Sides accompanying the tale of using saltcheck from the salt project to validate OS, app deployment, users, AWS resources, and more for multiple hadoop clusters.
4. Saltstack Architecture
Saltstack is a remote execution client/server system which also does configuration
management.
Primary usage is to install a minion agent on infrastructure, and connect them all to a central
saltmaster which issues commands.
Saltmaster
Minion 1
Minion 2
5. Saltstack Architecture
Proxy minions can be used to connect to infrastructure which does not allow agent installations (network
switches)
Saltmaster
Minion 1
Proxy
minion 1
Switch 1
(As an alternative to the minion install, you can also connect to hosts from the master over ssh. You can also
run without a master and just use the schedule the minion to run on its own to control the host
configuration)
6. Saltstack Architecture
Salt-minion has a very modular codebase:
● Execution Modules (531) - Contain functionality to list, add, modify, etc things.
Generally used through the command line and internally by salt states.
● State modules - Host logic to control idempotency. Manages state logic and leverages
execution module functionality
● Render modules - Write state instructions in (default) yaml/jinja, but also allows full
python if desired
● Auth, pillar (external data sources), grains (variables on minion), engines, output, etc
8. Saltcheck
Validates output of salt execution modules
Uses salt rendering system, allowing for use of jina/yaml, grains, pillars, secrets, etc
Since saltcheck is itself a salt execution module, it can be targeted an run like any other salt
function.
9. Saltcheck
Salt execution module: salt ‘*’ saltcheck.run_highstate_tests
package_latest:
module_and_function: pkg.upgrade_available
args:
- apache2
assertion: assertFalse
{% for package in ["apache2", "openssh"] %}
test_{{ package }}_latest:
module_and_function: pkg.upgrade_available
args:
- {{ package }}
assertion: assertFalse
{% endfor %}
10. Problem description
Validation of large hadoop clusters
● Code deploy
● Config file
● User management
● AWS environment
● Data state
● Network connectivity
16. Tool Summary
Saltcheck is able to use Salt’s remote execution capabilities and modules to talk to a wide
variety of infrastructure. All while utilizing the same familiar markup, and data backends.
For teams using Salt, saltcheck allows for knowledge reuse and shareable patterns
17. Tool Sprawl
Teams have limited resources and capacity for yet another thing
IT trends toward specialization, be aware of the load put on your teams