Salt StackSubhankar Sengupta

My Intro

● SysOps guy since 2002, started in a typical startup, a web-hosting company and daily firefight

● Landed up in JP Morgan, Sabre Inc etc.

● Started JBUG –Bangalore (Jboss User Group) in 2010

● Why CM? Don’t want to be harassed admin

What does Salt stack do?

Simple things1) Configuration Mgmt

● user ● package● file● service etc

2) Remote executionWhen you install Saltstack you get both

About the project

● Open Source● Written in Python● Uses YAML for cm syntax, called salt states● Very fast communication system so rapidly scales● Most Important

○ Viable things are fundamentally SIMPLE○ Salt is simple

Some vocabulary

● The master is the Salt server

● The minions are the target machines that will be provisioned

● Each minion has an unique ID

● Asynchronous communication

● SALT’s configuration files are called states, easy to read and understand

● Multiple states can be applied to each minion

● Modules are collection of function that could be run from Salt CLI

● Information collected by minion about the system is Grain

● Grain- Information collected by minion about the system● You could write custom grain

Shows which grains are defined on a host

Show the value of all grains on a given host

Installation is a cake walk

kkk

Packages

● Alternatively installation could be done using RPM or Apt● Three Packages

○ Salt - (In all nodes)○ Salt-minion - (In all nodes)○ Salt-master- (Only in master server)

Check it

How it works?

Pub-Sub

Pub

Salt Master

Minion-FQDN- 1 Minion-FQDN- 2

How it works?

● When master process started it creates a socket● When minion process starts it connects to that master socket and looks for

event● Master publishes event and minion subscribes to listen to that, hence Pub-

Sub● This communication is done by a high speed channel● ZeroMQ● This communication channel is secure● Minion and master exchange keys using AES encryption

Remote Execution

● usr/bin/salt- salt <minion-id> <module>● Salt comes with a rich set of modules● You could write your own in python● Module has access to salt data structure● salt \* sys.doc test.ping (Help Files)

Changing password

Some more examples

Run an arbitrary shell command

Or a module

Salt Cloud

● Started as a separate project to use salt to manage cloud VMs● Starting with the 2014.1.0 release of Salt, Salt Cloud is built into Salt● Uses python-libcloud●

AWS

XYZ

Provider Profiles

Again Vocabulary Cloud provider is used to specify basic authentication information to access a cloud provider.

Again Vocabulary-2 Cloud profiles is used to specify specific virtual machinerequirements, such as size, image, and location.

Q and A

Drop an email:

subhankar.aws@gmail.com