shell: bash\neditor: vim<\/code><\/pre>\n\n\n\nPillar data refresh (the action to provide Pillar data to targeted Minions):<\/p>\n\n\n\n
salt '*' saltutil.refresh_pillar<\/code><\/pre>\n\n\n\nWhen Salt Pillar data is refreshed, each Salt Minion is matched against the targets listed in the top.sls<\/code> file. When a Salt Minion matches a target, it receives all of the Salt Pillar SLS files defined in the list underneath that target.<\/p>\n\n\n\nIn order to sees Minion’s Pillar use the following command:<\/p>\n\n\n\n
salt '*' pillar.items<\/code><\/pre>\n\n\n\nSalt Pillar in Salt States<\/h2>\n\n\n\n We can reference Pillar data in Salt States by means of templating, here is a State File that leverages key\/values defined in the defaults.sls Pillar data file introduced before:<\/p>\n\n\n\n
vim_install:\n pkg.installed:\n - name: {{ pillar['editor'] }}<\/code><\/pre>\n\n\n\nActually Pillar data files are three-like data structures, so we can have a bit more complex data structures. Let’s assume to modify our defaults.sls file as follows:<\/p>\n\n\n\n
system:\n As a consequence our State file should change as follow in order to recognize that now they key editor<\/code> is nested under system<\/code>.<\/p>\n\n\n\nGet Started with Pillar<\/h2>\n\n\n\n There are few things we need to know and configure on the Salt Master before we can start playing with Pillar.<\/p>\n\n\n\n
We need to start setting up Pillar making sure the directory \/srv\/pillar<\/code> exists on you Salt Master:<\/p>\n\n\n\nmkdir \/srv\/pillar<\/code><\/pre>\n\n\n\nThe Pillar location can be configured using the pillar_roots<\/code> option in the Master configuration file. It must not be in a subdirectory of the state tree or file_roots<\/code>. If the pillar is under file_roots<\/code>, any pillar targeting can be bypassed by minions. Here after there is the piece of configuration I have in my Master configuration file. Please, note that you can manage multiple environments, external Pillars (e.g. source your Pillars file from a git repository) and other nice things, but this goes beyond the scope of this post.<\/p>\n\n\n\npillar_roots:\n base:\n - \/srv\/pillar<\/code><\/pre>\n\n\n\nDo not forget to restart you Salt Master service in order to make sure the new configuration is taken into account by the Master:<\/p>\n\n\n\n
systemctl restart salt-master<\/code><\/pre>\n\n\n\nStore your top.sls<\/code> file and any Pillar SLS file referenced in the Top file in the \/srv\/pillar<\/code> directory. Now you can use the saltutil.refresh_pillar<\/code> and the pillar.items<\/code> as introduced above to assign and check Pillar data against Minions.<\/p>\n\n\n\nLab Time!<\/h2>\n\n\n\n In my lab I have some Minions, but for this activity I will restrict the scope to 3 minions having the string secops<\/code> in their Minion IDs.<\/p>\n\n\n\nIn the \/srv\/pillar directory I have the following files: <\/p>\n\n\n\n
Top file, as usual named top.sls<\/code>:<\/p>\n\n\n\nbase:\n 'os:CentOS':\n - match: grain\n - centosdefaults\n 'os:Ubuntu':\n - match: grain\n - ubuntudefaults\n 'os:Windows':\n - match: grain\n - windowsdefaults<\/code><\/pre>\n\n\n\nPillar SLS for CentOS Minions named centosdefaults.sls<\/code>:<\/p>\n\n\n\npath: \/opt\/iberia_lab\nuser: root\ngroup: root\nmode: 755<\/code><\/pre>\n\n\n\nubuntudefaults.sls<\/code>:<\/p>\n\n\n\npath: \/opt\/iberia_lab\nuser: seiberia\ngroup: seiberia\nmode: 755<\/code><\/pre>\n\n\n\nPillar SLS for Windows Minions named windowsdefaults.sls<\/code>:<\/p>\n\n\n\npath: C:\\iberia_lab\nuser: Administrator\ngroup: na\nmode: na<\/code><\/pre>\n\n\n\nHere is how my \/srv\/pillar<\/code> directory looks like:<\/p>\n\n\n\n\nNow I can refresh Pillar:<\/p>\n\n\n\n\nI can check Pillar data assignment to Minions:<\/p>\n\n\n\n\nNow that I have Pillars data available in my Minions I can make good use of them. For this purpose I have a simple State file:<\/p>\n\n\n\n
# This State file ensure all systems have default directory according to company policy\n\n# Ensure default directory is there\ncreate standard_directory:\n file.directory:\n - name: {{ pillar['path'] }}\n - user: {{ pillar['user'] }}\n - group: {{ pillar['group'] }}\n - mode: {{ pillar['mode'] }}<\/code><\/pre>\n\n\n\nApply the State file and see it using different values available in different Minions:<\/p>\n\n\n\n\n\n\nWith this post I am just scratching the surface of a powerful yet simple mechanism such as Pillar, however even with this basic notions you can start doing real life stuff and automate (A LOT!) in your environment.<\/p>\n","protected":false},"excerpt":{"rendered":"
Salt Pillars are key elements to have parametric Salt State files allowing them to be more flexible and reusable. Here is an introduction to Salt Pillar<\/p>\n","protected":false},"author":1,"featured_media":1275,"comment_status":"open","ping_status":"open","sticky":false,"template":"templates\/template-cover.php","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4],"tags":[23,29,48,99,122,126,131,143,144,145,167,172,185,186],"class_list":["post-1239","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech","tag-automation","tag-bash","tag-data","tag-linux","tag-opensource","tag-oss","tag-pillar","tag-salt","tag-saltproject","tag-saltstack","tag-templating","tag-vim","tag-vrealize","tag-vrealizeautomation","entry"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/posts\/1239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/comments?post=1239"}],"version-history":[{"count":0,"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/posts\/1239\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/media?parent=1239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/categories?post=1239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nine30.nxt70.com\/index.php\/wp-json\/wp\/v2\/tags?post=1239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"\"](\"https:\/\/nine30.info\/wp-content\/uploads\/2021\/10\/1.pillar.directory-1024x543.png\")
<\/figure>\n<\/figure>\n\n\n\n![\"\"](\"https:\/\/nine30.info\/wp-content\/uploads\/2021\/10\/2.refresh.pillar.new_-1024x543.png\")
<\/figure>\n<\/figure>\n\n\n\n![\"\"](\"https:\/\/nine30.info\/wp-content\/uploads\/2021\/10\/3.pillar.items_.new_-1024x677.png\")
<\/figure>\n<\/figure>\n\n\n\n![\"\"](\"https:\/\/nine30.info\/wp-content\/uploads\/2021\/10\/4.apply_.ubuntu.png\")
<\/figure>\n<\/figure>\n\n\n\n![\"\"](\"https:\/\/nine30.info\/wp-content\/uploads\/2021\/10\/5.apply_.centos.png\")
<\/figure>\n<\/figure>\n\n\n\n![\"\"](\"https:\/\/nine30.info\/wp-content\/uploads\/2021\/10\/6.apply_.windows-1024x543.png\")
<\/figure>\n<\/figure>\n\n\n\n