Articles related to real life scenarios involving java, frameworks and libraries configurations and salt-stack. The topics includes Core Java, Hibernate, Spring MySQL, Multithreading, Java NIO, jQuery, c3p0, Connection pooling, salt state, pillar, grain etc.

Thursday, August 13, 2015

salt-cloud install a specific version of salt-minion

10:34 AM Posted by Unknown 1 comment
This is a guide to install a specific version of salt-minion package on new minions being bootstrapped using salt-cloud.
This is not specific for any OS or destro but I was using Ubuntu 14.04.
salt-cloud uses salt-bootstrap.sh script (https://github.com/saltstack/salt-bootstrap) which installs every dependencies and salt-minion on the newly created instance. This file is usually located at /usr/lib/python2.7/dist-packages/salt/cloud/deploy/bootstrap-salt.sh.
Version and/or Source can be specified in the cloud.profile configuration as below.
In /etc/salt/cloud.profiles.d/someprofile.conf
staging:
  provider: aws
  image: ami-xxxxxx
  size: m1.small
  securitygroup:
    - SG1
    - SG2
  tag:
      circle: staging
      type: app
  script_args: git v2015.5.2
The last property script_args value will be passed to the bootstrap script. The above values tells to install salt-minion version v2015.5.2 from github(not the Ubuntu repo).
The values can be any of the following.
Installation types:
- stable (default, It installs from OS Repository e.g Deb/RPM)
- stable [version] (ubuntu specific)
- daily  (ubuntu specific)
- testing (redhat specific)
- git (Installs from github repository)
Examples:
- stable
- stable 2015.5
- daily
- testing
- git
- git develop
- git v2015.5.3
- git 8c3fadf15ec183e5ce8c63739850d543617e4357
Custom/Edited script can also be used instead of the default bootstrap-salt.sh
Just copy the /usr/lib/python2.7/dist-packages/salt/cloud/deploy/bootstrap-salt.sh or download https://github.com/saltstack/salt-bootstrap/blob/develop/bootstrap-salt.sh and put it under/etc/salt/cloud.deploy.d/. If the file is named bootstrap-salt.sh then no change required in the profile configuration. If the file name is something different like custom-bootstrap.sh then added the following in the configuration file.
In /etc/salt/cloud.profiles.d/someprofile.conf
staging:
  provider: aws
  image: ami-xxxxxx
  size: m1.small
  securitygroup:
    - SG1
    - SG2
  tag:
      circle: staging
      type: app
  script: custom-bootstrap.sh # This can also be an absolute path.
  script_args: git v2015.5.2
Hope it helps.
Any questions or suggestions are welcome.

Salt-stack connect minion to a different master

9:24 AM Posted by Unknown 32 comments
This is a guide if you want to connect a minion from one master to a different master.
Scenario:
You have a minion ex. minion1 and it is currently connected to master1. Now for some reason you want to connect to a different master ex master2. I had this requirement when I had to create a clone of a live ec2 instances minions which is already connected to live-master and I had to connect it to a master which we use for development i.e. dev-master.
NOTE: I am assuming the OS to be Ubuntu
The following are the steps.
  • SSH into minion and Shutdown salt-minion on the minion instance using sudo service salt-minion stop (Optional)
  • Restart master2 in open mode(This is temporary, This will make it easier) by doing the following
    • In master2 (/etc/salt/master) configuration set open_mode: True
    • Restart salt-master using sudo service salt-master restart
  • Change ID(Optional), master IP/HOST and master_finder of minion by doing the following
    • ssh to minion
    • do sudo vim /etc/salt/minion
    • search for id: and change it if needed.
    • search for master: IP/HOST, change the IP or HOST for the master2
    • search for master_finger: and delete the property. This is newly added so It may not be there in configuration.
    • Remove key for old master(master1) server rm /etc/salt/pki/minion/minion_master.pub
    • Restart minion sudo service salt-minion restart
  • Change open_mode to False or remove the property(by default is False) and restart master2.
This should allow the minion to connect to the master2. Now there are things which you would need to change depending on the requirement. Like I was creating a different environment by cloning liveand we have a grain named circle set for the environments like devstaging or live. So had to change the grain to livetest.
salt '*.livetest.example.com' grains.setval circle livetest
Hope it helps.
Any suggestions or questions are welcome.

Salt-stack mysql use root user from any host

8:33 AM Posted by Unknown No comments
I recently had a problem while installing mysql on a server using salt-stack. The scenario is that there is a server where I install mysql and other servers should be able to access it. Now these are ec2 instances and the security group is setup such a way that only server having certain security group can access the mysql server. So even if I open mysql for any host, There would not be any security issues.

The problem was that I was not able to login to root user from any other server because the root user login was only allowed from the localhost if I do the following.

mysql-server:
  pkg:
    - installed
    - pkgs:
      - mysql-server
      - python-mysqldb
  service:
    - running
    - name: mysql
    - enable: True
    - require:
      - pkg: mysql-server
    - watch:
      - file: /etc/mysql/my.cnf
  mysql_user:
    - present
    - name: root
    - password: {{ pillar['mysql']['server']['root_password'] }}
    - require:
      - service: mysql

So what I had to do for the servers to login as root user into mysql database from any host including localhost is to add another user.preset for root again with % as host.

mysql-root-user-remote:
  mysql_user.present:
    - name: root
    - host: '%'
    - password: {{ pillar['mysql']['server']['root_password'] }}
    - connection_user: root
    - connection_pass: {{ pillar['mysql']['server']['root_password'] }}
    - connection_charset: utf8
    - saltenv:
      - LC_ALL: "en_US.utf8"
    - require:
      - service: mysql

This works for any user which should be accessible from any host including localhost.

Any questions or suggestions are welcome.