vCROCS
About Posts Tags Categories - Links - Pics - Twitter Disclaimer
vCROCS

Contents

VMware vRealize SaltStack Config as a Windows Server Admin - Part 6

Dale Hassinger included in SaltStack Config VMware Aria
   1399 words   7 minutes 
/saltstack-config-part-06/featured-image.png

Part 6: How to use SaltStack Config with Windows Server and PowerShell

/saltstack-config-part-06/ps.png
/saltstack-config-part-06/powercli.png

The latest item on my journey with VMware vRealize SaltStack Config as a Windows Server Admin is going to be a lot PowerShell. I use PowerShell for a lot of Automation, Windows Server and Linux Server. When working with VMware vRealize SaltStack Config I constantly found myself going to the CLI to test and learn how the salt functions work.

In the Part 5 Blog of this series I showed how I am using the PowerShell module POSH-SSH to connect to the VMware vRealize SaltStack Config Server to run salt commands remotely. So I started writing some PowerShell functions to run remote salt commands on the Salt Master. The end goal might be to turn this script into a Salt PowerShell Module. To start it will only have the functions that I find myself using the most. I could turn this into a community Github Project and see if there would be any interest. If anyone reading this blog post has any interest please reach out to me. (Dale.Hassinger@vCROCS.info)

My goal is to make all these PowerShell Salt functions work with VMware vRealize SaltStack Config like PowerCLI works with VMware vCenter. Use same verb/noun terminology. I use PowerCLI for all my VMware Automation. Works awesome! So to create these PowerShell Functions to work with my existing automation scripts is a win win in my book.

Normally I will use a Products APIs to do all these types of processes. I looked at VMware vRealize SaltStack Config APIs and to the best of my knowledge I can not use them like I can the PS functions that I created. That may change in a future release of VMware vRealize SaltStack Config. Fingers crossed.

Salt PowerShell Functions:
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148

# ----- [ Start of Functions ] --------------------------------------------------------------------------------------------------------------
# The POSH-SSH PS module MUST be installed to use these functions.

# Function to Connect to SSC Server
function Connect-SSCServer 
{
    param(

        [parameter(mandatory = $true)]
        [string]$Server,
        [parameter(mandatory = $true)]
        [string]$userName,
        [parameter(mandatory = $true)]
        [string]$Password

    ) # End Parameters

    # The next line is how to create the encrypted password
    $psPassword = ConvertTo-SecureString -String $global:HashiPW -AsPlainText -Force
    $creds = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $psPassword

    $Params = @{
        "ComputerName" = $Server
        "Credential"   = $creds
    } # End Params
      
    # SSH Connection to SaltStack Server
    New-SSHSession @Params

} # End Function





# Function to Disconnect from SSC Server
function Disconnect-SSCServer
{
    Remove-SSHSession -SessionId 0
} # End Function





# Sync Minion grains
function invoke-SSC.sync.grains
{
    param(
    [parameter(mandatory = $true)]
    [string]$minion
    )

    # Sync Grains after adding new grain information
    $sshCommand = 'salt "' + $minion + '" saltutil.sync_grains --output=json'
    #$sshCommand


    $Params = @{
        "SessionId" = 0
        "Command"   = $sshCommand
    } # End Params

    $results = Invoke-SSHCommand @Params

    return $results.Output
    
} # End Function





# Minion Grain Append
function set-SSC.grains.append
{
    param(
        [parameter(mandatory = $true)]
        [string]$minion,
        [parameter(mandatory = $true)]
        [string]$grainkey,
        [parameter(mandatory = $true)]
        [string]$grainval
    ) # End Parameters

    # Grains Append
    $sshCommand = 'salt "' + $minion + '" grains.append "' + $grainkey + '" "' + $grainval + '"'
    #$sshCommand

    $Params = @{
        "SessionId" = 0
        "Command"   = $sshCommand
    } # End Params

    $results = Invoke-SSHCommand @Params

} # End Function





# Minion Grain DelKey
function set-SSC.grains.delkey
{
    param(
        [parameter(mandatory = $true)]
        [string]$minion,
        [parameter(mandatory = $true)]
        [string]$grainkey
    ) # End Parameters

    $sshCommand = 'salt "' + $minion + '" grains.delkey "' + $grainkey + '" force=True'
    #$sshCommand

    $Params = @{
        "SessionId" = 0
        "Command"   = $sshCommand
    } # End Params

    $results = Invoke-SSHCommand @Params

} # End Function





# Minion Test Ping
function invoke-SSC.test.ping
{
    param(
        [parameter(mandatory = $true)]
        [string]$minion
    ) # End Parameters

    $sshCommand = 'salt "' + $minion + '" test.ping --output=json'
    #$sshCommand

    $results = Invoke-SSHCommand -SessionId 0 -Command $sshCommand
    return $results.Output[1].Trim()

} # End Function




# ----- [ End of Functions ] --------------------------------------------------------------------------------------------------------------
Examples to show how to use the Salt PowerShell Functions above:
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101

# ----- [ Connect to SSC Server ] --------------------------------------------------

# DO NOT use plain text PW's in your Code. I am only showing PW to make it easier to understand the code. 

# Set Parameter Values
$Server   = 'SaltMaster.vCROCS.local'
$User     = 'root'
$Password = 'VMware1!'

# Define Parameters (Splatting)
$Params = @{
    "Server"   = $Server
    "User"     = $User
    "Password" = $Password
}

# Connect to SSC
Connect-SSCServer @Params



# ----- [ Disconnect to SSC Server ] -----------------------------------------------
Disconnect-SSCServer



# ----- [ Sync Minion grains ] -------------------------------------------------------
# Set Parameter Values
$minion = 'DBH-211'

# Define Parameters (Splatting)
$Params = @{
    "minion" = $minion
}

# Run Function
invoke-SSC.sync.grains @Params



# ----- [ Minion grain append ] ----------------------------------------------------
# Set Parameter Values
$minion = 'DBH-211'
$grainkey = 'PS_Module'
$grainval = 'Works great for Windows Server'

# Define Parameters (Splatting)
$Params = @{
    "minion"   = $minion
    "grainkey" = $grainkey
    "grainval" = $grainval
}

# Run Function
set-SSC.grains.append @Params

# Define Parameters (Splatting)
$Params = @{
    "minion" = $minion
}

# Run Function
invoke-SSC.sync.grains @Params



# ----- [ Minion grain DelKey ] ----------------------------------------------------
# Set Parameter Values
$minion = 'DBH-211'
$grainkey = 'PS_Module'

# Define Parameters (Splatting)
$Params = @{
    minion   = $minion
    grainkey = $grainkey
}

# Run Function
set-SSC.grains.delkey @Params

# Define Parameters (Splatting)
$Params = @{
    "minion" = $minion
}

# Run Function
invoke-SSC.sync.grains @Params



# ----- [ Minion test.ping ] ----------------------------------------------------
# Set Paramter Values
$minion = 'DBH-211'

# Define Parameters (Splatting)
$Params = @{
    "minion" = $minion
}

# Run Function
invoke-SSC.test.ping @Params
Lessons Learned:
  • Adding the POSH-SSH PowerShell module so you can create a SSH connection to the salt master opens up a lot of possibilities for your PowerShell Automation as a Windows Server Admin.
  • Using the PowerShell Functions above as a Windows admin makes it very easy to add this code to existing scripts and use the Power of SaltStack without completely changing your processes.
  • Creating a SSH Connection to a remote Salt Master and running commands works well in a “Zero Trust” environment. With NSX-T all you need to do is setup allow rules between the minions and the master on ports 4505,4506.
When I write about vRealize Automation ("vRA") I always say there are many ways to accomplish the same task. SaltStack Config is the same way. I am showing what I felt was important to see but every organization/environment will be different. There is no right or wrong way to use Salt. This is a GREAT Tool that is included with your vRealize Suite Advanced/Enterprise license. If you own the vRealize Suite, you own SaltStack Config.
  • If you like wearing Crocs and want to get a pair like I wear, follow this link to Amazon: My Favorite Crocs
  • If you found this Blog article useful and it helped you, Buy me a coffee to start my day.
Updated on 2023-10-17
Read Markdown
 SaltStack ConfigVMware Aria AutomationvRealize AutomationPowerShellWindows ServerConfiguration ManagementPOSH-SSH
Back | Home