CentOS 6.2
Saltstack is a framework to remotely manage up to 10000 systems on 1 master node. Salt now also has some cloud capabilities that complement other cloud solutions. The underlying technology is freaking awesome (zeromq)! Salt is modular, and can do MUCH more than just remote commands: the included Augeas configuration editing API tool allows VERY granular control over configuration files, there are modules for many different tasks (what about changing/adding a crontab on all servers?), it can also do Windows too and you can write your own modules.
Is this a good tool? Well, they must be doing something right if Amazon and LinkedIn are relying on this!
[root@sapocvm1 bin]# cat myproxy echo "Run this script sourced from the current shell!" echo ". ./proxy.sh" echo "press enter to continue or ctrl-c to abort" read echo -n "proxy username: " read US echo -n "proxy passdw: " read PW export http_proxy=http://${US}:${PW}@httppx.company.com:8080 export https_proxy=http://${US}:${PW}@httppx.company.com:8080 export ftp_proxy=http://${US}:${PW}@ftppx.company.com:21 [root@sapocvm1 etc]# yum-debug-dump Loaded plugins: fastestmirror, refresh-packagekit Loading mirror speeds from cached hostfile * base: centos.uib.no * extras: centos.vianett.no * updates: centos.uib.no Output written to: /etc/yum_debug_dump-sapocvm1-2013-12-12_11:54:45.txt.gz ... yum-debug-dump version 1 %%%%SYSTEM INFO uname: 2.6.32-220.el6.x86_64, x86_64 rpm ver: RPM version 4.8.0 python ver: 2.6.6 (r266:84292, Dec 7 2011, 20:48:22) [GCC 4.4.6 20110731 (Red Hat 4.4.6-3)] %%%%YUM INFO arch: ia32e basearch: x86_64 releasever: 6 yum ver: 3.2.29 enabled plugins: refresh-packagekit,fastestmirror global excludes: %%%%RPMDB PROBLEMS ... # example of installing the master [root@sapocvm1 etc]# rpm -Uvh http://ftp.linux.ncsu.edu/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm [root@sapocvm1 bin]# yum install salt-master [root@sapocvm1 salt]# service salt-master restart # at this stage you could already use the slow and error-prone ssh method… [root@sapocvm1 salt]# salt-ssh '*' -r 'uname -r' 10.97.173.161: 2.6.32-279.19.1.el6.x86_64 10.97.173.160: 2.6.32-279.19.1.el6.x86_64 # but wait… # when you install the agent: speed - and possibilities - are endless! [root@sapocvm2 etc]# rpm -Uvh http://ftp.linux.ncsu.edu/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm [root@sapocvm2 bin]# yum install salt-minion [root@sapocvm2 bin]# echo “master: sapocvm1” >> /etc/salt/minion [root@sapocvm2 salt]# service salt-minion restart [root@sapocvm1 var]# salt-key -A [root@sapocvm1 salt]# salt '*' cmd.run 'uname -r' sapocvm3: 2.6.32-220.el6.x86_64 sapocvm2: 2.6.32-220.el6.x86_64
[root@sapocvm1 ]# salt-key --list-all Accepted Keys: sapocvm2 sapocvm3 Unaccepted Keys: Rejected Keys: [root@sapocvm1 salt]# salt '*' test.ping [root@sapocvm1 salt]# salt-run jobs.list_jobs [root@sapocvm1 salt]# salt -v 'sapocvm2' test.ping Executing job with jid 20140427201556293568 ------------------------------------------- sapocvm2: Minion did not return [root@sapocvm1 salt]# salt '*' cmd.run 'echo "$(hostname):: $(df -Ph /var|tail -n1)"' sapocvm2: sapocvm2:: /dev/sda1 52G 3.2G 49G 7% / sapocvm3: sapocvm3:: /dev/sda1 52G 3.2G 49G 7% / [root@sapocvm1 salt]# salt '*' puppet.fact kernel sapocvm3: Linux sapocvm2: Linux [root@sapocvm1 salt]# salt '*' puppet.facts sapocvm2: ---------- architecture: x86_64 augeasversion: 1.0.0 boardmanufacturer: Intel Corporation boardproductname: 440BX Desktop Reference Platform etc... [root@sapocvm1 salt]# salt '*' cmd.run 'mount' --out=txt sapocvm2: /dev/sda1 on / type ext4 (rw) sapocvm2: proc on /proc type proc (rw) ... sapocvm2: sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) sapocvm3: /dev/sda1 on / type ext4 (rw) sapocvm3: proc on /proc type proc (rw) ... [root@sapocvm1 salt]# echo "hello" > /tmp/salttestfile [root@sapocvm1 salt]# salt-cp '*' /tmp/salttestfile /tmp/salttestfile {'sapocvm2': {'/tmp/salttestfile': True}, 'sapocvm3': {'/tmp/salttestfile': True}} [root@sapocvm1 salt]# salt '*' cmd.run 'ls -ld /tmp/salttestfile' sapocvm2: -rw-r--r--. 1 root root 0 Apr 27 21:17 /tmp/salttestfile sapocvm3: -rw-r--r--. 1 root root 0 Apr 27 21:17 /tmp/salttestfile # vi /etc/salt/master, add "file_recv: True", restart master service. # PS: this does NOT work on empty files!! [root@sapocvm1 salt]# salt '*' cp.push /tmp/salttestfile ... [root@sapocvm1 salt]# find /var/cache/salt/master/minions/*/files/ -type f /var/cache/salt/master/minions/sapocvm2/files/tmp/salttestfile /var/cache/salt/master/minions/sapocvm2/files/etc/fstab /var/cache/salt/master/minions/sapocvm3/files/tmp/salttestfile /var/cache/salt/master/minions/sapocvm3/files/etc/fstab [root@sapocvm1 salt]# salt '*' grains.items sapocvm3: biosreleasedate: 07/02/2012 biosversion: 6.00 cpu_model: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz cpuarch: x86_64 defaultencoding: UTF8 ... [root@sapocvm1 salt]# salt '*' grains.item cpu_model num_cpus --out=txt sapocvm3: {'num_cpus': 1, 'cpu_model': 'Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz'} sapocvm2: {'num_cpus': 1, 'cpu_model': 'Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz'} [root@sapocvm1 salt]# salt '*' sys.doc cmd.run ...
[root@sapocvm1 salt]# salt '*' cmd.exec_code python 'import sys; print sys.version' ...i can do "code"... [root@sapocvm1 salt]# salt '*' cmd.retcode "file /bin/bash" sapocvm3: 0 sapocvm2: 0 ...return codes - yay... [root@sapocvm1 salt]# salt '*' cmd.script salt://scripts/runme.sh 'arg1 arg2 "arg 3"' ...run this shit... [root@sapocvm1 salt]# salt '*' cmd.which ksh ...do we have Korn?...
For config management... we prefer Puppet.