SaltStack Enterprise I

Rédigé par Arnaud | 13 novembre 2020

Contexte

The course begins with installation, configuration, creating targets, and the use of remoteexecution for basic management tasks using SaltStack Enterprise. It then builds on thoseconcepts with the implementation of Salt states.

The Salt states training content includes the creation of SLS files and state trees, settingrequisites and declarations, and using the default YAML and Jinja renderers. There isinstruction on utilizing Salt grains, pillars in state files, setting up RBAC in the SaltStackEnterprise console, specific Windows modules, and the Enterprise API.

Additional topics include Salt Runners, Reactors, Beacons, and orchestration.

 

Format

Cours Online

Durée : 3 jours

Lab : Salt Cloud

 

Agenda

Chapitre 1 - Introduction

Chapitre 2 - Salt Concepts and Terminology

  1. 2.1 Objectives

    2.2 Features of Salt

    1. 2.2.1 Remote Management

      2.2.2 Configuration Management

      2.2.3 Automation and orchestration

      2.2.4 Cloud Management

  2. 2.3 Salt Management Concepts

    1. 2.3.1 Salt Master

      2.3.2 Salt Minion

      2.3.3 SaltStack Enterprise

  3. 2.4 Salt Topology

    1. 2.4.1 Open Event System

      2.4.2 High-speed Communication Bus

  4. 2.5 YAML Salt Configuration File Format

    1. 2.5.1 Rules of YAML

      2.5.2 YAML Simple Structure

      2.5.3 Lists and Dictionaries - YAML Block Structures

      2.5.4 Additional YAML Resources

  5. 2.6 Summary

    1. 2.7.1 Log into the SaltStack Console

      2.7.2 Become Familiar With console

      2.7.3 Deploy Minions2.7 Salt Management Concept Lab

      2.8.6 View New Minions

Chapter 3 - Installation and Configuration

  1. 3.1 Objectives

    3.2 Installation Overview

    1. 3.2.1 Supported Platforms

  2. 3.3 Using Repos.

    3.4 Dependencies

    3.5 Salt Installation

    1. 3.5.1 Source Installation

      3.5.2 Windows Minion Installation

      3.5.3 Starting Salt Services

      3.5.4 Run Directly

  3. 3.6 SaltStack Enterprise

    1. 3.6.1 SaltStack Enterprise Installation

      3.6.2 Requirements

      3.6.3 Licensing

      3.6.4 Database Requirements

  4. 3.7 Master Configuration

    1. 3.7.1 Salt Master Network Ports

      3.7.2 Salt Master Process Management

  5. 3.8 SaltStack Enterprise Configuration

    3.9 Basic Minion Configuration

    1. 3.9.1 Connecting Minions to the Salt Master

      3.9.2 Declaring the Minion ID

  6. 3.10 Minion Attributes - Grains of Salt

    1. 3.10.1 Key Concepts About Grains

      3.10.2 Defining Custom Grains on Minions

      3.10.3 Grains Configuration Precedence

  7. 3.11 Salt Security

    1. 3.11.1 Salt Keys

      3.11.2 Managing Keys With salt-key

      3.11.3 Accepting Keys

      3.11.4 Deleting Keys

  8. 3.12 Key Management in the console

    3.13 Summary

    3.14 Installation and Configuration Lab

    1. 3.14.1 Log into the SaltStack Console

      3.14.2 Assign a Job to Update Presence of the SaltStack Minions

Chapitre 4 -Targeting

  1. 4.1 Objectives
  2. 4.2 Targeting Specifications
    1. 4.2.1 Minion ID
    2. 4.2.2 Glob Targeting
    3. 4.2.3 Regular Expressions
    4. 4.2.4 List Matching on Minion ID
    5. 4.2.5 Matching by Grains
    6. 4.2.6 Compound Matching
  3. 4.3 Creating Target Groups in the Console
  4. 4.4 Summary
  5. 4.5 Targeting Lab

Chapitre 5 - Remote Execution and Job Management

  1. 5.1 Objectives
  2. 5.2 Remote Execution Modules
  3. 5.3 Command Structure
    1. Targeting
    2. Modules
    3. Common Modules
    4. Functions
    5. Arguments
  4. 5.4 Platform Abstraction
  5. 5.5 Commonly Used Remote Execution Modules
    1. 5.5.1 Package Management
    2. Windows Package Management
    3. 5.5.2 Service Management
    4. 5.5.3 File Management
    5. 5.5.4 User/Group Management
    6. 5.5.5 Executing Shell Commands
  6. 5.6 Command Line Options
    1. 5.6.1 Synchronous Versus Asynchronous Modes
  7. 5.7 Job Management in SSE
    1. 5.7.1 Jobs
    2. 5.7.2 Activities Dashboard
    3. 5.7.3 Job Scheduling
    4. 5.7.4 Job History
    5. 5.7.5 AD HOC Jobs
  8. 5.8 Summary
  9. 5.9 Job Management Lab

Chapitre 6 - Basic States

  1. 6.1 Objectives
  2. 6.2 Overview of Salt States
    1. 6.2.1 State and Flow
    2. 6.2.2 The Salt State Files Management Approach
    3. 6.2.3 States Use Execution Modules  
    4. 6.2.4 The Purpose of State Modules  
  3. 6.3 Rendering Salt States  
  4. 6.4 Salt State Components  
    1. 6.4.1 The State SLS Data Structure
    2. 6.4.2 A Simple State Example in SaltStack Enterprise
    3. 6.4.3 Testing States
  5. 6.5 Salt State Modules  
    1. 6.5.1 File Management.
    2. 6.5.2 File State Backup
    3. 6.5.3 Package Management
    4. 6.5.4 Command Execution
    5. 6.5.5 Module Execution
    6. 6.5.6 Service Management
  6. 6.6 The Salt Stack Enterprise File System - State Tree
    1. 6.6.3 Representation of SLS Files
  7. 6.7 Pillar Data and States
    1. 6.7.1 Pillar Targeting in SaltStack Enterprise
    2. 6.7.2 Inline Pillar Data.
  8. 6.8 Running States.
  9. 6.9 The Top File
    1. 6.9.1 Environments
    2. 6.9.2 Top SLS Structure
    3. 6.9.3 Top File Targeting Types
    4. 6.9.4 Running Top Files
  10. 6.10 Best practices for testing states
  11. 6.12 Summary
  12. 6.13 States Hands-On Labs

Chapitre 7 - Requisites and Declarations

  1. 7.1 Objectives
  2. 7.2 Requisite System - ID vs Name.
    1. 7.2.1 One ID to Many Names
    2. 7.2.2 State Execution Order
    3. 7.2.3 Implicit Ordering
    4. 7.2.4 The order Declaration
  3. 7.3 Requisite Declarations
    1. 7.3.1 Referencing State Declarations
    2. 7.3.2 State Failure Behavior.
    3. 7.3.3 Standard Requisites
    4. 7.3.4 The require Requisite
    5. 7.3.5 Circular References
    6. 7.3.6 The watch Requisite
    7. 7.3.7 watch
    8. 7.3.8 Multiple Requisites.
    9. 7.3.9 The onfail declaration
    10. 7.3.10 The onchanges Declaration
    11. 7.3.11 The use Requisite
    12. 7.3.12 The prereq Requisite
    13. 7.3.13 Logic of the prereq.
    14. 7.3.14 Requisite Summary
  4. 7.4 Including other SLS Files.
    1. 7.4.1 Including for Requisites Example
  5. 7.5 Extending External SLS Data
    1. 7.5.1 The extend Declaration.
    2. 7.5.2 Extend is a Top-Level Declaration
    3. 7.5.3 Rules to Extend By
  6. 7.6 Altering States
    1. 7.6.1 The onlyif Requisite
    2. 7.6.2 The unless Requisite
    3. 7.6.3 The check_cmd Requisite
    4. 7.6.4 The listen Requisite
  7. 7.7 Retrying States
  8. 7.7 Summary
  9. 7.8 Requisites and Declarations Hands-On Labs

Chapitre 8 - Using Jinja with Salt

  1. 8.1 Objectives
  2. 8.2 Renderers
    1. 8.2.1 Salt State Rendering.
    2. 8.2.2 Multiple Renderers.
  3. 8.3 Using the Jinja Renderer
    1. 8.3.1 Using Renderer Pipes
  4. 8.4 Jinja Basics
  5. 8.5 Data Injected into States
    1. 8.5.1 Grains and Their Use With Jinja
    2. 8.5.2 Dictionary Access - Python Syntax.
    3. 8.5.3 Dictionary Access - Jinja Syntax
    4. 8.5.4 Conditional if Statements
    5. 8.5.5 Jinja Variable Assignments
    6. 8.5.6 Jinja Variable Types
    7. 8.5.7 Templating Files with Jinja
  6. 8.6 Leveraging Lookup Lists and Dictionaries.
    1. 8.6.1 Defining Jinja Lists and for Loops.
    2. 8.6.2 Defining a YAML Dictionary
    3. 8.6.3 Defining a Jinja Dictionary
  7. 8.7 Calling Execution Modules with Jinja
    1. 8.7.1 Filtering Dictionaries.
  8. 8.8 Importing Data
    1. 8.8.1 Benefits of Map Lookup Files
    2. 8.8.2 A YAML Map File  
    3. 8.8.3 A JSON Map File  
    4. 8.8.4 A Jinja Map File
  9. 8.9 Summary
  10. 8.10 Using Jinja with Salt Hands-On Labs

Chapitre 9 - Windows Specific Modules

  1. 9.1 Objectives  
  2. 9.2 Software Management
    1. 9.2.1 Winrepo
  3. 9.3 Managing features and roles
    1. 9.3.1 win_servermanager execution module
    2. 9.3.2 win_servermanager state module
  4. 9.4 Managing Local Group Policies
    1. 9.4.1 win_lgpo execution module
    2. 9.4.2 win_lgpo state module
  5. 9.5 Patching
    1. 9.5.1 win_wua execution module
    2. 9.5.2 win_wua state module
  6. 9.6 Windows permissions DACL
    1. 9.6.1 win_dacl execution module
    2. 9.6.2 win_dacl state module.
  7. 9.7 Summary.
  8. 9.8 Windows Labs
    1. 9.8.1 Software Management
    2. 9.8.2 Windows features Management
    3. 9.8.3 Local Group Policies Lab
    4. 9.8.4 Patching Lab
    5. 9.8.5 DACL Lab

Chapitre 10 - Salt Orchestration

  1. 10.1 Objectives.
  2. 10.2 Salt Orchestration
    1. 10.2.1 The state Runner for Orchestration
  3. 10.3 Executing Orchestration.
  4. 10.4 Creating Orchestration State Files.
    1. 10.4.1 Orchestration SLS Structure
  5. 10.5 Highstate in Orchestration
  6. 10.6 Run States in Orchestration
  7. 10.7 Call Functions in Orchestration
  8. 10.8 Salt Orchestration Example
  9. 10.9 Call a Runner in an Orchestration
  10. 10.10 Summary
  11. 10.11 Orchestration Hands-On Labs.
    1. Create an orchestration SLS file that executes a Salt Runner
    2. Update the orchestration SLS file to add a state and some Jinja
    3. Update the orchestration SLS file to add a function execution and some Jinja

Chapitre 11 - Reactors and Beacons

  1. 11.1 Objectives:
  2. 11.2 Reactor System
    1. 11.2.1 Reactor Components.
    2. 11.2.2 Reactor Definition Structure
    3. 11.2.3 Understanding the Structure of Reactor Formulas
    4. 11.2.4 Reactor Interfaces on the Master.
    5. 11.2.5 Reactor State Structure
    6. 11.2.6 React with Execution Modules.
    7. 11.2.7 React Using the data Dictionary
    8. 11.2.8 Using the RunnerClient
    9. 11.2.9 Reacting with Runners.
    10. 11.2.10 React with an Orchestration
    11. 11.2.11 Using the WheelClient
    12. 11.2.12 Using Other Targeting Types in Reactors.
    13. 11.2.13 Debugging the Reactor
  3. 11.3 Beacons
    1. 11.3.1 Beacon State Module
    2. 11.3.2 Avoiding Event Loops
  4. 11.4 Summary
  5. 11.5 Reactor and Beacon Lab

Chapitre 12 - Security in SaltStack Enterprise

  1. 12.1 Objectives.
  2. 12.2 Directory Service
    1. 12.2.1 Overview.
    2. 12.2.2 How to use Directory Service
    3. Creating a Directory Service connection
    4. Synchronizing with a Directory Service connection
    5. Editing a Directory Service connection.
    6. Deleting a Directory Service connection
    7. 12.2.3 Reference
    8. Directory Service information fields
  3. 12.3 Local Users
    1. 12.3.1 Overview
    2. Creating a Local User
    3. Cloning a Local User
    4. Changing user settings
    5. Changing root password
  4. 12.4 Roles and Permissions
    1. 12.4.1 Overview
    2. 12.4.2 How to use the Roles workspace
    3. Creating a role Cloning a role
    4. Editing a role Setting permitted tasks.
    5. Assigning access to a job or target
    6. Adding or removing groups.
    7. Adding or removing users
    8. 12.4.3 Reference
    9. Tasks
    10. Resource access
    11. Targets.
    12. Jobs
    13. Other resource types
    14. Difference between permitted tasks and resource access
    15. Types of roles.
    16. Built-in roles.
    17. Custom-defined roles
  5. 12.5 Advanced permissions
    1. 12.5.1 Overview.
    2. 12.5.2 How to set Advanced permissions
    3. Defining advanced permissions
    4. 12.5.3 Reference
    5. Permission types
  6. 12.6 Summary  
  7. 12.7 RBAC Lab

Chapitre 13 - Introduction to SecOps

  1. 13.1 Objectives
  2. 13.2 Overview
    1. 13.2.1 Policies
    2. 13.2.2 Assessments and remediation
    3. 13.2.3 Customization
  3. 13.3 How to use SaltStack SecOps
    1. 13.3.1 Creating a Policy
    2. 13.3.2 Editing a policy. 2
    3. 13.3.3 Updating the security library
    4. 13.3.4 Running an assessment
    5. 13.3.5 Viewing assessment results
    6. 13.3.6 Downloading the assessment report
    7. 13.3.7 Remediating all checks.
    8. 13.3.8 Remediating by check.
    9. 13.3.9 Remediating by minion
    10. 13.3.10 Adding exemptions
    11. 13.3.11 Adding exemptions by minion
    12. 13.3.12 Removing an exemption
  4. 13.4 Defining SecOps permissions.
  5. 13.5 SaltStack SecOps Architecture.
    1. 13.5.1 Overview.
    2. 13.5.2 SaltStack SecOps security library
    3. 13.5.3 Content ingestion for standard systems
    4. 13.5.4 Manual content ingestion.
  6. 13.6 Reference  
    1. The SaltStack SecOps content library
    2. Policies.
    3. Target.
    4. Benchmarks
    5. Checks
    6. Variables
    7. Schedules.
    8. Assessment results.
    9. Return statuses
    10. SecOps permissions
  7. 13.5 Summary
  8. 13.5 Labs

Chapitre 14 - SaltStack Enterprise API (eAPI)

  1. 14.1 Objectives.
  2. 14.2 Understand the SaltStack Enterprise Architecture
    1. 14.2.1 High Availability at the RaaS Layer.
    2. 14.2.2 Multi-Master Support
    3. 14.2.3 Communication Flow
  3. 14.3 Salt Master Enterprise API master plug-in
    1. 14.3.1 Salt Master RaaS Configuration
  4. 14.4 Enterprise API (eAPI) Endpoint
  5. 14.5 SaltStack Enterprise API (eAPI) Hands-On Lab.

Chapitre 15 - Salt Cloud

  1. 15.1 Objectives.
  2. 15.2 What is Salt Cloud?
    1. 15.2.1 Salt Cloud Providers
  3. 15.3 Installing Salt Cloud
  4. 15.4 Salt Cloud Components
  5. 15.5 Configuring Salt Cloud.
    1. 15.5.1 Configuration Files.
    2. 15.5.2 Core Settings
    3. 15.5.3 Provider Settings
      1. 15.5.3.1 VMware Configuration Example
      2. 15.5.3.2 Amazon EC2 Configuration Example
    4. 15.5.4 Defining Virtual Machine Profiles
      1. 15.5.4.1 Cloud Profile Structures
      2. 15.5.4.2 An Amazon Cloud Profiles Example
  6. 15.6 The "cloud" Runner
    1. 15.6.1 Creating VMs  
    2. 15.6.2 Bootstrap for Salt Installation
    3. 15.6.3 Querying for Cloud Instances
      1. 15.6.3.1 Example Salt Cloud Output
      2. 15.6.3.2 Querying for VMs
    4. 15.6.4 Destroying Virtual Machines in the Cloud
  7. 15.7 Creating Multiple VM Instances
    1. 15.7.1 Cloud Map Structure
    2. 15.7.2 Running Map Files
  8. 15.8 Summary
  9. 15.9 Salt Cloud Hands-On Labs

 

Etes-vous prêts pour SSE II ? Auto-évaluation ci-dessous :

 
Voir l'article complet