Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
SaltStack 101
Search
Marconi Moreto
January 28, 2014
Technology
10
1k
SaltStack 101
Presented on Pizzapy (
http://pizzapy.ph/
)
Marconi Moreto
January 28, 2014
Tweet
Share
More Decks by Marconi Moreto
See All by Marconi Moreto
Development Mini Toolbox
marconi
1
170
Introduction to Docker
marconi
4
1.3k
Assets Build Automation
marconi
2
300
Concurrency with Gevent
marconi
3
400
Django Quickstart
marconi
1
110
Other Decks in Technology
See All in Technology
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
12k
上長や社内ステークホルダーに対する解像度を上げて、より良い補完関係を築く方法 / How-to-increase-resolution-and-build-better-complementary-relationships-with-your-bosses-and-internal-stakeholders
madoxten
1
240
大手企業のAIツール導入の壁を越えて:サイバーエージェントのCursor活用戦略
gunta
34
17k
うちの会社の評判は?SNSの投稿分析にAIを使ってみた
doumae
0
610
CloudBruteによる外部からのS3バケットの探索・公開の発見について / 20250605 Kumiko Henmi
shift_evolve
3
360
Kubernetesで作るAIプラットフォーム
oracle4engineer
PRO
2
180
CSSの最新トレンド Ver.2025
tonkotsuboy_com
11
3.9k
入門 ESlint Typegen #TSKaigi #TSKaigi2025_kataritai
bengo4com
0
2k
AWS Lambdaでサーバレス設計を学ぼう_ベンダーロックインの懸念を超えて-サーバレスの真価を探る
fukuchiiinu
4
940
Data Hubグループ 紹介資料
sansan33
PRO
0
1.8k
impressions-trying-lambda-web-adapter
junkishigaki
2
140
メルカリにおけるデータアナリティクス AI エージェント「Socrates」と ADK 活用事例
na0
15
7.4k
Featured
See All Featured
Site-Speed That Sticks
csswizardry
9
620
We Have a Design System, Now What?
morganepeng
52
7.6k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
137
34k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
130
19k
The Art of Programming - Codeland 2020
erikaheidi
54
13k
GitHub's CSS Performance
jonrohan
1031
460k
Agile that works and the tools we love
rasmusluckow
329
21k
The Language of Interfaces
destraynor
158
25k
Speed Design
sergeychernyshev
30
980
Become a Pro
speakerdeck
PRO
28
5.4k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
770
Stop Working from a Prison Cell
hatefulcrawdad
269
20k
Transcript
SaltStack 101 Marconi Moreto @marconimjr
What is SaltStack? “Salt delivers a dynamic communication bus for
infrastructures that can be used for orchestration, remote execution, con!guration management and much more.” ๏ Python ๏ ØMQ
Terminology ๏ Master ๏ Minion ๏ State !les ๏ Grains
๏ Pillars
Server Setup ๏ Master Minion ๏ Masterless ๏ Multi Master
Master Minion Master Minion Minion Minion
Masterless Minion Minion Minion Minion Minion
Installing Master $ sudo add-apt-repository ppa:saltstack/salt $ sudo apt-get update
$ sudo apt-get install salt-master $ sudo service salt-master status salt-master start/running, process 4044 Installing Minion $ sudo add-apt-repository ppa:saltstack/salt $ sudo apt-get update $ sudo apt-get install salt-minion $ sudo service salt-minion status salt-minion start/running, process 4901
Con!gure Master # /etc/salt/master ... - #interface: 0.0.0.0 + interface:
127.0.0.1 $ sudo service salt-master restart Con!gure Minion # /etc/salt/minion ... - #master: salt + master: 127.0.0.1 state_auto_order: True $ sudo service salt-master restart
Key Management $ sudo salt-key -L Accepted Keys: Unaccepted Keys:
sandbox Rejected Keys: $ sudo salt-key -a sandbox The following keys are going to be accepted: Unaccepted Keys: sandbox Proceed? [n/Y] Y Key for minion sandbox accepted. $ sudo salt-key -L Accepted Keys: sandbox Unaccepted Keys: Rejected Keys:
Sending Commands 1/2 $ sudo salt sandbox test.ping sandbox: True
$ sudo salt -G 'os:Ubuntu' service.available salt-minion sandbox: True $ sudo salt '*' cmd.run 'lsb_release -a' sandbox: No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 12.04 LTS Release: 12.04 Codename: precise
Sending Commands 2/2 $ sudo salt '*' cmd.exec_code python 'from
__future__ import braces' sandbox: File "/tmp/tmplI2lSy", line 1 from __future__ import braces SyntaxError: not a chance $ sudo salt '*' service.available nginx sandbox: False $ sudo salt '*' pkg.install nginx sandbox: … $ sudo salt '*' service.available nginx sandbox: True
Salt States (SLS !les)
Writing State !les 1/7 # /etc/salt/master ... - #file_roots: -
# base: - # - /srv/salt + file_roots: + base: + - /srv/salt $ sudo service salt-master restart Enable !le server Create top !le # /srv/salt/top.sls base: '*': - webserver
Writing State !les 2/7 # /srv/salt/webserver.sls ... nginx: pkg: -
installed service: - running - watch: - pkg: nginx - file: default_conf default_conf: file.exists: - name: /etc/nginx/sites-enabled/default Webserver state !le
$ sudo salt ‘*’ state.highstate ... Summary ------------ Succeeded: 3
Failed: 0 ------------ Total: 3 Writing State !les 3/7 Execute state
Writing State !les 4/7 SLS Rendering # /srv/salt/webserver.sls nginx: pkg:
- installed service: - running - watch: - pkg: nginx - file: app_conf - require: - file: app_conf - file: symlink_app_conf - cmd: nginx_default_config ...
Writing State !les 5/7 # /srv/salt/webserver.sls ... app_conf: file.managed: -
name: /etc/nginx/sites-available/app.conf - source: salt://app/nginx.conf - template: jinja - defaults: {% if grains['id'] == 'sandbox' %} is_test: True {% else %} is_test: False {% endif %} ...
Writing State !les 6/7 # /srv/salt/webserver.sls ... symlink_app_conf: file.symlink: -
name: /etc/nginx/sites-enabled/app.conf - target: /etc/nginx/sites-available/app.conf - force: True - makedirs: True nginx_default_config: cmd.run: - name: rm -f /etc/nginx/sites-enabled/default
Writing State !les 7/7 # /srv/salt/app/nginx.conf server { listen 80
default; client_max_body_size 4G; keepalive_timeout 5; {% if is_test %} server_name _; {% else %} server_name sandbox.com; {% endif %} location / { {% if is_test %} auth_basic "Restricted"; auth_basic_user_file /var/www/.htpasswd; {% endif %} proxy_pass http://127.0.0.1:8000; proxy_redirect off; proxy_buffering off; } }
It Works!
Pillars
Setup Pillars 1/3 # /etc/salt/master ... - #pillar_roots: - #
base: - # - /srv/pillar + pillar_roots: + base: + - /srv/pillar $ sudo service salt-master restart Enable !le server Create top !le # /srv/pillar/top.sls base: '*': - settings
Setup Pillars 2/3 # /srv/salt/app/nginx.conf server { ... ssl on;
ssl_certificate {{ ssl_certificate }}; ssl_certificate_key {{ ssl_certificate_key }}; ... } # /srv/salt/webserver.sls app_conf: file.managed: - name: /etc/nginx/sites-available/app.conf - source: salt://app/nginx.conf - template: jinja - defaults: ... ssl_certificate: {{ pillar['ssl_certificate'] }} ssl_certificate_key: {{ pillar['ssl_certificate_key'] }}
Setup Pillars 3/3 $ sudo salt ‘*’ state.highstate ... Summary
------------ Succeeded: 5 Failed: 0 ------------ Total: 5 $ sudo cat /etc/nginx/sites-enabled/app.conf server { ... ssl on; ssl_certificate /etc/nginx/conf.d/sandbox.crt; ssl_certificate_key /etc/nginx/conf.d/sandbox.key; ... }
Don’t want no Master
Going Masterless 1/2 # /etc/salt/minion ... - #file_client: remote +
file_client: local ... - #file_roots: - # base: - # - /srv/salt + file_roots: + base: + - /srv/salt ... - #pillar_roots: - # base: - # - /srv/pillar + pillar_roots: + base: + - /srv/pillar
Going Masterless 2/2 $ sudo service salt-minion restart Or $
sudo salt-call --local ...
Thank you Marconi Moreto @marconimjr http://marconijr.com https://github.com/marconi