Server management with salt – h5: Windows with salt

This assignment was completed in full from my personal desktop, with a virtual machine running Ubuntu 18.04.1 x64, and a Dell Vostro 5568 laptop running windows 10 pro – 10.0.17763 x64

Installing Salt-minion on a Windows machine (11:40 – 27.11)

Mardown version here (Github)

Here’s the guide i used

In order to make my Windows laptop a salt minion, i need to install salt-minion services on it.

The guide says its important for master to have the same or never version of salt as the minion, so i first checked what version my salt-master currenty is:

$ salt-master --version
salt-master 2017.7.4 (Nitrogen)

This is not the newest version, so i issued commands from the guide to update salt-master:

$ wget https://repo.saltstack.com/apt/ubuntu/16.04/amd64/latest/SALTSTACK-GPG-KEY.pub
$ sudo apt-key add SALTSTACK-GPG-KEY.pub
$ sudo apt-get update
$ sudo systemctl restart salt-minion

I then checked the version again:

$ salt-master --version
salt-master 2018.3.3 (Oxygen)

Salt-master was succesfully updated to the newest version.

We also need the master’s IP-address

$ hostname -I
178.128.206.165

We now have everything we need to control Windows with salt.

I downloaded the latest salt-minion.exe file from the official salt website

I then accepted the new key:

$ sudo salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
WinMinion
Proceed? [n/Y] Y
Key for minion WinMinion accepted.

$ sudo salt "WinMinion" test.ping
WinMinion:
    True

We now have control over our Windows-machine with salt!

Enable salt windows sofware repositories (12:21)

According to the guide, “this is a one-time configuration so that packages are easy to install”

$ sudo salt-run winrepo.update_git_repos
https://github.com/saltstack/salt-winrepo-ng.git:
    /srv/salt/win/repo-ng/salt-winrepo-ng
https://github.com/saltstack/salt-winrepo.git:
    /srv/salt/win/repo/salt-winrepo

$ /srv/salt$ sudo salt -G 'os:windows' pkg.refresh_db
WinMinion:
    ----------
    failed:
        0
    success:
        260
    total:
        260

I now have a bunch of .sls files in /srv/salt/win/repo/salt-winrepo that can be used to install programs on windows.

Example:

$ cat ccleaner.sls 
ccleaner:
  '5.34':
    full_name: 'CCleaner'
    installer: 'http://download.piriform.com/ccsetup534.exe'
    install_flags: '/S'
    uninstaller: '%ProgramFiles%\CCleaner\uninst.exe'
    uninstall_flags: '/S'
    msiexec: False
    locale: en_US
    reboot: False

Lets try installing something:

$ sudo salt "WinMinion" pkg.install vlc
WinMinion:
    Minion did not return. [No response]

For some reason minion did not respond. I then noticed i skipped a part in the guide, that says i need to give “salt”-group write premissions to /src/salt/win I did so, and when issuing the above command again, i got the same response, but vlc WAS actually installed on my minion. Weird

I then decided to remove all of the newly created files and directories, and take it from the top, this time giving premissions before running the commands:

$ sudo rm -r win
$ sudo mkdir /srv/salt/win
$ sudo chown root.salt /srv/salt/win
$ sudo chmod ug+rwx /srv/salt/win/

$ sudo salt-run winrepo.update_git_repos
https://github.com/saltstack/salt-winrepo-ng.git:
    /srv/salt/win/repo-ng/salt-winrepo-ng
https://github.com/saltstack/salt-winrepo.git:
    /srv/salt/win/repo/salt-winrepo

$ sudo salt -G 'os:windows' pkg.refresh_db
WinMinion:
    Minion did not return. [No response]

The .sls files were created, but the update command fails due to minion not responding. (Altough test.ping returns True) I then tested out a couple of other programs, like Chrome and Git, both of which returned the “Minion did not respond” message.

I went for a quick smoke, and when i came back i noticed that both chrome and git had been installed on my Windows-minion.

I then tried Sudo salt-run managed.up and managed.status, both reported my WinMinion should be up and runnign. So technically my minion DOES WORK, the master just keeps telling minion did not respond.

Not really understanding what was wrong, i deleted the “WinMinion” minion-key, re-installed salt-minion on my windows machine, and accepted the new key called “Winion”.

$ sudo salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
Winion
Proceed? [n/Y] Y
Key for minion Winion accepted.

$ sudo salt "Winion" test.ping
Winion:
    True

$ sudo salt "Winion" pkg.install vlc 
Winion:
    Minion did not return. [No response]

Once again, same thing happened. Vlc was installed on my minion but salt-master tells there were no response. Also, the managed.up and managed.running both now return the “no response” message.

Feeling defeated, i tried installing something for one last time:

$ sudo salt "Winion" pkg.install winscp
Winion:
    ----------
    winscp:
        ----------
        new:
            5.13.4
        old:

I dont understand why, or how, but it worked. However when i then tried installing vlc, the same old “no response” message appeared again.

Figuring it out! (15:29)

Reading the troubleshooting documentation revealed that sometimes when the salt job is taking too long, you might get kicked back to shell, but the salt job is still running. Active jobs can be queried with salt-run jobs.list_jobs. Here are the results:

$ sudo salt "Winion" pkg.install vlc
$ sudo salt-run jobs.list_jobs

20181127132826985566:
    ----------
    Arguments:
        - 20181127132821922844
    Function:
        saltutil.find_job
    StartTime:
        2018, Nov 27 13:28:26.985566
    Target:
        - Winion
    Target-type:
        list
    User:
        sudo_pete

To see if i am simply getting booted back to shell due to timeout, while salt is actually still running the job in the background, i used the -t flag to bump the timeout up by 60 seconds.

$ sudo salt -t 60 "Winion" pkg.install winscp
Winion:
    ----------
    winscp:
        ----------
        new:
            5.13.4
        old:

As you can see, it works perfectly. If only i had started reading the documentation sooner.

Manage windows without master. (salt-call –local)

Keeping with the guide, i next moved to my Windows desktop and fired up powershell.

Powershell apparently supports the same cd and ls commands as bash, so using it was actually pretty comfortable. (After increasing the font size from 0.1 pixels to something actually readable.)

cd C:/salt

./salt-call --local test.ping
local:
    True

Installing git, and then cloning one of my github repos:

salt-call --local pkg.install git

git clone https://github.com/Pheebzer/reports.git
Cloning into 'reports'...
remote: Enumerating objects: 3, done.
remote: Counting objects: 100% (3/3), done.
remote: Compressing objects: 100% (3/3), done.
Receiving objects:  60% (96/160)    1 (delta 0), pack-reused 157
Receiving objects: 100% (160/160), 33.83 KiB | 1.35 MiB/s, done.
Resolving deltas: 100% (85/85), done.

Change settings in a windows program using salt (11:56 – 28.11)

I created a state that installs steam and chrome, and then modifies some .ini files to make steam chat’s font size bigger.

There are 2 different states, first installs steam and chrome, and the second creates a new directory with my .style file in it.

I use file.recurse because steam does not actually have that file or directory after being installed by salt, so file.managed wont work.

Install steam and chrome:

Winion:
  pkg.installed:
    - pkgs:
      - chrome
      - steam

$ sudo salt -t 180 "Winion" state.apply steam_and_chrome
Winion:
----------
          ID: Winion
    Function: pkg.installed
      Result: True
     Comment: The following packages were installed/updated: steam, chrome
     Started: 02:53:08.444837
    Duration: 90908.545 ms
     Changes:   
              ----------
              chrome:
                  ----------
                  new:
                      67.116.32878
                  old:
              steam:
                  ----------
                  new:
                      2.10.91.91
                  old:

Summary for Winion
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
Total run time:  90.909 s

Replace steam.styles with my own version:

c:\Program Files (x86)\Steam\resource:
  file.recurse:
    - source: salt://steam_styles/resource
    - include_empty: True

$ sudo salt -t 120 "Winion" state.apply steam_styles
Winion:
----------
          ID: c:\Program Files (x86)\Steam\resource
    Function: file.recurse
      Result: True
     Comment: Recursively updated c:\program files (x86)\steam\resource
     Started: 03:02:31.074852
    Duration: 962.112 ms
     Changes:   
              ----------
              c:\program files (x86)\steam\resource\.:
                  ----------
                  owner:
                      SYSTEM
              c:\program files (x86)\steam\resource\steam.styles:
                  ----------
                  diff:
                      New file

Summary for Winion
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
Total run time: 962.112 ms
Lähteet

Leave a Reply

Your email address will not be published. Required fields are marked *