1========================
2Salt 0.9.3 Release Notes
3========================
4
5:release: 2011-11-05
6
7Salt 0.9.3 is finally arrived. This is another big step forward for Salt, new
8features range from proper FreeBSD support to fixing issues seen when
9attaching a minion to a master over the Internet.
10
11The biggest improvements in 0.9.3 though can be found in the state system, it
12has progressed from something ready for early testers to a system ready to
13compete with platforms such as Puppet and Chef. The backbone of the state
14system has been greatly refined and many new features are available.
15
16Download!
17---------
18
19The Salt source can be downloaded from PyPI:
20
21https://pypi.python.org/packages/source/s/salt/salt-0.9.3.tar.gz
22
23For instructions on how to set up Salt please see the :ref:`installation`
24instructions.
25
26New Features
27------------
28
29WAN Support
30```````````
31
32Recently more people have been testing Salt minions connecting to Salt Masters
33over the Internet. It was found that Minions would commonly loose their
34connection to the master when working over the internet. The minions can now
35detect if the connection has been lost and reconnect to the master, making
36WAN connections much more reliable.
37
38State System Fixes
39```````````````````
40
41Substantial testing has gone into the state system and it is ready for real
42world usage. A great deal has been added to the documentation for states and
43the modules and functions available to states have been cleanly documented.
44
45A number of State System bugs have also been founds and repaired, the output
46from the state system has also been refined to be extremely clear and concise.
47
48Error reporting has also been introduced, issues found in sls files will now
49be clearly reported when executing Salt States.
50
51Extend Declaration
52``````````````````
53
54The Salt States have also gained the ``extend`` declaration. This declaration
55allows for states to be cleanly modified in a post environment. Simply said,
56if there is an apache.sls file that declares the apache service, then another
57sls can include apache and then extend it:
58
59.. code-block:: yaml
60
61    include:
62      - apache
63
64    extend:
65      apache:
66        service:
67          - require:
68            - pkg: mod_python
69
70    mod_python:
71      pkg:
72        - installed
73
74The notable behavior with the extend functionality is that it literally extends
75or overwrites a declaration set up in another sls module. This means that Salt
76will behave as though the modifications were made directly to the apache sls.
77This ensures that the apache service in this example is directly tied to all
78requirements.
79
80Highstate Structure Specification
81`````````````````````````````````
82
83This release comes with a clear specification of the Highstate data structure
84that is used to declare Salt States. This specification explains everything
85that can be declared in the Salt SLS modules.
86
87The specification is extremely simple, and illustrates how Salt has been able
88to fulfill the requirements of a central configuration manager within a simple
89and easy to understand format and specification.
90
91SheBang Renderer Switch
92```````````````````````
93
94It came to our attention that having many renderers means that there may be a
95situation where more than one State Renderer should be available within a
96single State Tree.
97
98The method chosen to accomplish this was something already familiar to
99developers and systems administrators, a SheBang. The Python State Renderer
100displays this new capability.
101
102Python State Renderer
103`````````````````````
104
105Until now Salt States could only be declared in yaml or json using Jinja or
106Mako. A new, very powerful, renderer has been added, making it possible to
107write Salt States in pure Python:
108
109.. code-block:: python
110
111    #!py
112
113
114    def run():
115        """
116        Install the python-mako package
117        """
118        return {"include": ["python"], "python-mako": {"pkg": ["installed"]}}
119
120This renderer is used by making a run function that returns the Highstate data
121structure. Any capabilities of Python can be used in pure Python sls modules.
122
123This example of a pure Python sls module is the same as this example in yaml:
124
125.. code-block:: yaml
126
127    include:
128      - python
129
130    python-mako:
131      pkg:
132        - installed
133
134FreeBSD Support
135```````````````
136
137Additional support has been added for FreeBSD, this is Salt's first branch out
138of the Linux world and proves the viability of Salt on non-Linux platforms.
139
140Salt remote execution already worked on FreeBSD, and should work without issue
141on any Unix-like platform. But this support comes in the form of package
142management and user support, so Salt States also work on FreeBSD now.
143
144The new freebsdpkg module provides package management support for FreeBSD
145and the new pw_user and pw_group provide user and group management.
146
147Module and State Additions
148--------------------------
149
150Cron Support
151````````````
152
153Support for managing the system crontab has been added, declaring a cron state
154can be done easily:
155
156.. code-block:: yaml
157
158    date > /tmp/datestamp:
159      cron:
160        - present
161        - user: fred
162        - minute: 5
163        - hour: 3
164
165File State Additions
166````````````````````
167
168The file state has been given a number of new features, primarily the
169directory, recurse, symlink, and absent functions.
170
171file.directory
172    Make sure that a directory exists and has the right permissions.
173
174    .. code-block:: yaml
175
176        /srv/foo:
177          file:
178            - directory
179            - user: root
180            - group: root
181            - mode: 1755
182
183file.symlink
184    Make a symlink.
185
186    .. code-block:: yaml
187
188        /var/lib/www:
189          file:
190            - symlink
191            - target: /srv/www
192            - force: True
193
194file.recurse
195    The recurse state function will recursively download a directory on the
196    master file server and place it on the minion. Any change in the files on
197    the master will be pushed to the minion. The recurse function is very
198    powerful and has been tested by pushing out the full Linux kernel source.
199
200    .. code-block:: yaml
201
202        /opt/code:
203          file:
204            - recurse
205            - source: salt://linux
206
207file.absent
208    Make sure that the file is not on the system, recursively deletes
209    directories, files, and symlinks.
210
211    .. code-block:: yaml
212
213        /etc/httpd/conf.d/somebogusfile.conf:
214          file:
215            - absent
216
217Sysctl Module and State
218```````````````````````
219
220The sysctl module and state allows for sysctl components in the kernel to be
221managed easily. the sysctl module contains the following functions:
222
223sysctl.show
224    Return a list of sysctl parameters for this minion
225
226sysctl.get
227    Return a single sysctl parameter for this minion
228
229sysctl.assign
230    Assign a single sysctl parameter for this minion
231
232sysctl.persist
233    Assign and persist a simple sysctl parameter for this minion
234
235The sysctl state allows for sysctl parameters to be assigned:
236
237.. code-block:: yaml
238
239    vm.swappiness:
240      sysctl:
241        - present
242        - value: 20
243
244Kernel Module Management
245````````````````````````
246
247A module for managing Linux kernel modules has been added. The new functions
248are as follows:
249
250kmod.available
251    Return a list of all available kernel modules
252
253kmod.check_available
254    Check to see if the specified kernel module is available
255
256kmod.lsmod
257    Return a dict containing information about currently loaded modules
258
259kmod.load
260    Load the specified kernel module
261
262kmod.remove
263    Unload the specified kernel module
264
265The kmod state can enforce modules be either present or absent:
266
267.. code-block:: yaml
268
269    kvm_intel:
270      kmod:
271        - present
272
273Ssh Authorized Keys
274```````````````````
275The ssh_auth state can distribute ssh authorized keys out to minions. Ssh
276authorized keys can be present or absent.
277
278.. code-block:: yaml
279
280    AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyYvlRBsJdDOo49CNfhlWHWXQRqul6rwL4KIuPrhY7hBw0tV7UNC7J9IZRNO4iGod9C+OYutuWGJ2x5YNf7P4uGhH9AhBQGQ4LKOLxhDyT1OrDKXVFw3wgY3rHiJYAbd1PXNuclJHOKL27QZCRFjWSEaSrUOoczvAAAAFQD9d4jp2dCJSIseSkk4Lez3LqFcqQAAAIAmovHIVSrbLbXAXQE8eyPoL9x5C+x2GRpEcA7AeMH6bGx/xw6NtnQZVMcmZIre5Elrw3OKgxcDNomjYFNHuOYaQLBBMosyO++tJe1KTAr3A2zGj2xbWO9JhEzu8xvSdF8jRu0N5SRXPpzSyU4o1WGIPLVZSeSq1VFTHRT4lXB7PQAAAIBXUz6ZO0bregF5xtJRuxUN583HlfQkXvxLqHAGY8WSEVlTnuG/x75wolBDbVzeTlxWxgxhafj7P6Ncdv25Wz9wvc6ko/puww0b3rcLNqK+XCNJlsM/7lB8Q26iK5mRZzNsGeGwGTyzNIMBekGYQ5MRdIcPv5dBIP/1M6fQDEsAXQ==:
281      ssh_auth:
282        - present
283        - user: frank
284        - enc: dsa
285        - comment: 'Frank's key'
286