Configuring and controlling a domain, containing several machines with different operating systems, from Linux, with Salt.
Flexible and scalable.
Control stuff with Saltstack
Made in the course:
Configuration Management Systems by Tero Karvinen
Current Version: Release / Demo
- Sources released.
- Functions are tested and working.
- Further development is not certain. Probably will be used as a based for new project.
10.12.2022 - Demo version released
Download source, if you need it in zip format: .zip
Please start by reading the REPORT
For this to work as its meant to, you need:
( also minion config stuff is in the list)
Production:
- 2 x Debian 11 servers:
-
id: fileserver
saltenv: prod
-
id: webserver
saltenv: prod
-
- Ubuntu 22.04 Desktop:
id: ubuntu-ws
saltenv: prod
- Windows 10:
id: windows-ws
saltenv: prod
Development:
- 1 or more Debian 11 Server(s)
id: dev-server<1->
saltenv: dev
- Fedora 36 Desktop
id: dev-fedora-ws
saltenv: dev
- Ubuntu 22.04 Server
id: dev-ubuntu
saltenv: dev
Also master: <address>
needs to be defined of course.
I dont recommend to use this, if your not comfortable with Salt already.
This might require little bit of advanced understanding of Salt.
There might come some errors, which would be hard to troubleshoot, as this is only tested by myself, in my local PC.
But if you are comfortable, you probably already know how to configure Salt master and Minions
git clone https://github.com/therealhalonen/domain_control
cd domain_control
After that:
Copy content of srv
into /srv/
Copy etc/salt/master
into /etc/salt/
For example:
First check that the directories youre about to copy to, exists!
sudo cp -r srv/* /srv/
sudo cp etc/salt/master /etc/salt/
Restart salt-master
sudo systemctl restart salt-master
Now you need to pull the win-repo
to enable installing software for windows:
sudo salt-run winrepo.update_git_repos
Or you can use the included script srv/salt/update_winrepo_ng
The database sync, will be made automatically during the state apply
Next change the passwords found in the Pillar:
- regular is for user
sicki
- superior is for admin-user
supreme
- samba is for
sambauser
regular
and superior
are generated with:
openssl passwd -6 <password>
For samba:
I used some random online generator, as i couldnt find how i could create NTML hashes.
Then you should have the machines configured as minions and everything should be set, so you can run:
sudo salt '*' state.apply
And all states should be ran.
See Testing for example outcome.
Vagrant, Virtualbox environment:
vagrant_prod
folder holds the Vagrantfile for Production machines.
vagrant_dev
folder holds the Vagrantfile for Development machines.
Each machine is configured to install salt-minion
and connect to a Master to address 192.168.56.1
, which in my case is the virtualbox host-only adapter address of my Host.
cd
to directory and:
vagrant up
inside each folder, to create the machines.
And:
vagrant destroy
to destroy created machines
More info:
Vagrant - CLI
SSH:
So if using Vagrant, after applying the states, the regular:
vagrant ssh <machine>
isnt obviously working anymore, as the sshd config is replaced.
But you can of course use:
ssh supreme@<address>
Windows:
If you see this while creating the Windows machine for Vagrant:
windows-ws: Warning: Connection reset. Retrying...
windows-ws: Warning: Remote connection disconnect. Retrying...
The guest machine entered an invalid state while waiting for it
to boot. Valid states are 'starting, running'. The machine is in the
'paused' state. Please verify everything is configured
properly and try again.
If the provider you're using has a GUI that comes with it,
it is often helpful to open that and watch the machine, since the
GUI often has more helpful error messages than Vagrant can retrieve.
For example, if you're using VirtualBox, run `vagrant up` while the
VirtualBox GUI is open.
The primary issue for this error is that the provider you're using
is not properly configured. This is very rarely a Vagrant issue.
And if its booted, just run:
vagrant reload windows-ws --provision
This might also happen:
==> windows-ws: Running provisioner: shell...
An error occurred in the underlying SSH library that Vagrant uses.
The error message is shown below. In many cases, errors from this
library are caused by ssh-agent issues. Try disabling your SSH
agent or removing some keys and try again.
If the problem persists, please report a bug to the net-ssh project.
timeout during server version negotiating
Just run:
vagrant reload windows-ws
vagrant up windows-ws --provision
If nothing else helps, follow this:
vagrant destroy windows-ws
sudo salt-key -d windows-ws
vagrant up windows-ws
Till it finishes right...
After that:
sudo salt-key -a windows-ws
Salt:
Windows again:
After accepting keys and applying state:
windows-ws:
Data failed to compile:
----------
No matching sls found for 'hello_all' in env 'base'
Reboot the Windows machine. or just restart salt-minion from it.
Error means, it hasnt registered which saltenv
it belongs to, and will do it when Minion gets restarted next time.
More:
Coming if something appear