Hello Salt Infra-as-Code

Salt can control thousands of computers. But it all starts at "Hello, world!".

In this article, you create the "Hello, World!" of Salt configuration management system. You create a new state that verifies a text file exists.

Install Salt

$ sudo apt-get update
$ sudo apt-get -y install salt-minion

For our convience, let's use 'micro' editor.

$ sudo apt-get -y install micro
$ export EDITOR=micro

Create folder for "hello" module

Let's create a new module "hello". Modules install, configure an start a thing. For example, we could have a module for Apache web server, and another for Micro editor.

$ sudo mkdir -p /srv/salt/hello/
$ cd /srv/salt/hello/

Here, /srv/salt/ is the folder that will be shared to all slave computers.

Module folder "hello/" contains everything related to our hello world. The Salt code, and any files or templates.

When we later run module "hello", the entry point is the file "init.sls" in "hello/" folder.

Write infra as code

Make sure you're inside the folder of "hello" module, '/srv/salt/hello/'

$ sudoedit init.sls

The file opens in micro editor. If you're annoyed by the dark theme, you can optionally ctrl-E and "set colorscheme simple".

Here, we can write idempotent code in Salt's very own language.

/tmp/hellotero:
  file.managed

Let's run

$ sudo salt-call --local state.apply hello

We get very detailed explanation what was done

local:
----------
          ID: /tmp/hellotero
    Function: file.managed
      Result: True
     Comment: Empty file
     Started: 14:26:55.415684
    Duration: 6.644 ms
     Changes:
              ----------
              new:
                  file /tmp/hellotero created

Summary for local
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
Total run time:   6.644 ms

So, "file /tmp/hellotero created".

Let's verify that Salt did what it promised. For this, we'll use another tool.

$ ls /tmp/hellotero
/tmp/hellotero

Great, Salt is working correctly.

Idempotency - mostly doing nothing

One succeeded, nothing failed, so all (one) of our wishes is fulfilled. Changed is 1, which means that Salt still had to make some changes.

If we run multiple times, we hope that system converges to a harmonic state where no further changes are needed. And it does:

$ sudo salt-call --local state.apply hello
...
Succeeded: 1
$ sudo salt-call --local state.apply hello
...
Succeeded: 1

Notice how "changed=1" has disappeared. So further runs of "hello" make no changes on the system, as it's already in the correct state.

What next?

The important state functions are

  • pkg
  • file
  • service
  • user
  • cmd (only if the four others can't be used)

Try using some of them. I suggest pkg.installed, file.managed and service.running.

Read more Salt articles on TeroKarvinen.com.