Managing multiple systems in parallel with SaltStack
Managing Users
If you manage several systems but do not use a directory service, you still might want to manage users centrally. Unsurprisingly, Salt offers a module, pw_user
, that lets you add new users, delete user accounts, and modify individual attributes, such as the home directory [14]; you can even rename existing users. Listing 3 shows how you can create a new user with the user
, rather than the pw_user
, keyword. Before deleting a specific user, you could first list the users on all the systems.
Listing 3
Creating a New User
Note that Salt offers a module (ssh
) to manage the SSH service, so when creating users you can combine modules if you need to generate an SSH key for a new user (ssh-keygen -t rsa
) and roll it out to all the existing systems. The module's documentation [15] demonstrates how that works. If you want to do more than just monitor your systems (e.g., collect status information), take a look at the status
module [16]. Running status.all_status
returns all status data (a lot) for the minion specified. To access the hard disk data in a targeted way, use status.diskusage
, and to check the load status, use status.loadavg
.
If Salt does not offer a module for a functionality of interest, you can simply run shell commands on the systems by using the cmdmod
module [17], which takes the form cmd.<function>
. The cmd.run
pair takes a command you pass in between double or single quotes (Figure 5) and returns the output. Make sure you run the functions from this module with cmd
and not with cmdmod
.
More than Modules
In addition to modules, Salt offers a few commands that cover other functionality. The salt-cp
command, for example, copies data from the master to the minions (Listing 4, first line), allowing you to maintain /etc/hosts
, /etc/motd
, or other configuration files centrally. However, this command was only intended as an emergency solution. Generally, you will be able to manipulate existing files in the most targeted way with the file
module or use the management module for configuration files.
Listing 4
Other SaltStack Commands
The salt-run
command interacts with Salt; for example, it can be used to create a list of unreachable minions:
sudo salt-run manage.down
On Salt, every use of a module is dubbed a job, and salt-run
lets you generate a list of the last jobs (Listing 4, second line). If you would like to see the output of a certain Salt job again, specify the job ID (Listing 4, last line). For the individual commands, salt-run
makes use of its own modules, called "runners" [18].
Conclusions
SaltStack offers almost unlimited system management possibilities because of its large number of integrated modules. Even without the use of in-house configuration management, your computers will be very much under your command, regardless of whether you need to manage users, keep your systems up to date, or just get an overview of particular servers.
Even in heterogeneous networks with Windows machines, you can use Salt. Thanks to its built-in software administration, you can install standard programs like Firefox on Windows clients, and other functions from Linux are also available. Salt proves to be a versatile talent: It makes the use of many tools and DIY scripts redundant.
Infos
- SaltStack project: http://SaltStack.com/community/
- ZeroMQ: http://zeromq.org/
- Windows minions: https://docs.SaltStack.com/en/latest/topics/installation/windows.html
- Supported operating systems: https://docs.SaltStack.com/en/latest/topics/tutorials/salt_bootstrap.html#supported-operating-systems
- Opening ports for Salt: https://docs.SaltStack.com/en/latest/topics/tutorials/firewall.html
test
module: https://docs.SaltStack.com/en/latest/ref/modules/all/salt.modules.test.html- Targeting minions: https://docs.SaltStack.com/en/latest/topics/targeting/
- Defining grains: https://docs.SaltStack.com/en/latest/topics/targeting/grains.html
- Built-in Salt modules: https://docs.SaltStack.com/en/develop/ref/modules/all/index.html
- Writing your own modules: https://docs.SaltStack.com/en/latest/ref/modules/
pkg
module: https://docs.SaltStack.com/en/latest/ref/modules/all/salt.modules.pkg.html- Package module for Apt-based systems: https://docs.SaltStack.com/en/latest/ref/modules/all/salt.modules.aptpkg.html#module-salt.modules.aptpkg
file
module: https://docs.SaltStack.com/en/latest/ref/modules/all/salt.modules.file.html- User management with Salt: https://docs.SaltStack.com/en/latest/ref/modules/all/salt.modules.pw_user.html
- SSH commands: https://docs.SaltStack.com/en/latest/ref/modules/all/salt.modules.ssh.html
status
module: https://docs.SaltStack.com/en/latest/ref/modules/all/salt.modules.status.html- Shell commands with Salt: https://docs.SaltStack.com/en/develop/ref/modules/all/salt.modules.cmdmod.html
- Integrated runner modules: https://docs.SaltStack.com/en/latest/ref/runners/all/index.html
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs
-
Juno Computers Launches Another Linux Laptop
If you're looking for a powerhouse laptop that runs Ubuntu, the Juno Computers Neptune 17 v6 should be on your radar.