SaltStack Use Cases



  • There are constantly conversations going on about SaltStack, many of which are interesting to say the least. But something I'm simply not understanding are what use cases everyone is using saltstack for?

    As Scott explained it to me in PM the other day is that it's Godmode or Universal GPO (that actually works).

    Does this mean I can use it to manage all of my client systems, Mac, Windows and Linux? Does it support upgrading software, installing new software, wiping systems etc?

    I know these are some basic questions, but the true underlying question I have is what use cases, are you all using SaltStack for?


  • Service Provider

    @DustinB3403 said in SaltStack Use Cases:

    Does this mean I can use it to manage all of my client systems, Mac, Windows and Linux? Does it support upgrading software, installing new software, wiping systems etc?

    Yes. Absolutely.



  • @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    Does this mean I can use it to manage all of my client systems, Mac, Windows and Linux? Does it support upgrading software, installing new software, wiping systems etc?

    Yes. Absolutely.

    Locally and remotely?


  • Service Provider

    The bigger questions are probably more around where it makes sense, not where it could work. Because you can remote execute commands via Salt, you can use it for effectively anything.


  • Service Provider

    @wirestyle22 said in SaltStack Use Cases:

    @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    Does this mean I can use it to manage all of my client systems, Mac, Windows and Linux? Does it support upgrading software, installing new software, wiping systems etc?

    Yes. Absolutely.

    Locally and remotely?

    Once you can admin remotely, what does locally even mean?



  • @scottalanmiller said in SaltStack Use Cases:

    @wirestyle22 said in SaltStack Use Cases:

    @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    Does this mean I can use it to manage all of my client systems, Mac, Windows and Linux? Does it support upgrading software, installing new software, wiping systems etc?

    Yes. Absolutely.

    Locally and remotely?

    Once you can admin remotely, what does locally even mean?

    Truth


  • Service Provider

    @wirestyle22 said in SaltStack Use Cases:

    @scottalanmiller said in SaltStack Use Cases:

    @wirestyle22 said in SaltStack Use Cases:

    @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    Does this mean I can use it to manage all of my client systems, Mac, Windows and Linux? Does it support upgrading software, installing new software, wiping systems etc?

    Yes. Absolutely.

    Locally and remotely?

    Once you can admin remotely, what does locally even mean?

    Truth

    That's a lesson I learned best from UNIX X11. Once the desktop is a network service, local is just another network location.



  • Okay so back to the question at hand.

    What use cases are you all using SS for?


  • Service Provider

    @DustinB3403 said in SaltStack Use Cases:

    What use cases are you all using SS for?

    Primarily around building and defining servers, but moving to desktops as well. Our new system is that it's for... literally everything.



  • I'm using it for standing up new Apache / PHP or Nginx / PHP instances. Installing ZeroTier / joining machines to the ZT network.

    Haven't had time to mess with it much more than that.



  • @DustinB3403 said in SaltStack Use Cases:

    I know these are some basic questions, but the true underlying question I have is what use cases, are you all using SaltStack for?

    I was just about to post this same question! Good to see some conversation going on this.



  • @dafyre said in SaltStack Use Cases:

    I'm using it for standing up new Apache / PHP or Nginx / PHP instances. Installing ZeroTier / joining machines to the ZT network.

    Haven't had time to mess with it much more than that.

    So the only issue I see that is holding me back from using saltstack is that it seems to be more for deploying servers and systems.

    I don't often have a ton of systems to deploy at once, or on a regular basis.

    What I feel like would be useful would be PDQ Deploy / GPO - Godmode all in one solution. But every time someone explains their use of SaltStack I immediately think to my self that it is not what I need.



  • @dafyre said in SaltStack Use Cases:

    Installing ZeroTier / joining machines to the ZT network.

    Any how to guides?


  • Service Provider

    So you can use Salt (or Chef, or Ansible, or Puppet) for anything. But where it shines is in defining your systems (servers, desktops, routers, switches, etc.) It's the tool for doing everything you do for management.... installing apps, configuring apps, configuring system settings, remote access, pulling information, etc.


  • Service Provider

    @DustinB3403 said in SaltStack Use Cases:

    So the only issue I see that is holding me back from using saltstack is that it seems to be more for deploying servers and systems.

    That's the issue. It seems.


  • Service Provider

    @DustinB3403 said in SaltStack Use Cases:

    I don't often have a ton of systems to deploy at once, or on a regular basis.

    Yeah, that's a perception problem. I'm not saying that you should just up and install Salt and do everything that way. But I am saying that the perception that Salt is for new builds is incorrect.



  • @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    So the only issue I see that is holding me back from using saltstack is that it seems to be more for deploying servers and systems.

    That's the issue. It seems.

    How does something seeming to be for a specific use case an issue? I'm asking where might I find use out of saltstack. . .


  • Service Provider

    @DustinB3403 said in SaltStack Use Cases:

    @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    So the only issue I see that is holding me back from using saltstack is that it seems to be more for deploying servers and systems.

    That's the issue. It seems.

    How does something seeming to be for a specific use case an issue? I'm asking where might I find use out of saltstack. . .

    Well the biggest challenge there is knowing what you do. And I mean that honestly, like... I know you and I know what you did a month ago. But you are in a new job and I actually don't know what your day to day workload looks like yet. So where Salt would make sense to you is hard for me to describe.


  • Service Provider

    @DustinB3403 said in SaltStack Use Cases:

    @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    So the only issue I see that is holding me back from using saltstack is that it seems to be more for deploying servers and systems.

    That's the issue. It seems.

    How does something seeming to be for a specific use case an issue?

    By making you think that it might not apply to you because of the assumed use case.



  • @FATeknollogee said in SaltStack Use Cases:

    @dafyre said in SaltStack Use Cases:

    Installing ZeroTier / joining machines to the ZT network.

    Any how to guides?

    Not quite. I've got to sanitize my salt files before I can share them.


  • Service Provider

    @DustinB3403 said in SaltStack Use Cases:

    What I feel like would be useful would be PDQ Deploy / GPO - Godmode all in one solution. But every time someone explains their use of SaltStack I immediately think to my self that it is not what I need.

    So I use it for every time that I need to deploy a new module or piece of software. Someone needs something, just stick it in the salt file. I do this constantly. I'm on my laptop and I have the state files locally. They are in a directory that opens all at once in Atom (my editor of choice.) All I do is add that software item to the right state file and save... done.

    I have it set to upload the state files to GitLab, which is free, and my Salt Master pulls updates from GitLab every fifteen minutes or so. So my laptop changes flow straight to the servers, automatically.



  • @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    What I feel like would be useful would be PDQ Deploy / GPO - Godmode all in one solution. But every time someone explains their use of SaltStack I immediately think to my self that it is not what I need.

    So I use it for every time that I need to deploy a new module or piece of software. Someone needs something, just stick it in the salt file. I do this constantly. I'm on my laptop and I have the state files locally. They are in a directory that opens all at once in Atom (my editor of choice.) All I do is add that software item to the right state file and save... done.

    I have it set to upload the state files to GitLab, which is free, and my Salt Master pulls updates from GitLab every fifteen minutes or so. So my laptop changes flow straight to the servers, automatically.

    Very Nice Setup


  • Service Provider

    @aaronstuder said in SaltStack Use Cases:

    @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    What I feel like would be useful would be PDQ Deploy / GPO - Godmode all in one solution. But every time someone explains their use of SaltStack I immediately think to my self that it is not what I need.

    So I use it for every time that I need to deploy a new module or piece of software. Someone needs something, just stick it in the salt file. I do this constantly. I'm on my laptop and I have the state files locally. They are in a directory that opens all at once in Atom (my editor of choice.) All I do is add that software item to the right state file and save... done.

    I have it set to upload the state files to GitLab, which is free, and my Salt Master pulls updates from GitLab every fifteen minutes or so. So my laptop changes flow straight to the servers, automatically.

    Very Nice Setup

    It's new, and I love it.



  • So this could also be useful for copying files to many servers at once from the central master I assume. For example, all minions need to have copies of source files that are updated from a central point. This could be used to push updates to all minions at once. Correct?



  • @scottalanmiller said in SaltStack Use Cases:

    @aaronstuder said in SaltStack Use Cases:

    @scottalanmiller said in SaltStack Use Cases:

    @DustinB3403 said in SaltStack Use Cases:

    What I feel like would be useful would be PDQ Deploy / GPO - Godmode all in one solution. But every time someone explains their use of SaltStack I immediately think to my self that it is not what I need.

    So I use it for every time that I need to deploy a new module or piece of software. Someone needs something, just stick it in the salt file. I do this constantly. I'm on my laptop and I have the state files locally. They are in a directory that opens all at once in Atom (my editor of choice.) All I do is add that software item to the right state file and save... done.

    I have it set to upload the state files to GitLab, which is free, and my Salt Master pulls updates from GitLab every fifteen minutes or so. So my laptop changes flow straight to the servers, automatically.

    Very Nice Setup

    It's new, and I love it.

    You should share ;)



  • Will be monitoring this thread like:

    halloween_1978_still.jpg

    Also does it really work in Windows environments like it does on Linux, it seems like SaltStack and its brothers (Chef, Ansible, I forgot one) are tailored for Linux, and I dont want the master/server to be on Windows, that will be redundant I mean passing commands to Windows agents, and is their template library with commands where we can see what we can do under Windows.



  • @msff-amman-Itofficer said in SaltStack Use Cases:
    is their template library with commands where we can see what we can do under Windows.

    Link?



  • @msff-amman-Itofficer said in SaltStack Use Cases:

    Will be monitoring this thread like:
    Also does it really work in Windows environments like it does on Linux, it seems like SaltStack and its brothers (Chef, Ansible, I forgot one) are tailored for Linux, and I dont want the master/server to be on Windows, that will be redundant I mean passing commands to Windows agents, and is their template library with commands where we can see what we can do under Windows.

    They do work for windows, the don't have all the modules for Windows yet but they have a pretty good selection.

    Ansible Windows Modules

    win_acl - Set file/directory permissions for a system user or group.
    win_acl_inheritance - Change ACL inheritance
    win_chocolatey - Installs packages using chocolatey
    win_command - Executes a command on a remote Windows node
    win_copy - Copies files to remote locations on windows hosts.
    win_disk_image - Manage ISO/VHD/VHDX mounts on Windows hosts
    win_dns_client - Configures DNS lookup on Windows hosts
    win_domain - Ensures the existence of a Windows domain.
    win_domain_controller - Manage domain controller/member server state for a Windows host
    win_domain_membership - Manage domain/workgroup membership for a Windows host
    win_dotnet_ngen - Runs ngen to recompile DLLs after .NET updates
    win_environment - Modifies environment variables on windows hosts.
    win_feature - Installs and uninstalls Windows Features on Windows Server
    win_file - Creates, touches or removes files or directories.
    win_file_version - Get DLL or EXE file build version
    win_find - return a list of files based on specific criteria
    win_firewall_rule - Windows firewall automation
    win_get_url - Fetches a file from a given URL
    win_group - Add and remove local groups
    win_iis_virtualdirectory - Configures a virtual directory in IIS.
    win_iis_webapplication - Configures IIS web applications.
    win_iis_webapppool - Configures an IIS Web Application Pool.
    win_iis_webbinding - Configures a IIS Web site.
    win_iis_website - Configures a IIS Web site.
    win_lineinfile - Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression.
    win_msg - Sends a message to logged in users on Windows hosts.
    win_msi - Installs and uninstalls Windows MSI files
    win_nssm - NSSM - the Non-Sucking Service Manager
    win_owner - Set owner
    win_package - Installs/Uninstalls an installable package, either from local file system or url
    win_path - Manage Windows path environment variables
    win_ping - A windows version of the classic ping module.
    win_psexec - Runs commands (remotely) as another (privileged) user
    win_reboot - Reboot a windows machine
    win_reg_stat - returns information about a Windows registry key or property of a key
    win_regedit - Add, change, or remove registry keys and values
    win_region - Set the region and format settings
    win_regmerge - Merges the contents of a registry file into the windows registry
    win_robocopy - Synchronizes the contents of two directories using Robocopy.
    win_say - Text to speech module for Windows to speak messages and optionally play sounds
    win_scheduled_task - Manage scheduled tasks
    win_service - Manages Windows services
    win_share - Manage Windows shares
    win_shell - Execute shell commands on target hosts.
    win_shortcut - Manage shortcuts on Windows
    win_stat - returns information about a Windows file
    win_tempfile - Creates temporary files and directories.
    win_template - Templates a file out to a remote server.
    win_timezone - Sets Windows machine timezone
    win_unzip - Unzips compressed files and archives on the Windows node
    win_updates - Download and install Windows updates
    win_uri - Interacts with webservices.
    win_user - Manages local Windows user accounts
    win_webpicmd - Installs packages using Web Platform Installer command-line
    

    Saltack Windows Modules

    salt.states.win_certutil module
    salt.states.win_dacl
    salt.states.win_dism module
    salt.states.win_dns_client
    salt.states.win_firewall
    salt.states.win_iis module
    salt.states.win_lgpo module
    salt.states.win_license module
    salt.states.win_network
    salt.states.win_path
    salt.states.win_pki module
    salt.states.win_powercfg
    salt.states.win_servermanager
    salt.states.win_smtp_server module
    salt.states.win_snmp module
    salt.states.win_system
    salt.states.win_update
    

    Speaking about ansible and saltstack the master/control node only runs on Linux.



  • So I can't answer for Salt since I don't use it, but I use Ansible for everything. For example, I have a separate DHCP and DNS server. Records are held in a YAML dictionary and when I need to add a machine, I add the DNS info and mac address and Ansible sets up the DHCP reservation on one machine and the DNS record in the other.

    I also use it for kickstart configs. Instead of Foreman or Cobbler, Ansible has a Jinja2 kickstart template. When I run the playbook, Ansible creates all of the kickstart configs for all of the machines in the same dictionary as above and then creates PXE boot files based on the MAC address for each machine.

    Ansible is pretty awesome with cloud services also. Dynamic inventories means you don't need to keep track of static inventories for your playbooks. Ansible can use any kind of script to get an inventory from AWS, DO, OpenStack, etc. As long as it returns JSON, your inventory is now the actual machines in your provider.


  • Service Provider

    @msff-amman-Itofficer said in SaltStack Use Cases:

    Will be monitoring this thread like:

    halloween_1978_still.jpg

    Also does it really work in Windows environments like it does on Linux, it seems like SaltStack and its brothers (Chef, Ansible, I forgot one) are tailored for Linux, and I dont want the master/server to be on Windows, that will be redundant I mean passing commands to Windows agents, and is their template library with commands where we can see what we can do under Windows.

    Not tailored for any specific OS. Windows works fine.


Log in to reply
 

Looks like your connection to MangoLassi was lost, please wait while we try to reconnect.