Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
SaltStack 101
Search
Marconi Moreto
January 28, 2014
Technology
10
1k
SaltStack 101
Presented on Pizzapy (
http://pizzapy.ph/
)
Marconi Moreto
January 28, 2014
Tweet
Share
More Decks by Marconi Moreto
See All by Marconi Moreto
Development Mini Toolbox
marconi
1
140
Introduction to Docker
marconi
4
1.2k
Assets Build Automation
marconi
2
280
Concurrency with Gevent
marconi
3
390
Django Quickstart
marconi
1
91
Other Decks in Technology
See All in Technology
APIファーストなプロダクトマネジメントの実践 〜SaaSus Platformでの例〜 / "Practicing API-First Product Management - An Example with SaaSus Platform
oztick139
0
110
GrafanaMeetup_AmazonManagedGrafanaのアクセス制御機能とマルチテナント環境下でのアクセス制御について
daitak
0
240
ワールドカフェI /チューターを改良する / World Café I and Improving the Tutors
ks91
PRO
0
120
Reducing Cross-Zone Egress at Spotify with Custom gRPC Load Balancing Recap
koh_naga
0
210
推しは推せるときに推せ! プロダクトにフィードバックしていこう
nakasho
0
320
LLM開発・活用の舞台裏@2024.04.25
yushin_n
1
340
競技としてのKaggle、役に立つKaggle
yu4u
3
1.7k
よく聞くけど使ったことないソフトウェアNo.1 KafkaとSnowflake
foursue
4
360
プラットフォームってつくることより計測することが重要なんじゃないかという話 / Platform Engineering Meetup #8
taishin
1
370
FrontDoorとWebAppsを組み合わせた際のリダイレクト処理の注意点
kenichirokimura
1
530
AWSに詳しくない人でも始められるコスト最適化ガイド
yuhta28
1
240
MapLibreとAmazon Location Service
dayjournal
1
160
Featured
See All Featured
What's in a price? How to price your products and services
michaelherold
237
11k
10 Git Anti Patterns You Should be Aware of
lemiorhan
648
58k
Bash Introduction
62gerente
604
210k
Happy Clients
brianwarren
92
6.4k
Making Projects Easy
brettharned
108
5.5k
Side Projects
sachag
451
41k
Rebuilding a faster, lazier Slack
samanthasiow
73
8.2k
GraphQLとの向き合い方2022年版
quramy
32
12k
Product Roadmaps are Hard
iamctodd
44
9.7k
Statistics for Hackers
jakevdp
789
220k
Building a Scalable Design System with Sketch
lauravandoore
456
32k
Fantastic passwords and where to find them - at NoRuKo
philnash
37
2.5k
Transcript
SaltStack 101 Marconi Moreto @marconimjr
What is SaltStack? “Salt delivers a dynamic communication bus for
infrastructures that can be used for orchestration, remote execution, con!guration management and much more.” ๏ Python ๏ ØMQ
Terminology ๏ Master ๏ Minion ๏ State !les ๏ Grains
๏ Pillars
Server Setup ๏ Master Minion ๏ Masterless ๏ Multi Master
Master Minion Master Minion Minion Minion
Masterless Minion Minion Minion Minion Minion
Installing Master $ sudo add-apt-repository ppa:saltstack/salt $ sudo apt-get update
$ sudo apt-get install salt-master $ sudo service salt-master status salt-master start/running, process 4044 Installing Minion $ sudo add-apt-repository ppa:saltstack/salt $ sudo apt-get update $ sudo apt-get install salt-minion $ sudo service salt-minion status salt-minion start/running, process 4901
Con!gure Master # /etc/salt/master ... - #interface: 0.0.0.0 + interface:
127.0.0.1 $ sudo service salt-master restart Con!gure Minion # /etc/salt/minion ... - #master: salt + master: 127.0.0.1 state_auto_order: True $ sudo service salt-master restart
Key Management $ sudo salt-key -L Accepted Keys: Unaccepted Keys:
sandbox Rejected Keys: $ sudo salt-key -a sandbox The following keys are going to be accepted: Unaccepted Keys: sandbox Proceed? [n/Y] Y Key for minion sandbox accepted. $ sudo salt-key -L Accepted Keys: sandbox Unaccepted Keys: Rejected Keys:
Sending Commands 1/2 $ sudo salt sandbox test.ping sandbox: True
$ sudo salt -G 'os:Ubuntu' service.available salt-minion sandbox: True $ sudo salt '*' cmd.run 'lsb_release -a' sandbox: No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 12.04 LTS Release: 12.04 Codename: precise
Sending Commands 2/2 $ sudo salt '*' cmd.exec_code python 'from
__future__ import braces' sandbox: File "/tmp/tmplI2lSy", line 1 from __future__ import braces SyntaxError: not a chance $ sudo salt '*' service.available nginx sandbox: False $ sudo salt '*' pkg.install nginx sandbox: … $ sudo salt '*' service.available nginx sandbox: True
Salt States (SLS !les)
Writing State !les 1/7 # /etc/salt/master ... - #file_roots: -
# base: - # - /srv/salt + file_roots: + base: + - /srv/salt $ sudo service salt-master restart Enable !le server Create top !le # /srv/salt/top.sls base: '*': - webserver
Writing State !les 2/7 # /srv/salt/webserver.sls ... nginx: pkg: -
installed service: - running - watch: - pkg: nginx - file: default_conf default_conf: file.exists: - name: /etc/nginx/sites-enabled/default Webserver state !le
$ sudo salt ‘*’ state.highstate ... Summary ------------ Succeeded: 3
Failed: 0 ------------ Total: 3 Writing State !les 3/7 Execute state
Writing State !les 4/7 SLS Rendering # /srv/salt/webserver.sls nginx: pkg:
- installed service: - running - watch: - pkg: nginx - file: app_conf - require: - file: app_conf - file: symlink_app_conf - cmd: nginx_default_config ...
Writing State !les 5/7 # /srv/salt/webserver.sls ... app_conf: file.managed: -
name: /etc/nginx/sites-available/app.conf - source: salt://app/nginx.conf - template: jinja - defaults: {% if grains['id'] == 'sandbox' %} is_test: True {% else %} is_test: False {% endif %} ...
Writing State !les 6/7 # /srv/salt/webserver.sls ... symlink_app_conf: file.symlink: -
name: /etc/nginx/sites-enabled/app.conf - target: /etc/nginx/sites-available/app.conf - force: True - makedirs: True nginx_default_config: cmd.run: - name: rm -f /etc/nginx/sites-enabled/default
Writing State !les 7/7 # /srv/salt/app/nginx.conf server { listen 80
default; client_max_body_size 4G; keepalive_timeout 5; {% if is_test %} server_name _; {% else %} server_name sandbox.com; {% endif %} location / { {% if is_test %} auth_basic "Restricted"; auth_basic_user_file /var/www/.htpasswd; {% endif %} proxy_pass http://127.0.0.1:8000; proxy_redirect off; proxy_buffering off; } }
It Works!
Pillars
Setup Pillars 1/3 # /etc/salt/master ... - #pillar_roots: - #
base: - # - /srv/pillar + pillar_roots: + base: + - /srv/pillar $ sudo service salt-master restart Enable !le server Create top !le # /srv/pillar/top.sls base: '*': - settings
Setup Pillars 2/3 # /srv/salt/app/nginx.conf server { ... ssl on;
ssl_certificate {{ ssl_certificate }}; ssl_certificate_key {{ ssl_certificate_key }}; ... } # /srv/salt/webserver.sls app_conf: file.managed: - name: /etc/nginx/sites-available/app.conf - source: salt://app/nginx.conf - template: jinja - defaults: ... ssl_certificate: {{ pillar['ssl_certificate'] }} ssl_certificate_key: {{ pillar['ssl_certificate_key'] }}
Setup Pillars 3/3 $ sudo salt ‘*’ state.highstate ... Summary
------------ Succeeded: 5 Failed: 0 ------------ Total: 5 $ sudo cat /etc/nginx/sites-enabled/app.conf server { ... ssl on; ssl_certificate /etc/nginx/conf.d/sandbox.crt; ssl_certificate_key /etc/nginx/conf.d/sandbox.key; ... }
Don’t want no Master
Going Masterless 1/2 # /etc/salt/minion ... - #file_client: remote +
file_client: local ... - #file_roots: - # base: - # - /srv/salt + file_roots: + base: + - /srv/salt ... - #pillar_roots: - # base: - # - /srv/pillar + pillar_roots: + base: + - /srv/pillar
Going Masterless 2/2 $ sudo service salt-minion restart Or $
sudo salt-call --local ...
Thank you Marconi Moreto @marconimjr http://marconijr.com https://github.com/marconi