Modular Systems

When first working with Salt, it is not always clear where all of the modular components are and what they do. Salt comes loaded with more modular systems than many users are aware of, making Salt very easy to extend in many places.

The most commonly used modular systems are execution modules and states. But the modular systems extend well beyond the more easily exposed components and are often added to Salt to make the complete system more flexible.

Loading Modules

Modules come primarily from several sources:

  • The Salt package itself

  • The Salt File Server

  • The extmods directory

  • Secondary packages installed

Using one source to override another is not supported.

The Salt Package

Salt itself ships with a large number of modules. These are part of the Salt package itself and don't require the user to do anything to use them. (Although a number of them have additional dependencies and/or configuration.)

The Salt File Server

The user may add modules by simply placing them in special directories in their fileserver.

The name of the directory inside of the file server is the directory name prepended by underscore, such as:

  • _grains

  • _modules

  • _states

Modules must be synced before they can be used. This can happen a few ways, discussed below.

Note

Using saltenvs besides base may not work in all contexts.

Sync Via States

The minion configuration contains an option autoload_dynamic_modules which defaults to True. This option makes the state system refresh all dynamic modules when states are run. To disable this behavior set autoload_dynamic_modules to False in the minion config.

When dynamic modules are autoloaded via states, only the modules defined in the same saltenvs as the states currently being run.

Sync Via the saltutil Module

The saltutil module has a number of functions that can be used to sync all or specific dynamic modules. The saltutil.sync_* execution functions and runner functions can be used to sync modules to minions and the master, respectively.

The extmods Directory

Any files places in the directory set by extension_modules settings (minion, master, default /var/cache/salt/*/extmods) can also be loaded as modules. Note that these directories are also used by the saltutil.sync_* functions (mentioned above) and files may be overwritten.

Secondary Packages

Third-party packages may also add modules to Salt if they are installed in the same system and Python environment as the Salt Minion or Master.

This is done via setuptools entry points:

setup(
    # ...
    entry_points={"salt.loader": ["module_dirs=spirofs.loader:module"]},
    # ...
)

Note that these are not synced from the Salt Master to the Minions. They must be installed independently on each Minion.

Module Types

The specific names used by each loading method above are as follows. See sections below for a short summary of each of these systems.

Module Type

Salt Package Name

FS/Directory Name

Entry Point

Auth

salt.auth (index)

auth [1]

auth_dirs

Beacon

salt.beacons (index)

beacons

beacons_dirs

Cache

salt.cache (index)

cache

cache_dirs

Cloud

salt.cloud.clouds (index)

clouds

cloud_dirs

Engine

salt.engines (index)

engines

engines_dirs

Execution

salt.modules (index)

modules

module_dirs

Executor

salt.executors (index)

executors

executor_dirs

File Server

salt.fileserver (index)

fileserver

fileserver_dirs

Grain

salt.grains (index)

grains

grains_dirs

Log Handler

salt.log_handlers (index)

log_handlers

log_handlers_dirs

Matcher

salt.matchers

matchers

matchers_dirs

Metaproxy

salt.metaproxy

metaproxy [1]

metaproxy_dirs

Net API

salt.netapi (index)

netapi [1]

netapi_dirs

Outputter

salt.output (index)

output

outputter_dirs

Pillar

salt.pillar (index)

pillar

pillar_dirs

Proxy

salt.proxy (index)

proxy

proxy_dirs

Queue

salt.queues (index)

queues

queue_dirs

Renderer

salt.renderers (index)

renderers

render_dirs

Returner

salt.returners (index)

returners

returner_dirs

Roster

salt.roster (index)

roster

roster_dirs

Runner

salt.runners (index)

runners

runner_dirs

SDB

salt.sdb (index)

sdb

sdb_dirs

Serializer

salt.serializers (index)

serializers [1]

serializers_dirs

SPM pkgdb

salt.spm.pkgdb

pkgdb [1]

pkgdb_dirs

SPM pkgfiles

salt.spm.pkgfiles

pkgfiles [1]

pkgfiles_dirs

SSH Wrapper

salt.client.ssh.wrapper

wrapper [1]

wrapper_dirs

State

salt.states (index)

states

states_dirs

Thorium

salt.thorium (index)

thorium

thorium_dirs

Tokens

salt.tokens

tokens

tokens_dirs

Top

salt.tops (index)

tops

top_dirs

Util

salt.utils

utils

utils_dirs

Wheel

salt.wheels (index)

wheel

wheel_dirs

Note

While it is possible to import modules directly with the import statement, it is strongly recommended that the appropriate dunder dictionary is used to access them instead. This is because a number of factors affect module names, module selection, and module overloading.

Auth

The auth module system allows for external authentication routines to be easily added into Salt. The auth function needs to be implemented to satisfy the requirements of an auth module. Use the pam module as an example.

See External Authentication System for more about authentication in Salt.

Beacon

Beacons are polled by the Salt event loop to monitor non-salt processes. See Beacons for more information about the beacon system.

Cache

The minion cache is used by the master to store various information about minions. See Minion Data Cache for more information.

Cloud

Cloud modules are backend implementations used by Salt Cloud.

Engine

Engines are open-ended services managed by the Salt daemon (both master and minion). They may interact with event loop, call other modules, or a variety of non-salt tasks. See Salt Engines for complete details.

Execution

Execution modules make up the core of the functionality used by Salt to interact with client systems. The execution modules create the core system management library used by all Salt systems, including states, which interact with minion systems.

Execution modules are completely open ended in their execution. They can be used to do anything required on a minion, from installing packages to detecting information about the system. The only restraint in execution modules is that the defined functions always return a JSON serializable object.

Executor

Executors control how execution modules get called. The default is to just call them, but this can be customized.

File Server

The file server module system is used to create file server backends used by the Salt Master. These modules need to implement the functions used in the fileserver subsystem. Use the gitfs module as an example.

See File Server Backends for more information.

Grains

Grain modules define extra routines to populate grains data. All defined public functions will be executed and MUST return a Python dict object. The dict keys will be added to the grains made available to the minion.

See Grains for more.

Log Handler

Log handlers allows the logs from salt (master or minion) to be sent to log aggregation systems.

Matcher

Matcher modules are used to define the minion targeting expressions. For now, it is only possible to override the existing matchers (the required CLI plumbing for custom matchers is not implemented yet).

Metaproxy

Metaproxy is an abstraction layer above the existing proxy minion. It enables adding different types of proxy minions that can still load existing proxymodules.

Net API

Net API modules are the actual server implementation used by Salt API.

Output

The output modules supply the outputter system with routines to display data in the terminal. These modules are very simple and only require the output function to execute. The default system outputter is the nested module.

Pillar

Used to define optional external pillar systems. The pillar generated via the filesystem pillar is passed into external pillars. This is commonly used as a bridge to database data for pillar, but is also the backend to the libvirt state used to generate and sign libvirt certificates on the fly.

Proxy

Proxy Minions are a way to manage devices that cannot run a full minion directly.

Renderers

Renderers are the system used to render sls files into salt highdata for the state compiler. They can be as simple as the py renderer and as complex as stateconf and pydsl.

Returners

Returners are used to send data from minions to external sources, commonly databases. A full returner will implement all routines to be supported as an external job cache. Use the redis returner as an example.

Roster

The Roster system is used by Salt SSH to enumerate devices.

Runners

Runners are purely master-side execution sequences.

SDB

SDB is a way to store data that's not associated with a minion. See Storing Data in Other Databases.

Serializer

Primarily used with file.serialize.

State

State modules are used to define the state interfaces used by Salt States. These modules are restrictive in that they must follow a number of rules to function properly.

Note

State modules define the available routines in sls files. If calling an execution module directly is desired, take a look at the module state.

SPM pkgdb

pkgdb modules provides storage backends to the package database.

SPM pkgfiles

pkgfiles modules handle the actual installation.

SSH Wrapper

Replacement execution modules for Salt SSH.

Thorium

Modules for use in the Thorium event reactor.

Tokens

Token stores for External Authentication. See the salt.tokens docstring for details.

Note

The runner to load tokens modules is saltutil.sync_eauth_tokens.

Tops

Tops modules are used to convert external data sources into top file data for the state system.

Util

Just utility modules to use with other modules via __utils__ (see Dunder Dictionaries).

Wheel

The wheel system is used to manage master side management routines. These routines are primarily intended for the API to enable master configuration.