Do you think IIT Guwahati certified course can help you in your career?
Introduction
Saltstack, popularly known as salt, is an orchestration and configuration management tool. It helps in managing a large number of servers altogether. It is simple to use, fast and can be easily manageable. The saltstack has the benefit of technologies and can also be written as plain modules.
In this blog, we will learn about the salt mine in saltstack. We will learn about mine functions, mine access control, and more details about salt mine.
The Salt Mine
For transferring the data from one minion to another to a specific minion, the salt mine is used. It makes the process easy of moving the data. It collects arbitrary data and stores that data on the master. After the data is stored with the help mine module is made available for all the minions.
The mine module contains several functions that all the other minions easily read.
The data is collected on the minions and sent to the master, where the most recent data is gathered and maintained.
Mine Vs Grains
The grain data is simple, selective, and static, whereas the mine data helps quickly transfer the data. Grain data are not easily refreshed and get refreshed when new changes are made to the system, but the mine data get refreshed regularly.
Mines reduce the speed of collecting or getting the data from the other minions. Each minion asking for a piece of data from all other minions requires a lot of time, resulting in a slow working response of minions. To resolve this, at every mine interval, the salt mine runs on the master node and collects data from all minions. The data that salt mine has is fresh and is less overhead.
Mine Functions
You need to enable the mine_functions options in minions for using the salt mine functions.
Set the mine functions in your minions to access the methods of the functions. To allow that, you have two options:
Configuration File
Minion's pillar
The above methods can be applied to enable functions in minions. These functions give you detailed information about the functions that can be executed and the parameters that can be passed in.
To view the functions, check the salt module.
When there is no argument, add an empty list in the parameter. Mine functions have the ability they target a particular minion.
Let's understand this through the example given below:
The above example shows how an empty list is added to the parameters. The salt.modules.network.ip_addrs has some additional features to get accurate results. They further help to narrow the results that are displayed. In the above example, only those IP addresses will be returned that have the interface as eth0 and are in the IP range of 10.0.0.0/8.
Version 3000
Writing mine functions was updated in version 3000. To allow the same format of module_run, the format of mine_functions has been changed.
mine_functions:
test.ping: []
network.ip_addrs:
- interface: eth0
- cidr: 10.0.0.0/8
test.arg:
- isn't
- this
- fun
- this: that
- salt: stack
The format above will be supported.
Minion - Side Access Control
This is available in the new version of 3000. The mine functions in the salt mine have been available to specific minions.
These minions use the same way of targeting as the targeting minions. The keyword these minions have is
allow_tgt
allow_tgt_type
When a minion requests a function from the salt mine( that is, with the combination of the above two keywords) and is not allowed to ask for that function, the minion receives no data. Since the name of the minion is not in the last, the minion receives the output of no data, and the salt mine behaves like no such function is present in the salt mine.
Aliases to a function are done to provide the function with a user_friendly name and are simple to use. You can alias function in the salt mine. The function alias helps you call the same function with different arguments but with the same name. In the salt mine, there is another way of passing positional and key-value arguments. The mixing of these arguments is not supported.
With the addition and change in the syntax of mine_function as the module_run, adding the aliases for the functions remains similar.
It is done straightforwardly. Just add the mine_function kwarg inside the real function(you want to alias) that you wish to call by making the key below the mine_functions alias:
When the scheduler at a given interval starts the minions, the salt mines functions are executed. There is, by default, an interval of 60 minutes which can be adjusted for the minion.
To adjust the interval, go to the minion config and choose the option of mine_interval and change the value.
mine_interval: 60
Mine in Salt-SSH
Salt-ssh supports mine.get with the release of salt in 2015.
You can search in the following order to retrieve the args for the specified mine functions in one of the three places. This is done because minions don't provide their configuration to mine_functions.
Roster data
Pillar
Master Config
The mine_functions has the same format as normal functions in salt. The only difference is that they are stored in different locations.
A simple example of a flat roster containing mine_functions is given below:
To fetch mine data from particular hosts, such as glob or regular expression that matches the grains, pillar, minion Id(name), and compound matches the mine. get function supports with various methods of minions targeting.
Example
The usage of data from the salt mine can be done in a state. To retrieve the value, use Jinja and use it in the SSL file.
Below is an example of a partial HA Proxy configuration that pulls IP addresses from all the minions with web grain to add them to the pool of the balanced servers.
/srv/pillar/top.sls:
base:
'G@roles:web':
- web
/srv/pillar/web.sls:
Mine_functions:
network.ip_addrs: [eth0]
The following command triggers the minions to refresh their pillar data.
salt '*' saltutil.refresh_pillar
Now, to verify the results in the pillar and to check network_ip_addrs execute the following:
salt '*' pillar.items
This will show that function is present but not included in the output:
<file contents snipped>
{% for server, addrs in salt['mine.get']('roles:web', 'network.ip_addrs', tgt_type='grain') | dictsort() %}
server {{ server }} {{ addrs[0] }}:80 check
{% endfor %}
<file contents snipped>
From the above example, the server gets expanded to the minion_id.
Frequently Asked Questions
What is Saltstack?
Salt is a configuration management and remote execution tool that helps execute commands on the remote node. It is simple to use, fast and can be easily manageable.
Where do we use Saltstack?
The Saltstack is an orchestration tool that helps change existing systems. It allows easy software installation in the IT environment and helps manage thousands of servers simultaneously.
Is Saltstack still free of cost to developers?
Saltstack is a free, open-source download and is free of cost to the programmers; however, their enterprise version costs $150 per machine per year.
What is the salt mine?
Saltmine is easy to use, and for transferring data from one minion to another to a specific minion, It collects arbitrary data and stores that data on the master.
What are mine functions in the salt mine?
You need to enable the mine_functions options in minions for using the salt mine functions. Set the mine functions in your minions to access the methods of the functions. To enable that, you have two options. The first is the Configuration file, and the second is the minion's pillar.
Conclusions
In this blog, we have discussed in detail the Salt Mine. We started with the introduction and learned about the mine functions, mine access control, mine interval, and many other essential details.
84+ registered