Saltstack usage
From wikinotes
Documentation
cli docs (salt, salt-call) https://docs.saltstack.com/en/latest/ref/cli/index.html runners overview (state.apply) https://docs.saltstack.com/en/latest/ref/runners/index.html
states
Basics (from salt-master)
# run on all minions with hostnames matching 'dev-*' salt 'dev-*' test.ping # target servers by grain salt \ -C 'G@os:FreeBSD and G@server:1' \ -t 120 \ cmd.run 'pkg upgrade -y'Basics (from self)
salt-call #.. # from minion, call salt salt-call --local #.. # run salt on masterless minion salt-call state.highstate # apply this machine's highstate salt-call state.apply progs.vim # apply state {file_roots}/progs/vim/init.sls salt-call \ # my preferences for calling salt -l debug \ --state-output=mixed \ state.highstatePreview Highstate
# detailed salt-call state.show_highstate # concise (jq) salt-call state.show_highstate --out json \ | jq '.local | keys'Execution Modules
# modules listed under 'salt.modules.*' can be run directly on the commandline salt * cmd.run 'ls -l' salt * file.copy '/src/dir/' '/dst/dir/' recurse=True # optional keyword-args are assigned using '=' with no spaces salt-call saltutil.refresh_modules
Filtering Hosts/Minionssalt '*' cmd.run 'ls -l' ## run commands on all systems salt 'arch-*' cmd.run 'ls -l' ## glob-matching minion-ids salt -E 'arch-[0-9]' cmd.run 'ls -l' ## regex-matching minion-ids salt -L 'arch-1.arch-2' cmd.run 'ls -l' ## list of minions salt -G 'os:FreeBSD' cmd.run 'ls -l' ## using grains (facts), run on all machines salt -C G@os:FreeBSD and G@os:Archlinux or S@192.168.50.2' ## combine arguments with various flags and logic
pillar
salt-call saltutil.refresh_pillar ## refresh pillar entries salt-call pillar.ls ## list all pillar-items accessible to machine salt-call pillar.get passwd:will ## query a pillar-keyval salt-call state.apply \ progs.vim pillar='{"user":"will"}' ## substitute pillar values
grains
salt-call grains.ls ## list all grains on machine salt-call grains.get os_family ## list value of a grain
