add support for orchestrations

erwindon commented 3 months ago

orchestrations are similar to highstates. difference is that highstates are applied to individual minions (possibly multiple at the same time), but orchestrations are schemes that coordinate work across minions.

this PR makes it possible to:

view the defined orchestrations with their steps and the details of these steps; and
start the execution of an orchestration; and
display the outcome of an orchestration.

note that unlike highstates, SaltStack does not allow tracking an orchestration step-by-step. the system just does not generate any useful events for this.

note that the orchestrations page is only visible when there is at least one orchestration defined in the system.

please feel free to try out this feature before it is merged into SaltGUI. comments and suggestions are welcome!

tazaki commented 3 months ago

Oh this is neat. I'll try this when I get a chance with the orchestrations I run and report.

tazaki commented 3 months ago

Is there a way I can get to the orchestrate part? I don't see anything different on this branch...

How do I define an orchestration on the system? My orchestrations are just in my file_roots. I have run a few using salt-run state.orch myorch -l info but I don't see anything other than the individual events come through.

erwindon commented 3 months ago

Is there a way I can get to the orchestrate part? I don't see anything different on this branch...

some pages in SaltGUI remain invisible unless certain configuration is present (at login time):

NodeGroups page - only when there is at least one nodegroup defined in the salt configuration (in file /etc/salt/master);
Orchestration page - only when there is at least one orchestration defined in the salt configuration (under /srv/salt);
Reactors page - only when there is at least one reactor defined in the salt configuration (in file /etc/salt/master).

in this case, the orchestrations page should be visible as follows (before actually navigating to it): afbeelding

Since the directory /srv/salt is shared between the (saltstack) highstate system and the (saltstack) orchestration system, SaltGUI insists that an sls file must contain at least one step of type salt.function, salt.state, salt.runner or salt.wheel before it is recognized as an orchestration.

e.g.:

stage1:
  salt.function:
    - name: test.ping
    - tgt: '*'
stage2:
  salt.function:
    - name: test.ping
    - tgt: '*'
...etc...

Note that SaltGUI cannot read any of the files on the Salt Master, for orchestrations, it uses the API function (runner) state.orchestrate_show_sls. It is equivalent to using command sudo salt-run --output=json state.orchestrate_show_sls "*". Can you share the first few lines (or all) of the output of that command? feel free to truncate after the first step and/or to obfuscate any details. (in the command, replace "*" with the basename (so without .sls) of your orchestration to retrieve only that orchestration)

tazaki commented 3 months ago

So when I provision my vagrant setups i run a simple orchestration from /srv/salt/orch/init.sls via sudo salt-run state.orch orch -l info. The orch file looks like this

[vagrant@saltmaster orch]$ pwd
/srv/salt/orch
[vagrant@saltmaster orch]$ cat init.sls
# sync_all
orch sync_all:
  salt.function:
    - name: saltutil.sync_all
    - tgt: '*'

# refresh pillar
orch refresh_pillar:
  salt.function:
    - name: saltutil.refresh_pillar
    - tgt: '*'

# update mine
orch mine update:
  salt.function:
    - name: mine.update
    - tgt: '*'

# Push hosts file
orch state mine_hosts:
  salt.state:
    - tgt: '*'
    - sls:
      - mine_hosts

# Gen pki
orch state clusterca.setup_ca:
  salt.state:
  - tgt: 'saltmaster'
  - sls:
    - clusterca.setup_ca

# clusterca all hosts
orch state clusterca cacert:
  salt.state:
    - tgt: '*'
    - sls:
      - clusterca.cacert

orch state clusterca cacert issue:
  salt.state:
    - tgt: '*'
    - sls:
      - clusterca.issue_server_certs

But after running i don't see a tab under jobs for orchestrations. I do see the events in the right side under recent jobs.

erwindon commented 3 months ago

thx, I'll try this file... please wait...

I moved my test-orchestration out of the way. I installed this SLS file in the same (your) directory and with the same (your) filename. menu item is still visible and the page shows --> OK, see also: afbeelding

I think you have the old 'browser-cache' problem... (I always forget to warn about that, sorry) The JS files that make up SaltGUI are cached in the browser. Use SHIFT-F5 (in most browsers) to refresh that cache while on the SaltGUI login page. Then login as usual.

sonarcloud[bot] commented 1 month ago

Quality Gate passed

Issues
0 New issues
8 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

erwindon / SaltGUI

add support for orchestrations #627

Quality Gate passed