We will be using SaltStack to apply configuration management on both our Jenkins and demo-app
web server nodes. We will be using Grains to define which States/Pillars apply to which host. Let us have a look at the code:
The top
file shows us that some states are shared between all hosts/roles while others are assigned based on the role:
base: '*': - users - yum-s3 'roles:jenkins': - match: grain - jenkins - nginx.jenkins - docker - packer 'roles:demo-app': - match: grain - php-fpm - nginx.demo-app - demo-app
You are already familiar with the users and the yum-s3
States. Now this is a good time to add an account and an SSH key for yourself.
We install the service as before plus a couple of extra tools:
jenkins_prereq: pkg.installed: - pkgs: ... - jq - httpd-tools ...
We will be using jq
to parse JSON output and ab
from the httpd-tools
package for basic HTTP load testing.
This time we split the NGINX State into three parts:
init.sls
This installs the main package and sets up the service daemon:
nginx: pkg.installed: [] service.running: - enable: True - reload: True - require: - pkg: nginx
jenkins.sls
This deploys the NGINX configuration and related file needed for the Jenkins service:
include: - nginx /etc/nginx/conf.d/jenkins.conf: file.managed: - source: salt://nginx/files/jenkins.conf ...
demo-app.sls
This deploys the NGINX configuration and related file needed for the demo-app
web server:
include: - nginx /etc/nginx/conf.d/demo-app.conf: file.managed: - source: salt://nginx/files/demo-app.conf
In both cases, we include init.sls
also known as NGINX, which provides shared functionality, Docker remains the same, whereas Packer is a new addition which we will get to play with shortly:
packer: archive.extracted: - name: /opt/ - source: 'https://releases.hashicorp.com/packer/0.10.1/packer_0.10.1_linux_amd64.zip' - source_hash: md5=3a54499fdf753e7e7c682f5d704f684f - archive_format: zip - if_missing: /opt/packer cmd.wait: - name: 'chmod +x /opt/packer' - watch: - archive: packer
The archive module conveniently downloads and extracts the Packer zip file for us. After that we ensure that the binary is executable with cmd.wait
, which gets triggered on package change (that is watch archive).
php-fpm
We need PHP in order to be able to serve our PHP application
(demo-app)
:
include: - nginx php-fpm: pkg.installed: - name: php-fpm - require: - pkg: nginx service.running: - name: php-fpm - enable: True - reload: True - require_in: - service: nginx ...
And finally, the demo-app
State, which installs a selected version the application rpm
. We will discuss how we populate /tmp/APP_VERSION
a bit later:
{% set APP_VERSION = salt['cmd.run']('cat /tmp/APP_VERSION') %} include: - nginx demo-app: pkg.installed: - name: demo-app - version: {{ APP_VERSION }} - require_in: - service: nginx
We will reuse the nginx
and users
Pillars from the previous chapter.
While masterless.conf
remains the same as before, we are extending the minion
configuration with a custom role Grain, which we set via UserData for Jenkins and a config file for the demo-app
web server (discussed later in the chapter).