Top 15 Devops SaltStack Interview Questions and Answers Pdf
SaltStack Interview Questions
In this post, we will analyze some of the fundamental concepts and specification required to start effectively analyzing to practice Salt.
Salt, or SaltStack, is a primitive execution device and configuration administration method. The primitive execution skills allow managers to control commands on multiple machines in parallel with an adjustable targeting system. The configuration management functionality builds a client-server design to immediately, and securely deliver foundation elements in line with a delivered policy.
The Salt master is the device that regulates the infrastructure and dictates plans for the servers it controls. It works both as a container for configuration data and as the control station that starts past commands and guarantees the state of your different devices. A daemon called salt-master is situated on the master to implement this functionality.
SaltStack Interview Questions
How to install and configure a Salt master server on an Ubuntu 14.04 server and also how to configure new minion servers to bring them under your master’s management. The primary SaltStack terminology and have a high-level knowledge of what the devices you’ll encounter are responsible for, you can start installing up Salt to control your infrastructure
If you think to perform an interview for a DevOps-SaltStack, here is a complete list of the most popular DevOps interview questions. If you have visited DevOps interviews or have any additional questions you would like us to answer.
1. Is Salt Open-core?
Answer: No. Salt is 100% committed to being open-source, including all of our APIs. It is developed under the Apache 2.0 license, allowing it to be used in both open and proprietary projects.
To expand on this a little:
There is much argument over the actual definition of “open core”. From our standpoint, Salt is open source because
- It is a standalone product that anyone is free to use.
- It is developed in the open with contributions accepted from the community for the good of the project.
- There are no features of Salt itself that are restricted to separate proprietary products distributed by SaltStack, Inc.
- Because of our Apache 2.0 license, Salt can be used as the foundation for a project or even a proprietary tool.
- Our APIs are open and documented (any lack of documentation is an oversight as opposed to an intentional decision by SaltStack the company) and available for use by anyone.
SaltStack the company does make proprietary products which use Salt and its libraries, like the company is free to do, but we do so via the APIs, NOT by forking Salt and creating a different, closed-source version of it for paying customers.
2. I Think I Found A Bug! What Should I Do?
Answer: The salt-users mailing list, as well as the salt IRC channel, can both be helpful resources to confirm if others are seeing the issue and to assist with immediate debugging.
To report a bug to the Salt project, please follow the instructions in reporting a bug.
3. What Ports Should I Open On My Firewall?
Answer: Minions need to be able to connect to the Master on TCP ports 4505 and 4506. Minions do not need any inbound ports open.
4. My Script Runs Every Time I Run A State.apply. Why ?
Answer: You are probably using cmd.run rather than cmd.wait. A cmd.wait state will only run when there has been a change in a state that it is watching.
A cmd.run state will run the corresponding command every time (unless it is prevented from running by the unless or onlyif arguments).
5. How Does Salt Determine The Minion’s Id?
Answer: If the Minion id is not configured explicitly (using the id parameter), Salt will determine the id based on the hostname.
6. I’m Trying To Manage Packages/services But I Get An Error Saying That The State Is Not Available. Why?
Answer: Salt detects the Minion’s operating system and assigns the correct package or service management module based on what is detected. However, for certain custom spins and OS derivatives this detection fails. In cases like this, an issue should be opened on our tracker, with the following information:
- The output of the following command:
- salt < minion_id > grains.items | grep os
- The contents of /etc/LSB-release, if present on the Minion.
7. Why Aren’t My Custom Modules/states/etc? Available On My Minions?
Answer: Custom modules are synced to Minions when salt until.sync_modules, or salt until.sync_all is run. Custom modules are also synced by state.apply when running without any arguments.
Similarly, custom states are synced to Minions when state.apply, salt until.sync_states, or salt until.sync_all is run.
Custom states are also synced by state.apply when running without any arguments.
Other custom types (renderers, outputters, etc.) have similar behavior, see the documentation for the saltutilmodule for more information.
This reactor example can be used to automatically sync custom types when the minion connects to the master, to help with this chicken-and-egg issue. (Interview Questions and Answers)
8. Module X Isn’t Available, Even Though The Shell Command It Uses Is Installed. Why ?
Answer: This is most likely a PATH issue. Did you custom-compile the software which the module requires? RHEL/CentOS/etc. in particular override the root user’s path in /etc/init.d/functions, setting it to /sbin:/usr/sbin:/bin:/usr/bin, making software installed into /usr/local/bin unavailable to Salt when the Minion is started using the init script. In version 2014.1.0, Salt will have a better solution for these sort of PATH-related issues, but recompiling the software to install it into a location within the PATH should resolve the issue in the meantime. Alternatively, you can create a symbolic link within the PATH using a file. symlink state.
/usr/bin/foo:
file.symlink:
– target: /usr/local/bin/foo
9. Can I Run Different Versions Of Salt On My Master And Minion?
Answer: This depends on the versions. In general, it is recommended that Master and Minion versions match.
When upgrading Salt, the master(s) should always be upgraded first. Backward compatibility for minions running newer versions of salt than their masters is not guaranteed.
Whenever possible, backward compatibility between new masters and old minions will be preserved. Generally, the only exception to this policy is in case of a security vulnerability.
Recent examples of backward compatibility breakage include the 0.17.1 release (where all backward compatibility was broken due to a security fix), and the 2014.1.0 release (which retained compatibility between 2014.1.0 masters and 0.17 minions but broke compatibility for 2014.1.0 minions and older masters).
10. Does Salt Support Back Up Managed Files?
Answer: Yes. Salt provides an easy to use addition to your file.managed states that allow you to back up files via backup_mode, backup_mode can be configured on a per-state basis, or in the minion config (note that if set in the minion config this would simply be the default method to use, you still need to specify that the file should be backed up!).
11. Is It Possible To Deploy A File To A Specific Minion, Without Other Minions Having Access To It?
Answer: The Salt fileserver does not yet support access control, but it is still possible to do this. As of Salt 2015.5.0, thefile_tree external pillar is available and allows the contents of a file to be loaded as Pillar data. This external pillar is capable of assigning Pillar values both to individual minions and to node groups. See the documentation for details on how to set this up.
Once the external pillar has been set up, the data can be pushed to a minion via a file. managed state, using thecontents_pillar argument:
/etc/my_super_secret_file:
file.managed:
– user: secret
– group: secret
– mode: 600
– contents_pillar: secret_files:my_super_secret_file
In this example, the source file would be located in a directory called secret_files underneath the file_tree path for the minion. The syntax for specifying the pillar variable is the same one used for pillar.get, with a colon representing a nested dictionary.
12. What Is The Best Way To Restart A Salt Minion Daemon Using Salt After Upgrade?
Answer: Updating the salt-minion package requires a restart of the salt-minion service. But restarting the service while in the middle of a state-run interrupts the process of the Minion running states and sending results back to the Master. A common way to work around that is to schedule restarting of the Minion service using masterless mode after all other states have been applied. This allows the minion to keep Minion to Master connection alive for the Minion to report the final results to the Master, while the service is restarting in the background.
13. Restart Using Remote Executions?
Answer: Restart the Minion from the command line:
salt -G kernel:Windows cmd.run_bg ‘C:saltsalt-call.bat –local service.restart salt-minion’
salt -C ‘not G@kernel:Windows’ cmd.run_bg ‘salt-call –local service.restart salt-minion’
14. Is Targeting Using Grain Data Secure?
Answer: Because grains can be set by users that have access to the minion configuration files on the local system, grains are considered less secure than other identifiers in Salt. Use caution when targeting sensitive operations or setting pillar values based on grain data.
When possible, you should target sensitive operations and data using the Minion ID. If the Minion ID of a system changes, the Salt Minion’s public key must be re-accepted by an administrator on the Salt Master, making it less vulnerable to impersonation attacks.
15. Why Did The Value For A Grain Change On Its Own?
Answer: This is usually the result of an upstream change in an OS distribution that replaces or removes something that Salt was used to detect the grain. Fortunately, when this occurs,
you can use Salt to fix it with a command similar to the following:
salt -G ‘grain: ChangedValue’ grains.setvals “{‘grain’: ‘OldValue’}”
(Replacing grain, ChangedValue, and OldValue with the grain and values that you want to change/set.)
You should also file an issue describing the change so it can be fixed in Salt.
Devops Interview Questions:
Top 50 Devops Interview Questions and Answers
Top 30 Devops Interview Questions and Answers
Top 50 Devops Engineer Interview Questions and Answers
Top 30 Puppet Interview Questions and Answers
Top 30 Chef Devops Interview Questions and Answers
Top 20 AWS Devops Interview Questions and Answers
Top 50 GIT Interview Questions and Answers
Top 50 Maven Interview Questions and Answers
Top 20 Jenkins Interview Questions and Answers
Top 50 Splunk Interview Questions and Answers
Top 15 Ansible Interview Questions and Answers
Top 40 Jira Interview Questions and Answers
Top 30 Gradle Interview Questions and Answers
Top 20 Nagios Interview Questions and Answers
Top 30 Bamboo Interview Questions and Answers
Note: Browse latest DevOps interview questions and DevOps tutorial. Here you can check DevOps Training details and DevOps Videos for self learning. Contact +91 988 502 2027 for more information.