Using iterations in states

The need to do the same task repeatedly for a number of entities of the same type is a very basic requirement of any role in an organization. To achieve this, languages and tools provide us with the feature of iterations, simply known as loops. In this recipe, you will learn how to apply iterations in our configuration.

How to do it...

1. We will use the same minion as the previous recipe. Modify the user pillar, that is, edit /opt/salt-cookbook/pillar/staging/user/init.sls to have the following contents:

   dev_user_list:
     optimus:
       uid: 7001
       passwd: '$1$Dw1TxMI7$pmeYTdmz.rlunqPd7JELR.'
     bumblebee:
       uid: 7002
       passwd: '$1$ZHUeIAfq$6sJl9rHVDX2UjBH1KrPZP1'
     ironhide:
       uid: 7003
       passwd: '$1$rcJAiq7y$bJzv3HzVTbeQlA3cIu1Gb1'

2. Edit /opt/salt-cookbook/staging/user/init.sls to have the following contents:

   {% for user, details in pillar['dev_user_list'].iteritems() %}
   {{ user }}:
     user.present:
       - home: /home/{{ user }}
       - uid: {{ details['uid'] }}
       - password: {{ details['passwd'] }}
       - shell: /bin/bash
   {% endfor %}

3. Apply the state to the minion:

   [root@salt-master ~]# salt 'stgdc1app01' state.sls users saltenv=staging --state-output=terse
   stgdc1app01:
    Name: optimus - Function: user.present - Result: Changed
    Name: bumblebee - Function: user.present - Result: Changed
    Name: ironhide - Function: user.present - Result: Changed
   
   Summary
   ------------
   Succeeded: 3
   Failed: 0
   ------------
   Total: 3
   

How it works...

In this recipe, we demonstrated the method to apply iterations to our configuration. The objective of the recipe is to create three users with similar properties available, a username, a user ID, and a password. In production scenarios, any number of entities can be configured by the same method.

First, we configured the user properties in the user pillar file, however, this time the definition is a bit different:

dev_user_list:
  optimus:
    uid: 7001
    passwd: '$1$Dw1TxMI7$pmeYTdmz.rlunqPd7JELR.'
  bumblebee:
    uid: 7002
    passwd: '$1$ZHUeIAfq$6sJl9rHVDX2UjBH1KrPZP1'

We configured the same YAML-type definition, but the usernames are the keys now instead of being a value and the other properties, such as user ID and password, are key-value pairs under them.

The for statement used here is again the Python iteration method. However, the opening and closing style of the statements is similar to the conditionals. The loop starts with the following code:

{% for <iteration logic> %}

It ends with:

{% endfor %}

The iteration logic that we apply here is as follows:

{% for user, details in pillar['dev_user_list'].iteritems() %}

The pillar['dev_user_list'] parameter contains a Python dictionary with keys as the usernames and values, as another dictionary contains the user ID and the password. When the iteritems() Python function is applied on the dictionary, results are stored in two entities user and details. A loop is run on the dictionary, and on each turn a username is stored in the user entity and its properties. The dictionary containing the rest of the data is stored in details.

These entities can then be used to populate the user values required to apply the configuration. Any number of levels of data and entities can be used in configurations using this iteration procedure.

Finally, we applied the state to the minion, and the three configured users are created on the minion.

See also

• The Adding groups and users recipe, in Chapter 4, General Administration Tasks, to learn more about adding users and groups
• The Setting and using variables in states recipe, to learn how to use variables with Salt states