd.run:
    - cwd: /usr/local/src/mysite
    - require:
    - git: [email protected]/ipmb/mysite.git

    View Slide

  57. Built-in States
    Over 50 built-in
    pip, virtualenv
    mysql, postgres
    services, files, cron
    ...or build your own (in Python)

    View Slide

  58. Using
    Pillars

    View Slide

  59. Pil•lar
    ˈpilər (noun)
    Variables for one or more minions 

    (ports, file paths, configuration parameters)

    View Slide

  60. mysite:
    - branch: develop
    /srv/pillar/mysite.sls
    Example Pillar

    View Slide

  61. base:
    'myserver':
    - mysite
    /srv/pillar/top.sls
    Pillar Top File

    View Slide

  62. base:
    '*':
    - default
    '*.lincolnloop.com':
    - lincoln_loop
    'os:Ubuntu':
    - match: grain
    - pkgs.ubuntu
    /srv/pillar/top.sls
    Advanced Pillar Top File

    View Slide

  63. [email protected]/ipmb/mysite.git:
    git.latest:
    - rev: {{ pillar.mysite.branch }}
    - target: /usr/local/src/mysite
    - require:
    - pkg: git-core
    Adding Pillars to a State

    View Slide

  64. [email protected]/ipmb/mysite.git:
    git.latest:
    - rev: {{ pillar.mysite.get('branch', 'master') }}
    - target: /usr/local/src/mysite
    - require:
    - pkg: git-core
    Setting a Default

    View Slide

  65. redis_maxmemory: {{ (grains.mem_total * 0.5)|int }}mb
    Using Grains in a Pillar

    View Slide

  66. /etc/redis.conf:
    file.managed:
    - template: jinja
    - source: salt://redis_server/redis.conf.jinja
    - defaults:
    maxmemory: {{ pillar.redis_maxmemory }}
    Using Pillars in Files

    View Slide

  67. daemonize yes
    pidfile /var/run/redis.pid
    port 6379
    bind 127.0.0.1
    maxmemory {{ maxmemory }}
    ...
    Using Pillars in Files
    /srv/salt/redis_server/redis.conf.jinja


    View Slide

  68. Advanced Topics
    Salt-cloud
    Custom Modules
    Scheduler
    Renderers
    Returners
    Reactor

    View Slide

  69. Tips & Tricks

    View Slide

  70. Tips & Tricks
    output_mode: mixed

    View Slide

  71. Tips & Tricks
    Jinja2 is powerful
    Don't go nuts

    View Slide

  72. Tips & Tricks
    Update often
    ...and review the change log

    View Slide

  73. Tips & Tricks
    Test before you deploy
    Make friends with Vagrant or Docker

    View Slide

  74. Thank you!
    Questions?
    !
    Peter Baumgartner
    http://lincolnloop.com
    @ipmb

    View Slide