Uploaded bycroldham
PDF, PPTX1,707 views

OpenWest 2014-05-10 Where's the Waldo, SaltStack Proxy Minions

The document discusses SaltStack, a tool for unified system control that enables remote execution and management of both traditional and 'dumb' devices. It explains the concept of proxy minions, which allow control of devices that cannot run the standard salt-minion process due to resource constraints. Additionally, it highlights Salt's scalability, its use cases across various infrastructures, and the advantages of its persistent connection model.

Embed presentation

Download as PDF, PPTX
Managing network gear and "dumb" devices using SaltStack Proxy Minions1 C. R. Oldham Platform Engineer SaltStack Where's (the) Waldo?
Self-aggrandizement • North Central Association, Director of IT • Marvell Semiconductor, Compute Environment Manager • HopeKids, Executive Director • SaltStack, Platform Engineer
 • Keyboard + Monitor Give it to C. R. 2 ➮
What is Salt? • Salt is more than just configuration management, it makes up a unified system control platform. • Complete infrastructure control • A foundation API for communication • Remote execution, job management, state discovery • Control and view all aspects from one source, one medium • Salt is Simplicity • Salt is designed to be simple • Easy to set up, use, understand, and extend • Diving in is the right way to learn 3
Founded on Remote Execution • The foundation of Salt is remote execution. Salt's unique remote execution system enables extremely fast and reliable remote control of systems • Remote Execution allows for server commands to be sent around an infrastructure • ZeroMQ topology enables powerful and high speed communication • Commands can be executed quickly and in parallel across large numbers of nodes to execute commands and gather information 4
Not Just for Large Infrastructure • Salt can scale up or down as far as you need to go • Home networks • "Micro" networks – Arduino, Raspberry Pi, BeagleBone/BeagleBoard • "Dumb" devices – Switches, Routers – Coffee Makers – Sprinkler Systems 5 • Remote Services • Google Apps • Heroku • Gondor.IO • Anything with a REST api
Remote Execution Examples salt -G 'os:Ubuntu' pkg.upgrade ! salt '*' pkg.install openssl refresh=True ! salt '*' service.restart apache ! salt '*' shadow.set_password root '$1$UY... 6
State Examples /webroot/web: file.directory: - user: www-data - group: www-data - dir_mode: 2755 - file_mode: '0755' - makedirs: True 7 thorium_proj: git.latest: - rev: develop - name: git@github.com:saltstack/thorium - user: www-data - target: {{ thorium.venv.base }} - force: False - identity:deploy.key - require: - file: /webroot/web/.ssh/deploy.key !/webroot/web/.ssh/deploy.key: file.managed: - user: www-data - group: www-data - dir_mode: 0770 - mode: 0600 - source: salt://deploy.key - makedirs: True - replace: False
Minion - to - Master Communication • Each minion runs a salt-minion process – Python runtime, average RSS 30 MB – Minions connect to master – Master controls minions 8 • What if devices we want to control can't spare 30 MB? • Enter the PROXY MINION
What exactly IS a PROXY MINION??! A process forked from a regular salt-minion that has the sole purpose of talking to a device that cannot run a minion. 9
GRU == salt-master Minion == salt-minion Minions == proxy-minion Car == Car == proxied device
Where we are going eventually... salt datacenter-network state.highstate 11 Woohoo!!
Aren't there other tools? • Web interface • ssh • The CLI tool that shall remain nameless
Persistent Connection • Batch-load • Check • Commit ! • Ephemeral-connection oriented tools drop changes on disconnect. (oops) • Bootstrapping ssh connections over and over can be slow • Needed a persistent connection to overcome 13
Better Image 15 salt- master salt-minion device 🍴 proxy-minion
HOWTO • interface package 
 (/srv/salt/_proxy or site-packages/salt/proxy) • execution modules 
 (/srv/salt/_modules or site-packages/salt/modules) • grains 
 (/srv/salt/_grains or site-packages/salt/grains) 16
Interface package • Python package that handles heavy-lifting for connection • Needs a class Proxyconn! – __init__! – proxytype! – id! – ping! – shutdown 17
Execution Modules • Some "just work" • Some don't make sense • Some need lots of love • __proxyenabled__ 18
Caveat Emptor • Process Management • Logging • No Masterless • Lots of things broken 19
C. R. Oldham Platform Engineer SaltStack 20 https://joind.in/11037 cr@saltstack.com https://github.com/cro http://ncbt.org cro Email: GitHub: Blog: IRC:

More Related Content

PPTX
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
byNazmul Hossain Rakib
 
PDF
Introduction to SaltStack
byAymen EL Amri
 
PDF
Introduction to SaltStack (An Event-Based Configuration Management)
byDevOps Indonesia
 
PDF
CODE BLUE 2014 : マルウエアによる検出回避方法の解説 by 篠塚 大志 HIROSHI SHINOTSUKA
byCODE BLUE
 
PDF
Understanding salt modular sub-systems and customization
byjasondenning
 
PDF
Getting started with salt stack
bySuresh Paulraj
 
PDF
Meetup - An introduction to Salt
byRichard Woudenberg
 
PDF
Introduction to SaltStack
byRafael de Paula Souza
 
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
byNazmul Hossain Rakib
 
Introduction to SaltStack
byAymen EL Amri
 
Introduction to SaltStack (An Event-Based Configuration Management)
byDevOps Indonesia
 
CODE BLUE 2014 : マルウエアによる検出回避方法の解説 by 篠塚 大志 HIROSHI SHINOTSUKA
byCODE BLUE
 
Understanding salt modular sub-systems and customization
byjasondenning
 
Getting started with salt stack
bySuresh Paulraj
 
Meetup - An introduction to Salt
byRichard Woudenberg
 
Introduction to SaltStack
byRafael de Paula Souza
 

What's hot

PDF
DEF CON 27 - DOUGLAS MCKEE - hvacking understanding the delta between securit...
byFelipe Prado
 
PPTX
Mistral and StackStorm
byDmitri Zimine
 
PDF
OMD and Check_mk
byArtur Martins
 
PPTX
Deep dive networking
byVictor Morales
 
PDF
Red Hat Forum Tokyo - OpenStack Architecture Design
byDan Radez
 
PPTX
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
byDhruv Sharma
 
DOCX
How to configure cisco asa virtual firewall
byIT Tech
 
PPTX
Process for joining to the FIWARE Lab
byFernando Lopez Aguilar
 
PDF
Chaos Engineering
byWillian Paixao
 
PDF
Erlang containers
bySargun Dhillon
 
PPTX
Internet
byHero Ben
 
PDF
OSDC 2015: Bernd Erk | Why favour Icinga over Nagios
byNETWAYS
 
PPTX
What Hackers Don’t Want You To Know: How to Maximize Your API Security
byAaronLieberman5
 
PDF
Building the Glue for Service Discovery & Load Balancing Microservices
bySargun Dhillon
 
PDF
OWF12/Open Standards for Cloud - Cs owf
byParis Open Source Summit
 
PPTX
Jason Stanley, Secure-24 - Own IT Through Proactive IT Monitoring
byZenoss
 
PDF
Erlang User Conference 2016: Container Networking: A Field Report
bySargun Dhillon
 
PPTX
Improve App Performance & Reliability with NGINX Amplify
byNGINX, Inc.
 
PDF
Case Study - IPv6 Challenges for Cloud Service Providers
byManuel Schweizer
 
PDF
Lying, Cheating, and Winning with Containers in Networking
bySargun Dhillon
 
DEF CON 27 - DOUGLAS MCKEE - hvacking understanding the delta between securit...
byFelipe Prado
 
Mistral and StackStorm
byDmitri Zimine
 
OMD and Check_mk
byArtur Martins
 
Deep dive networking
byVictor Morales
 
Red Hat Forum Tokyo - OpenStack Architecture Design
byDan Radez
 
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
byDhruv Sharma
 
How to configure cisco asa virtual firewall
byIT Tech
 
Process for joining to the FIWARE Lab
byFernando Lopez Aguilar
 
Chaos Engineering
byWillian Paixao
 
Erlang containers
bySargun Dhillon
 
Internet
byHero Ben
 
OSDC 2015: Bernd Erk | Why favour Icinga over Nagios
byNETWAYS
 
What Hackers Don’t Want You To Know: How to Maximize Your API Security
byAaronLieberman5
 
Building the Glue for Service Discovery & Load Balancing Microservices
bySargun Dhillon
 
OWF12/Open Standards for Cloud - Cs owf
byParis Open Source Summit
 
Jason Stanley, Secure-24 - Own IT Through Proactive IT Monitoring
byZenoss
 
Erlang User Conference 2016: Container Networking: A Field Report
bySargun Dhillon
 
Improve App Performance & Reliability with NGINX Amplify
byNGINX, Inc.
 
Case Study - IPv6 Challenges for Cloud Service Providers
byManuel Schweizer
 
Lying, Cheating, and Winning with Containers in Networking
bySargun Dhillon
 

Viewers also liked

PDF
Curso de sistemas de inyección y encendido electrónico programable
byInstituto Español de la Mecánica y la Motocicleta
 
PDF
Sensores o2 demo
byInstituto Español de la Mecánica y la Motocicleta
 
PDF
Mixed Use Scheme Management London
byMainstay Gorup
 
PPSX
Engage Συζητήσεις στην τάξη
byGeorge Androulakis
 
PDF
Guia poetes
bybib0223dr
 
PPTX
Penyusunan Dokumen Rencana Aksi Nasional Kepemudaan
byRissalwan Lubis
 
PDF
dinCloud PR Highlights Q3 2015
bydinCloud Inc.
 
PDF
Week6
bys1200197
 
DOC
AmeetKumar - 1
byAmeet Dubey
 
PDF
Curso efi demo control
byInstituto Español de la Mecánica y la Motocicleta
 
PPT
Ppt01 1
bySabbir Naim
 
PDF
IJETR022025
byNishith Panchal
 
ODP
Vt419 v granskning biltvätt
byEmilJorgensen
 
PDF
Curso efi demo cuerpo acelerador
byInstituto Español de la Mecánica y la Motocicleta
 
PPT
وانةى دووةم
byChia Barzinje
 
PPT
ученый совет 22 мая 2014 -Выборы декана
byuch_sovet_RGPU
 
PDF
ViV Magazine Volume 3 (Feb - Mar 2014)
byNastassia Roy
 
PDF
Edita Kaye | Creepy Halloween Treats
byEdita Kaye
 
Curso de sistemas de inyección y encendido electrónico programable
byInstituto Español de la Mecánica y la Motocicleta
 
Sensores o2 demo
byInstituto Español de la Mecánica y la Motocicleta
 
Mixed Use Scheme Management London
byMainstay Gorup
 
Engage Συζητήσεις στην τάξη
byGeorge Androulakis
 
Guia poetes
bybib0223dr
 
Penyusunan Dokumen Rencana Aksi Nasional Kepemudaan
byRissalwan Lubis
 
dinCloud PR Highlights Q3 2015
bydinCloud Inc.
 
Week6
bys1200197
 
AmeetKumar - 1
byAmeet Dubey
 
Curso efi demo control
byInstituto Español de la Mecánica y la Motocicleta
 
Ppt01 1
bySabbir Naim
 
IJETR022025
byNishith Panchal
 
Vt419 v granskning biltvätt
byEmilJorgensen
 
Curso efi demo cuerpo acelerador
byInstituto Español de la Mecánica y la Motocicleta
 
وانةى دووةم
byChia Barzinje
 
ученый совет 22 мая 2014 -Выборы декана
byuch_sovet_RGPU
 
ViV Magazine Volume 3 (Feb - Mar 2014)
byNastassia Roy
 
Edita Kaye | Creepy Halloween Treats
byEdita Kaye
 

Similar to OpenWest 2014-05-10 Where's the Waldo, SaltStack Proxy Minions

PDF
Automated Application Management with SaltStack
byinovex GmbH
 
PDF
A user's perspective on SaltStack and other configuration management tools
bySaltStack
 
PDF
Event driven architecture with SaltStack
byBharatNailwal2
 
PPTX
SaltStack Configuration Management
byNathan Sickler
 
PDF
Why SaltStack ?
bySUSE
 
PDF
The SaltStack Pub Crawl - Fosscomm 2016
byeffie mouzeli
 
PDF
Introduction to Systems Management with SaltStack
byCraig Sebenik
 
PDF
Getting started with salt stack
bySuresh Paulraj
 
PDF
SaltStack's NetAPI at Photobucket - Denver SaltStack Meetup
byJon Henry
 
ODP
Configuration Management and Salt
by55020
 
PDF
Software-defined Datacenter Maintenance - No More Sleepless Nights and Long W...
bySUSE
 
PDF
Salt Stack - Subhankar Sengupta
byDevOpsBangalore
 
PDF
Configuration management and orchestration with Salt
byAnirban Saha
 
PDF
Real-time Cloud Management with SaltStack
bySaltStack
 
PDF
Configuration Management with Saltstack
byinovex GmbH
 
PDF
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
bySaltStack
 
PDF
Sweetening Systems Management with Salt
bymchesnut
 
PDF
Orchestrate Event-Driven Infrastructure with SaltStack
byLove Nyberg
 
PDF
Saltstack for Ansible users
byPaul Traylor
 
PDF
SaltStack – (Not) just another Automation & Remote Execution Tool
byinovex GmbH
 
Automated Application Management with SaltStack
byinovex GmbH
 
A user's perspective on SaltStack and other configuration management tools
bySaltStack
 
Event driven architecture with SaltStack
byBharatNailwal2
 
SaltStack Configuration Management
byNathan Sickler
 
Why SaltStack ?
bySUSE
 
The SaltStack Pub Crawl - Fosscomm 2016
byeffie mouzeli
 
Introduction to Systems Management with SaltStack
byCraig Sebenik
 
Getting started with salt stack
bySuresh Paulraj
 
SaltStack's NetAPI at Photobucket - Denver SaltStack Meetup
byJon Henry
 
Configuration Management and Salt
by55020
 
Software-defined Datacenter Maintenance - No More Sleepless Nights and Long W...
bySUSE
 
Salt Stack - Subhankar Sengupta
byDevOpsBangalore
 
Configuration management and orchestration with Salt
byAnirban Saha
 
Real-time Cloud Management with SaltStack
bySaltStack
 
Configuration Management with Saltstack
byinovex GmbH
 
Arnold Bechtoldt, Inovex GmbH Linux systems engineer - Configuration Manageme...
bySaltStack
 
Sweetening Systems Management with Salt
bymchesnut
 
Orchestrate Event-Driven Infrastructure with SaltStack
byLove Nyberg
 
Saltstack for Ansible users
byPaul Traylor
 
SaltStack – (Not) just another Automation & Remote Execution Tool
byinovex GmbH
 

Recently uploaded

PPTX
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
PDF
How Automation Powers Data Quality and Governance at Scale
bySafe Software
 
PDF
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PDF
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
PPTX
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
PDF
Mercury Computer Systems & The Cell Broadband Engine
bySlide_N
 
PPTX
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
PDF
Hart, Inc. M&A Data Transition Checklist
byHart, Inc.
 
PDF
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PPTX
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
PDF
Presentation of Cybersecurity and data protection
bytarikaityahya2
 
PDF
Intro to CrafterQ - AI Agent Platform for the Enterprise.pdf
byCrafterQ
 
PPTX
Accelerate Innovation with Engineering R&D Services
byChetu
 
PDF
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
PDF
Just Eat Data Scraping For Restaurant Reviews And Pricing.pdf
byfusiondata2026
 
PDF
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
PDF
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
PPTX
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
Design Flaws and Known Attacks in Agentic AI - ITI Business Session
byInformation Technology Institute
 
How Automation Powers Data Quality and Governance at Scale
bySafe Software
 
UiPath Coded Agents - A Developer Driven Agentic Automation Era
byUiPathCommunity
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
Pervasive Encryption - Keeping Data Secure.pdf
byPrecisely
 
Apache Kafka 101 for Techies in IT dep.pptx
byamulyareddyk97
 
Mercury Computer Systems & The Cell Broadband Engine
bySlide_N
 
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
Hart, Inc. M&A Data Transition Checklist
byHart, Inc.
 
Unlocking Gen AI Capabilities Within UiPath Document Understanding
byDianaGray10
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
Presentation of Cybersecurity and data protection
bytarikaityahya2
 
Intro to CrafterQ - AI Agent Platform for the Enterprise.pdf
byCrafterQ
 
Accelerate Innovation with Engineering R&D Services
byChetu
 
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
Just Eat Data Scraping For Restaurant Reviews And Pricing.pdf
byfusiondata2026
 
Effective Ai powered mock interview .pdf
byamazingnishusingh766
 
2025-CB-NCAE-slide-deck.pptx-1-83.pdf Virtual Orientation on the Administrati...
byNelizabethEsplaguera1
 
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 

OpenWest 2014-05-10 Where's the Waldo, SaltStack Proxy Minions

  • 1.
    Managing network gearand "dumb" devices using SaltStack Proxy Minions1 C. R. Oldham Platform Engineer SaltStack Where's (the) Waldo?
  • 2.
    Self-aggrandizement • North CentralAssociation, Director of IT • Marvell Semiconductor, Compute Environment Manager • HopeKids, Executive Director • SaltStack, Platform Engineer
 • Keyboard + Monitor Give it to C. R. 2 ➮
  • 3.
    What is Salt? •Salt is more than just configuration management, it makes up a unified system control platform. • Complete infrastructure control • A foundation API for communication • Remote execution, job management, state discovery • Control and view all aspects from one source, one medium • Salt is Simplicity • Salt is designed to be simple • Easy to set up, use, understand, and extend • Diving in is the right way to learn 3
  • 4.
    Founded on RemoteExecution • The foundation of Salt is remote execution. Salt's unique remote execution system enables extremely fast and reliable remote control of systems • Remote Execution allows for server commands to be sent around an infrastructure • ZeroMQ topology enables powerful and high speed communication • Commands can be executed quickly and in parallel across large numbers of nodes to execute commands and gather information 4
  • 5.
    Not Just forLarge Infrastructure • Salt can scale up or down as far as you need to go • Home networks • "Micro" networks – Arduino, Raspberry Pi, BeagleBone/BeagleBoard • "Dumb" devices – Switches, Routers – Coffee Makers – Sprinkler Systems 5 • Remote Services • Google Apps • Heroku • Gondor.IO • Anything with a REST api
  • 6.
    Remote Execution Examples salt-G 'os:Ubuntu' pkg.upgrade ! salt '*' pkg.install openssl refresh=True ! salt '*' service.restart apache ! salt '*' shadow.set_password root '$1$UY... 6
  • 7.
    State Examples /webroot/web: file.directory: - user:www-data - group: www-data - dir_mode: 2755 - file_mode: '0755' - makedirs: True 7 thorium_proj: git.latest: - rev: develop - name: git@github.com:saltstack/thorium - user: www-data - target: {{ thorium.venv.base }} - force: False - identity:deploy.key - require: - file: /webroot/web/.ssh/deploy.key !/webroot/web/.ssh/deploy.key: file.managed: - user: www-data - group: www-data - dir_mode: 0770 - mode: 0600 - source: salt://deploy.key - makedirs: True - replace: False
  • 8.
    Minion - to- Master Communication • Each minion runs a salt-minion process – Python runtime, average RSS 30 MB – Minions connect to master – Master controls minions 8 • What if devices we want to control can't spare 30 MB? • Enter the PROXY MINION
  • 9.
    What exactly ISa PROXY MINION??! A process forked from a regular salt-minion that has the sole purpose of talking to a device that cannot run a minion. 9
  • 10.
    GRU == salt-masterMinion == salt-minion Minions == proxy-minion Car == Car == proxied device
  • 11.
    Where we aregoing eventually... salt datacenter-network state.highstate 11 Woohoo!!
  • 12.
    Aren't there othertools? • Web interface • ssh • The CLI tool that shall remain nameless
  • 13.
    Persistent Connection • Batch-load •Check • Commit ! • Ephemeral-connection oriented tools drop changes on disconnect. (oops) • Bootstrapping ssh connections over and over can be slow • Needed a persistent connection to overcome 13
  • 15.
  • 16.
    HOWTO • interface package
 (/srv/salt/_proxy or site-packages/salt/proxy) • execution modules 
 (/srv/salt/_modules or site-packages/salt/modules) • grains 
 (/srv/salt/_grains or site-packages/salt/grains) 16
  • 17.
    Interface package • Pythonpackage that handles heavy-lifting for connection • Needs a class Proxyconn! – __init__! – proxytype! – id! – ping! – shutdown 17
  • 18.
    Execution Modules • Some"just work" • Some don't make sense • Some need lots of love • __proxyenabled__ 18
  • 19.
    Caveat Emptor • ProcessManagement • Logging • No Masterless • Lots of things broken 19
  • 20.
    C. R. Oldham PlatformEngineer SaltStack 20 https://joind.in/11037 cr@saltstack.com https://github.com/cro http://ncbt.org cro Email: GitHub: Blog: IRC: