$30 off During Our Annual Pro Sale. View Details »

SaltStack 101

Avatar for Marconi Moreto Marconi Moreto
January 28, 2014
Technology
10
1k

SaltStack 101

Presented on Pizzapy (http://pizzapy.ph/)

Avatar for Marconi Moreto

Marconi Moreto

January 28, 2014
Tweet

More Decks by Marconi Moreto

See All by Marconi Moreto
Development Mini Toolbox
Avatar for Marconi Moreto marconi
1
170
Introduction to Docker
Avatar for Marconi Moreto marconi
4
1.3k
Assets Build Automation
Avatar for Marconi Moreto marconi
2
310
Concurrency with Gevent
Avatar for Marconi Moreto marconi
3
410
Django Quickstart
Avatar for Marconi Moreto marconi
1
120

Other Decks in Technology

See All in Technology
AI時代のインシデント対応 〜時代を切り抜ける、組織アーキテクチャ〜
Avatar for Kazuto Kusama jacopen
4
180
インフラ室事例集
Avatar for MIXI ENGINEERS mixi_engineers
PRO
2
150
なぜフロントエンド技術を追うのか?なぜカンファレンスに参加するのか?
Avatar for sakito sakito
6
1.6k
Contract One Engineering Unit 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
9.8k
AIにおける自由の追求
Avatar for Shuji Sado shujisado
1
330
『ソフトウェア』で『リアル』を動かす:クレーンゲームからデータ基盤までの統一アーキテクチャ / アーキテクチャConference 2025
Avatar for GENDA genda
0
2.4k
Design System Documentation Tooling 2025
Avatar for takanorip takanorip
0
710
ローカルLLM基礎知識 / local LLM basics 2025
Avatar for Naoki Kishida kishida
25
11k
レガシーシステム刷新における TypeSpec スキーマ駆動開発のすゝめ
Avatar for karacoro / からころ tsukuha
4
890
"'TSのAPI型安全”の対価は誰が払う?不公平なスキーマ駆動に終止符を打つハイブリッド戦略
Avatar for Hal hal_spidernight
0
210
IaC を使いたくないけどポリシー管理をどうにかしたい
Avatar for kazzpapa3 kazzpapa3
1
200
How native lazy objects will change Doctrine and Symfony forever
Avatar for Benjamin Eberlei beberlei
1
280

Featured

See All Featured
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
162
23k
Building Applications with DynamoDB
Avatar for Matt Wood mza
96
6.8k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
4.9k
Keith and Marios Guide to Fast Websites
Avatar for Keith Pitt keithpitt
413
23k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
66k
Building an army of robots
Avatar for Kyle Neath kneath
306
46k
[RailsConf 2023] Rails as a piece of cake
Avatar for Vladimir Dementyev palkan
58
6.1k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
Avatar for Eileen M. Uchitelle eileencodes
26
3.2k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
10
690
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
527
40k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
697
190k

Transcript

  1. SaltStack 101 Marconi Moreto @marconimjr

  2. What is SaltStack? “Salt delivers a dynamic communication bus for

    infrastructures that can be used for orchestration, remote execution, con!guration management and much more.” ๏ Python ๏ ØMQ

  3. Terminology ๏ Master ๏ Minion ๏ State !les ๏ Grains

    ๏ Pillars

  4. Server Setup ๏ Master Minion ๏ Masterless ๏ Multi Master

  5. Master Minion Master Minion Minion Minion

  6. Masterless Minion Minion Minion Minion Minion

  7. Installing Master $ sudo add-apt-repository ppa:saltstack/salt $ sudo apt-get update

    $ sudo apt-get install salt-master $ sudo service salt-master status salt-master start/running, process 4044 Installing Minion $ sudo add-apt-repository ppa:saltstack/salt $ sudo apt-get update $ sudo apt-get install salt-minion $ sudo service salt-minion status salt-minion start/running, process 4901

  8. Con!gure Master # /etc/salt/master ... - #interface: 0.0.0.0 + interface:

    127.0.0.1 $ sudo service salt-master restart Con!gure Minion # /etc/salt/minion ... - #master: salt + master: 127.0.0.1 state_auto_order: True $ sudo service salt-master restart

  9. Key Management $ sudo salt-key -L Accepted Keys: Unaccepted Keys:

    sandbox Rejected Keys: $ sudo salt-key -a sandbox The following keys are going to be accepted: Unaccepted Keys: sandbox Proceed? [n/Y] Y Key for minion sandbox accepted. $ sudo salt-key -L Accepted Keys: sandbox Unaccepted Keys: Rejected Keys:

  10. Sending Commands 1/2 $ sudo salt sandbox test.ping sandbox: True

    $ sudo salt -G 'os:Ubuntu' service.available salt-minion sandbox: True $ sudo salt '*' cmd.run 'lsb_release -a' sandbox: No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 12.04 LTS Release: 12.04 Codename: precise

  11. Sending Commands 2/2 $ sudo salt '*' cmd.exec_code python 'from

    __future__ import braces' sandbox: File "/tmp/tmplI2lSy", line 1 from __future__ import braces SyntaxError: not a chance $ sudo salt '*' service.available nginx sandbox: False $ sudo salt '*' pkg.install nginx sandbox: … $ sudo salt '*' service.available nginx sandbox: True

  12. Salt States (SLS !les)

  13. Writing State !les 1/7 # /etc/salt/master ... - #file_roots: -

    # base: - # - /srv/salt + file_roots: + base: + - /srv/salt $ sudo service salt-master restart Enable !le server Create top !le # /srv/salt/top.sls base: '*': - webserver

  14. Writing State !les 2/7 # /srv/salt/webserver.sls ... nginx: pkg: -

    installed service: - running - watch: - pkg: nginx - file: default_conf default_conf: file.exists: - name: /etc/nginx/sites-enabled/default Webserver state !le

  15. $ sudo salt ‘*’ state.highstate ... Summary ------------ Succeeded: 3

    Failed: 0 ------------ Total: 3 Writing State !les 3/7 Execute state

  16. Writing State !les 4/7 SLS Rendering # /srv/salt/webserver.sls nginx: pkg:

    - installed service: - running - watch: - pkg: nginx - file: app_conf - require: - file: app_conf - file: symlink_app_conf - cmd: nginx_default_config ...

  17. Writing State !les 5/7 # /srv/salt/webserver.sls ... app_conf: file.managed: -

    name: /etc/nginx/sites-available/app.conf - source: salt://app/nginx.conf - template: jinja - defaults: {% if grains['id'] == 'sandbox' %} is_test: True {% else %} is_test: False {% endif %} ...

  18. Writing State !les 6/7 # /srv/salt/webserver.sls ... symlink_app_conf: file.symlink: -

    name: /etc/nginx/sites-enabled/app.conf - target: /etc/nginx/sites-available/app.conf - force: True - makedirs: True nginx_default_config: cmd.run: - name: rm -f /etc/nginx/sites-enabled/default

  19. Writing State !les 7/7 # /srv/salt/app/nginx.conf server { listen 80

    default; client_max_body_size 4G; keepalive_timeout 5; {% if is_test %} server_name _; {% else %} server_name sandbox.com; {% endif %} location / { {% if is_test %} auth_basic "Restricted"; auth_basic_user_file /var/www/.htpasswd; {% endif %} proxy_pass http://127.0.0.1:8000; proxy_redirect off; proxy_buffering off; } }

  20. It Works!

  21. Pillars

  22. Setup Pillars 1/3 # /etc/salt/master ... - #pillar_roots: - #

    base: - # - /srv/pillar + pillar_roots: + base: + - /srv/pillar $ sudo service salt-master restart Enable !le server Create top !le # /srv/pillar/top.sls base: '*': - settings

  23. Setup Pillars 2/3 # /srv/salt/app/nginx.conf server { ... ssl on;

    ssl_certificate {{ ssl_certificate }}; ssl_certificate_key {{ ssl_certificate_key }}; ... } # /srv/salt/webserver.sls app_conf: file.managed: - name: /etc/nginx/sites-available/app.conf - source: salt://app/nginx.conf - template: jinja - defaults: ... ssl_certificate: {{ pillar['ssl_certificate'] }} ssl_certificate_key: {{ pillar['ssl_certificate_key'] }}

  24. Setup Pillars 3/3 $ sudo salt ‘*’ state.highstate ... Summary

    ------------ Succeeded: 5 Failed: 0 ------------ Total: 5 $ sudo cat /etc/nginx/sites-enabled/app.conf server { ... ssl on; ssl_certificate /etc/nginx/conf.d/sandbox.crt; ssl_certificate_key /etc/nginx/conf.d/sandbox.key; ... }

  25. Don’t want no Master

  26. Going Masterless 1/2 # /etc/salt/minion ... - #file_client: remote +

    file_client: local ... - #file_roots: - # base: - # - /srv/salt + file_roots: + base: + - /srv/salt ... - #pillar_roots: - # base: - # - /srv/pillar + pillar_roots: + base: + - /srv/pillar

  27. Going Masterless 2/2 $ sudo service salt-minion restart Or $

    sudo salt-call --local ...

  28. Thank you Marconi Moreto @marconimjr http://marconijr.com https://github.com/marconi