1======================== 2Salt 0.9.3 Release Notes 3======================== 4 5:release: 2011-11-05 6 7Salt 0.9.3 is finally arrived. This is another big step forward for Salt, new 8features range from proper FreeBSD support to fixing issues seen when 9attaching a minion to a master over the Internet. 10 11The biggest improvements in 0.9.3 though can be found in the state system, it 12has progressed from something ready for early testers to a system ready to 13compete with platforms such as Puppet and Chef. The backbone of the state 14system has been greatly refined and many new features are available. 15 16Download! 17--------- 18 19The Salt source can be downloaded from PyPI: 20 21https://pypi.python.org/packages/source/s/salt/salt-0.9.3.tar.gz 22 23For instructions on how to set up Salt please see the :ref:`installation` 24instructions. 25 26New Features 27------------ 28 29WAN Support 30``````````` 31 32Recently more people have been testing Salt minions connecting to Salt Masters 33over the Internet. It was found that Minions would commonly loose their 34connection to the master when working over the internet. The minions can now 35detect if the connection has been lost and reconnect to the master, making 36WAN connections much more reliable. 37 38State System Fixes 39``````````````````` 40 41Substantial testing has gone into the state system and it is ready for real 42world usage. A great deal has been added to the documentation for states and 43the modules and functions available to states have been cleanly documented. 44 45A number of State System bugs have also been founds and repaired, the output 46from the state system has also been refined to be extremely clear and concise. 47 48Error reporting has also been introduced, issues found in sls files will now 49be clearly reported when executing Salt States. 50 51Extend Declaration 52`````````````````` 53 54The Salt States have also gained the ``extend`` declaration. This declaration 55allows for states to be cleanly modified in a post environment. Simply said, 56if there is an apache.sls file that declares the apache service, then another 57sls can include apache and then extend it: 58 59.. code-block:: yaml 60 61 include: 62 - apache 63 64 extend: 65 apache: 66 service: 67 - require: 68 - pkg: mod_python 69 70 mod_python: 71 pkg: 72 - installed 73 74The notable behavior with the extend functionality is that it literally extends 75or overwrites a declaration set up in another sls module. This means that Salt 76will behave as though the modifications were made directly to the apache sls. 77This ensures that the apache service in this example is directly tied to all 78requirements. 79 80Highstate Structure Specification 81````````````````````````````````` 82 83This release comes with a clear specification of the Highstate data structure 84that is used to declare Salt States. This specification explains everything 85that can be declared in the Salt SLS modules. 86 87The specification is extremely simple, and illustrates how Salt has been able 88to fulfill the requirements of a central configuration manager within a simple 89and easy to understand format and specification. 90 91SheBang Renderer Switch 92``````````````````````` 93 94It came to our attention that having many renderers means that there may be a 95situation where more than one State Renderer should be available within a 96single State Tree. 97 98The method chosen to accomplish this was something already familiar to 99developers and systems administrators, a SheBang. The Python State Renderer 100displays this new capability. 101 102Python State Renderer 103````````````````````` 104 105Until now Salt States could only be declared in yaml or json using Jinja or 106Mako. A new, very powerful, renderer has been added, making it possible to 107write Salt States in pure Python: 108 109.. code-block:: python 110 111 #!py 112 113 114 def run(): 115 """ 116 Install the python-mako package 117 """ 118 return {"include": ["python"], "python-mako": {"pkg": ["installed"]}} 119 120This renderer is used by making a run function that returns the Highstate data 121structure. Any capabilities of Python can be used in pure Python sls modules. 122 123This example of a pure Python sls module is the same as this example in yaml: 124 125.. code-block:: yaml 126 127 include: 128 - python 129 130 python-mako: 131 pkg: 132 - installed 133 134FreeBSD Support 135``````````````` 136 137Additional support has been added for FreeBSD, this is Salt's first branch out 138of the Linux world and proves the viability of Salt on non-Linux platforms. 139 140Salt remote execution already worked on FreeBSD, and should work without issue 141on any Unix-like platform. But this support comes in the form of package 142management and user support, so Salt States also work on FreeBSD now. 143 144The new freebsdpkg module provides package management support for FreeBSD 145and the new pw_user and pw_group provide user and group management. 146 147Module and State Additions 148-------------------------- 149 150Cron Support 151```````````` 152 153Support for managing the system crontab has been added, declaring a cron state 154can be done easily: 155 156.. code-block:: yaml 157 158 date > /tmp/datestamp: 159 cron: 160 - present 161 - user: fred 162 - minute: 5 163 - hour: 3 164 165File State Additions 166```````````````````` 167 168The file state has been given a number of new features, primarily the 169directory, recurse, symlink, and absent functions. 170 171file.directory 172 Make sure that a directory exists and has the right permissions. 173 174 .. code-block:: yaml 175 176 /srv/foo: 177 file: 178 - directory 179 - user: root 180 - group: root 181 - mode: 1755 182 183file.symlink 184 Make a symlink. 185 186 .. code-block:: yaml 187 188 /var/lib/www: 189 file: 190 - symlink 191 - target: /srv/www 192 - force: True 193 194file.recurse 195 The recurse state function will recursively download a directory on the 196 master file server and place it on the minion. Any change in the files on 197 the master will be pushed to the minion. The recurse function is very 198 powerful and has been tested by pushing out the full Linux kernel source. 199 200 .. code-block:: yaml 201 202 /opt/code: 203 file: 204 - recurse 205 - source: salt://linux 206 207file.absent 208 Make sure that the file is not on the system, recursively deletes 209 directories, files, and symlinks. 210 211 .. code-block:: yaml 212 213 /etc/httpd/conf.d/somebogusfile.conf: 214 file: 215 - absent 216 217Sysctl Module and State 218``````````````````````` 219 220The sysctl module and state allows for sysctl components in the kernel to be 221managed easily. the sysctl module contains the following functions: 222 223sysctl.show 224 Return a list of sysctl parameters for this minion 225 226sysctl.get 227 Return a single sysctl parameter for this minion 228 229sysctl.assign 230 Assign a single sysctl parameter for this minion 231 232sysctl.persist 233 Assign and persist a simple sysctl parameter for this minion 234 235The sysctl state allows for sysctl parameters to be assigned: 236 237.. code-block:: yaml 238 239 vm.swappiness: 240 sysctl: 241 - present 242 - value: 20 243 244Kernel Module Management 245```````````````````````` 246 247A module for managing Linux kernel modules has been added. The new functions 248are as follows: 249 250kmod.available 251 Return a list of all available kernel modules 252 253kmod.check_available 254 Check to see if the specified kernel module is available 255 256kmod.lsmod 257 Return a dict containing information about currently loaded modules 258 259kmod.load 260 Load the specified kernel module 261 262kmod.remove 263 Unload the specified kernel module 264 265The kmod state can enforce modules be either present or absent: 266 267.. code-block:: yaml 268 269 kvm_intel: 270 kmod: 271 - present 272 273Ssh Authorized Keys 274``````````````````` 275The ssh_auth state can distribute ssh authorized keys out to minions. Ssh 276authorized keys can be present or absent. 277 278.. code-block:: yaml 279 280 AAAAB3NzaC1kc3MAAACBAL0sQ9fJ5bYTEyYvlRBsJdDOo49CNfhlWHWXQRqul6rwL4KIuPrhY7hBw0tV7UNC7J9IZRNO4iGod9C+OYutuWGJ2x5YNf7P4uGhH9AhBQGQ4LKOLxhDyT1OrDKXVFw3wgY3rHiJYAbd1PXNuclJHOKL27QZCRFjWSEaSrUOoczvAAAAFQD9d4jp2dCJSIseSkk4Lez3LqFcqQAAAIAmovHIVSrbLbXAXQE8eyPoL9x5C+x2GRpEcA7AeMH6bGx/xw6NtnQZVMcmZIre5Elrw3OKgxcDNomjYFNHuOYaQLBBMosyO++tJe1KTAr3A2zGj2xbWO9JhEzu8xvSdF8jRu0N5SRXPpzSyU4o1WGIPLVZSeSq1VFTHRT4lXB7PQAAAIBXUz6ZO0bregF5xtJRuxUN583HlfQkXvxLqHAGY8WSEVlTnuG/x75wolBDbVzeTlxWxgxhafj7P6Ncdv25Wz9wvc6ko/puww0b3rcLNqK+XCNJlsM/7lB8Q26iK5mRZzNsGeGwGTyzNIMBekGYQ5MRdIcPv5dBIP/1M6fQDEsAXQ==: 281 ssh_auth: 282 - present 283 - user: frank 284 - enc: dsa 285 - comment: 'Frank's key' 286