Managing your SaltStack Minions with Foreman

•Télécharger en tant que ODP, PDF•

12 j'aime•12,635 vues

Foreman is a lifecycle management tool for physical and virtual servers, that has traditionally been Puppet-centric. There are now several plugins for additional configuration management systems, including Salt. This talk will demo provisioning a new minion, applying states, viewing grains, setting pillars and more -- all from within the Foreman UI.

Technologie

Managing your Minions
with Foreman
Stephen Benjamin - February 3, 2015
stephen@redhat.com / @stbenjam

● Provision to anything from one interface with
one process
– Bare metal, oVirt, Libvirt, vmware, docker, EC2,
Rackspace, Digital Ocean, OpenStack, etc.
● Orchestration of all dependencies – not just
preseed/kickstart/cloud-init

● Manage Puppet, Chef, and Salt
● For salt, provides:
– External node classifier (ENC) for tops
system
– External pillar provider

● System Inventories – showing grains and
activity (i.e. state.highstate results). Ability to
create trends and charts on the data.
● Reporting plugins for ABRT, OpenScap

Distributed Architecture
● Smart Proxies located locally on Foreman itself
or independent – used for orchestration of
DNS, DHCP, etc.
● Smart Proxy manages the Salt Master.

Foreman Plugins
● Extensible
– Both the Smart Proxy and Foreman have a plugin
architecture.
● Foreman
– http://projects.theforeman.org/projects/foreman/wiki/Plugins
● Smart Proxy
– http://projects.theforeman.org/projects/foreman/wiki/Smart-Proxy_Plugins
– Extend Foreman to do whatever you want!

Foreman Plugins
● Rich ecosystem of plugins
– Compute Resources:
● Digital Ocean, Docker, OpenNebula, etc.
– Configuration Management:
● Chef, Salt
– Reporting
● ABRT, Graphite, etc.

Salt in Foreman
● First support in early 2014 via
templates/parameters
● Two plugins
– smart_proxy_salt
– foreman_salt
● Packaged for Debian & Red Hat family OS's
– Maintain parity w/ whatever Foreman supports

Minion Provisioning
● Assign a Salt master to a new host.
● Foreman will do the work for you:
1.Add autosign entry
2.Install Salt packages
3.Trigger key acceptance
4.Remove Autosign

Minion Destruction
● When you delete a host in Foreman, we clean
up – delete the host from Salt (the accepted
key).

Key Management
● Full web interface to keys
– Accept, reject, delete keys
● ...and autosign
– Add autosign records (e.g. a domain managed
outside of Foreman)

Salt States
● Assign to host groups (including full inheritance
when using netsed host groups), or directly to
individual hosts

Pillars
● Pillars <-> Foreman parameters
– Add parameters to host, host groups, domains,
global, etc.
● Exposed to Salt via the “external pillars” feature
● Currently limited to String values only

Master Tops
● Salt's Master tops system provides a way to
generate the top file data for a highstate run
from external sources
● Foreman uses the external_nodes module in
Salt to deliver a YAML document with States
and Pillars

Highstate
● Run highstate directly from a node
– 'Run Salt' button
● Results reported back to Foreman

Reporting
● When running state.highstate, full reporting
inside Foreman of the results!
– What happened on my systems?
– File changes with diffs!
– Other metrics

Grains
● Grains map to 'Foreman Facts'
● Host grains are uploaded to Foreman
● Browseable, chartable, searchable

Future (Short Term)
● Foreman 1.8 will bring version 2.0 of the plugin
– RESTful API for Salt in Foreman
– Hammer CLI Plugin
– Installer support (foreman-installer --salt-
enable=true or similar)

Longer Term
● Importing states/environnments from the
master
● Arbitrary Salt commands
● More than highstate results
● State Groups (like Puppet config groups)
● ???

Conclusion + Q&A
● Find us on Freenode!
– #theforeman, #theforeman-dev
● Docs
– http://github.com/theforeman/foreman_salt/wiki
● Bugtracker:
– http://projects.theforeman.org/projects/salt
● Want to contribute?
– http://theforeman.org/contribute.html

Contenu connexe

Tendances

Postgres has a nice feature called Point-in-time Recovery (PITR) that would allow you to go back in time. In this talk, we will discuss what are the use-cases of PITR, how to prepare your database for PITR by setting good base backup and WAL shipping setups, with some examples. We will expand the discussion with how to achieve PITR if you have a distributed and sharded Postgres setup by mentioning challenges such as clock differences and ways to overcome them, such as two-phase commit and pg_create_restore_point.

Distributed Point-in-Time Recovery with Postgres | PGConf.Russia 2018 | Eren ...

Citus Data

Git best practices workshop

Otto Kekäläinen

HAProxy

Arindam Nayak

Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...

Vietnam Open Infrastructure User Group

66 pfsense tutorial

equinonesr

Introduction to kubernetes

Raffaele Di Fazio

Room 1 - 2 - Nguyễn Văn Thắng & Dzung Nguyen - Proxmox VE và ZFS over iscsi

Vietnam Open Infrastructure User Group

On-demand recording: nginx.com/resources/webinars/nginx-basics-best-practices You’ve heard of NGINX and the benefits it can provide to your web application, but maybe you’re not sure how to get started. There are a lot of tutorials online, but they can be outdated and contradict each other, making things more challenging. In this webinar we’ll cover the basics of NGINX to help you effectively begin using it as part of your existing or new web app. This webinar covers how to: * Install NGINX and verify it's properly running * Create NGINX configurations for reverse proxy, load balancer, etc. * Improve performance using keepalives and other NGINX directives * Debug and troubleshoot using NGINX logs

NGINX: Basics and Best Practices

NGINX, Inc.

Git branching strategies

jstack

Kubernetes Workshop

loodse

CKA Certified Kubernetes Administrator Notes

Adnan Rashid

[Open Infrastructure & Cloud Native Days Korea 2019] 커뮤니티 버전의 OpenStack 과 Ceph를 활용하여 대고객서비스를 구축한 사례를 공유합니다. 유연성을 확보한 기업용 클라우드 서비스 구축 사례와 높은 수준의 보안을 요구하는 거래소 서비스를 구축, 운영한 사례를 소개합니다. 또한 이 프로젝트에 사용된 기술 스택 및 장애 해결사례와 최적화 방안을 소개합니다. 오픈스택은 역시 오픈소스컨설팅입니다. #openstack #ceph #openinfraday #cloudnative #opensourceconsulting

Community Openstack 구축 사례

Open Source Consulting

Dev and test environments require the frequent and repeatable deployment of the CloudStack setup. This can be time-consuming and prone to errors. In this presentation, Kaloyan shows how StorPool uses Ansible for automatic deployment and setting up complete CloudStack clouds. Kaloyan Kotlarski is a system administrator in StorPools' support team. He's been in the company for two years. He's responsible for building CI/CD automation and helping clients integrate StorPool Storage in their cloud deployments. ----------------------------------------- CloudStack Collaboration Conference 2022 took place on 14th-16th November in Sofia, Bulgaria and virtually. The day saw a hybrid get-together of the global CloudStack community hosting 370 attendees. The event hosted 43 sessions from leading CloudStack experts, users and skilful engineers from the open-source world, which included: technical talks, user stories, new features and integrations presentations and more.

Automated CloudStack Deployment

ShapeBlue

Open shift 4 infra deep dive

Winton Winton

FreeIPA is the open source answer to Active Directory, bringing the functionality of Kerberos and centralized management to the unix world. This talk will dive into the background of FreeIPA, how to attack it, and its parallels to traditional Active Directory. We will cover the FreeIPA equivalents of credential abuse, discovery, and lateral movement, highlighting the similarities and differences from traditional Active Directory tradecraft. This will culminate in multiple real-world demos showing how chains of abuse, previously accessible only in Windows environments, are now possible in the unix realm, providing a new medium for offensive research into Kerberos and LDAP environments.

FreeIPA - Attacking the Active Directory of Linux

Julian Catrambone

PromQL Deep Dive - The Prometheus Query Language

Weaveworks

Lezione 8: Introduzione ai Web Service

Andrea Della Corte

Agenda: Apache Kafka Ecosystem Kafka Streams as Foundation for KSQL Motivation for KSQL KSQL Concepts Live Demo #1 – Intro to KSQL KSQL Architecture Live Demo #2 - Clickstream Analysis Building a User Defined Function (Example: Machine Learning) Getting Started ### The rapidly expanding world of stream processing can be daunting, with new concepts such as various types of time semantics, windowed aggregates, changelogs, and programming frameworks to master. KSQL is an open-source, Apache 2.0 licensed streaming SQL engine on top of Apache Kafka which aims to simplify all this and make stream processing available to everyone. Even though it is simple to use, KSQL is built for mission-critical and scalable production deployments (using Kafka Streams under the hood). Benefits of using KSQL include No coding required; no additional analytics cluster needed; streams and tables as first-class constructs; access to the rich Kafka ecosystem. This session introduces the concepts and architecture of KSQL. Use cases such as Streaming ETL, Real-Time Stream Monitoring or Anomaly Detection are discussed. A live demo shows how to setup and use KSQL quickly and easily on top of your Kafka ecosystem.

KSQL Deep Dive - The Open Source Streaming Engine for Apache Kafka

Kai Wähner

Among the cool stuff we do at Silk, my colleagues and I develop the Silk CSI Plugin for customers who use our system as the storage layer for their Kubernetes workloads. Before deep diving into the code and as part of my ramp-up on this subject I prepared some slides that cover some basic and important information on this topic. These slides start by recapping some basic storage principals in containers and Kubernetes, continues with some more advanced use cases (including an "offline demo" of persisting Redis data on EBS volumes), and ends with a detailed information on the CSI solution itself. IMHO, reviewing these slides can improve your understanding on this matter and can get you started implementing your own CSI plugin. The main sources of information I used for preparing these slides are: * Official CSI docs * Kubernetes Storage Lingo 101 - Saad Ali, Google * Container Storage Interface: Present and Future - Jie Yu, Mesosphere, Inc.

Introduction to Container Storage Interface (CSI)

Idan Atias

Spring boot 를 적용한 전사모니터링 시스템 backend 개발 사례

Jemin Huh

Tendances (20)

Distributed Point-in-Time Recovery with Postgres | PGConf.Russia 2018 | Eren ...

Git best practices workshop

HAProxy

Room 2 - 6 - Đinh Tuấn Phong - Migrate opensource database to Kubernetes easi...

66 pfsense tutorial

Introduction to kubernetes

Room 1 - 2 - Nguyễn Văn Thắng & Dzung Nguyen - Proxmox VE và ZFS over iscsi

NGINX: Basics and Best Practices

Git branching strategies

Kubernetes Workshop

CKA Certified Kubernetes Administrator Notes

Community Openstack 구축 사례

Automated CloudStack Deployment

Open shift 4 infra deep dive

FreeIPA - Attacking the Active Directory of Linux

PromQL Deep Dive - The Prometheus Query Language

Lezione 8: Introduzione ai Web Service

KSQL Deep Dive - The Open Source Streaming Engine for Apache Kafka

Introduction to Container Storage Interface (CSI)

Spring boot 를 적용한 전사모니터링 시스템 backend 개발 사례

Similaire à Managing your SaltStack Minions with Foreman

Introduction to SaltStack

Aymen EL Amri

OSDC 2015: Stephen Benjamin | Foreman in Your Data Center

NETWAYS

The Foreman Project

Rahul Bajaj

When we talk about the cloud, we usually hear of Paas, Saas, and Iaas. This talk introduces Maas i.e Metal as a Service to the audience. Foreman is an open source project that helps system administrators manage server throughout their life-cycle, from provisioning and configuration to orchestration and monitoring. This talk consists of a brief introduction to the Foreman Project and Foreman Discovery, followed by a deep understanding of Maas and how it is implemented in Foreman Discovery. Lastly, the aim of this talk would be to encourage newbies to contribute to the Foreman Project and Foreman Discovery. Introduction to Bare-metal Provisioning • Discovery as MaaS. • IPMI. • PXE. • IPXE . Discovering a host using Foreman Discovery • Demo for discovering a host. • Fact parsing in Discovery. Discovery functioning and Deep Dive • Auto-provisioning. • Reboot Feature. • Post provisioners (Puppet/Ansible)

OSCamp 2019 | #3 Ansible: Foreman Discovery by Adam Ruzicka

NETWAYS

A brief look at the Foreman host lifecycle management system, beginning with its rapid provisioning features and moving onto its integration with the Puppet configuration management system. GItlab is introduced to the mix and an example is given of how it can be integrated with Forman and Puppet to form an on-premise configuration versioning component. This configuration, which builds upon the Puppet multiple environments feature, is currently being employed in the task of building a test-driven continuous delivery system for the OpenCorporates project.

Linux host orchestration with Foreman, Puppet and Gitlab

Ben Tullis

Spot Trading - A case study in continuous delivery for mission critical finan...

SaltStack

Sutol How To Be A Lion Tamer

Sharon James

Introduction to stress test

Jason Lin

Configuration Management and Salt

55020

OpenNebulaConf 2014 - ONE BIT to rule them all - Stefan Kooman

OpenNebula Project

OpenNebula Conf 2014 | ONE BIT to rule them all - Stefan Kooman

NETWAYS

How to be a lion tamer

Sharon James

How to be a lion tamer

Wannes Rams

Setting up a local WordPress development environment

Zero Point Development

Foreman in your datacenter

lzap

QueueMetrics - Tips and Tricks

Clarotech_Events

IBM Domino / IBM Notes Performance Tuning

Vladislav Tatarincev

AEP 9.0 will see several changes to the core infrastructure which will require changes to the way the server is managed as well as new deployment options that may affect the ways that protocol developers deliver content to their users. We will cover the addition of Tomcat as a new side by side service with Apache, new administration features: exporting and importing server configurations, maintenance mode, and new deployment options: HTTPS and HTTP only modes, deploying behind reverse proxies, and HTTP load balancing.

(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...

BIOVIA

Sweetening Systems Management with Salt

mchesnut

Salt at school

Flavio Castelli

Similaire à Managing your SaltStack Minions with Foreman (20)

Introduction to SaltStack

OSDC 2015: Stephen Benjamin | Foreman in Your Data Center

The Foreman Project

OSCamp 2019 | #3 Ansible: Foreman Discovery by Adam Ruzicka

Linux host orchestration with Foreman, Puppet and Gitlab

Spot Trading - A case study in continuous delivery for mission critical finan...

Sutol How To Be A Lion Tamer

Introduction to stress test

Configuration Management and Salt

OpenNebulaConf 2014 - ONE BIT to rule them all - Stefan Kooman

OpenNebula Conf 2014 | ONE BIT to rule them all - Stefan Kooman

How to be a lion tamer

Setting up a local WordPress development environment

Foreman in your datacenter

QueueMetrics - Tips and Tricks

IBM Domino / IBM Notes Performance Tuning

(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...

Sweetening Systems Management with Salt

Salt at school

Dernier

Designing inclusive products is not only a social responsibility but also a business imperative. This talk delves into the journey of creating accessible hardware products that cater to diverse user needs. Key Topics Covered: 1. Introduction to Inclusive Design - Importance of accessibility in product design - Overview of Comcast's commitment to making products accessible to a wide audience 2. Case Study: Xfinity Large Button Voice Remote - Initial challenges and the evolution of the product - User research and feedback that shaped the design - Key features of the final product and their benefits 3. Designing for Diverse Needs - Understanding human-centered design and its historical context - The impact of designing for people with disabilities on overall product quality - Examples from other industries, such as architecture and industrial design 4. Integrating Accessibility from the Beginning - The cost and efficiency benefits of designing for accessibility from the start - The process of embedding accessibility as a core trait rather than an optional feature 5. Real-World Impact and Continuous Improvement - Insights from in-home studies with users having assistive needs - How continuous feedback and iterative design lead to better products - The role of inclusive research and development practices

Designing for Hardware Accessibility at Comcast

UXDXConf

The Metaverse: Are We There Yet?

Mark Billinghurst

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

FIDO Alliance

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Julian Hyde

As an SEO expert specializing in the IPTV and VPN niches with over five years of experience, I navigate the unique challenges of these industries adeptly. My strategic approach encompasses competitive analysis, targeted keyword research, content optimization, and high-quality backlink creation. My goal is to optimize my clients' online visibility, generating targeted organic traffic and maximizing their return on investment. With a results-driven approach and a passion for innovation, I'm poised to assist my clients in thriving in an ever-evolving digital landscape. <a href="https://iptvreel.com">

THE BEST IPTV in GERMANY for 2024: IPTVreel

reely ones

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “Enterprise Knowledge Graphs: The Importance of Semantics” on May 9, 2024, at the annual Data Summit in Boston. In her presentation, Hedden describes the components of an enterprise knowledge graph and provides further insight into the semantic layer – or knowledge model – component, which includes an ontology and controlled vocabularies, such as taxonomies, for controlled metadata. While data experts tend to focus on the graph database components (RDF triple store or a label property graph), Hedden emphasizes they should not overlook the importance of the semantic layer.

Enterprise Knowledge Graphs - Data Summit 2024

Enterprise Knowledge

Welcome to UiPath Test Automation using UiPath Test Suite series part 2. In this session, we will cover API test automation along with a web automation demo. Topics covered: Test Automation introduction API Example of API automation Web automation demonstration Speaker Pathrudu Chintakayala, Associate Technical Architect @Yash and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 2

DianaGray10

Intrigued by why some of the world's largest companies (Netflix, Google, Cisco, Twitter, Uber etc) are using gRPC? In this demo based talk we delve into the world of gRPC in .Net, what it does and why we should use it. We compare the interface with both Rest and graphQL. We will show you how to implement grpc server-side in .net and in the web. Finally, I will show you how the tooling helps you deliver powerful interfaces and interact with them quickly and simply.

Demystifying gRPC in .Net by John Staveley

John Staveley

This presentation dives into the practical applications of machine learning within Google's operations, providing a comprehensive overview of how to leverage AI technologies to solve real-world business challenges. Key Points Covered: - Introduction to Machine Learning at Google: Discussion on the role of ML and its evolution in enhancing Google's operational efficiency. - Experience Sharing: Insights into the team's long-term engagement with machine learning projects and the impacts on Google’s operational strategies. - Practical Applications: Real-world examples of ML applications within Google’s daily operations, providing a blueprint to adapt similar strategies. - Challenges and Solutions: Discussion on the challenges faced during the implementation of ML projects and the strategic solutions employed to overcome them. - Future of ML at Google: Insights into future trends in machine learning at Google and how they plan to continue integrating AI into their ecosystem.

Strategic AI Integration in Engineering Teams

UXDXConf

This talk offers actionable insights at an executive level for enhancing productivity and refining your portfolio management approach to propel your organization to greater heights. Key Points Covered: 1. Experience Transformation: - The core challenge remains consistent across organizations: converting budget into user-centric designs. - Strategies for deploying design resources effectively in both startups and large enterprises. 2. Strategic Frameworks: - Introduction to the "Ziggurat of Impact" model, detailing layers from basic system interactions to comprehensive customer experiences. - Practical insights on creating frameworks that scale with organizational complexity. 3. Organizational Impact: - Real-world examples of navigating design in large settings, focusing on the synthesis of consumer products and customer experiences. - Emphasis on the importance of designing systems that directly influence customer interactions. 4. Design Execution: - Detailed walkthrough of organizational layers affecting design execution, from touchpoints and customer activities to shared capabilities. - How to ensure design influences both the micro and macro aspects of customer interactions. 5. Measurement and Adaptation: - Techniques for measuring the impact of design decisions and adapting strategies based on data-driven insights. - The critical role of continuous improvement and feedback in refining customer experiences.

Structuring Teams and Portfolios for Success

UXDXConf

Extensible Python: Robustness through Addition - PyCon 2024

Patrick Viafore

IESVE for Early Stage Design and Planning

IES VE

The standard Salesforce Approval process can be limiting in many ways, especially in complex scenarios. What if there was a way to implement very flexible approvals where one can use Apex code to make data updates in unrelated records, dynamically generate next steps details, and compute assignees on the fly? And still use UI-based configurations to implement concrete approval processes. In this session, we will share ideas behind such a solution and show a few lines of code to get you started.

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

CzechDreamin

Agentic RAG What it is its types applications and implementation.pdf

ChristopherTHyatt

ScyllaDB has the potential to deliver impressive performance and scalability. The better you understand how it works, the more you can squeeze out of it. But before you squeeze, make sure you know what to monitor! Watch our experienced Postgres developer work through monitoring and performance strategies that help him understand what mistakes he’s made moving to NoSQL. And learn with him as our database performance expert offers friendly guidance on how to use monitoring and performance tuning to get his sample Rust application on the right track. This webinar focuses on using monitoring and performance tuning to discover and correct mistakes that commonly occur when developers move from SQL to NoSQL. For example: - Common issues getting up and running with the monitoring stack - Using the CQL optimizations dashboard - Common issues causing high latency in a node - Common issues causing replica imbalance - What a healthy system looks like in terms of memory - Key metrics to keep an eye on This isn’t “Death-by-Powerpoint.” We’ll walk through problems encountered while migrating a real application from Postgres to ScyllaDB – and try to fix them live as well.

Optimizing NoSQL Performance Through Observability

ScyllaDB

What's New in Teams Calling, Meetings and Devices April 2024

Stephanie Beckett

We're living the AI revolution and Salesforce is adapting and bring new value to their customers. Einstein products are evolving rapidly and navigating their limitations, language support, and use cases can be challenging. Let's make review of what Einstein product are available currently, what are the capabilities and what can be used for in CEE region and how Rossie.ai can help to learn Salesforce speak Czech. We will explore the Einstein roadmap and I will make a short live demo (based on your vote) of some Einstein feature.

AI revolution and Salesforce, Jiří Karpíšek

CzechDreamin

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

Jennifer Lim

When you think of a highly secure meeting environment, do you instantly think 'Microsoft Teams'!? Or do you think about some unknown application, troublesome UI and daunting login process...? If you think the latter - let's change that! In this session Femke will show you how using Teams Premium features can create secure, but also good looking meetings! PRETTY. Make sure your company's brand is represented before, during and after the meeting with Customization policies in place. SECURE. Lets utilize Meeting templates and Sensitivity Labels to protect your meeting and data to prevent sensitive information from being leaked. After this session, you will have a clear understanding of the capabilities of Teams Premium features and how to set up the perfect meeting that suits your organizational requirements!

ECS 2024 Teams Premium - Pretty Secure

Femke de Vroome

Intro in Product Management - Коротко про професію продакт менеджера

Mark Opanasiuk

Dernier (20)

Designing for Hardware Accessibility at Comcast

The Metaverse: Are We There Yet?

Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

THE BEST IPTV in GERMANY for 2024: IPTVreel

Enterprise Knowledge Graphs - Data Summit 2024

UiPath Test Automation using UiPath Test Suite series, part 2

Demystifying gRPC in .Net by John Staveley

Strategic AI Integration in Engineering Teams

Structuring Teams and Portfolios for Success

Extensible Python: Robustness through Addition - PyCon 2024

IESVE for Early Stage Design and Planning

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Agentic RAG What it is its types applications and implementation.pdf

Optimizing NoSQL Performance Through Observability

What's New in Teams Calling, Meetings and Devices April 2024

AI revolution and Salesforce, Jiří Karpíšek

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

ECS 2024 Teams Premium - Pretty Secure

Intro in Product Management - Коротко про професію продакт менеджера

Managing your SaltStack Minions with Foreman

1. Managing your Minions with Foreman Stephen Benjamin - February 3, 2015 stephen@redhat.com / @stbenjam

3. Foreman

4. ● Provision to anything from one interface with one process – Bare metal, oVirt, Libvirt, vmware, docker, EC2, Rackspace, Digital Ocean, OpenStack, etc. ● Orchestration of all dependencies – not just preseed/kickstart/cloud-init

5. ● Manage Puppet, Chef, and Salt ● For salt, provides: – External node classifier (ENC) for tops system – External pillar provider

6. ● System Inventories – showing grains and activity (i.e. state.highstate results). Ability to create trends and charts on the data. ● Reporting plugins for ABRT, OpenScap

7. Distributed Architecture ● Smart Proxies located locally on Foreman itself or independent – used for orchestration of DNS, DHCP, etc. ● Smart Proxy manages the Salt Master.

9. Foreman Plugins ● Extensible – Both the Smart Proxy and Foreman have a plugin architecture. ● Foreman – http://projects.theforeman.org/projects/foreman/wiki/Plugins ● Smart Proxy – http://projects.theforeman.org/projects/foreman/wiki/Smart-Proxy_Plugins – Extend Foreman to do whatever you want!

10. Foreman Plugins ● Rich ecosystem of plugins – Compute Resources: ● Digital Ocean, Docker, OpenNebula, etc. – Configuration Management: ● Chef, Salt – Reporting ● ABRT, Graphite, etc.

11. Salt in Foreman ● First support in early 2014 via templates/parameters ● Two plugins – smart_proxy_salt – foreman_salt ● Packaged for Debian & Red Hat family OS's – Maintain parity w/ whatever Foreman supports

12. Minion Provisioning ● Assign a Salt master to a new host. ● Foreman will do the work for you: 1.Add autosign entry 2.Install Salt packages 3.Trigger key acceptance 4.Remove Autosign

13. Minion Destruction ● When you delete a host in Foreman, we clean up – delete the host from Salt (the accepted key).

14. Key Management ● Full web interface to keys – Accept, reject, delete keys ● ...and autosign – Add autosign records (e.g. a domain managed outside of Foreman)

15.

16.

17. Salt States ● Assign to host groups (including full inheritance when using netsed host groups), or directly to individual hosts

18.

19. Pillars ● Pillars <-> Foreman parameters – Add parameters to host, host groups, domains, global, etc. ● Exposed to Salt via the “external pillars” feature ● Currently limited to String values only

20. Pillars!

21. Master Tops ● Salt's Master tops system provides a way to generate the top file data for a highstate run from external sources ● Foreman uses the external_nodes module in Salt to deliver a YAML document with States and Pillars

22.

23. States }Pillars

24. Highstate ● Run highstate directly from a node – 'Run Salt' button ● Results reported back to Foreman

25. Highstate

26. Reporting ● When running state.highstate, full reporting inside Foreman of the results! – What happened on my systems? – File changes with diffs! – Other metrics

27. Grains ● Grains map to 'Foreman Facts' ● Host grains are uploaded to Foreman ● Browseable, chartable, searchable

28.

29.

30. Future (Short Term) ● Foreman 1.8 will bring version 2.0 of the plugin – RESTful API for Salt in Foreman – Hammer CLI Plugin – Installer support (foreman-installer --salt- enable=true or similar)

31. Longer Term ● Importing states/environnments from the master ● Arbitrary Salt commands ● More than highstate results ● State Groups (like Puppet config groups) ● ???

32. Conclusion + Q&A ● Find us on Freenode! – #theforeman, #theforeman-dev ● Docs – http://github.com/theforeman/foreman_salt/wiki ● Bugtracker: – http://projects.theforeman.org/projects/salt ● Want to contribute? – http://theforeman.org/contribute.html

Managing your SaltStack Minions with Foreman

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Managing your SaltStack Minions with Foreman

Similaire à Managing your SaltStack Minions with Foreman (20)

Dernier

Dernier (20)

Managing your SaltStack Minions with Foreman