$30 off During Our Annual Pro Sale. View Details »

Salt - The New Configuration Management Tool

Salt - The New Configuration Management Tool

These are a PDF Printout of the presentation. The PDF Conversion didn't really go all that well, so I highly recommend looking at the HTML5 slides. The HTML5 slides can be found here:

http://www.justincarmony.com/slides/salt-intro/

While there are several popular configuration management tools such as puppet and chef, there is a new kid on the block: Salt. In this presentation we’ll learn about how salt uniquely approaches remote execution and configuration management and just how fast it is. We’ll show you how to get started up in minutes and easily manage multiple servers. We’ll discuss some of the differences between salt and others like puppet and chef. Finally, time permitting, we’ll discuss how to write custom modules to extend salt much easier than others.

So come see why Salt is one of the fastest growing projects on GitHub, and why small startups and even large corporations are making the switch to salt.

Justin Carmony

June 23, 2013
Tweet

More Decks by Justin Carmony

Other Decks in Technology

Transcript

  1. INTRO TO SALTSTACK
    THE NEW CONFIGURATION MANAGEMENT SYSTEM
    Presented by /
    Justin Carmony @JustinCarmony

    View Slide

  2. Slides split up into multiple sections.
    Slides both vertical and horizontal.

    View Slide

  3. Test Vertical Slide

    View Slide

  4. ABOUT PRESENTER
    Director of Development
    @ Deseret Digital Media
    President of Utah PHP Usergroup
    8+ years of professional web development
    Goofy dad

    View Slide

  5. View Slide

  6. View Slide

  7. ABOUT THIS PRESENTATION
    Slides & code examples will be posted online
    Feel free to ask on-topic questions
    We'll have time for questions at the end
    Feel free to talk and/or contact me
    afterward the presentation

    View Slide

  8. OUR GOAL
    Understand Some Server Challenges Facing Teams
    Basic introduction to Salt about what it does
    Live demo on how it can help solve common problems
    Get you excited to go try out & learn more about salt

    View Slide

  9. LETS START
    WITH A STORY

    View Slide

  10. YOU'RE A HAPPY DEVELOPER

    View Slide

  11. YOU'RE PART OF A

    View Slide

  12. SMALL TEAM OF DEVS

    View Slide

  13. YOU HAVE A NEW WEBSITE

    View Slide

  14. ON A SMALL CLOUD SERVER

    View Slide

  15. YOU START GETTING LOTS OF USERS ...

    View Slide

  16. ... AND YOU NEED TO QUICKLY SCALE.

    View Slide

  17. YOU ASK YOUR BOSS TO HIRE A SYS ADMIN.
    "WE DON'T HAVE THE BUDGET!"

    View Slide

  18. SO YOUR TEAM DECIDES TO ASK:

    View Slide

  19. ... AND YOU START DEPLOYING MORE SERVERS ...

    View Slide

  20. ... AND SOME MORE ...

    View Slide

  21. ... AND MAYBE JUST A FEW MORE ...

    View Slide

  22. UNTIL IT IS A GIANT MESS!

    View Slide

  23. SCENARIO: JOHN GETS FIRED

    View Slide

  24. YOU HAVE A DOZEN SERVERS
    HE HAS SSH KEYS ON HALF OF THEM.

    View Slide

  25. HOW ARE YOU GOING TO ENSURE YOU'VE
    REVOKED HIS ACCESS EVERYWHERE?

    View Slide

  26. THE PROBLEM:
    AD-HOC SERVER MANAGEMENT

    View Slide

  27. THE CLOUD
    Doesn't Require a Sys Admin
    Simple to deploy many servers
    But complex to solve large scaling issues
    Long-term management requires
    fore-thought & planning

    View Slide

  28. THE DEVELOPER
    Can relatively easily setup a production environment
    Typically doesn't know how to manage many servers long-
    term
    Busy programming, last priority is "sysadmin stuff"

    View Slide

  29. THE BUSINESS
    Hard to justify a "Sys Admin"
    when devs can do "okay" job.
    Usually hit scaling problems
    before profitability

    View Slide

  30. THE SOLUTION:
    DEVELOPERS NEED TO THINK LIKE OPS

    View Slide

  31. DEVOPS
    We've been putting more dev into ops,
    but we need to put more ops into dev.
    Ops is a state of mind.
    — Theo Schlossnagle
    CEO, OmniTI

    View Slide

  32. NEED TO APPLY BEST PRACTICES
    FOR SERVER ENVIRONMENTS
    Source Control for Configuration
    Ensure Servers are Configured The Same
    Automate Upgrades, Changes, & new Deployments

    View Slide

  33. INTRODUCING
    CONFIGURATION MANAGEMENT

    View Slide

  34. WHAT CAN CONFIGURATION
    MANAGEMENT DO?
    Manage Packages
    Manage Services
    Manage Configuration
    Manage Files
    Manage Users

    View Slide

  35. POPULAR TOOLS
    Puppet
    Chef
    CFEngine

    View Slide

  36. SO WHAT IS SALT?

    View Slide

  37. WHAT IS SALT
    SaltStack takes a new approach to infrastructure
    management by developing software that is easy enough to
    get running in minutes, scalable enough to manage tens of
    thousands of servers, and fast enough to communicate with
    them in seconds. SaltStack delivers a dynamic infrastructure
    communication bus used for orchestration, remote execution,
    configuration management and much more.
    — About SaltStack, SaltStack.org

    View Slide

  38. A DIFFERENT APPROACH
    Salt is a simple system that focuses on two things:
    Scalable, Fast Communication (Flow)
    Quickly get information / data from a server (State)

    View Slide

  39. SALT BASICS
    Minions connect to Master via ZeroMQ
    Minions authenticate with master via AES (pub/priv) keys
    Master can send module commands to minions to execute
    Execution is in parallel
    Modules are just python modules

    View Slide

  40. WHAT DOES THIS GIVE US?
    Extremely Scalable (~10k Minions per Server)
    Great Flexibility (just write a python module for new
    functionality)
    Simple, Avoids Complexity
    Great Building Blocks for Automation

    View Slide

  41. BUILT ON TOP OF SALT
    Configuration Management
    Remote Execution

    View Slide

  42. NEW / UPCOMING FUNCTIONALITY
    VM / Cloud Management
    Monitoring

    View Slide

  43. 100% OPEN SOURCE
    Everything is open source! Apache License
    No "watered-down" community edition
    8th Most Unique Contributors on GitHub in 2012
    Extremely Open & Friendly Community

    View Slide

  44. WHO USES SALT

    View Slide

  45. INSTALLING SALT
    ITS SO EASY EVEN I CAN DO IT

    View Slide

  46. BASIC SALT SETUP

    View Slide

  47. SETTING UP THE MASTER
    Install salt-master via Salt Bootstrap, Pip, Apt, Yum, Source,
    etc
    Edit Configuration (i.e. /etc/salt/master)
    File Roots
    Pillar Roots
    Restart salt-master (i.e. /etc/init.d/salt-master restart)
    f
    i
    l
    e
    _
    r
    o
    o
    t
    s
    :
    b
    a
    s
    e
    :
    - /
    s
    r
    v
    /
    s
    a
    l
    t
    p
    i
    l
    l
    a
    r
    _
    r
    o
    o
    t
    s
    :
    b
    a
    s
    e
    :
    - /
    s
    r
    v
    /
    p
    i
    l
    l
    a
    r

    View Slide

  48. View Slide

  49. SETTING UP THE MINIONS

    View Slide

  50. Install salt-minion via Salt Bootstrap, Pip, Apt, Yum, Source,
    etc
    Set FQDN on the server (OR set ID Manually in Config)
    Edit Configuration (i.e. /etc/salt/minion)
    Set Master Server
    Pillar Roots
    Restart Minion
    m
    a
    s
    t
    e
    r
    : m
    a
    s
    t
    e
    r
    .
    s
    a
    l
    t
    d
    e
    m
    o
    .
    c
    o
    m
    p
    i
    l
    l
    a
    r
    _
    r
    o
    o
    t
    s
    :
    b
    a
    s
    e
    :
    - /
    s
    r
    v
    /
    p
    i
    l
    l
    a
    r

    View Slide

  51. VIEW MINION KEYS
    On the salt master, list the current keys
    u
    s
    e
    r
    @
    s
    a
    l
    t
    -
    m
    a
    s
    t
    e
    r
    :
    ~
    $ s
    u
    d
    o s
    a
    l
    t
    -
    k
    e
    y -
    L
    A
    c
    c
    e
    p
    t
    e
    d K
    e
    y
    s
    :
    U
    n
    a
    c
    c
    e
    p
    t
    e
    d K
    e
    y
    s
    :
    w
    e
    b
    1
    .
    s
    a
    l
    t
    -
    d
    e
    m
    o
    .
    c
    o
    m
    R
    e
    j
    e
    c
    t
    e
    d K
    e
    y
    s
    :

    View Slide

  52. ACCEPT MINION KEYS
    Accept the key (view it before hand to make sure it's legit)
    u
    s
    e
    r
    @
    s
    a
    l
    t
    -
    m
    a
    s
    t
    e
    r
    :
    ~
    $ s
    u
    d
    o s
    a
    l
    t
    -
    k
    e
    y -
    a w
    e
    b
    1
    .
    s
    a
    l
    t
    -
    d
    e
    m
    o
    .
    c
    o
    m
    A
    c
    c
    e
    p
    t
    e
    d K
    e
    y
    s
    :
    w
    e
    b
    1
    .
    s
    a
    l
    t
    -
    d
    e
    m
    o
    .
    c
    o
    m
    U
    n
    a
    c
    c
    e
    p
    t
    e
    d K
    e
    y
    s
    :
    R
    e
    j
    e
    c
    t
    e
    d K
    e
    y
    s
    :

    View Slide

  53. THAT'S IT! WE'RE READY TO ROCK & ROLL.

    View Slide

  54. REMOTE EXECUTION
    "DO MY BIDING, MINIONS!"

    View Slide

  55. TARGETING MINIONS
    Use "salt" command on master to communicate to minions
    Example: Test Ping to All Minions
    u
    s
    e
    r
    @
    s
    a
    l
    t
    -
    m
    a
    s
    t
    e
    r
    :
    ~
    $ s
    u
    d
    o s
    a
    l
    t '
    *
    ' t
    e
    s
    t
    .
    p
    i
    n
    g
    w
    e
    b
    1
    .
    s
    a
    l
    t
    d
    e
    m
    o
    .
    c
    o
    m
    :
    T
    r
    u
    e

    View Slide

  56. TARGETING TYPES OF MINIONS
    s
    a
    l
    t '
    d
    b
    *
    ' t
    e
    s
    t
    .
    p
    i
    n
    g
    s
    a
    l
    t -
    L w
    e
    b
    1
    .
    s
    a
    l
    t
    d
    e
    m
    o
    .
    c
    o
    m
    ,
    d
    b
    2
    .
    s
    a
    l
    t
    d
    e
    m
    o
    .
    c
    o
    m t
    e
    s
    t
    .
    p
    i
    n
    g
    s
    a
    l
    t -
    G '
    o
    s
    :
    U
    b
    u
    n
    t
    u
    ' t
    e
    s
    t
    .
    p
    i
    n
    g
    s
    a
    l
    t -
    C '
    G
    @
    o
    s
    :
    D
    e
    b
    i
    a
    n a
    n
    d w
    e
    b
    *
    ' t
    e
    s
    t
    .
    p
    i
    n
    g

    View Slide

  57. EXECUTE COMMAND ON SERVERS
    Example: Restart Apache
    u
    s
    e
    r
    @
    m
    a
    s
    t
    e
    r
    :
    ~
    $ s
    u
    d
    o s
    a
    l
    t '
    w
    e
    b
    *
    ' c
    m
    d
    .
    r
    u
    n "
    /
    e
    t
    c
    /
    i
    n
    i
    t
    .
    d
    /
    a
    p
    a
    c
    h
    e
    2 r
    e
    s
    t
    a
    r
    t
    "

    View Slide

  58. EXECUTE MODULES ON SERVERS
    Example: Restart Apache
    u
    s
    e
    r
    @
    s
    a
    l
    t
    -
    m
    a
    s
    t
    e
    r
    :
    ~
    $ s
    u
    d
    o s
    a
    l
    t '
    w
    e
    b
    *
    ' a
    p
    a
    c
    h
    e
    .
    s
    i
    g
    n
    a
    l r
    e
    s
    t
    a
    r
    t

    View Slide

  59. LOTS OF MODULES
    Here are just some of them:
    apache, apt, cron, disk, file, mount, mysql, network, puppet,
    service, solr, state, test, useradd, win_disk, win_service,
    win_useradd

    View Slide

  60. CONFIGURATION
    MANAGEMENT
    KEEPING YOUR SERVERS CONFIGURED THE SAME

    View Slide

  61. OVERVIEW
    Define a State Tree
    Assign Parts of State Tree to Servers
    Minion will download it's state definition from the tree
    Minion will compare its current state vs state tree
    Minion will make changes to match state tree & report
    back

    View Slide

  62. WHAT IS STATE?
    Example using English:
    State Tree: Apache is installed & running
    Server Minion: Apache is not installed nor running

    View Slide

  63. TOP.SLS FILE
    Defines which servers have which parts of the state tree
    applied to them.
    Example top.sls file:
    b
    a
    s
    e
    :
    '
    *
    '
    :
    - c
    o
    r
    e
    .
    t
    o
    o
    l
    s
    - c
    o
    r
    e
    .
    u
    s
    e
    r
    s
    '
    w
    e
    b
    1
    .
    s
    a
    l
    t
    d
    e
    m
    o
    .
    c
    o
    m
    '
    :
    - a
    p
    a
    c
    h
    e
    2
    - p
    h
    p
    5

    View Slide

  64. DIFFERENT ENVIRONMENTS
    b
    a
    s
    e
    :
    '
    *
    '
    :
    # S
    t
    u
    f
    f f
    o
    r a
    l
    l s
    e
    r
    v
    e
    r
    s
    d
    e
    v
    :
    '
    *
    '
    :
    # s
    t
    u
    f
    f f
    o
    r d
    e
    v s
    t
    a
    g
    e
    s
    t
    a
    g
    e
    :
    '
    *
    '
    :
    # s
    t
    u
    f
    f f
    o
    r s
    t
    a
    b
    l
    e s
    t
    a
    g
    e
    p
    r
    o
    d
    :
    '
    *
    '
    :
    # s
    t
    u
    f
    f f
    o
    r p
    r
    o
    d s
    t
    a
    g
    e

    View Slide

  65. TREE MAPS TO FILES
    Base is your file_roots
    apache2 => apache2/init.sls
    core => core/init.sls
    core.tools => core/tools.sls

    View Slide

  66. ANATOMY OF A STATE DECLARATION
    Example of a user definition
    j
    u
    s
    t
    i
    n
    : #
    # I
    D
    u
    s
    e
    r
    : #
    # T
    y
    p
    e
    - p
    r
    e
    s
    e
    n
    t #
    # F
    u
    n
    c
    t
    i
    o
    n
    - s
    h
    e
    l
    l
    : /
    b
    i
    n
    /
    b
    a
    s
    h
    - h
    o
    m
    e
    : /
    h
    o
    m
    e
    /
    j
    u
    s
    t
    i
    n
    - p
    a
    s
    s
    w
    o
    r
    d
    : $
    1
    $
    M
    G
    4
    P
    b
    s
    H
    9
    $
    .
    w
    6
    8
    M
    3
    y
    d
    /
    k
    U
    m
    E
    S
    w
    q
    3
    c
    R
    M
    9
    1

    View Slide

  67. LETS INSTALL & MANAGE APACHE2
    a
    p
    a
    c
    h
    e
    2
    :
    p
    k
    g
    :
    - i
    n
    s
    t
    a
    l
    l
    e
    d
    s
    e
    r
    v
    i
    c
    e
    :
    - r
    u
    n
    n
    i
    n
    g
    /
    e
    t
    c
    /
    a
    p
    a
    c
    h
    e
    2
    /
    a
    p
    a
    c
    h
    e
    2
    .
    c
    o
    n
    f
    :
    f
    i
    l
    e
    :
    - m
    a
    n
    a
    g
    e
    d
    - s
    o
    u
    r
    c
    e
    : s
    a
    l
    t
    :
    /
    /
    f
    i
    l
    e
    s
    /
    e
    t
    c
    /
    a
    p
    a
    c
    h
    e
    2
    /
    a
    p
    a
    c
    h
    e
    2
    .
    c
    o
    n
    f
    - w
    a
    t
    c
    h
    _
    i
    n
    :
    - s
    e
    r
    v
    i
    c
    e
    : a
    p
    a
    c
    h
    e
    2

    View Slide

  68. JINJA TEMPLATES
    a
    p
    a
    c
    h
    e
    :
    p
    k
    g
    .
    i
    n
    s
    t
    a
    l
    l
    e
    d
    :
    {
    % i
    f g
    r
    a
    i
    n
    s
    [
    '
    o
    s
    '
    ] =
    = '
    R
    e
    d
    H
    a
    t
    ' %
    }
    - n
    a
    m
    e
    : h
    t
    t
    p
    d
    {
    % e
    l
    i
    f g
    r
    a
    i
    n
    s
    [
    '
    o
    s
    '
    ] =
    = '
    U
    b
    u
    n
    t
    u
    ' %
    }
    - n
    a
    m
    e
    : a
    p
    a
    c
    h
    e
    2
    {
    % e
    n
    d
    i
    f %
    }

    View Slide

  69. APPLYING THE HIGH STATE
    You just call the state.highstate function
    s
    a
    l
    t '
    *
    ' s
    t
    a
    t
    e
    .
    h
    i
    g
    h
    s
    t
    a
    t
    e

    View Slide

  70. View Slide

  71. RANDOM TIPS FOR
    USING SALT
    COMMON PITFALLS WHILE GETTING STARTED WITH SALT

    View Slide

  72. DEBUGGING SALT
    Run things in the foreground:
    # R
    u
    n m
    a
    s
    t
    e
    r i
    n f
    o
    r
    e
    g
    r
    o
    u
    n
    d
    /
    e
    t
    c
    /
    i
    n
    i
    t
    .
    d
    /
    s
    a
    l
    t
    -
    m
    a
    s
    t
    e
    r s
    t
    o
    p
    s
    a
    l
    t
    -
    m
    a
    s
    t
    e
    r -
    L
    # R
    u
    n m
    i
    n
    i
    o
    n i
    n f
    o
    r
    e
    g
    r
    o
    u
    n
    d
    /
    e
    t
    c
    /
    i
    n
    i
    t
    .
    d
    /
    s
    a
    l
    t
    -
    m
    i
    n
    i
    o
    n s
    t
    o
    p
    s
    a
    l
    t
    -
    m
    i
    n
    i
    o
    n -
    L

    View Slide

  73. DEBUGGING SALT
    Run things manualy from the minion
    s
    a
    l
    t
    -
    c
    a
    l
    l -
    l d
    e
    b
    u
    g s
    t
    a
    t
    e
    .
    h
    i
    g
    h
    s
    t
    a
    t
    e

    View Slide

  74. OTHER TIDBITS
    yaml chokes on tabs, make sure you use spaces
    I use sublime text configured to always use spaces
    Use 127.0.1.1 in hosts file to set FQDN
    Test what is the FQDN with:
    p
    y
    t
    h
    o
    n -
    c '
    i
    m
    p
    o
    r
    t
    s
    o
    c
    k
    e
    t
    ;
    p
    r
    i
    n
    t
    (
    s
    o
    c
    k
    e
    t
    .
    g
    e
    t
    f
    q
    d
    n
    (
    )
    )
    ;
    '

    View Slide

  75. YOU'VE BEEN INTRODUCED TO SALT
    NOW WHAT?

    View Slide

  76. CHECKOUT MY SALT AWS DEMO
    Uses Vagrant & AWS to setup a test 5 server environment.
    https://github.com/JustinCarmonyDotCom/salt-demo

    View Slide

  77. CHECKOUT SALT'S DOCUMENTATION &
    TUTORIALS
    Salt has some (and getting better all the
    time).
    very good docs

    View Slide

  78. JOIN THE SUPER FRIENDLY IRC CHANNEL
    irc.freenode.net #salt

    View Slide

  79. TRY IT OUT!
    Blog/tweet/discuss your experience

    View Slide

  80. IT'S OPEN SOURCE, GET INVOLVED
    Very Pull Request friendly
    (They even have accepted PR's from me!)

    View Slide