Embed Size (px)
DESCRIPTION
Salt allows scalable infrastructure management, including provisioning new systems and managing them over their lifetime. In this talk I'll show how it makes managing Debian systems easier.
Citation preview
What is salt?
● Remote execution framework● Set of tools built around that framework, including config management
Why salt?
● Written in python● Using yaml for state description● Great documentation● Big and growing community● Fast-moving
Why not salt?
● Young and fast-moving● Written in python● Rolls its own crypto
Terminology
● Master, minions● Grain● Pillar● State● Top file● Highstate
Adding a minion
● Install salt-minion
http://debian.saltstack.com/● Tell it where the master is
echo master: salt.logilab.fr > /etc/salt/minion.d/master.conf
● Check and accept the key on the master
salt-key -a mynewminion
Remote execution
$ salt '*' test.ping
$ salt 'db*' cmd.run pg_lsclusters
$ salt -G 'oscodename:jessie' grains.item \ kernelrelease
Config management
● Using yaml (by default) to describe desired system state
● Templating with jinja● Grains/pillars/... available for targetting and in
template context
Top file (2)
/srv/salt/top.sls
base:
'*':
- common
'role:webserver':
- match: grain
- apache
SLS files
/srv/salt/common.sls
basepkgs:
pkg.install:
- pkgs:
- vim
- less
- debsums
SLS files (continued)
/srv/salt/apache/init.sls
apache2:
- pkg.installed
- service.running:
- require:
- pkg: apache2
- watch:
{% for vhost in pillar['vhosts'] %}
- file: /etc/apache2/sites-available/{{ vhost }}
{% endfor %}
Other nice things
● Integration with cloud and virtualization APIs with salt-cloud and salt-virt
● Provisioning, pre-approval of minion keys● Automatic highstate on boot or on a schedule
