Salt is primarily a configuration management solution and remote execution engine.
Thanks to the latter, many use-cases can (but not necessarily should) be covered using just this one tool.
Basics
| Term | Meaning |
|---|---|
| minion | slave, managed host |
| sls | salt state file, file that represents the state the system should end up in |
| pillar | sensitive data, tree like structure, targeted and securely send to matched minions |
| grain | minion data, static information, rarely refreshed on master, contain minion specific data only (like OS name) |
Architecture
Event-based, highly modular and highly customizable.
It is fairly easy to add your own state modules as well as alter existing ones.
Runs:
* master-slave (separate master node that provisions minion nodes)
* master-less (the node provisions itself)
Supports both management modes: * push (the master sends the config updates to minions) * pull (the minions check with master for config updates)
Can operate: * with agents (application installed on minion) * agent-less (no application installed on minion)
Salt State Files express the desired... state on the provisioned minion.
States are matched to minions using (primarily) top.sls file.
Each state is then executed on targeted minion (slave). By default minions are targeted using minion id - special generated grain (its default value is the minion hostname).
Detailed description how does the state execute on minion is provided in Modules section
Information about how to interact with Salt can be found in usage and in scripts sections
Details
Salt architecture consists of multiple components, it is best to describe them using layered approach: - minion - master - transport - scripts - modules
Usage
This section contains only brief description of how to interact with Salt using CLI.
For more complete overview refer to scripts.
Execution Module execution (dissection of the salt command):
salt '*' execution_module_name.function_name [arguments_list] [kwargs]
- salt is the python script that accepts user commands and passes them to Salt Master process.
- '*' selects minions which will execute user function. By default the shell-style globbing is used on minion id.
- Find execution_module_name in docs or within Salt sources.
Example: salt '*' test.ping
State execution (or rather state application):
Check what states are going to be applied: salt '*' state.show_top
Execute all matching states from given environment: salt '*' state.highstate [saltenv=base]
Execute single state: salt '*' state.apply <statename> [saltenv=<env>]
References
- https://repo.saltstack.com/
- https://docs.saltstack.com/en/getstarted/config/functions.html
- https://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html
- https://docs.saltstack.com/en/latest/ref/states/highstate.html
- Great presentation from @carsonoid
- https://docs.saltstack.com/en/latest/ref/configuration/master.html