Spice up your servers with Salt

In recent time, the automation tool Salt has gained a lot of attention. Salt, along with Ansible, is seen by many as refreshing alternatives to the more established automation tools Puppet and Chef.

Recently, a new tool was added to the Salt stack named salt-ssh, which enables you to manage servers without having to install any tools on the server. All that you need is to have Salt installed on the client, and SSH enabled on the servers (which, by the way, is very similar to how Ansible works).

What’s very interesting with this approach is that you can very quickly configure servers from scratch, since it can bootstrap a freshly installed node. To demonstrate this, the Salt team published a screencast (below) where they spun up a 100 node Riak cluster using just salt-ssh.

Contrary to a regular Salt deployment, salt-ssh relies on a something called a roster to map the servers. It’s a pretty straight forward text file that describes all servers and how to connect to them.

If you have more than a few servers, populating this file can be pretty painful. Thankfully, with a little help of our Python library, we can automate this build process entirely.

import cloudsigma

default_user = 'cloudsigma'

# Build a server list
server = cloudsigma.resource.Server()
server_list = server.list()
server_db = {}

for i in server_list:
    if i['status'] == 'running':
        name = i['name']
        ipv4 = i['runtime']['nics'][0]['ip_v4']['uuid']
        server_db[name] = ipv4
        print 'Adding server %s to roster...' % name

# Populate roster file
f = open('roster', 'w')
for s in sorted(server_db):
    record = ('%s:n  host: %sn  user: %sn  sudo: Truen') % (s, server_db[s], default_user)
    f.write(record)
f.close()

The above script requires that you have pycloudsigma installed and configured. With that installed, the script should spit out a file called roaster in the current directory. salt-ssh expects this file to be located in /etc/salt/, but you can override this by passing the --roster-file= argument.

Now, let’s try it out ourselves. I have four servers called salt-[0-3].local that I want to connect to. Let’s first see if we are able to ping them using salt-ssh. Please note that I already have my SSH key installed on all these servers, and the username used is cloudsigma.

$ salt-ssh 'salt*' test.ping
[WARNING ] Warning:  sshpass is not present, so password-based authentication is not available.
salt-3.local:
    True
salt-2.local:
    True
salt-1.local:
    True
salt-0.local:
    True

That worked out fine. Let’s install vim on all these machines to illustrate how to manage packages with Salt.

$ salt-ssh 'salt*' pkg.install vim
[WARNING ] Warning:  sshpass is not present, so password-based authentication is not available.
salt-0.local:
    ----------
    vim:
        ----------
        new:
            2:7.3.429-2ubuntu2.1
        old:

salt-2.local:
    ----------
    vim:
        ----------
        new:
            2:7.3.429-2ubuntu2.1
        old:

salt-1.local:
    ----------
    vim:
        ----------
        new:
            2:7.3.429-2ubuntu2.1
        old:

salt-3.local:
    ----------
    vim:
        ----------
        new:
            2:7.3.429-2ubuntu2.1
        old:

We’re really just scraping on the surface of Salt in these examples, but I hope that is enough to get you started.

You’ll find a lot more information about how to use Salt here. Happy hacking!

About Viktor Petersson

Former VP of Business Development at CloudSigma. Currently CEO at WireLoad and busy making a dent in the Digital Signage industry with Screenly. Viktor is a proud geek and loves playing with the latest technologies.

Leave a Reply