Skip to content

Instantly share code, notes, and snippets.

@alpap

alpap/salt-ssh.md

Created September 14, 2018 15:09
Show Gist options
  • Save alpap/8de4cb8e9b69339b72547ac3bdb30783 to your computer and use it in GitHub Desktop.
Save alpap/8de4cb8e9b69339b72547ac3bdb30783 to your computer and use it in GitHub Desktop.
Download ZIP
Salt-ssh
Raw
salt-ssh.md

Salt ssh deployment

Simple

  • Install the salt-ssh.

    sudo apt install salt-ssh

  • Edit the /etc/salt/roaster.

    sudo vim /etc/salt/roaster

  • Add the server details if you dont want to type them in the cli.

    server1:
  host: 192.168.167.90
  user: root
server2:
  host: www.some_address.com
  user: username
  passwd: password
  timeout: 10
  sudo: true
  minion_ops: dictionary_for_minion_options
  priv: path/to/ssh/private/key.rsa

    passwd defaults is for salt-ssh to generate keys

    priv defaults to salt-ssh.rsa

  • Connect to the server and install a package

    salt-ssh -i server2 pkg.install cowsay

    The -i is needed on ly the first time we try to connect to the server.

    The certificated will be accepted from the remote computer and the pkg.install will pick the default packagemanager and install the application we require.

  • Verify that the package was install successfuly.

    salt-ssh server2 cmd.run '/usr/games/cowsay "hello from the server"'

    salt-ssh will automaticaly pipe to you the result of the command.

  • Check if the server is responding

    salt-ssh server2 test.ping

    salt-ssh will automaticaly pipe to you the result of the command.

  • The --askpass can be entered to ask for the user pasowrd if it is not specified in the configuration

    salt-ssh server2 test.ping --askpass

  • Some simple commands

    disk.usage
network.interfaces
pillar.item

  • Salt-ssh raw commands so instead of salt running the commands the commands are executed localy in the system

    salt-ssh '*' -r 'ifconfig'

    The '*' indicats that we are targeting all the servers availiable

  • If you dont want to leave a trace in the system use

    salt-ssh -W '*' -r 'ifconfig'

    W stands for whipe

  • Salt formulas are configuration scripts that automate some of the task you want to do.

    • Clone the apache formula on Github

      cp base/pillar.example /srv/pillar/apache.sls

    • Then change the vim /srv/pillar/top/sls to enable the formula

      base:
  "*":
    - apache

    • Edit the salt master file to add the configuration file for apache

        vim /etc/salt/master

      Add the config file

      extra_filerefs:
  - salt://apache/map.jinja

    • Query the pillar

      salt-ssh '*' pillar.item apache

    • Execute the apache sls on the remote system

      salt-ssh '*' atate.sls apache

    • The apache is now installed

    • For more info check out the documnetation

Intermidiate salt with minions

Salt cheetsheet can be found here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment