|
| 1 | +.. _best-practices: |
| 2 | + |
| 3 | +Salt SProxy Best Practices |
| 4 | +========================== |
| 5 | + |
| 6 | +.. note:: |
| 7 | + |
| 8 | + This document refers to best practices in regards to optimising the usage |
| 9 | + of *salt-sproxy*. |
| 10 | + |
| 11 | + To refer to the Salt best practices concerning the structure of the |
| 12 | + configuration files, see `this |
| 13 | + <https://docs.saltstack.com/en/latest/topics/best_practices.html>`__ |
| 14 | + document. |
| 15 | + |
| 16 | +In order to simplify the default usage, *salt-sproxy* tries to load Grains, |
| 17 | +Roster, and Execution Modules; this adds an execution overhead everytime you |
| 18 | +invoke a Salt command through *salt-sproxy*, of approximatively 0.5s up to |
| 19 | +1 second. In some cases, this can be reduced or even removed entirely by |
| 20 | +configuring one or more of the options below, depending on your use case. |
| 21 | + |
| 22 | +TL;DR |
| 23 | +----- |
| 24 | + |
| 25 | +To speed up the execution, you can add the *salt-sproxy* installation path to |
| 26 | +your ``file_roots`` settings in the Master config (see :ref:`runner` for more |
| 27 | +notes on how to do this), and execute ``salt-run saltutil.sync_all``. At the |
| 28 | +same time, add the following in the Master config: |
| 29 | + |
| 30 | +.. code-block:: yaml |
| 31 | +
|
| 32 | + sync_grains: false |
| 33 | + sync_roster: false |
| 34 | + sync_modules: false |
| 35 | +
|
| 36 | +.. important:: |
| 37 | + |
| 38 | + Once you have these settings enabled, while it will speed up the |
| 39 | + *salt-sproxy* execution and make it more efficient, if you have custom |
| 40 | + Grains or Execution Modules in your own environment, you will need to take |
| 41 | + care that they are properly sync'ed on your Master. That is, execute |
| 42 | + ``salt-run saltutil.sync_all`` or equivalent whenever you update your |
| 43 | + modules. Examples include: manually execute ``salt-run saltutil.sync_all`` |
| 44 | + (not recommended), a cron on the same, or if you have a Salt Master running |
| 45 | + you can have it automatically sync those for you by adding a `scheduled job |
| 46 | + <https://docs.saltstack.com/en/latest/topics/jobs/>`__, e.g., |
| 47 | + |
| 48 | + .. code-block:: yaml |
| 49 | +
|
| 50 | + schedule: |
| 51 | + sync_all: |
| 52 | + function: saltutil.sync_all |
| 53 | + minutes: 5 |
| 54 | +
|
| 55 | + The example configuration snippet above would ensure that your custom |
| 56 | + modules are sync'ed every 5 minutes. |
| 57 | + |
| 58 | +If for some reason you can't do this for one or more of these modules, check out |
| 59 | +the recommendations below for each of them. |
| 60 | + |
| 61 | +*salt-sproxy* core Runner |
| 62 | +------------------------- |
| 63 | + |
| 64 | +Another contributor to the *salt-sproxy* execution speed is the :ref:`runner` |
| 65 | +which is the very core of *salt-sproxy*. That said, if this Runner is already |
| 66 | +"well known" to the Salt filesystem, it'll make it more efficient. |
| 67 | + |
| 68 | +.. tip:: |
| 69 | + |
| 70 | + If you have a Master already running, the execution may be up to 5 seconds |
| 71 | + faster. |
| 72 | + |
| 73 | +In this case, you will need to follow the notes from :ref:`runner` to update |
| 74 | +your ``file_roots`` settings, and run ``salt-run saltutil.sync_runner``. |
| 75 | + |
| 76 | +Remember that you'll need to re-run that in case you re-install *salt-sproxy*, |
| 77 | +Salt, or remove the Salt cache. |
| 78 | + |
| 79 | +Of course, you can always have a scheduled job that does it for you, either |
| 80 | +a cron job, or a `scheduled job |
| 81 | +<https://docs.saltstack.com/en/latest/topics/jobs/>`__ if you have a Salt |
| 82 | +Master running, e.g., re-sync Runners every hour: |
| 83 | + |
| 84 | +.. code-block:: yaml |
| 85 | +
|
| 86 | + schedule: |
| 87 | + sync_runners: |
| 88 | + function: saltutil.sync_runner |
| 89 | + minutes: 60 |
| 90 | +
|
| 91 | +Disable Grains |
| 92 | +-------------- |
| 93 | + |
| 94 | +If you don't have any custom Grains modules in your environment, you can |
| 95 | +disable the load, by configuring ``sync_grains: false`` in your Master |
| 96 | +configuration file. |
| 97 | + |
| 98 | +.. tip:: |
| 99 | + |
| 100 | + If you do have custom Grains in your environment, you can disable the |
| 101 | + *salt-sproxy* automatic sync by adding ``sync_grains: false`` to your |
| 102 | + Master configuration, and sync the Grains manually or automatically |
| 103 | + whenever you update (or create) your modules: ``salt-run |
| 104 | + saltutil.sync_grains``. |
| 105 | + |
| 106 | + |
| 107 | +Additionally, disabling the load of some specific Grains modules (whether your |
| 108 | +own, or natively available in Salt), may speed up your setup. Configure |
| 109 | +``disable_grains`` in your Master config, as a list of Grains modules to avoid |
| 110 | +loading when executing through *salt-sproxy*. |
| 111 | + |
| 112 | +Example: |
| 113 | + |
| 114 | +.. code-block:: yaml |
| 115 | +
|
| 116 | + disable_grains: |
| 117 | + - esxi |
| 118 | +
|
| 119 | +Disable Execution Modules |
| 120 | +------------------------- |
| 121 | + |
| 122 | +If you don't have any custom Execution modules in your own environment, and you |
| 123 | +don't make use of the modules shipped together with *salt-sproxy* (see |
| 124 | +:ref:`execution-modules`), you can disable the load by configuring |
| 125 | +``sync_modules: false`` in your Master configuration file. |
| 126 | + |
| 127 | +.. tip:: |
| 128 | + |
| 129 | + If you do have custom modules in your environment, you can disable the |
| 130 | + *salt-sproxy* automatic sync by adding ``sync_modules: false`` to your |
| 131 | + Master configuration, and sync the modules manually or automatically |
| 132 | + whenever you update (or create) your modules: ``salt-run |
| 133 | + saltutil.sync_modules``. |
| 134 | + |
| 135 | +Additionally, disabling the load of some specific Execution modules (whether |
| 136 | +your own, natively available in Salt, or provided through *salt-sproxy*), may |
| 137 | +speed up your setup. Configure ``disable_modules`` in your Master config, as a |
| 138 | +list of modules to avoid loading when executing through *salt-sproxy*. |
| 139 | + |
| 140 | +Example: |
| 141 | + |
| 142 | +.. code-block:: yaml |
| 143 | +
|
| 144 | + disable_modules: |
| 145 | + - pip |
| 146 | + - statuspage |
| 147 | +
|
| 148 | +Disable Roster Sync |
| 149 | +------------------- |
| 150 | + |
| 151 | +If you use one of the Roster modules provided with this package, or from your |
| 152 | +own sources, *salt-sproxy* would attempt to sync only the Roster module you |
| 153 | +reference in ``roster:`` or using the ``--roster`` CLI argument. Even so, this |
| 154 | +may be time and resource consuming, so it'd may be optimal to disable the |
| 155 | +default behaviour by setting ``sync_roster: false`` in the Master |
| 156 | +configuration. Similarly to the previous sections, if you'd like to use |
| 157 | +a custom module in your own environment, you can sync them by running |
| 158 | +``salt-run saltutil.sync_roster``. |
| 159 | + |
| 160 | +Disable Events |
| 161 | +-------------- |
| 162 | + |
| 163 | +If you don't need the :ref:`events`, you can gain a few execution seconds by |
| 164 | +disabling this so *salt-sproxy* doesn't attempt to send execution events to an |
| 165 | +nonexistent Master (or you simply don't need / use those events). |
| 166 | + |
| 167 | +File open limit |
| 168 | +--------------- |
| 169 | + |
| 170 | +As *salt-sproxy* runs locally, it means it starts the processes and initializes |
| 171 | +the connection on the local computer. Every new process creates a process file, |
| 172 | +and every new connection creates at least one more file as well. That said, |
| 173 | +depending on your operating system and configuration, you may hit the hard |
| 174 | +limit for max open files. For example, on Unix operating systems, ``ulimit |
| 175 | +-Hn`` will tell you the max open files number. If you hit any issues, consider |
| 176 | +increasing this limit. |
0 commit comments