SlideShare a Scribd company logo

Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Management with SaltStack

โ€ข
SaltStack, profile picture
SaltStack

The document discusses configuration management using SaltStack, outlining its flexibility and ease of use in managing both physical and virtual infrastructures. It covers fundamental concepts such as user and package management, as well as the architecture and terminology related to SaltStack operations. The conclusion emphasizes the importance of choosing the right configuration management system for specific projects and highlights the capabilities of SaltStack beyond just configuration management.

SoftwareTechnology
1 of 28
Downloaded 36 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Configuration Management with SaltStack Act II Arnold Bechtoldt Berlin, 14.05.14
2 1.โ€ฏ Configuration Management Systems 2.โ€ฏ SaltStack Fundamentals 3.โ€ฏ SaltStack Inside 4.โ€ฏ Conclusions 5.โ€ฏ Showcase/ Walkthrough Topics
3 โ€ฃโ€ฏ Linux-Systems Engineer at inovex GmbH โ€ฃโ€ฏ Develop lots of features for (Open Source) Datacenter Management โ€ฃโ€ฏ Provisioning of physical & virtual infrastructure โ€ฃโ€ฏ SaltStack user since December, 2012 (~ v0.10.x) About me arnold.bechtoldt@inovex.de
4 โ€ฃโ€ฏ Provides a wide set of IT services: ยง๏‚งโ€ฏ Application Development ยง๏‚งโ€ฏ Mobile Development ยง๏‚งโ€ฏ Business Intelligence ยง๏‚งโ€ฏ IT Engineering & Operations ยง๏‚งโ€ฏ Consulting ยง๏‚งโ€ฏ Trainings โ€ฃโ€ฏ Cool projects with great Open Source Software โ€ฃโ€ฏ Teams of high-experienced engineers โ€ฃโ€ฏ We have excellent job offers in Karlsruhe, Cologne, Munich and Pforzheim! About inovex inovex.de
5 Configuration Management Systems (a.k.a. CMS) Configuration Management with SaltStack Part 1
6 โ€ฃโ€ฏ Support building a defined infrastructure โ€ฃโ€ฏ Support managing a defined infrastructure โ€ฃโ€ฏ Definition of infrastructure in code (โ€œInfrastructure as codeโ€) โ€ฃโ€ฏ Configuration Management requires Software Development Configuration Management Systems Definition
7 1.โ€ฏ Create a user (if needed): postfix 2.โ€ฏ Install a package (or more): postfix, postfix-pcre 3.โ€ฏ Create or change a file (configure a service): /etc/postfix/main.cf 4.โ€ฏ Enable and start the service: chkconfig postfix on; service postfix start Configuration Management Systems Traditional
8 1.โ€ฏ User Management 2.โ€ฏ Package Management 3.โ€ฏ File Management 4.โ€ฏ Service Management What if we need m o r e ? Configuration Management Systems Limitations
9 SaltStack Fundamentals Configuration Management with SaltStack Part 2
10 Salt โ€ฆ 1.โ€ฏ โ€ฆ is extremely flexible. 2.โ€ฏ โ€ฆ is very easy to use. 3.โ€ฏ โ€ฆ has lots of exciting features. 4.โ€ฏ โ€ฆ is fast. 5.โ€ฏ โ€ฆ makes sysadminโ€™s life easier. SaltStack Fundamentals Why Salt?
11 โ€ฃโ€ฏ Itโ€™s all about (simple) data โ€ฃโ€ฏ Central place for configuration โ€ฃโ€ฏ Asynchronous (send commands to 10,000 server at a time in seconds) โ€ฃโ€ฏ Configuration management โ€ฃโ€ฏ Remote execution โ€ฃโ€ฏ Core functions are available as execution modules โ€ฃโ€ฏ Hundreds of state + execution modules โ€ฃโ€ฏ Easy to extend โ€ฃโ€ฏ Separate data and code easily with pillars SaltStack Fundamentals Why Salt? (2)
12 SaltStack Inside Configuration Management with SaltStack Part 3
13 Different software, different names: โ€ฃโ€ฏ Minion: The client itself โ€ฃโ€ฏ Master: Manages minions โ€ฃโ€ฏ Grains: Standard set of client system information โ€ฃโ€ฏ Pillars: User-defined set of information โ€ฃโ€ฏ State: User-defined description of a state of a file, package, โ€ฆ โ€ฃโ€ฏ Formulas: Collection of user-defined states โ€ฃโ€ฏ State Module: Set of state functions for files, packages, LVM, MySQL, โ€ฆ โ€ฃโ€ฏ Execution Module: Predefined commands executed on the minions โ€ฃโ€ฏ Jinja: Default template renderer SaltStack Inside Terminology
14 SaltStack Inside Default Architecture Master Minion ZeroMQ MinionMinion Minion Minion
15 You specify minion targeting to apply states, pillars or commands to a desired set of minions: โ€ฃโ€ฏ Globbing: feweb*.domain.local, *.domain.local, feweb[1-3].domain.local โ€ฃโ€ฏ PCRE: fe(web|mail)1.domain.local โ€ฃโ€ฏ Grains: โ€˜os:CentOSโ€™, โ€˜saltversion:2014.1.1โ€™ โ€ฃโ€ฏ Pillars: โ€˜role:mailserverโ€™, โ€˜cluster_name:fehomepageโ€™ โ€ฃโ€ฏ Lists: feweb1.domainโ€ฆ, feweb2.domainโ€ฆ, feweb3.domainโ€ฆ โ€ฃโ€ฏ Nodegroups: Predefined list of minions โ€ฃโ€ฏ Compound (Mix): Mix of the above targeting types (operators: and, or, not) โ€ฃโ€ฏ Batch Size: 4, 10% (execute on X minions at a time) SaltStack Inside Minion Targeting
16 Components using a top file: โ€ฃโ€ฏ States โ€ฃโ€ฏ Pillars What they do: โ€ฃโ€ฏ Map minions with states โ€ฃโ€ฏ Map minions with pillars โ€ฃโ€ฏ Map minions with environments SaltStack Inside The Top Files
17 Top of States dev: 'mailserver*dev*': - postfix.satellite qa: 'mailserver*qa*': - postfix.satellite prod: 'mailserver*prod*': - postfix.satellite - monitoring SaltStack Inside The Top Files (2) Top of Pillars dev: 'mailserver*dev*': - postfix.dev qa: 'mailserver*qa*': - postfix.qa prod: 'mailserver*prod*': - postfix.prod - monitoring.prod
18 SaltStack Inside States postfix: pkg: - installed - names: - postfix - postfix-pcre service: - running - watch: - file: /etc/postfix/main.cf Dict/ Hash: State ID List/ Array: State Module Any: Parameters
19 SaltStack Inside States (2) /etc/postfix/main.cf: file: - managed - source: salt://postfix/files/satellite.main.cf - user: root - group: postfix - mode: 640 - template: jinja
postscreen_dnsbl_sites: - zen.spamhaus.org*2 - ix.dnsbl.manitu.net*2 - dnsbl.sorbs.net=127.0.0.[2;3;5;6;7;9;10] - list.dnswl.org=127.0.[0..255].0*-1 - list.dnswl.org=127.0.[0..255].[2..3]*-3 any: generic: list: - foo: oof bar: rab 20 type: satellite relayhost: smtp.domain.local inet_protocols: - ipv4 soft_bounce: True postscreen: - greylisting - pregreet - dnsbl mynetworks: 127.0.0.0/8 [::ffff:127... SaltStack Inside Pillars
21 Store top files, states (formulas), templates, custom modules, pillars, etc. on โ€ฃโ€ฏ Local filesystems โ€ฃโ€ฏ Git Repositories โ€ฃโ€ฏ SVN Repositories โ€ฃโ€ฏ Mercurial Repositories โ€ฃโ€ฏ MinionFS (distributed over several hosts) โ€ฃโ€ฏ Amazon S3 Separate them by โ€ฃโ€ฏ Environments/ teams โ€ฃโ€ฏ Projects โ€ฃโ€ฏ Pillars โ€ฃโ€ฏ โ€ฆ SaltStack Inside Fileserver Backends
22 Access data by: โ€ฃโ€ฏ Pillars: {{ salt[โ€˜pillar.getโ€™](โ€˜inet_protocolsโ€™, [โ€˜ipv4โ€™, โ€˜ipv6โ€™]) }} โ€ฃโ€ฏ Grains: {{ salt[โ€˜grains.getโ€™](โ€˜os_familyโ€™) }} โ€ฃโ€ฏ Peer Publish: {{ salt[โ€˜publish.publishโ€™](โ€˜web*โ€™, โ€˜grains.itemโ€™, โ€˜fqdnโ€™) }} โ€ฃโ€ฏ Mine: {{ salt[โ€˜pillar.itemโ€™](โ€˜mine_functions:network.interfacesโ€™) }} โ€ฃโ€ฏ Local env variables: {% set foo = โ€˜barโ€™ %} {{ foo }} โ€ฃโ€ฏ Deserializing: load_json(โ€˜file.jsonโ€™) / load_yaml(โ€˜file.yamlโ€™) / โ€ฆ โ€ฃโ€ฏ โ€ฆ These are available in: โ€ฃโ€ฏ Top Files โ€ฃโ€ฏ State Files โ€ฃโ€ฏ Template Files โ€ฃโ€ฏ Pillar Files โ€ฃโ€ฏ โ€ฆ SaltStack Inside Data Access
23 One tool to rule them all: โ€ฃโ€ฏ $ salt โ€˜*โ€™ state.sls ferm saltenv=prod โ€ฃโ€ฏ $ salt โ€˜*โ€™ state.highstate test=False โ€ฃโ€ฏ $ salt โ€˜*โ€™ gem.install foreman_provision โ€ฃโ€ฏ $ salt โ€˜*โ€™ hadoop.dfs ls / โ€ฃโ€ฏ $ salt โ€˜*โ€™ lxc.unfreeze bigfoot โ€ฃโ€ฏ $ salt โ€˜*โ€™ network.traceroute inovex.de โ€ฃโ€ฏ $ salt โ€˜*โ€™ pkg.install openssl refresh=True $ salt โ€˜*โ€™ service.restart nginx โ€ฃโ€ฏ $ salt โ€˜*โ€™ dockerio.pull index.docker.io:MyRepo/image foo โ€ฃโ€ฏ $ salt โ€˜*โ€™ tomcat.deploy_war salt://application.war /api yes http://localhost:8080/ โ€ฃโ€ฏ $ salt โ€“C โ€˜I@role:mailserver and (P@os:Debian or S@192.168.42.0/24)โ€™ โ€ฆ SaltStack Inside Configuration Management + Remote Execution
24 feweb1.domain.local: ---------- ID: ferm Function: pkg.installed Result: True Comment: All specified packages are already installed. Changes: ---------- ID: ferm Function: file.managed Name: /etc/ferm/ferm.conf Result: True Comment: File /etc/ferm/ferm.conf updated Changes: ---------- diff: SaltStack Inside Configuration Management + Remote Execution (2) --- @@ -1,33 +1,31 @@ ... ---------- ID: ferm Function: service.running Result: True Comment: Service restarted Changes: ---------- ferm: True Summary ------------ Succeeded: 3 Failed: 0 ------------ Total: 3
25 Conclusions Configuration Management with SaltStack Part 4
26 1.โ€ฏ Choose the CMS which fits to your project, everyone is different 2.โ€ฏ If you spend more time creating automation instead of saving it, something is wrong 3.โ€ฏ Salt can help you managing large and complex infrastructures 4.โ€ฏ SaltStack can do even more than CM: Salt-Cloud, Salt-Virt, Salt SSH, Salt Proxy, โ€ฆ 5.โ€ฏ Salt can help you making your customers and yourself happy Conclusions IMHO
27 Basic configuration: โ€ฃโ€ฏ /bechtoldt/network-formula โ€ฃโ€ฏ /bechtoldt/time-formula DNS/ DHCP: โ€ฃโ€ฏ /bechtoldt/binddns-formula โ€ฃโ€ฏ /bechtoldt/iscdhcp-formula Lifecycle Management (physical + virtual servers): โ€ฃโ€ฏ Foreman: /bechtoldt/foreman-formula Cloud management: โ€ฃโ€ฏ OpenNebula: /bechtoldt/opennebula-formula โ€ฃโ€ฏ OpenStack: /EntropyWorks/salt-openstack/tree/formula Showcase/ Walkthrough Code at Github.com
28 Github.com/bechtoldt โ€“ Github.com/saltstack-formulas โ€“ talks.arbe.io Thank You Questions? Contact Arnold Bechtoldt Linux-Systems Engineer inovex GmbH Office Karlsruhe Ludwig-Erhard-Allee 6 D-76131 Karlsruhe +49 (0)173 31 81 117 arnold.bechtoldt@inovex.de โ€žWir nutzen Technologien, um unsere Kunden glรผcklich zu machen. Und uns selbst.โ€œ

More Related Content

What's hot (20)

PPTX
Salty OPS โ€“ Saltstack Introduction
Walter Liu
ย 
PDF
Salt conf 2014 - Using SaltStack in high availability environments
Benjamin Cane
ย 
PPTX
SaltStack Configuration Management
Nathan Sickler
ย 
PDF
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltStack
ย 
PDF
OpenNebula and SaltStack - OpenNebulaConf 2013
databus.pro
ย 
PDF
Configuration management and orchestration with Salt
Anirban Saha
ย 
PPTX
SaltConf 2014: Safety with powertools
Thomas Jackson
ย 
PDF
StackiFest16: Stacki 1600+ Server Journey - Dave Peterson, Salesforce
StackIQ
ย 
PDF
StackiFest16: Building a Cart
StackIQ
ย 
PDF
[์˜คํ”ˆ์†Œ์Šค์ปจ์„คํŒ…] EFK Stack ์†Œ๊ฐœ์™€ ์„ค์น˜ ๋ฐฉ๋ฒ•
Open Source Consulting
ย 
PDF
Chef Provisioning a Chef Server Cluster - ChefConf 2015
Chef
ย 
PDF
StackiFest 16: Stacki Overview- Anoop Rajendra
StackIQ
ย 
PPTX
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet
ย 
PDF
[2018.10.19] ๊น€์šฉ๊ธฐ ๋ถ€์žฅ - IAC on OpenStack (feat. ansible)
OpenStack Korea Community
ย 
PDF
Steve Singer - Managing PostgreSQL with Puppet @ Postgres Open
PostgresOpen
ย 
PDF
docker build with Ansible
Bas Meijer
ย 
PDF
Red Hat Satellite 6 - Automation with Puppet
Michael Lessard
ย 
PPTX
Vagrant, Ansible, and OpenStack on your laptop
Lorin Hochstein
ย 
PDF
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
OpenStack Korea Community
ย 
PDF
Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
NETWAYS
ย 
Salty OPS โ€“ Saltstack Introduction
Walter Liu
ย 
Salt conf 2014 - Using SaltStack in high availability environments
Benjamin Cane
ย 
SaltStack Configuration Management
Nathan Sickler
ย 
SaltConf14 - Anita Kuno, HP & OpenStack - Using SaltStack for event-driven or...
SaltStack
ย 
OpenNebula and SaltStack - OpenNebulaConf 2013
databus.pro
ย 
Configuration management and orchestration with Salt
Anirban Saha
ย 
SaltConf 2014: Safety with powertools
Thomas Jackson
ย 
StackiFest16: Stacki 1600+ Server Journey - Dave Peterson, Salesforce
StackIQ
ย 
StackiFest16: Building a Cart
StackIQ
ย 
[์˜คํ”ˆ์†Œ์Šค์ปจ์„คํŒ…] EFK Stack ์†Œ๊ฐœ์™€ ์„ค์น˜ ๋ฐฉ๋ฒ•
Open Source Consulting
ย 
Chef Provisioning a Chef Server Cluster - ChefConf 2015
Chef
ย 
StackiFest 16: Stacki Overview- Anoop Rajendra
StackIQ
ย 
Puppet Availability and Performance at 100K Nodes - PuppetConf 2014
Puppet
ย 
[2018.10.19] ๊น€์šฉ๊ธฐ ๋ถ€์žฅ - IAC on OpenStack (feat. ansible)
OpenStack Korea Community
ย 
Steve Singer - Managing PostgreSQL with Puppet @ Postgres Open
PostgresOpen
ย 
docker build with Ansible
Bas Meijer
ย 
Red Hat Satellite 6 - Automation with Puppet
Michael Lessard
ย 
Vagrant, Ansible, and OpenStack on your laptop
Lorin Hochstein
ย 
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
OpenStack Korea Community
ย 
Refactoring Katello Installer modules - Ewoud Kohl van Wijngaarden
NETWAYS
ย 

Viewers also liked (16)

PDF
Configuration Management - Finding the tool to fit your needs
SaltStack
ย 
PDF
Bootstrapping Forman with Vagrant - Setting up a local Provision & Deployment...
inovex GmbH
ย 
PDF
SaltConf14 - Yazz Atlas, HP Cloud - Installing OpenStack using SaltStack
SaltStack
ย 
PDF
SaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web Scale
SaltStack
ย 
PDF
Configuration Management vs. Container Automation
inovex GmbH
ย 
PDF
Erfolgsfaktoren von Datenprodukten
inovex GmbH
ย 
PDF
Continuous Integration for Fun and Profit
inovex GmbH
ย 
PDF
Gitlab meets Kubernetes
inovex GmbH
ย 
PDF
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltStack
ย 
PDF
SysDig Metriken zentralisieren
inovex GmbH
ย 
PDF
Automated Application Management with SaltStack
inovex GmbH
ย 
PDF
Introduction to SaltStack
Aymen EL Amri
ย 
PDF
Salt Air 19 - Intro to SaltStack RAET (reliable asyncronous event transport)
SaltStack
ย 
PDF
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
Animesh Singh
ย 
PPTX
Integration testing for salt states using aws ec2 container service
SaltStack
ย 
PDF
Sprachsteuerung mit dem Google Assistant โ€“ Add a new User Interface to your P...
inovex GmbH
ย 
Configuration Management - Finding the tool to fit your needs
SaltStack
ย 
Bootstrapping Forman with Vagrant - Setting up a local Provision & Deployment...
inovex GmbH
ย 
SaltConf14 - Yazz Atlas, HP Cloud - Installing OpenStack using SaltStack
SaltStack
ย 
SaltConf14 - Craig Sebenik, LinkedIn - SaltStack at Web Scale
SaltStack
ย 
Configuration Management vs. Container Automation
inovex GmbH
ย 
Erfolgsfaktoren von Datenprodukten
inovex GmbH
ย 
Continuous Integration for Fun and Profit
inovex GmbH
ย 
Gitlab meets Kubernetes
inovex GmbH
ย 
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltStack
ย 
SysDig Metriken zentralisieren
inovex GmbH
ย 
Automated Application Management with SaltStack
inovex GmbH
ย 
Introduction to SaltStack
Aymen EL Amri
ย 
Salt Air 19 - Intro to SaltStack RAET (reliable asyncronous event transport)
SaltStack
ย 
CAPS: What's best for deploying and managing OpenStack? Chef vs. Ansible vs. ...
Animesh Singh
ย 
Integration testing for salt states using aws ec2 container service
SaltStack
ย 
Sprachsteuerung mit dem Google Assistant โ€“ Add a new User Interface to your P...
inovex GmbH
ย 
Ad

Similar to Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Management with SaltStack (20)

PDF
Prรฉsentation "Docker + Kubernetes" @ Pastis.tech #2
Blue Forest
ย 
KEY
Ruby and Rails Packaging to Production
Fabio Kung
ย 
PDF
Rac on NFS
mengjiagou
ย 
PDF
Dependencies Managers in C/C++. Using stdcpp 2014
biicode
ย 
PDF
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Cosimo Streppone
ย 
PPTX
Dayta AI Seminar - Kubernetes, Docker and AI on Cloud
Jung-Hong Kim
ย 
PDF
Oracle11g On Fedora14
kmsa
ย 
PDF
Oracle11g on fedora14
Khalid Matar Albuflasah
ย 
PDF
OSMC 2019 | Use Cloud services & features in your redundant Icinga2 Environme...
NETWAYS
ย 
PPT
Basic Linux kernel
Morteza Nourelahi Alamdari
ย 
PPTX
MySQL Audit using Percona audit plugin and ELK
YoungHeon (Roy) Kim
ย 
PPT
Sharing-Knowledge-OAM-3G-Ericsson .ppt
wafawafa52
ย 
PPTX
How Honestbee Does CI/CD on Kubernetes - Vincent DeSmet
DevOpsDaysJKT
ย 
PDF
JUDCon 2010 Boston : BoxGrinder
marekgoldmann
ย 
PDF
Android 5.0 Lollipop platform change investigation report
hidenorly
ย 
PDF
Spectre meltdown performance_tests - v0.3
David Pasek
ย 
PDF
Freeradius edir
Jonas Segovia Velazquez
ย 
PDF
OSMC 2021 | Icinga-Installer โ€“ the easy way to your Icinga
NETWAYS
ย 
PDF
Automaรงรฃo do fรญsico ao NetSecDevOps
Raul Leite
ย 
PPTX
Continuous delivery with docker
Johan Janssen
ย 
Prรฉsentation "Docker + Kubernetes" @ Pastis.tech #2
Blue Forest
ย 
Ruby and Rails Packaging to Production
Fabio Kung
ย 
Rac on NFS
mengjiagou
ย 
Dependencies Managers in C/C++. Using stdcpp 2014
biicode
ย 
Puppet at Opera Sofware - PuppetCamp Oslo 2013
Cosimo Streppone
ย 
Dayta AI Seminar - Kubernetes, Docker and AI on Cloud
Jung-Hong Kim
ย 
Oracle11g On Fedora14
kmsa
ย 
Oracle11g on fedora14
Khalid Matar Albuflasah
ย 
OSMC 2019 | Use Cloud services & features in your redundant Icinga2 Environme...
NETWAYS
ย 
Basic Linux kernel
Morteza Nourelahi Alamdari
ย 
MySQL Audit using Percona audit plugin and ELK
YoungHeon (Roy) Kim
ย 
Sharing-Knowledge-OAM-3G-Ericsson .ppt
wafawafa52
ย 
How Honestbee Does CI/CD on Kubernetes - Vincent DeSmet
DevOpsDaysJKT
ย 
JUDCon 2010 Boston : BoxGrinder
marekgoldmann
ย 
Android 5.0 Lollipop platform change investigation report
hidenorly
ย 
Spectre meltdown performance_tests - v0.3
David Pasek
ย 
Freeradius edir
Jonas Segovia Velazquez
ย 
OSMC 2021 | Icinga-Installer โ€“ the easy way to your Icinga
NETWAYS
ย 
Automaรงรฃo do fรญsico ao NetSecDevOps
Raul Leite
ย 
Continuous delivery with docker
Johan Janssen
ย 
Ad

More from SaltStack (10)

PPT
SaltConf14 - Saurabh Surana, HP Cloud - Automating operations and support wit...
SaltStack
ย 
PPT
SaltConf14 - Brendan Burns, Google - Management at Google Scale
SaltStack
ย 
PDF
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltStack
ย 
PPTX
SaltConf14 - Thomas Jackson, LinkedIn - Safety with Power Tools
SaltStack
ย 
PDF
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltStack
ย 
PDF
SaltStack - An open source software story
SaltStack
ย 
PDF
Real-time Cloud Management with SaltStack
SaltStack
ย 
PDF
Adding to your Python Armory - OpenWest 2013
SaltStack
ย 
PDF
Real-time Infrastructure Management with SaltStack - OpenWest 2013
SaltStack
ย 
PDF
Writing SaltStack Modules - OpenWest 2013
SaltStack
ย 
SaltConf14 - Saurabh Surana, HP Cloud - Automating operations and support wit...
SaltStack
ย 
SaltConf14 - Brendan Burns, Google - Management at Google Scale
SaltStack
ย 
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltStack
ย 
SaltConf14 - Thomas Jackson, LinkedIn - Safety with Power Tools
SaltStack
ย 
SaltConf14 - Eric johnson, Google - Orchestrating Google Compute Engine with ...
SaltStack
ย 
SaltStack - An open source software story
SaltStack
ย 
Real-time Cloud Management with SaltStack
SaltStack
ย 
Adding to your Python Armory - OpenWest 2013
SaltStack
ย 
Real-time Infrastructure Management with SaltStack - OpenWest 2013
SaltStack
ย 
Writing SaltStack Modules - OpenWest 2013
SaltStack
ย 

Recently uploaded (20)

PDF
MiniTool Power Data Recovery Crack New Pre Activated Version Latest 2025
imang66g
ย 
PDF
SAP GUI Installation Guide for Windows | Step-by-Step Setup for SAP Access
SAP Vista, an A L T Z E N Company
ย 
PDF
How AI in Healthcare Apps Can Help You Enhance Patient Care?
Lilly Gracia
ย 
PPTX
Employee salary prediction using Machine learning Project template.ppt
bhanuk27082004
ย 
PPTX
TexSender Pro 8.9.1 Crack Full Version Download
cracked shares
ย 
PPTX
Online Contractor Induction and Safety Induction Training Software
SHEQ Network Limited
ย 
PPT
Brief History of Python by Learning Python in three hours
adanechb21
ย 
PPTX
TRAVEL APIs | WHITE LABEL TRAVEL API | TOP TRAVEL APIs
philipnathen82
ย 
PDF
Troubleshooting Virtual Threads in Java!
Tier1 app
ย 
PDF
Summary Of Odoo 18.1 to 18.4 : The Way For Odoo 19
CandidRoot Solutions Private Limited
ย 
PDF
How Agentic AI Networks are Revolutionizing Collaborative AI Ecosystems in 2025
ronakdubey419
ย 
PPTX
ChessBase 18.02 Crack + Serial Key Free Download
cracked shares
ย 
PDF
Balancing Resource Capacity and Workloads with OnePlan โ€“ Avoid Overloading Te...
OnePlan Solutions
ย 
PDF
AI Image Enhancer: Revolutionizing Visual Qualityโ€
docmasoom
ย 
PDF
AI Software Engineering based on Multi-view Modeling and Engineering Patterns
Hironori Washizaki
ย 
PPTX
Farrell__10e_ch04_PowerPoint.pptx Programming Logic and Design slides
bashnahara11
ย 
PDF
SAP GUI Installation Guide for macOS (iOS) | Connect to SAP Systems on Mac
SAP Vista, an A L T Z E N Company
ย 
PDF
Infrastructure planning and resilience - Keith Hastings.pptx.pdf
Safe Software
ย 
PPTX
Cutting Optimization Pro 5.18.2 Crack With Free Download
cracked shares
ย 
PDF
Top 10 AI Use Cases Every Business Should Know.pdf
nicogonzalez1075
ย 
MiniTool Power Data Recovery Crack New Pre Activated Version Latest 2025
imang66g
ย 
SAP GUI Installation Guide for Windows | Step-by-Step Setup for SAP Access
SAP Vista, an A L T Z E N Company
ย 
How AI in Healthcare Apps Can Help You Enhance Patient Care?
Lilly Gracia
ย 
Employee salary prediction using Machine learning Project template.ppt
bhanuk27082004
ย 
TexSender Pro 8.9.1 Crack Full Version Download
cracked shares
ย 
Online Contractor Induction and Safety Induction Training Software
SHEQ Network Limited
ย 
Brief History of Python by Learning Python in three hours
adanechb21
ย 
TRAVEL APIs | WHITE LABEL TRAVEL API | TOP TRAVEL APIs
philipnathen82
ย 
Troubleshooting Virtual Threads in Java!
Tier1 app
ย 
Summary Of Odoo 18.1 to 18.4 : The Way For Odoo 19
CandidRoot Solutions Private Limited
ย 
How Agentic AI Networks are Revolutionizing Collaborative AI Ecosystems in 2025
ronakdubey419
ย 
ChessBase 18.02 Crack + Serial Key Free Download
cracked shares
ย 
Balancing Resource Capacity and Workloads with OnePlan โ€“ Avoid Overloading Te...
OnePlan Solutions
ย 
AI Image Enhancer: Revolutionizing Visual Qualityโ€
docmasoom
ย 
AI Software Engineering based on Multi-view Modeling and Engineering Patterns
Hironori Washizaki
ย 
Farrell__10e_ch04_PowerPoint.pptx Programming Logic and Design slides
bashnahara11
ย 
SAP GUI Installation Guide for macOS (iOS) | Connect to SAP Systems on Mac
SAP Vista, an A L T Z E N Company
ย 
Infrastructure planning and resilience - Keith Hastings.pptx.pdf
Safe Software
ย 
Cutting Optimization Pro 5.18.2 Crack With Free Download
cracked shares
ย 
Top 10 AI Use Cases Every Business Should Know.pdf
nicogonzalez1075
ย 

Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Management with SaltStack

  • 1. Configuration Management with SaltStack Act II Arnold Bechtoldt Berlin, 14.05.14
  • 2. 2 1.โ€ฏ Configuration Management Systems 2.โ€ฏ SaltStack Fundamentals 3.โ€ฏ SaltStack Inside 4.โ€ฏ Conclusions 5.โ€ฏ Showcase/ Walkthrough Topics
  • 3. 3 โ€ฃโ€ฏ Linux-Systems Engineer at inovex GmbH โ€ฃโ€ฏ Develop lots of features for (Open Source) Datacenter Management โ€ฃโ€ฏ Provisioning of physical & virtual infrastructure โ€ฃโ€ฏ SaltStack user since December, 2012 (~ v0.10.x) About me [email protected]
  • 4. 4 โ€ฃโ€ฏ Provides a wide set of IT services: ยง๏‚งโ€ฏ Application Development ยง๏‚งโ€ฏ Mobile Development ยง๏‚งโ€ฏ Business Intelligence ยง๏‚งโ€ฏ IT Engineering & Operations ยง๏‚งโ€ฏ Consulting ยง๏‚งโ€ฏ Trainings โ€ฃโ€ฏ Cool projects with great Open Source Software โ€ฃโ€ฏ Teams of high-experienced engineers โ€ฃโ€ฏ We have excellent job offers in Karlsruhe, Cologne, Munich and Pforzheim! About inovex inovex.de
  • 5. 5 Configuration Management Systems (a.k.a. CMS) Configuration Management with SaltStack Part 1
  • 6. 6 โ€ฃโ€ฏ Support building a defined infrastructure โ€ฃโ€ฏ Support managing a defined infrastructure โ€ฃโ€ฏ Definition of infrastructure in code (โ€œInfrastructure as codeโ€) โ€ฃโ€ฏ Configuration Management requires Software Development Configuration Management Systems Definition
  • 7. 7 1.โ€ฏ Create a user (if needed): postfix 2.โ€ฏ Install a package (or more): postfix, postfix-pcre 3.โ€ฏ Create or change a file (configure a service): /etc/postfix/main.cf 4.โ€ฏ Enable and start the service: chkconfig postfix on; service postfix start Configuration Management Systems Traditional
  • 8. 8 1.โ€ฏ User Management 2.โ€ฏ Package Management 3.โ€ฏ File Management 4.โ€ฏ Service Management What if we need m o r e ? Configuration Management Systems Limitations
  • 10. 10 Salt โ€ฆ 1.โ€ฏ โ€ฆ is extremely flexible. 2.โ€ฏ โ€ฆ is very easy to use. 3.โ€ฏ โ€ฆ has lots of exciting features. 4.โ€ฏ โ€ฆ is fast. 5.โ€ฏ โ€ฆ makes sysadminโ€™s life easier. SaltStack Fundamentals Why Salt?
  • 11. 11 โ€ฃโ€ฏ Itโ€™s all about (simple) data โ€ฃโ€ฏ Central place for configuration โ€ฃโ€ฏ Asynchronous (send commands to 10,000 server at a time in seconds) โ€ฃโ€ฏ Configuration management โ€ฃโ€ฏ Remote execution โ€ฃโ€ฏ Core functions are available as execution modules โ€ฃโ€ฏ Hundreds of state + execution modules โ€ฃโ€ฏ Easy to extend โ€ฃโ€ฏ Separate data and code easily with pillars SaltStack Fundamentals Why Salt? (2)
  • 13. 13 Different software, different names: โ€ฃโ€ฏ Minion: The client itself โ€ฃโ€ฏ Master: Manages minions โ€ฃโ€ฏ Grains: Standard set of client system information โ€ฃโ€ฏ Pillars: User-defined set of information โ€ฃโ€ฏ State: User-defined description of a state of a file, package, โ€ฆ โ€ฃโ€ฏ Formulas: Collection of user-defined states โ€ฃโ€ฏ State Module: Set of state functions for files, packages, LVM, MySQL, โ€ฆ โ€ฃโ€ฏ Execution Module: Predefined commands executed on the minions โ€ฃโ€ฏ Jinja: Default template renderer SaltStack Inside Terminology
  • 15. 15 You specify minion targeting to apply states, pillars or commands to a desired set of minions: โ€ฃโ€ฏ Globbing: feweb*.domain.local, *.domain.local, feweb[1-3].domain.local โ€ฃโ€ฏ PCRE: fe(web|mail)1.domain.local โ€ฃโ€ฏ Grains: โ€˜os:CentOSโ€™, โ€˜saltversion:2014.1.1โ€™ โ€ฃโ€ฏ Pillars: โ€˜role:mailserverโ€™, โ€˜cluster_name:fehomepageโ€™ โ€ฃโ€ฏ Lists: feweb1.domainโ€ฆ, feweb2.domainโ€ฆ, feweb3.domainโ€ฆ โ€ฃโ€ฏ Nodegroups: Predefined list of minions โ€ฃโ€ฏ Compound (Mix): Mix of the above targeting types (operators: and, or, not) โ€ฃโ€ฏ Batch Size: 4, 10% (execute on X minions at a time) SaltStack Inside Minion Targeting
  • 16. 16 Components using a top file: โ€ฃโ€ฏ States โ€ฃโ€ฏ Pillars What they do: โ€ฃโ€ฏ Map minions with states โ€ฃโ€ฏ Map minions with pillars โ€ฃโ€ฏ Map minions with environments SaltStack Inside The Top Files
  • 17. 17 Top of States dev: 'mailserver*dev*': - postfix.satellite qa: 'mailserver*qa*': - postfix.satellite prod: 'mailserver*prod*': - postfix.satellite - monitoring SaltStack Inside The Top Files (2) Top of Pillars dev: 'mailserver*dev*': - postfix.dev qa: 'mailserver*qa*': - postfix.qa prod: 'mailserver*prod*': - postfix.prod - monitoring.prod
  • 18. 18 SaltStack Inside States postfix: pkg: - installed - names: - postfix - postfix-pcre service: - running - watch: - file: /etc/postfix/main.cf Dict/ Hash: State ID List/ Array: State Module Any: Parameters
  • 19. 19 SaltStack Inside States (2) /etc/postfix/main.cf: file: - managed - source: salt://postfix/files/satellite.main.cf - user: root - group: postfix - mode: 640 - template: jinja
  • 20. postscreen_dnsbl_sites: - zen.spamhaus.org*2 - ix.dnsbl.manitu.net*2 - dnsbl.sorbs.net=127.0.0.[2;3;5;6;7;9;10] - list.dnswl.org=127.0.[0..255].0*-1 - list.dnswl.org=127.0.[0..255].[2..3]*-3 any: generic: list: - foo: oof bar: rab 20 type: satellite relayhost: smtp.domain.local inet_protocols: - ipv4 soft_bounce: True postscreen: - greylisting - pregreet - dnsbl mynetworks: 127.0.0.0/8 [::ffff:127... SaltStack Inside Pillars
  • 21. 21 Store top files, states (formulas), templates, custom modules, pillars, etc. on โ€ฃโ€ฏ Local filesystems โ€ฃโ€ฏ Git Repositories โ€ฃโ€ฏ SVN Repositories โ€ฃโ€ฏ Mercurial Repositories โ€ฃโ€ฏ MinionFS (distributed over several hosts) โ€ฃโ€ฏ Amazon S3 Separate them by โ€ฃโ€ฏ Environments/ teams โ€ฃโ€ฏ Projects โ€ฃโ€ฏ Pillars โ€ฃโ€ฏ โ€ฆ SaltStack Inside Fileserver Backends
  • 22. 22 Access data by: โ€ฃโ€ฏ Pillars: {{ salt[โ€˜pillar.getโ€™](โ€˜inet_protocolsโ€™, [โ€˜ipv4โ€™, โ€˜ipv6โ€™]) }} โ€ฃโ€ฏ Grains: {{ salt[โ€˜grains.getโ€™](โ€˜os_familyโ€™) }} โ€ฃโ€ฏ Peer Publish: {{ salt[โ€˜publish.publishโ€™](โ€˜web*โ€™, โ€˜grains.itemโ€™, โ€˜fqdnโ€™) }} โ€ฃโ€ฏ Mine: {{ salt[โ€˜pillar.itemโ€™](โ€˜mine_functions:network.interfacesโ€™) }} โ€ฃโ€ฏ Local env variables: {% set foo = โ€˜barโ€™ %} {{ foo }} โ€ฃโ€ฏ Deserializing: load_json(โ€˜file.jsonโ€™) / load_yaml(โ€˜file.yamlโ€™) / โ€ฆ โ€ฃโ€ฏ โ€ฆ These are available in: โ€ฃโ€ฏ Top Files โ€ฃโ€ฏ State Files โ€ฃโ€ฏ Template Files โ€ฃโ€ฏ Pillar Files โ€ฃโ€ฏ โ€ฆ SaltStack Inside Data Access
  • 23. 23 One tool to rule them all: โ€ฃโ€ฏ $ salt โ€˜*โ€™ state.sls ferm saltenv=prod โ€ฃโ€ฏ $ salt โ€˜*โ€™ state.highstate test=False โ€ฃโ€ฏ $ salt โ€˜*โ€™ gem.install foreman_provision โ€ฃโ€ฏ $ salt โ€˜*โ€™ hadoop.dfs ls / โ€ฃโ€ฏ $ salt โ€˜*โ€™ lxc.unfreeze bigfoot โ€ฃโ€ฏ $ salt โ€˜*โ€™ network.traceroute inovex.de โ€ฃโ€ฏ $ salt โ€˜*โ€™ pkg.install openssl refresh=True $ salt โ€˜*โ€™ service.restart nginx โ€ฃโ€ฏ $ salt โ€˜*โ€™ dockerio.pull index.docker.io:MyRepo/image foo โ€ฃโ€ฏ $ salt โ€˜*โ€™ tomcat.deploy_war salt://application.war /api yes http://localhost:8080/ โ€ฃโ€ฏ $ salt โ€“C โ€˜I@role:mailserver and (P@os:Debian or [email protected]/24)โ€™ โ€ฆ SaltStack Inside Configuration Management + Remote Execution
  • 24. 24 feweb1.domain.local: ---------- ID: ferm Function: pkg.installed Result: True Comment: All specified packages are already installed. Changes: ---------- ID: ferm Function: file.managed Name: /etc/ferm/ferm.conf Result: True Comment: File /etc/ferm/ferm.conf updated Changes: ---------- diff: SaltStack Inside Configuration Management + Remote Execution (2) --- @@ -1,33 +1,31 @@ ... ---------- ID: ferm Function: service.running Result: True Comment: Service restarted Changes: ---------- ferm: True Summary ------------ Succeeded: 3 Failed: 0 ------------ Total: 3
  • 26. 26 1.โ€ฏ Choose the CMS which fits to your project, everyone is different 2.โ€ฏ If you spend more time creating automation instead of saving it, something is wrong 3.โ€ฏ Salt can help you managing large and complex infrastructures 4.โ€ฏ SaltStack can do even more than CM: Salt-Cloud, Salt-Virt, Salt SSH, Salt Proxy, โ€ฆ 5.โ€ฏ Salt can help you making your customers and yourself happy Conclusions IMHO
  • 27. 27 Basic configuration: โ€ฃโ€ฏ /bechtoldt/network-formula โ€ฃโ€ฏ /bechtoldt/time-formula DNS/ DHCP: โ€ฃโ€ฏ /bechtoldt/binddns-formula โ€ฃโ€ฏ /bechtoldt/iscdhcp-formula Lifecycle Management (physical + virtual servers): โ€ฃโ€ฏ Foreman: /bechtoldt/foreman-formula Cloud management: โ€ฃโ€ฏ OpenNebula: /bechtoldt/opennebula-formula โ€ฃโ€ฏ OpenStack: /EntropyWorks/salt-openstack/tree/formula Showcase/ Walkthrough Code at Github.com
  • 28. 28 Github.com/bechtoldt โ€“ Github.com/saltstack-formulas โ€“ talks.arbe.io Thank You Questions? Contact Arnold Bechtoldt Linux-Systems Engineer inovex GmbH Office Karlsruhe Ludwig-Erhard-Allee 6 D-76131 Karlsruhe +49 (0)173 31 81 117 [email protected] โ€žWir nutzen Technologien, um unsere Kunden glรผcklich zu machen. Und uns selbst.โ€œ