SlideShare a Scribd company logo

Salt at school

Flavio Castelli
Flavio Castelli

How we migrated the labs of two Italian schools from Windows XP to Linux.

Software
1 of 39
Download to read offline
Salt at school by Flavio Castelli & Silvio Moioli
Agenda • Motivation • Requirements & current status • Deployment process • Salt primer • Benefits • Salt’s Good, Bad and Ugly
Motivation • Windows XP EOL ⇒ machine EOL • Lots of machines need replacement • Public school has budget problems! • Linux is the (only) way out
Requirements • Edubuntu • Additional educational open source software • Must run on available hardware
Requirements • Two schools’ labs: • Torre Boldone, Flavio’s hometown, 30+ PCs • Mozzo, Silvio’s hometown, 15+ PCs • Scarce manpower: Flavio, Silvio and two others (unexperienced and in Torre Boldone only)
Current status • Mozzo: 13 clients and 1 server migrated, in use • Torre Boldone: 15 clients migrated, 15 to come
Deployment process • Server: copy of a VM on a host • Clients: • Stage 1: PXE boot and base installation • Stage 2: proper configuration with Salt
Stage 1 (installer) • Setup storage: disk wiping and partitioning • Creation of unique and persistent hostname • Minimal package installation: text only, sshd, salt-minion
Stage 2 (Salt) • Turn Ubuntu into Edubuntu • Install additional software • Apply ad hoc configurations: • reconfigure repo mirror (to local server) • use lightdm/GNOME 2 as default WM • user account creation, automatic login • ntp client
DHCP TFTP HTTP ØMQ BIOS DISCOVER DHCP server dnsmasq BIOS OFFER (IP, DNS, TFTP server name) DHCP server dnsmasq BIOS RRQ TFTP server dnsmasq BIOS DATA (image ⊃ kernel options ⊃ kickstart and preseed URL) TFTP server dnsmasq salt-minion daemon hostname, salt key salt-master deamon salt-minion daemon salt commands salt-master deamon salt-minion daemon salt grains salt-master deamon Installer kickstart, preseed, package requests/responses HTTP server Apache httpd kickstart post-install script HTTP request (I am be:ef:ba:be: 00:01) mac2address Go app kickstart post-install script HTTP response (I baptize you lab12) mac2address Go app
DHCP TFTP BIOS DISCOVER DHCP server dnsmasq BIOS OFFER (IP, DNS, TFTP server name) DHCP server dnsmasq BIOS RRQ TFTP server dnsmasq BIOS DATA (image ⊃ kernel options ⊃ kickstart and preseed URL) TFTP server dnsmasq
TFTP HTTP BIOS DATA (image ⊃ kernel options ⊃ kickstart and preseed URL) TFTP server dnsmasq salt-minion daemon hostname, salt key salt-master deamon Installer kickstart, preseed, package requests/responses HTTP server Apache httpd kickstart post-install script HTTP request (I am be:ef:ba:be: 00:01) mac2address Go app kickstart post-install script HTTP response (I baptize you lab12) mac2address Go app
HTTP ØMQ salt-minion daemon hostname, salt key salt-master deamon salt-minion daemon salt commands salt-master deamon salt-minion daemon salt grains salt-master deamon HTTP request (I am be:ef:ba:be: 00:01) Go app kickstart post-install script HTTP response (I baptize you lab12) mac2address Go app
Server: nontrivial! • dnsmasq, tftpd, ntpd, sshd, httpd, mac2hostname! • APT package mirror • Salt master • …also self-managed with Salt!
Salt primer RAET (master) (message bus) (minions)
Salt primer • salt-master and salt-minon are daemons written in Python • ØMQ is written in C++ with bindings • Salt implements strong crypto and authentication on top of ØMQ
Salt State (SLS) Modules • Represent a state in which a system should be in • Composed by State Declarations • Text files ending with sls extension • YAML files • Templates (default Jinja2, others available) • Pure Python code
State Declarations • Define of “how an aspect of a minion should be” • Implemented as calls to State Functions • Every Declaration has an ID
State Functions • Code that can bring a minion to a specific state • Examples: pkg.installed, service.running, file.managed… • Grouped into modules • A library of modules is available
File example lightdm_custom_conf_file: # ID! file: # State Module name! - managed # State Function name! - source: salt://lightdm/lightdm.conf! - name: /etc/lightdm/lightdm.conf.d/ic_torre_boldone.conf! - user: root! - group: root! - mode: 644! - require:! - file: lightdm_custom_conf_dir!
Service example lightdm:! pkg:! - installed! service:! - running! - enable: True! - watch:! - file: lightdm_custom_conf_file! - require:! - pkg: lightdm!
top.sls • special State Module that assigns other State Modules to minions • can be used to define environments • Minions can be matched using: • Regular expressions • Compound matches: grains, subnet/IP, range cluster • Boolean operators available
top.sls base:! 'lab*':! - lightdm! - software! - ntpdate! - users! 'school-server*':! - apache! - apt-mirror! - dnsmasq! …
High State • special State compiled by Salt by applying all relevant State Modules • Force minions to high state: sudo salt state.highstate lab*
Data in Salt • Salt Grains: information from minions • Salt Pillars: user-defined data • can be YAML or templates • has ACLs, eg. for credentials • Plain file serving
Templated definition with Pillar Example {% for symlink_id in pillar.get('symlinks', {}).keys() %}! {{symlink_id}}_apache_link:! file.symlink:! - name: {{pillar.get('symlinks')[symlink_id]['name']}}! - target: {{pillar.get('symlinks')[symlink_id]['target']}}! - force: True! - require:! - pkg: apache! {% endfor %}
Templated definition with Pillar Example extra_apache_link:! file.symlink:! - name: /var/www/html/extras! - target: /var/spool/…/ubuntu/! - force: True! - require:! - pkg: apache
Accessing ØMQ directly • We want to power off machines at the end of Stage 2 • Not easy to express declaratively • More of a “one time command”
Accessing ØMQ directly • Solution: • Subscribe to ØMQ • Look for "highstate successfully completed" announcements • Send a "shutdown yourself" message to the publisher
Accessing ØMQ directly • Easy to implement: • Official Salt Python module has full access to ØMQ • Salt messages are easy to understand • 76 LOC Python tool (with comments and formatting)
Benefits (schools) • No more licensing issues • Free updates for the next 4 years • No need for hardware changes
Benefits (admins) • Easy to replicate changes across PCs • Easy to enforce a desired state • Easy to reinstall a PC from scratch • GitHub-based configuration!
Future work • Automatically accept all minion keys • Automatically force the High State on new minions • Look into testing frameworks • …solve “production” issues!
The Good • Simple architecture: Python almost everywhere • Easy to setup both on the master and on the minion • Can trigger execution of system commands on the minion • ØMQ can be used to extend it • Good docs and source code
The Bad • Still in its early days • Limited amount of existing modules • Limited feedback while executing states
The Ugly • No Ugly so far!
Resources • SaltStack project: http://www.saltstack.com/ • Official documentation: http://docs.saltstack.com/ • Our Salt files:https://github.com/ic-torre-boldone/salt
Questions?
Thanks for your attention!

Recommended

A user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsA user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsSaltStack
 
Spot Trading - A case study in continuous delivery for mission critical finan...
Spot Trading - A case study in continuous delivery for mission critical finan...Spot Trading - A case study in continuous delivery for mission critical finan...
Spot Trading - A case study in continuous delivery for mission critical finan...SaltStack
 
Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Stephen Benjamin
 
Deploying Foreman in Enterprise Environments
Deploying Foreman in Enterprise EnvironmentsDeploying Foreman in Enterprise Environments
Deploying Foreman in Enterprise Environmentsinovex GmbH
 
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStackSaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStackSaltStack
 
OpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooOpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooinovex GmbH
 
Foreman presentation
Foreman presentationForeman presentation
Foreman presentationGlen Ogilvie
 
[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at NuxeoNuxeo
 

Recommended

A user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsA user's perspective on SaltStack and other configuration management tools
A user's perspective on SaltStack and other configuration management toolsSaltStack
 
Spot Trading - A case study in continuous delivery for mission critical finan...
Spot Trading - A case study in continuous delivery for mission critical finan...Spot Trading - A case study in continuous delivery for mission critical finan...
Spot Trading - A case study in continuous delivery for mission critical finan...SaltStack
 
Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Foreman in Your Data Center :OSDC 2015
Foreman in Your Data Center :OSDC 2015Stephen Benjamin
 
Deploying Foreman in Enterprise Environments
Deploying Foreman in Enterprise EnvironmentsDeploying Foreman in Enterprise Environments
Deploying Foreman in Enterprise Environmentsinovex GmbH
 
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStackSaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStack
SaltConf14 - Oz Akan, Rackspace - Deploying OpenStack Marconi with SaltStackSaltStack
 
OpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooOpenNebula, the foreman and CentOS play nice, too
OpenNebula, the foreman and CentOS play nice, tooinovex GmbH
 
Foreman presentation
Foreman presentationForeman presentation
Foreman presentationGlen Ogilvie
 
[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at Nuxeo[NYC Meetup] Docker at Nuxeo
[NYC Meetup] Docker at NuxeoNuxeo
 
The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016effie mouzeli
 
PXEless Discovery with Foreman
PXEless Discovery with ForemanPXEless Discovery with Foreman
PXEless Discovery with ForemanStephen Benjamin
 
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...OpenStack Korea Community
 
Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Chris Tankersley
 
Getting modern with my sql
Getting modern with my sqlGetting modern with my sql
Getting modern with my sqlJakob Lorberblatt
 
Linux host orchestration with Foreman, Puppet and Gitlab
Linux host orchestration with Foreman, Puppet and GitlabLinux host orchestration with Foreman, Puppet and Gitlab
Linux host orchestration with Foreman, Puppet and GitlabBen Tullis
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...SaltStack
 
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltStack
 
London devops logging
London devops loggingLondon devops logging
London devops loggingTomas Doran
 
Configuration and lifecycle in Mixed environments
Configuration and lifecycle in Mixed environmentsConfiguration and lifecycle in Mixed environments
Configuration and lifecycle in Mixed environmentsDmitry Kireev
 
Balázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a TunnelBalázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a Tunnelhacktivity
 
Fluentd at HKOScon
Fluentd at HKOSconFluentd at HKOScon
Fluentd at HKOSconN Masahiro
 
Rex - Lightning Talk yapc.eu 2013
Rex - Lightning Talk yapc.eu 2013Rex - Lightning Talk yapc.eu 2013
Rex - Lightning Talk yapc.eu 2013Jan Gehring
 
Performance optimization 101 - Erlang Factory SF 2014
Performance optimization 101 - Erlang Factory SF 2014Performance optimization 101 - Erlang Factory SF 2014
Performance optimization 101 - Erlang Factory SF 2014lpgauth
 
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Chris Tankersley
 
Configuration management and orchestration with Salt
Configuration management and orchestration with SaltConfiguration management and orchestration with Salt
Configuration management and orchestration with SaltAnirban Saha
 
SaltStack Integration with Foreman (2016)
SaltStack Integration with Foreman (2016)SaltStack Integration with Foreman (2016)
SaltStack Integration with Foreman (2016)Stephen Benjamin
 
FBTFTP: an opensource framework to build dynamic tftp servers
FBTFTP: an opensource framework to build dynamic tftp serversFBTFTP: an opensource framework to build dynamic tftp servers
FBTFTP: an opensource framework to build dynamic tftp serversAngelo Failla
 
Zero mq logs
Zero mq logsZero mq logs
Zero mq logsTomas Doran
 
Continuous Deployment with Jenkins and Salt
Continuous Deployment with Jenkins and SaltContinuous Deployment with Jenkins and Salt
Continuous Deployment with Jenkins and SaltAnirban Saha
 
KDE4 ld2007
KDE4 ld2007KDE4 ld2007
KDE4 ld2007Flavio Castelli
 
Memcached
MemcachedMemcached
MemcachedFlavio Castelli
 

More Related Content

What's hot

The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016effie mouzeli
 
PXEless Discovery with Foreman
PXEless Discovery with ForemanPXEless Discovery with Foreman
PXEless Discovery with ForemanStephen Benjamin
 
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...OpenStack Korea Community
 
Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Chris Tankersley
 
Linux host orchestration with Foreman, Puppet and Gitlab
Linux host orchestration with Foreman, Puppet and GitlabLinux host orchestration with Foreman, Puppet and Gitlab
Linux host orchestration with Foreman, Puppet and GitlabBen Tullis
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...SaltStack
 
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltStack
 
London devops logging
London devops loggingLondon devops logging
London devops loggingTomas Doran
 
Configuration and lifecycle in Mixed environments
Configuration and lifecycle in Mixed environmentsConfiguration and lifecycle in Mixed environments
Configuration and lifecycle in Mixed environmentsDmitry Kireev
 
Balázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a TunnelBalázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a Tunnelhacktivity
 
Fluentd at HKOScon
Fluentd at HKOSconFluentd at HKOScon
Fluentd at HKOSconN Masahiro
 
Rex - Lightning Talk yapc.eu 2013
Rex - Lightning Talk yapc.eu 2013Rex - Lightning Talk yapc.eu 2013
Rex - Lightning Talk yapc.eu 2013Jan Gehring
 
Performance optimization 101 - Erlang Factory SF 2014
Performance optimization 101 - Erlang Factory SF 2014Performance optimization 101 - Erlang Factory SF 2014
Performance optimization 101 - Erlang Factory SF 2014lpgauth
 
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Chris Tankersley
 
Configuration management and orchestration with Salt
Configuration management and orchestration with SaltConfiguration management and orchestration with Salt
Configuration management and orchestration with SaltAnirban Saha
 
SaltStack Integration with Foreman (2016)
SaltStack Integration with Foreman (2016)SaltStack Integration with Foreman (2016)
SaltStack Integration with Foreman (2016)Stephen Benjamin
 
FBTFTP: an opensource framework to build dynamic tftp servers
FBTFTP: an opensource framework to build dynamic tftp serversFBTFTP: an opensource framework to build dynamic tftp servers
FBTFTP: an opensource framework to build dynamic tftp serversAngelo Failla
 
Continuous Deployment with Jenkins and Salt
Continuous Deployment with Jenkins and SaltContinuous Deployment with Jenkins and Salt
Continuous Deployment with Jenkins and SaltAnirban Saha
 

What's hot (20)

The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016The SaltStack Pub Crawl - Fosscomm 2016
The SaltStack Pub Crawl - Fosscomm 2016
 
PXEless Discovery with Foreman
PXEless Discovery with ForemanPXEless Discovery with Foreman
PXEless Discovery with Foreman
 
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
[2018.10.19] Andrew Kong - Tunnel without tunnel (Seminar at OpenStack Korea ...
 
Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015Your Inner Sysadmin - MidwestPHP 2015
Your Inner Sysadmin - MidwestPHP 2015
 
Getting modern with my sql
Getting modern with my sqlGetting modern with my sql
Getting modern with my sql
 
Linux host orchestration with Foreman, Puppet and Gitlab
Linux host orchestration with Foreman, Puppet and GitlabLinux host orchestration with Foreman, Puppet and Gitlab
Linux host orchestration with Foreman, Puppet and Gitlab
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
 
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
SaltConf14 - Matthew Williams, Flowroute - Salt Virt for Linux contatiners an...
 
London devops logging
London devops loggingLondon devops logging
London devops logging
 
Configuration and lifecycle in Mixed environments
Configuration and lifecycle in Mixed environmentsConfiguration and lifecycle in Mixed environments
Configuration and lifecycle in Mixed environments
 
Balázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a TunnelBalázs Bucsay - XFLTReaT: Building a Tunnel
Balázs Bucsay - XFLTReaT: Building a Tunnel
 
Fluentd at HKOScon
Fluentd at HKOSconFluentd at HKOScon
Fluentd at HKOScon
 
Rex - Lightning Talk yapc.eu 2013
Rex - Lightning Talk yapc.eu 2013Rex - Lightning Talk yapc.eu 2013
Rex - Lightning Talk yapc.eu 2013
 
Performance optimization 101 - Erlang Factory SF 2014
Performance optimization 101 - Erlang Factory SF 2014Performance optimization 101 - Erlang Factory SF 2014
Performance optimization 101 - Erlang Factory SF 2014
 
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
Your Inner Sysadmin - Tutorial (SunshinePHP 2015)
 
Configuration management and orchestration with Salt
Configuration management and orchestration with SaltConfiguration management and orchestration with Salt
Configuration management and orchestration with Salt
 
SaltStack Integration with Foreman (2016)
SaltStack Integration with Foreman (2016)SaltStack Integration with Foreman (2016)
SaltStack Integration with Foreman (2016)
 
FBTFTP: an opensource framework to build dynamic tftp servers
FBTFTP: an opensource framework to build dynamic tftp serversFBTFTP: an opensource framework to build dynamic tftp servers
FBTFTP: an opensource framework to build dynamic tftp servers
 
Zero mq logs
Zero mq logsZero mq logs
Zero mq logs
 
Continuous Deployment with Jenkins and Salt
Continuous Deployment with Jenkins and SaltContinuous Deployment with Jenkins and Salt
Continuous Deployment with Jenkins and Salt
 

Viewers also liked

Seminario crittografia-linux-day-2004
Seminario crittografia-linux-day-2004Seminario crittografia-linux-day-2004
Seminario crittografia-linux-day-2004Flavio Castelli
 
Real programmers use programming languages (Not shell scripts)
Real programmers use programming languages (Not shell scripts)Real programmers use programming languages (Not shell scripts)
Real programmers use programming languages (Not shell scripts)thedandan
 
Why zsh is Cooler than Your Shell
Why zsh is Cooler than Your ShellWhy zsh is Cooler than Your Shell
Why zsh is Cooler than Your Shellbrendon_jag
 
Why Zsh is Cooler than Your Shell
Why Zsh is Cooler than Your ShellWhy Zsh is Cooler than Your Shell
Why Zsh is Cooler than Your Shelljaguardesignstudio
 

Viewers also liked (8)

KDE4 ld2007
KDE4 ld2007KDE4 ld2007
KDE4 ld2007
 
Memcached
MemcachedMemcached
Memcached
 
Seminario crittografia-linux-day-2004
Seminario crittografia-linux-day-2004Seminario crittografia-linux-day-2004
Seminario crittografia-linux-day-2004
 
Linux console
Linux consoleLinux console
Linux console
 
The hacker choice
The hacker choiceThe hacker choice
The hacker choice
 
Real programmers use programming languages (Not shell scripts)
Real programmers use programming languages (Not shell scripts)Real programmers use programming languages (Not shell scripts)
Real programmers use programming languages (Not shell scripts)
 
Why zsh is Cooler than Your Shell
Why zsh is Cooler than Your ShellWhy zsh is Cooler than Your Shell
Why zsh is Cooler than Your Shell
 
Why Zsh is Cooler than Your Shell
Why Zsh is Cooler than Your ShellWhy Zsh is Cooler than Your Shell
Why Zsh is Cooler than Your Shell
 

Similar to Salt at school

Understanding salt modular sub-systems and customization
Understanding salt modular sub-systems and customizationUnderstanding salt modular sub-systems and customization
Understanding salt modular sub-systems and customizationjasondenning
 
Tuenti Release Workflow
Tuenti Release WorkflowTuenti Release Workflow
Tuenti Release WorkflowTuenti
 
SCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackSCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackMatt Ray
 
Tuenti Release Workflow v1.1
Tuenti Release Workflow v1.1Tuenti Release Workflow v1.1
Tuenti Release Workflow v1.1Tuenti
 
Salt conf15 presentation-william-cannon
Salt conf15 presentation-william-cannonSalt conf15 presentation-william-cannon
Salt conf15 presentation-william-cannonWilliam Cannon
 
Infrastructure modeling with chef
Infrastructure modeling with chefInfrastructure modeling with chef
Infrastructure modeling with chefCharles Johnson
 
John adams talk cloudy
John adams talk cloudyJohn adams talk cloudy
John adams talk cloudyJohn Adams
 
Using MAMP for Web Development
Using MAMP for Web DevelopmentUsing MAMP for Web Development
Using MAMP for Web DevelopmentEric Greene
 
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014Miguel Zuniga
 
Crash reports pycodeconf
Crash reports pycodeconfCrash reports pycodeconf
Crash reports pycodeconflauraxthomson
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)p3castro
 
Running CentOS on the Facebook fleet
Running CentOS on the Facebook fleetRunning CentOS on the Facebook fleet
Running CentOS on the Facebook fleetDavide Cavalca
 
Apache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling UpApache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling UpSander Temme
 
DCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing Environment
DCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing EnvironmentDCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing Environment
DCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing EnvironmentDocker, Inc.
 
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesApril, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesHoward Greenberg
 
CNIT 152 10 Enterprise Service
CNIT 152 10 Enterprise ServiceCNIT 152 10 Enterprise Service
CNIT 152 10 Enterprise ServiceSam Bowne
 
IBM Connections administration – keep your systems running the right way
IBM Connections administration – keep your systems running the right wayIBM Connections administration – keep your systems running the right way
IBM Connections administration – keep your systems running the right wayLetsConnect
 
Deploying to Ubuntu on Linode
Deploying to Ubuntu on LinodeDeploying to Ubuntu on Linode
Deploying to Ubuntu on LinodeWO Community
 
Introduction to SaltStack
Introduction to SaltStackIntroduction to SaltStack
Introduction to SaltStackAymen EL Amri
 

Similar to Salt at school (20)

Understanding salt modular sub-systems and customization
Understanding salt modular sub-systems and customizationUnderstanding salt modular sub-systems and customization
Understanding salt modular sub-systems and customization
 
Tuenti Release Workflow
Tuenti Release WorkflowTuenti Release Workflow
Tuenti Release Workflow
 
SCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStackSCALE12X: Chef for OpenStack
SCALE12X: Chef for OpenStack
 
Tuenti Release Workflow v1.1
Tuenti Release Workflow v1.1Tuenti Release Workflow v1.1
Tuenti Release Workflow v1.1
 
Salt conf15 presentation-william-cannon
Salt conf15 presentation-william-cannonSalt conf15 presentation-william-cannon
Salt conf15 presentation-william-cannon
 
Infrastructure modeling with chef
Infrastructure modeling with chefInfrastructure modeling with chef
Infrastructure modeling with chef
 
John adams talk cloudy
John adams talk cloudyJohn adams talk cloudy
John adams talk cloudy
 
Using MAMP for Web Development
Using MAMP for Web DevelopmentUsing MAMP for Web Development
Using MAMP for Web Development
 
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
Configuration Management in the Cloud - Cloud Phoenix Meetup Feb 2014
 
Crash reports pycodeconf
Crash reports pycodeconfCrash reports pycodeconf
Crash reports pycodeconf
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)
 
Running CentOS on the Facebook fleet
Running CentOS on the Facebook fleetRunning CentOS on the Facebook fleet
Running CentOS on the Facebook fleet
 
Apache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling UpApache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling Up
 
DCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing Environment
DCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing EnvironmentDCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing Environment
DCSF19 Transforming a 15+ Year Old Semiconductor Manufacturing Environment
 
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best PracticesApril, 2021 OpenNTF Webinar - Domino Administration Best Practices
April, 2021 OpenNTF Webinar - Domino Administration Best Practices
 
CNIT 152 10 Enterprise Service
CNIT 152 10 Enterprise ServiceCNIT 152 10 Enterprise Service
CNIT 152 10 Enterprise Service
 
How we use Twisted in Launchpad
How we use Twisted in LaunchpadHow we use Twisted in Launchpad
How we use Twisted in Launchpad
 
IBM Connections administration – keep your systems running the right way
IBM Connections administration – keep your systems running the right wayIBM Connections administration – keep your systems running the right way
IBM Connections administration – keep your systems running the right way
 
Deploying to Ubuntu on Linode
Deploying to Ubuntu on LinodeDeploying to Ubuntu on Linode
Deploying to Ubuntu on Linode
 
Introduction to SaltStack
Introduction to SaltStackIntroduction to SaltStack
Introduction to SaltStack
 

Recently uploaded

Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Best Web Development Agency- Idiosys USA.pdf
Best Web Development Agency- Idiosys USA.pdfBest Web Development Agency- Idiosys USA.pdf
Best Web Development Agency- Idiosys USA.pdfIdiosysTechnologies1
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odishasmiwainfosol
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationvaddepallysandeep122
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfLivetecs LLC
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...OnePlan Solutions
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noidabntitsolutionsrishis
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 

Recently uploaded (20)

Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Best Web Development Agency- Idiosys USA.pdf
Best Web Development Agency- Idiosys USA.pdfBest Web Development Agency- Idiosys USA.pdf
Best Web Development Agency- Idiosys USA.pdf
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company OdishaBalasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentation
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 

Salt at school

  • 1. Salt at school by Flavio Castelli & Silvio Moioli
  • 2. Agenda • Motivation • Requirements & current status • Deployment process • Salt primer • Benefits • Salt’s Good, Bad and Ugly
  • 3. Motivation • Windows XP EOL ⇒ machine EOL • Lots of machines need replacement • Public school has budget problems! • Linux is the (only) way out
  • 4. Requirements • Edubuntu • Additional educational open source software • Must run on available hardware
  • 5. Requirements • Two schools’ labs: • Torre Boldone, Flavio’s hometown, 30+ PCs • Mozzo, Silvio’s hometown, 15+ PCs • Scarce manpower: Flavio, Silvio and two others (unexperienced and in Torre Boldone only)
  • 6. Current status • Mozzo: 13 clients and 1 server migrated, in use • Torre Boldone: 15 clients migrated, 15 to come
  • 7. Deployment process • Server: copy of a VM on a host • Clients: • Stage 1: PXE boot and base installation • Stage 2: proper configuration with Salt
  • 8. Stage 1 (installer) • Setup storage: disk wiping and partitioning • Creation of unique and persistent hostname • Minimal package installation: text only, sshd, salt-minion
  • 9. Stage 2 (Salt) • Turn Ubuntu into Edubuntu • Install additional software • Apply ad hoc configurations: • reconfigure repo mirror (to local server) • use lightdm/GNOME 2 as default WM • user account creation, automatic login • ntp client
  • 10. DHCP TFTP HTTP ØMQ BIOS DISCOVER DHCP server dnsmasq BIOS OFFER (IP, DNS, TFTP server name) DHCP server dnsmasq BIOS RRQ TFTP server dnsmasq BIOS DATA (image ⊃ kernel options ⊃ kickstart and preseed URL) TFTP server dnsmasq salt-minion daemon hostname, salt key salt-master deamon salt-minion daemon salt commands salt-master deamon salt-minion daemon salt grains salt-master deamon Installer kickstart, preseed, package requests/responses HTTP server Apache httpd kickstart post-install script HTTP request (I am be:ef:ba:be: 00:01) mac2address Go app kickstart post-install script HTTP response (I baptize you lab12) mac2address Go app
  • 11. DHCP TFTP BIOS DISCOVER DHCP server dnsmasq BIOS OFFER (IP, DNS, TFTP server name) DHCP server dnsmasq BIOS RRQ TFTP server dnsmasq BIOS DATA (image ⊃ kernel options ⊃ kickstart and preseed URL) TFTP server dnsmasq
  • 12. TFTP HTTP BIOS DATA (image ⊃ kernel options ⊃ kickstart and preseed URL) TFTP server dnsmasq salt-minion daemon hostname, salt key salt-master deamon Installer kickstart, preseed, package requests/responses HTTP server Apache httpd kickstart post-install script HTTP request (I am be:ef:ba:be: 00:01) mac2address Go app kickstart post-install script HTTP response (I baptize you lab12) mac2address Go app
  • 13. HTTP ØMQ salt-minion daemon hostname, salt key salt-master deamon salt-minion daemon salt commands salt-master deamon salt-minion daemon salt grains salt-master deamon HTTP request (I am be:ef:ba:be: 00:01) Go app kickstart post-install script HTTP response (I baptize you lab12) mac2address Go app
  • 14. Server: nontrivial! • dnsmasq, tftpd, ntpd, sshd, httpd, mac2hostname! • APT package mirror • Salt master • …also self-managed with Salt!
  • 15. Salt primer RAET (master) (message bus) (minions)
  • 16. Salt primer • salt-master and salt-minon are daemons written in Python • ØMQ is written in C++ with bindings • Salt implements strong crypto and authentication on top of ØMQ
  • 17. Salt State (SLS) Modules • Represent a state in which a system should be in • Composed by State Declarations • Text files ending with sls extension • YAML files • Templates (default Jinja2, others available) • Pure Python code
  • 18. State Declarations • Define of “how an aspect of a minion should be” • Implemented as calls to State Functions • Every Declaration has an ID
  • 19. State Functions • Code that can bring a minion to a specific state • Examples: pkg.installed, service.running, file.managed… • Grouped into modules • A library of modules is available
  • 20. File example lightdm_custom_conf_file: # ID! file: # State Module name! - managed # State Function name! - source: salt://lightdm/lightdm.conf! - name: /etc/lightdm/lightdm.conf.d/ic_torre_boldone.conf! - user: root! - group: root! - mode: 644! - require:! - file: lightdm_custom_conf_dir!
  • 21. Service example lightdm:! pkg:! - installed! service:! - running! - enable: True! - watch:! - file: lightdm_custom_conf_file! - require:! - pkg: lightdm!
  • 22. top.sls • special State Module that assigns other State Modules to minions • can be used to define environments • Minions can be matched using: • Regular expressions • Compound matches: grains, subnet/IP, range cluster • Boolean operators available
  • 23. top.sls base:! 'lab*':! - lightdm! - software! - ntpdate! - users! 'school-server*':! - apache! - apt-mirror! - dnsmasq! …
  • 24. High State • special State compiled by Salt by applying all relevant State Modules • Force minions to high state: sudo salt state.highstate lab*
  • 25. Data in Salt • Salt Grains: information from minions • Salt Pillars: user-defined data • can be YAML or templates • has ACLs, eg. for credentials • Plain file serving
  • 26. Templated definition with Pillar Example {% for symlink_id in pillar.get('symlinks', {}).keys() %}! {{symlink_id}}_apache_link:! file.symlink:! - name: {{pillar.get('symlinks')[symlink_id]['name']}}! - target: {{pillar.get('symlinks')[symlink_id]['target']}}! - force: True! - require:! - pkg: apache! {% endfor %}
  • 27. Templated definition with Pillar Example extra_apache_link:! file.symlink:! - name: /var/www/html/extras! - target: /var/spool/…/ubuntu/! - force: True! - require:! - pkg: apache
  • 28. Accessing ØMQ directly • We want to power off machines at the end of Stage 2 • Not easy to express declaratively • More of a “one time command”
  • 29. Accessing ØMQ directly • Solution: • Subscribe to ØMQ • Look for "highstate successfully completed" announcements • Send a "shutdown yourself" message to the publisher
  • 30. Accessing ØMQ directly • Easy to implement: • Official Salt Python module has full access to ØMQ • Salt messages are easy to understand • 76 LOC Python tool (with comments and formatting)
  • 31. Benefits (schools) • No more licensing issues • Free updates for the next 4 years • No need for hardware changes
  • 32. Benefits (admins) • Easy to replicate changes across PCs • Easy to enforce a desired state • Easy to reinstall a PC from scratch • GitHub-based configuration!
  • 33. Future work • Automatically accept all minion keys • Automatically force the High State on new minions • Look into testing frameworks • …solve “production” issues!
  • 34. The Good • Simple architecture: Python almost everywhere • Easy to setup both on the master and on the minion • Can trigger execution of system commands on the minion • ØMQ can be used to extend it • Good docs and source code
  • 35. The Bad • Still in its early days • Limited amount of existing modules • Limited feedback while executing states
  • 36. The Ugly • No Ugly so far!
  • 37. Resources • SaltStack project: http://www.saltstack.com/ • Official documentation: http://docs.saltstack.com/ • Our Salt files:https://github.com/ic-torre-boldone/salt
  • 39. Thanks for your attention!