Getting Started with Salt

Peter Baumgartner (Founder of Lincoln Loop)

What is SaltStack?

• Configuration management
• remote execution:w
  • deploy
  • one-off scripts
  • monitoring

Why SaltStack?

• Familiar tools: Python, YAML, Jinja2
• No new DSL or language to learn
• Great docs (> 800 pages)
• Responsive on IRC and GitHub
• Backed by for-profit org

Why might you not choose SaltStack?

• Young Project
• Moves fast
• Not SSH (support is "alpha")

Vocab

• master: controls everything
• minion: server controlled by a master
• (sub)state: declarative representation of system state
• grain: static piece of information about a minion
• pillar: variables for one or more minions
• top file: matches states or pillars to minions
• highstate: all the state data for a minion

Installation

• binaries for most distros
• pip install
• http://bootstrap.saltstack.org

Example

Install and setup

    # apt-get install salt-master  # can also run master-less
    # apt-get install salt-minion
    # echo "salt 10.10.1.1" >> /etc/hosts
    # salt-key -a minion.lincolnloop.com  # accept the minion key on the minion

Write a state

• /srv/salt/mystate.sls:

    nginx:
      pkg.installed

Write a top file

• /srv/salt/top.sls

    base:
      myserver:
        - mystate

Highstate

    # salt 'myserver' state.highstate
    # salt-call state.highstate

States

• user, ssh_auth, pip, etc.
• lots built-in

Pillars

• accessible from jinja templates, as are grains, woo!

Other things to look up

• Salt-cloud
  • talk to AWS, Rackspace, etc.
• Custom modules
• Scheduler
  • like cron; good for system monitoring
• Renderers
• Returners
  • return output to email instead of console, for example
  • graphite, sentry, syslog, etc.
• Reactor
  • hook into events in communication bus

Tips and Tricks

• default output is very verbose; set output_mode: mixed
• Jinja2 is powerful, but don't go nuts
• update often and review the change log
• tst before you deploy; make friends with Vagrant or Docker