Imobach González Sosa YaST Developer [email protected] Adding Salt to AutoYaST Integrating AutoYaST and Configuration Managment Systems 

AutoYaST 

What is AutoYaST? ● Tool to perform unattended installation/upgrade of openSUSE/SUSE systems ● Allow configuration of already installed systems ● Partitioning, network configuration, software installation… ● ... and configuration of additional services 

AutoYaST Profiles 

A minimal profile false root 0 /root /bin/bash nots3cr3t root 

Writing a profile ● From scratch ● Clone an installed system (and tune it if needed) – AutoYaST UI – Command line 

Limitations ● Limited to YaST modules ● Installation not always 100% reproducible ● Only applies to openSUSE/SUSE distributions 

Configuration Management Software 

At a glance ● Enable administrators to configure systems and track changes ● Usually the administrator describes how the system should look like ● Automated and reproducible ● Many options with a wide range of features 

Salt ● Configuration management and remote execution engine ● Event-driven ● Pretty flexible architecture ● Superb documentation ● Library of reusable components 

Salt jargon ● Roles: master and minions ● State: system configuration description ● Pillar: data to be used in states ● Formula: reusable and pre-written Salt states ● Grains: data associated to Minions 

Example State apache: pkg.installed: [] service.running: - watch: - pkg: apache - file: /etc/httpd/conf/httpd.conf - user: apache /etc/httpd/conf/httpd.conf: file.managed: - source: salt://apache/httpd.conf - user: root - group: root - mode: 644 

AutoYaST + Salt 

The best of both worlds ● AutoYaST does the initial installation: partitioning, network configuration, software installation, etc. ● Salt performs additional configuration: more software installation, services configuration, etc. 

Example 1: master based ● Keys are pre-accepted by the Salt Master ● Multiple keys can be stored at the same place salt salt.my-network.lan http://my-network.lan/salt/keys 

See in it action! https://youtu.be/BOnhUtj-mFA 

Example 2: master based ● Minion needs to be accepted on the Salt master ● System administrator intervention is needed salt salt.my-network.lan 3 50 

Example 3: masterless mode ● Salt server is not required ● The module will retrieve states/formulas and pillars salt http://my-network.lan/salt/redis.tar.gz http://my-network.lan/salt/redis-conf.tar.gz 

Experimental features 

Puppet support puppet http://my-network.lan/puppet/webserver.tgz puppet puppet.my-network.lan http://my-network.lan/salt/keys 

SUSE Manager Parametrizable Salt Formulas ● Mechanism to describe Pillars data ● Enable developers to build a UI to expose them timezone: name: "Atlantic/Canary" utc: true 

SUSE Manager Parametrizable Salt Formulas timezone: $type: hidden-group name: $type: select $values: ["UTC", "Atlantic/Canary", "Europe/Berlin", "US/Mountain"] $default: Europe/Berlin utc: $type: boolean $default: True 

SUSE Manager Parametrizable Salt Formulas 

See in it action! https://youtu.be/3pBUaWGeomo 

Future 

Some wild ideas ● Improve UI integration within the installer ● AutoYaST UI ● Cloning support ● Puppet Hiera ● Git 

Thanks! 

Thanks! ● My beloved YaST team for taking care of this module ● Duncan Mac-Vicar for his contribution and help ● Hannes Kühnemund for creating the feature request ● The openSUSE Project! 

References ● YaST2 Configuration Management module https://github.com/yast/yast-configuration-management ● AutoYaST documentation for openSUSE http://doc.opensuse.org/projects/autoyast/ ● SaltStack homepage https://saltstack.com/ ● Puppet Labs homepage https://puppetlabs.com/ ● “Forms are the Formula for Success” by Joachim Werner https://www.suse.com/communities/blog/forms-formula-success/ ● YaST2 integration with Salt (Hack Week proof of concept demostration) https://www.youtube.com/watch?v=2em_R84XVYg 

No content

Questions? 

Join Us at www.opensuse.org 

License This slide deck is licensed under the Creative Commons Attribution-ShareAlike 4.0 International license. It can be shared and adapted for any purpose (even commercially) as long as Attribution is given and any derivative work is distributed under the same license. Details can be found at https://creativecommons.org/licenses/by-sa/4.0/ General Disclaimer This document is not to be construed as a promise by any participating organisation to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. openSUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for openSUSE products remains at the sole discretion of openSUSE. Further, openSUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All openSUSE marks referenced in this presentation are trademarks or registered trademarks of SUSE LLC, in the United States and other countries. All third-party trademarks are the property of their respective owners. Credits Template Richard Brown [email protected] Design & Inspiration openSUSE Design Team http://opensuse.github.io/branding- guidelines/