Learning SaltStack - Second Edition

Learning SaltStack - Second Edition

By : Colton Myers

Buy this Book

Learning SaltStack - Second Edition

By: Colton Myers

Buy this Book

Overview of this book

SaltStack is one of the best infrastructure management platforms available. It provides powerful tools for defining and enforcing the state of your infrastructure in a clear, concise way. With this book learn how to use these tools for your own infrastructure by understanding the core pieces of Salt. In this book we will take you from the initial installation of Salt, through running their first commands, and then talk about extending Salt for individual use cases. From there you will explore the state system inside of Salt, learning to define the desired state of our infrastructure in such a way that Salt can enforce that state with a single command. Finally, you will learn about some of the additional tools that salt provides, including salt-cloud, the reactor, and the event system. We?ll finish by exploring how to get involved with salt and what'?s new in the salt community. Finally, by the end of the book, you'll be able to build a reliable, scalable, secure, high-performance infrastructure and fully utilize the power of cloud computing.

Learning SaltStack Second Edition

Credits

About the Author

About the Reviewer

www.PacktPub.com

Preface

Free Chapter

Diving In – Our First Salt Commands

Summary

Controlling Your Minions with Remote Execution

The structure of a remote execution command

Summary

Execution Modules – Write Your Own Solution

Exploring the source

An advanced example

Summary

Defining the State of Your Infrastructure

Our first state

The pieces of a state declaration

Expanding to encompass multiple pieces of state

Dependencies using requisites

Summary

Expanding Our States with Jinja2 and Pillar

Adding a new minion

Jinja2

Defining secure minion-specific data in pillar

Summary

The Highstate and Environments

The highstate

Storing our states in Git with GitFS

Summary

Using Salt Cloud to Manage Virtual Minions

Setting up Salt Cloud

Managing groups of VMs with map files

Summary

The Reactor and the Event System

The Salt event system

Reacting to events

Summary

Security Best Practices in Salt

Securing Salt configuration

Key management

Firewall and network configuration

Summary

How Can I Get Involved?

Contributing code using GitHub

Other ways to get involved

Summary

Index

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Securing Salt configuration

The default Salt configuration values are designed to be pretty secure. However, sometimes, new users to Salt change configuration values for convenience, which could have an adverse effect on the security of your infrastructure.

Master configuration

open_mode and auto_accept

Salt provides the ability to bypass certain authentication protocols for very secure environments, or for convenience in testing environments. In your master configuration template, you'll find settings for open_mode and auto_accept:

# Enable "open mode", this mode still maintains encryption, but
# turns off authentication, this is only intended for highly
# secure environments or for the situation where your keys end up
# in a bad state. If you run in open mode you do so at your own
# risk!
#open_mode: False

# Enable auto_accept, this setting will automatically accept all
# incoming public keys from the minions. Note that this is
# insecure.
#auto_accept: False

At the first glance, these two...

Learning SaltStack - Second Edition

By : Colton Myers

Learning SaltStack - Second Edition

By: Colton Myers

Overview of this book

Related Content you might be interested in

Current Title:

Learning SaltStack - Second Edition

Securing Salt configuration

Master configuration

open_mode and auto_accept