We will be using SaltStack to apply configuration management on both our Jenkins and demo-app web server nodes. We will be using Grains to define which States/Pillars apply to which host. Let us have a look at the code:
The top file shows us that some states are shared between all hosts/roles while others are assigned based on the role:
base:
'*':
- users
- yum-s3
'roles:jenkins':
- match: grain
- jenkins
- nginx.jenkins
- docker
- packer
'roles:demo-app':
- match: grain
- php-fpm
- nginx.demo-app
- demo-app
You are already familiar with the users and the yum-s3 States. Now this is a good time to add an account and an SSH key for yourself.
We install the service as before plus a couple of extra tools:
jenkins_prereq:
pkg.installed:
- pkgs:
...
- jq
- httpd-tools
...
We will be using jq to parse JSON output and ab from the httpd-tools package for basic HTTP load testing.
This time we split the NGINX State into three parts:
init.sls
This installs the main package and sets up the service daemon:
nginx:
pkg.installed: []
service.running:
- enable: True
- reload: True
- require:
- pkg: nginx
jenkins.sls
This deploys the NGINX configuration and related file needed for the Jenkins service:
include:
- nginx
/etc/nginx/conf.d/jenkins.conf:
file.managed:
- source: salt://nginx/files/jenkins.conf
...
demo-app.sls
This deploys the NGINX configuration and related file needed for the demo-app web server:
include:
- nginx
/etc/nginx/conf.d/demo-app.conf:
file.managed:
- source: salt://nginx/files/demo-app.conf
In both cases, we include init.sls also known as NGINX, which provides shared functionality, Docker remains the same, whereas Packer is a new addition which we will get to play with shortly:
packer:
archive.extracted:
- name: /opt/
- source: 'https://releases.hashicorp.com/packer/0.10.1/packer_0.10.1_linux_amd64.zip'
- source_hash: md5=3a54499fdf753e7e7c682f5d704f684f
- archive_format: zip
- if_missing: /opt/packer
cmd.wait:
- name: 'chmod +x /opt/packer'
- watch:
- archive: packer
The archive module conveniently downloads and extracts the Packer zip file for us. After that we ensure that the binary is executable with cmd.wait, which gets triggered on package change (that is watch archive).
php-fpm
We need PHP in order to be able to serve our PHP application (demo-app):
include:
- nginx
php-fpm:
pkg.installed:
- name: php-fpm
- require:
- pkg: nginx
service.running:
- name: php-fpm
- enable: True
- reload: True
- require_in:
- service: nginx
...
And finally, the demo-app State, which installs a selected version the application rpm. We will discuss how we populate /tmp/APP_VERSION a bit later:
{% set APP_VERSION = salt['cmd.run']('cat /tmp/APP_VERSION') %}
include:
- nginx
demo-app:
pkg.installed:
- name: demo-app
- version: {{ APP_VERSION }}
- require_in:
- service: nginx
We will reuse the nginx and users Pillars from the previous chapter.
While masterless.conf remains the same as before, we are extending the minion configuration with a custom role Grain, which we set via UserData for Jenkins and a config file for the demo-app web server (discussed later in the chapter).