Spice up your servers with Salt

In recent times, the automation tool Salt has gained a lot of attention. In fact, Salt, along with Ansible, are seen by many as refreshing alternatives to the more established automation tools Puppet and Chef.

Recently, a new tool was added to the Salt stack named salt-ssh, which enables you to manage servers without having to install any tools on the server. Further, all that you need is to have Salt installed on the client, and SSH enabled on your CloudSigma servers (by the way, it is very similar to how Ansible works).

In addition, what’s very interesting with this approach is that you can very quickly configure servers from scratch, since it can bootstrap a freshly installed node. To demonstrate this, the Salt team published a screencast (below) where they spun up a 100 node Riak cluster using just salt-ssh.

Contrary to a regular Salt deployment, salt-ssh relies on something called a roster to map the servers. It’s a pretty straight forward text file that describes all servers and how to connect to them.

However, if you have more than a few servers, populating this file can be pretty painful. Thankfully, with a little help of our Python library, we can automate this build process entirely.

Tutorial

[python light=”true”] import cloudsigma

default_user = ‘cloudsigma’

# Build a server list
server = cloudsigma.resource.Server()
server_list = server.list()
server_db = {}

for i in server_list:
if i[‘status’] == ‘running’:
name = i[‘name’] ipv4 = i[‘runtime’][‘nics’][0][‘ip_v4’][‘uuid’] server_db[name] = ipv4
print ‘Adding server %s to roster…’ % name

# Populate roster file
f = open(‘roster’, ‘w’)
for s in sorted(server_db):
record = (‘%s:n host: %sn user: %sn sudo: Truen’) % (s, server_db[s], default_user)
f.write(record)
f.close()
[/python]

The above script requires that you have pycloudsigma installed and configured. With that installed, the script should spit out a file called roaster in the current directory. salt-ssh expects this file to be located in /etc/salt/, but you can override this by passing the --roster-file= argument.

Now, let’s try it out ourselves. First,  I have four servers called salt-[0-3].local that I want to connect to. Next, let’s see if we are able to ping them using salt-ssh. Please note that I already have my SSH key installed on all these servers, and the username used is cloudsigma.

[bash light=”true”] $ salt-ssh ‘salt*’ test.ping
[WARNING ] Warning: sshpass is not present, so password-based authentication is not available.
salt-3.local:
True
salt-2.local:
True
salt-1.local:
True
salt-0.local:
True
[/bash]

That worked out fine. Next, let’s install vim on all these machines to illustrate how to manage packages with Salt.
[bash light=”true”] $ salt-ssh ‘salt*’ pkg.install vim
[WARNING ] Warning: sshpass is not present, so password-based authentication is not available.
salt-0.local:
———-
vim:
———-
new:
2:7.3.429-2ubuntu2.1
old:

salt-2.local:
———-
vim:
———-
new:
2:7.3.429-2ubuntu2.1
old:

salt-1.local:
———-
vim:
———-
new:
2:7.3.429-2ubuntu2.1
old:

salt-3.local:
———-
vim:
———-
new:
2:7.3.429-2ubuntu2.1
old:
[/bash]

Finally, we’re ready. At the same time, we’re really just scraping on the surface of Salt in these examples. However, I hope that is enough to get you started.

Last but not least, you’ll find a lot more information about how to use Salt here. Happy hacking!