Getting Started with Salt Stack-the Other Configuration Management System Built with Python

Configuration Management

If you haven't used any type of configuration management system before, here is a simple example. Say you have a set of configurations and packages that you generally install for every Web server. You can keep these configuration directives in small text files and then instruct your servers to install these packages and configure them to your liking, every time you create a new server. You also can use configuration management to keep all of your servers updated once they have been created and respond to changes in packaging or new configurations.

Let's install the libpam-cracklib package, so you can add additional requirements for user passwords. I chose this package because it is useful for almost any server connected to the Internet. It allows you to set additional password requirements regarding length, and it requires that your users' passwords contain special characters or numerals. You easily could substitute any particular package you want. These examples do require that the package be available in your system's package manager though.

Storage of the Configuration Directives

Salt's configuration management directives and files are, by default, kept within the /srv/salt directory. This is where all your configuration files and any files you want to copy to any of your minions reside. Salt also includes a file server system as part of the configuration management features. Salt doesn't touch your master's system files though, so don't worry; all configuration management takes place within the /srv/salt directory.

Salt, by default, uses PyYAML (http://pyyaml.org) syntax for its template files, but numerous other templating languages are available as well. Be sure to follow the proper formatting techniques for YAML, which involves two spaces instead of tabs. I have found the on-line YAML parser (http://yaml-online-parser.appspot.com) to be invaluable when troubleshooting syntax issues with YAML files.

Enable Configuration Management

To enable the configuration management functionality within Salt, you need to edit your master configuration file once again. In /etc/salt, open your master file and locate the lines that refer to file_roots. In the default configuration, this was around line 156. Now, uncomment this directive by removing the # from the following lines:


file_roots:
  base:
    - /srv/salt

This tells Salt where to locate your configuration management files. Depending on how you installed Salt, you may need to create the /srv/salt directory.

Create a Top File or "Roadmap"

The base configuration file is known as a Top File, and it resides within the /srv/salt directory. Let's create one now. This file provides mappings for other files and can be used to set a base configuration for all servers. Again, with your favorite text editor, create a top.sls file within the /srv/salt directory. You can think of this file as a roadmap for different directions for each minion. Within your top.sls file, add the following lines:


base:
  '*'
    - servers

The base directive lets Salt know that this configuration is a base configuration and can be applied to all machines. The wild-card '*' targets every machine. The - servers directive is an arbitrary name that allows you to recognize what the directive pertains to. Feel free to choose something that makes sense to you. This entry also refers to a particular configuration file that you will now create to install the libpam-cracklib.

Create a Server-Specific Configuration File

After you save your top.sls file, create a new file called servers.sls within the /srv/salt directory. This file will hold your specific configuration, including the name of the package to be installed and also a reference to a configuration file. In the new servers.sls file, add the following:


libpam-cracklib:
  pkg:
    - installed

The first line is the name of the package specifically how your package manager refers to it. For example, the Apache HTTP server is called apache2 in aptitude-based package manager distributions, but httpd in yum-based package management systems. Make sure you use the proper name for the package depending on which package manager you are using. You can target specific package names using what Salt refers to as grains. Refer to the documentation for more information and advanced examples of using grains in SLS files to target distribution-specific systems (http://salt.readthedocs.org/en/latest/topics/tutorials/states_pt3.html#using-grains-in-sls-modules).

Lines 2 and 3 tell Salt what to do with this package. For this example, you want it installed. To remove a package, you simply would change - installed to - removed. Remember, spacing is very important! On line two, there are two spaces before pkg:, and on the third line, there are four spaces before - installed. If you receive any errors, check your syntax via an on-line YAML parser.

______________________

Ben Hosmer is a DEVOP with RadiantBlue Technologies where he develops and maintains Drupal sites and administers various servers. He is an open-source advocate and helps spread the use of Linux and other open-source software within the US government.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Phyton or Java?

Lula's picture

Phyton is a good language for development.And Java? Is better? cheats

Reply to comment | Linux Journal

vacation package disney hawaii's picture

Itѕ liκе уou rеаd my mіnd!
You aрpеar to know ѕo much about this, lіke you ωrоte the boοk
in іt oг somethіng. I thіnκ that you
сould do ωіth a few pics to ԁrіve
the message hοmе a littlе bit, but οthег than that, thiѕ is еxcеllеnt blog.
A greаt reаd. I'll certainly be back.

How would you deploy multiple

CK's picture

How would you deploy multiple folders, say your application files. can we use something http://www.hairwigs.de/ like RSYNC ? I know Puppet has such a module. Salt also has a CI module in Github. Would anyone know more ?

Perücken

Anonymous's picture

Ok, but...

Lula's picture

Phyton is a good language for development. cheats

I have read this marvelous

archeagegolds.net's picture

I have read this marvelous post. Thanks for sharing information about it. Thank you for giving me another point of view on this topic. Now I can easily complete my article
Archeage Gold | ffxiv gil

It sounds perfect for my

www.buyepc4u.com's picture

It sounds perfect for my goals,
Thanks & Regards
James

Reply to comment | Linux Journal

plaje vacanta's picture

Do you mind if I quote a few of your posts as long as I provide credit
and sources back to your webpage? My website is in the exact same niche as yours and my
visitors would certainly benefit from a lot of the information you present
here. Please let me know if this alright with you.
Cheers!

Very useful

Tom Walker's picture

I am a beginner and this was a great intro to Salt.

I found the article via this article on deploying Django with Salt:
http://www.barrymorrison.com/2013/Mar/11/deploying-django-with-salt-stack/

Watching a Project Folder

Anonymous's picture

How would you deploy multiple folders, say your application files. can we use something like RSYNC ? I know Puppet has such a module. Salt also has a CI module in Github. Would anyone know more ?

Critical typo

Joshua Dotson's picture

Hi. I fairly certain that I found a typo in the top.sls example. The second line should end with a colon.

base:
'*':
- servers

Thanks,
Joshua
Founder, Wrale Ltd

agreed.

Dog Crate Lover's picture

Yup Joshua,

I see that too... but it seems a bit blatant..

A minor error in your first page...

Anonymous's picture

I don't believe you meant to say: "Note: I use the terms Salt and Salt interchangeably throughout this article"

A dive into Salt Stack

Joel Jacobson's picture

Doubts related to remote server configuration using Salt

Karlos.Vanger's picture

Hello,

You've mentioned that system package manager should be available with the package that we are trying to install. Is there any way to perform tasks like source compiling as we do while accessing the machine remotely via SSH. And thank you very much for the fantastic Blog.

Thanks,
Karthik

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState