Nahum Shalman

Getting Started with SaltStack in the Joyent Cloud

Nahum Shalman -

(Edited May 1, 2015 with updated links to tarballs. Also, in hindsight I don't think that using a user-script is the best way to bootstrap for production. This is still a quick way to kick the tires, though.)

Create a Master

Provision a zone

/opt/local/sdc/bin/sdc-createmachine \
--package d71da280-92da-489f-9c4c-c91891fa202f \
--image 87b9f4ac-5385-11e3-a304-fb868b82fe10 \
--name salt-master-2014-01-05

Wait for it to finish provisioning and then SSH in as root (I recommend running sm-set-hostname and rebooting before going further.)

Install salt and start up the master

cd /opt
curl -LO https://us-east.manta.joyent.com/nahamu/public/salt/salt-2014.7.5-esky-smartos.tar.gz
tar xzvf salt-2014.1.0rc1-esky-smartos.tar.gz
/opt/salt/install/install.sh
svcadm enable salt-master

You can also run the minion software on the master if you'd like:

echo "master: "$(/opt/salt/bin/salt-call --out=json --local grains.get external_ip 2>/dev/null | json local) >> /opt/salt/etc/minion
svcadm enable salt-minion
yes Y | /opt/salt/bin/salt-key -A

Create a Minion

Create a script to run on the minion zones at first boot

cat > salt-minion.sh << "EOF-salt-minion.sh"
cd /opt
curl -kLO https://us-east.manta.joyent.com/nahamu/public/salt/salt-2014.7.5-esky-smartos.tar.gz
tar xzvf salt-2014.1.0rc1-esky-smartos.tar.gz
/opt/salt/install/install.sh
echo "master: "$(mdata-get salt-master) >> /opt/salt/etc/minion
echo "id: "$(mdata-get salt-id) >> /opt/salt/etc/minion
svcadm enable salt-minion
EOF-salt-minion.sh

Create the minion

Note:

  • --script tells SDC to have the zone run the script we created on the first boot
  • --name is the pretty name for SDC
  • salt-id metadata is the name you'll see in salt
  • salt-master is the IP address of the salt master
/opt/local/sdc/bin/sdc-createmachine \
--package d71da280-92da-489f-9c4c-c91891fa202f \
--image 87b9f4ac-5385-11e3-a304-fb868b82fe10 \
--script salt-minion.sh \
--name minion1-2014-01-05 \
--metadata salt-id=minion1-2014-01-05 \
--metadata salt-master=72.2.113.181

Have Master accept minion

On the Master (accepts all pending minions):

yes Y | /opt/salt/bin/salt-key -A

Next Steps

You may want to move on to the SaltStack walkthrough but here are some quick examples.

Orchestration Examples

Try running these commands on the master (targeting all minions)

/opt/salt/bin/salt '*' test.ping
/opt/salt/bin/salt '*' grains.get external_ip
/opt/salt/bin/salt '*' grains.get num_cpus
/opt/salt/bin/salt '*' cmd.run 'svcs salt-minion'
/opt/salt/bin/salt '*' cmd.run 'pkgin up'

Or on just the minion (replace with your minion's salt-id)

/opt/salt/bin/salt 'minion1-2014-01-05' test.ping

Salt can target based on system metadata (grains), the id of the system, etc.

Simple State Example

Let's install Vim:

mkdir -p /opt/salt/srv/salt
cat >/opt/salt/srv/salt/vim.sls <<EOF
vim:
  pkg.installed
EOF
/opt/salt/bin/salt '*' state.sls vim

The official walkthrough

SaltStack Walkthrough (on docs.saltstack.com)