VMware vRealize SaltStack Config as a Windows Server Admin - Part 7

Part 7: Windows Server Features|Roles and Installed Software as grain data

The more I use VMware vRealize SaltStack Config as a Windows Server Admin the more I see the importance of having grain information added to the minion to be able to target servers many different ways. During a recent discussion it was suggested to have the ability to target Windows Server minions by the Windows server Features|Roles that were installed on the server and by which software was installed on a server. There are built-in salt functions to get Features|Roles and installed software. Here is the code I used to get the information and add to the minion grain file using PowerShell.

This will allow you to create targets to:

  • minions with specific VMware Tools Versions
  • minion with Web Server Feature|Role enabled
  • etc…

Salt Functions:
# The POSH-SSH PowerShell module MUST be installed to use this code.

# Name of Minion that you want to add grain data
$minion = 'DBH-210'

# ----- [ SSH Connection to SalStack Config Server ] ------------------------------------
Write-Host 'Making SSH Connection to SaltStack Config Server...'

$Server   = 'ssc.vCROCS.local'
$userName = 'root'
$Password = 'VMware#1'

# The next line is how to create the encrypted password
$psPassword = ConvertTo-SecureString -String $Password -AsPlainText -Force
$creds = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $psPassword

$Params = @{
    "ComputerName" = $Server
    "Credential"   = $creds
} # End Params

# SSH Connection to SaltStack Server
$sshSession = Get-SSHSession
if($sshSession.SessionId -eq 0){
    Write-Host 'SSH Connection to SSC Server already completed'
} # End If
else{
    Write-Host 'Creating new SSH Connection to SSC Server'
    New-SSHSession @Params
} # End Else

# ----- [ Start Adding Grain Data ] ---------------------------------------------------------------------------

# ----- [ Minion Get Windows Server Features|Roles Installed ] ------------------------------------
Write-Host 'Getting Windows Server Features|Roles Installed...'

$sshCommand = 'salt "' + $minion + '" win_servermanager.list_installed --output=json'
#$sshCommand

$Params = @{
    "SessionId" = 0
    "Command"   = $sshCommand
} # End Params

$results = Invoke-SSHCommand @Params

$features = $results.Output
$features = $results.Output | ConvertFrom-Json
$features = $features.PsObject.Properties.Value
$features = $features | ConvertTo-Xml

# Append Each Feature|Role information to grains
Write-Host 'Appending Windows Server Features|Roles Installed to grains...'

$grainsKey = 'vCROCS_Windows_Feature'

foreach($feature in $features.Objects.Object.Property){
    $grainsValue = $feature.Name + ' | ' + $feature.'#text'

    # Grains Append
    $sshCommand = 'salt "' + $minion + '" grains.append ' + $grainsKey + ' "' + $grainsValue + '"'
    #$sshCommand

    $Params = @{
        "SessionId" = 0
        "Command"   = $sshCommand
    } # End Params

    Invoke-SSHCommand @Params
    
} # End Foreach



# ----- [ Minion Get Windows Server Installed Software ] ------------------------------------
Write-Host 'Getting Windows Server Installed Software...'

# Get Installed Software
$sshCommand = 'salt "' + $minion + '" pkg.list_pkgs --output=json'
#$sshCommand

$Params = @{
    "SessionId" = 0
    "Command"   = $sshCommand
} # End Params

$results = Invoke-SSHCommand @Params

$installedPackages = $results.Output
$installedPackages = $installedPackages | ConvertFrom-Json
$installedPackages = $installedPackages.PsObject.Properties.Value
$installedPackages = $installedPackages | ConvertTo-Xml

$grainsKey = 'vCROCS_Windows_Installed_Software'

# Append Windows Server Installed Software to grains
Write-Host 'Appending Windows Server Installed Software to grains...'

foreach($installedPackage in $installedPackages.Objects.Object.Property){
    $grainsValue = $installedPackage.Name + ' | ' + $installedPackage.'#text'

    # Grains Append
    $sshCommand = 'salt "' + $minion + '" grains.append ' + $grainsKey + ' "' + $grainsValue + '"'
    #$sshCommand

    $Params = @{
        "SessionId" = 0
        "Command"   = $sshCommand
    } # End Params

    Invoke-SSHCommand @Params

} # End Foreach


# ----- [ Add a Date that grains last updated ] ----------------------------------------------------------------
$grainsupdateDate = Get-Date
$grainsValue = $grainsupdateDate.ToString("MM/dd/yyyy")
$grainsKey = 'vCROCS_last_grains_update'

# Grains Append
$sshCommand = 'salt "' + $minion + '" grains.append ' + $grainsKey + ' "' + $grainsValue + '"'
#$sshCommand

$Params = @{
    "SessionId" = 0
    "Command"   = $sshCommand
} # End Params

Invoke-SSHCommand @Params

# ----- [ End Adding Grain Data ] ---------------------------------------------------------------------------

# ----- [ Sync minion Grain Data ] ------------------------------------------------------------------
Write-Host 'Syncing Minion Grain Data...'
# Sync Grains Data
$sshCommand = 'salt "' + $minion + '" saltutil.sync_grains'
#$sshCommand

$Params = @{
    "SessionId" = 0
    "Command"   = $sshCommand
} # End Params

Invoke-SSHCommand @Params

# ----- [ Disconnect from SaltStack Config Server ] ------------------------------------------------------------------
Write-Host 'Disconnecting from SaltStack Config Server...'
Remove-SSHSession -SessionId 0

# ----- [ End of Code ] ---------------------------------------------------------------------------

Example grains file after running script

The default location of the grains file is in directory “C:\salt\conf"

vCROCS_Windows_Feature:
- FileAndStorage-Services | File and Storage Services
- NET-Framework-45-Core | .NET Framework 4.7
- NET-Framework-45-Features | .NET Framework 4.7 Features
- NET-Framework-Core | .NET Framework 3.5 (includes .NET 2.0 and 3.0)
- NET-Framework-Features | .NET Framework 3.5 Features
- NET-WCF-Services45 | WCF Services
- NET-WCF-TCP-PortSharing45 | TCP Port Sharing
- PowerShell | Windows PowerShell 5.1
- PowerShell-ISE | Windows PowerShell ISE
- PowerShellRoot | Windows PowerShell
- PowerShell-V2 | Windows PowerShell 2.0 Engine
- RSAT | Remote Server Administration Tools
- RSAT-Feature-Tools | Feature Administration Tools
- RSAT-SNMP | SNMP Tools
- SNMP-Service | SNMP Service
- SNMP-WMI-Provider | SNMP WMI Provider
- Storage-Services | Storage Services
- System-DataArchiver | System Data Archiver
- Telnet-Client | Telnet Client
- WoW64-Support | WoW64 Support
- XPS-Viewer | XPS Viewer
vCROCS_Windows_Installed_Software:
- Microsoft Silverlight | 5.1.50918.0
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 | 12.0.40664.0
- Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 | 12.0.40664
- Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 | 12.0.40664
- Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 | 14.30.30704.0
- Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 | 14.30.30704.0
- Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 | 14.30.30704
- Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 | 14.30.30704
- Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 | 14.30.30704
- Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 | 14.30.30704
- Salt Minion 3003.1 (Python 3) | 3003.1
- UniversalForwarder | 8.2.4.0
- VMware Tools | 11.3.5.18557794
vCROCS_last_grains_update:
- 01/14/2022

SaltStack Target using Windows Server Software Installed:

Show all minions that have VMware Tools | 11.3.5.18557794 installed

Click Here to see Larger Image of Screen Shot


Lessons Learned:
  • Windows Server Features|Roles make a great way to target minions.
  • Windows Server installed software also makes a great way to target minions.

When I write about vRealize Automation ("vRA") I always say there are many ways to accomplish the same task. SaltStack Config is the same way. I am showing what I felt was important to see but every organization/environment will be different. There is no right or wrong way to use Salt. This is a GREAT Tool that is included with your vRealize Suite Advanced/Enterprise license. If you own the vRealize Suite, you own SaltStack Config.

Related Posts

VMware vRealize SaltStack Config as a Windows Server Admin - Part 6

Part 6: How to use SaltStack Config with Windows Server and PowerShell The latest item on my journey with VMware vRealize SaltStack Config as a Windows Server Admin is going to be a lot PowerShell.

Read more

VMware vRealize SaltStack Config as a Windows Server Admin - Part 5

Part 5: How to use SaltStack Config with Windows Server and PowerShell The latest item on my journey with VMware vRealize SaltStack Config as a Windows Server Admin will be an update to some items that I have talked about in previous posts.

Read more

VMware vRealize SaltStack Config as a Windows Server Admin - Part 4

Part 4: How to use SaltStack Config with Windows Server and PowerShell The latest item on my journey with VMware vRealize SaltStack Config as a Windows Server Admin will be salt grains.

Read more