Salt can manage software packages via the pkg state module, packages can be set up to be installed, latest, removed and purged. Package management declarations are typically rather simple:
vim:
pkg.installed
A more involved example involves pulling from a custom repository.
base:
pkgrepo.managed:
- humanname: Logstash PPA
- name: ppa:wolfnet/logstash
- dist: precise
- file: /etc/apt/sources.list.d/logstash.list
- keyid: 28B04E4A
- keyserver: keyserver.ubuntu.com
logstash:
pkg.installed
- fromrepo: ppa:wolfnet/logstash
Multiple packages can also be installed with the use of the pkgs state module
dotdeb.repo:
pkgrepo.managed:
- humanname: Dotdeb
- name: deb http://packages.dotdeb.org wheezy-php55 all
- dist: wheezy-php55
- file: /etc/apt/sources.list.d/dotbeb.list
- keyid: 89DF5277
- keyserver: keys.gnupg.net
- refresh_db: true
php.packages:
pkg.installed:
- fromrepo: wheezy-php55
- pkgs:
- php5-fpm
- php5-cli
- php5-curl
Warning
Package names are currently case-sensitive. If the minion is using a
package manager which is not case-sensitive (such as pkgng
), then this state will fail if the proper case is not
used. This will be addressed in a future release of Salt.
salt.states.pkg.
group_installed
(name, skip=None, include=None, **kwargs)¶New in version Beryllium.
Ensure that an entire package group is installed. This state is only
supported for the yum
package manager.
Packages that would normally be installed by the package group ("default" packages), which should not be installed.
Load Balancer:
pkg.group_installed:
- skip:
- piranha
Packages which are included in a group, which would not normally be
installed by a yum groupinstall
("optional" packages). Note that
this will not enforce group membership; if you include packages which
are not members of the specified groups, they will still be installed.
Can be passed either as a comma-separated list or a python list.
Load Balancer:
pkg.group_installed:
- include:
- haproxy
Note
Because this is essentially a wrapper around pkg.install
, any argument which can be passed to
pkg.install may also be included here, and it will be passed along
wholesale.
salt.states.pkg.
installed
(name, version=None, refresh=None, fromrepo=None, skip_verify=False, skip_suggestions=False, pkgs=None, sources=None, allow_updates=False, pkg_verify=False, normalize=True, **kwargs)¶Ensure that the package is installed, and that it is the correct version (if specified).
Specify a repository from which to install
Note
Distros which use APT (Debian, Ubuntu, etc.) do not have a concept of repositories, in the same way as YUM-based distros do. When a source is added, it is assigned to a given release. Consider the following source configuration:
deb http://ppa.launchpad.net/saltstack/salt/ubuntu precise main
The packages provided by this source would be made available via
the precise
release, therefore fromrepo
would need to be
set to precise
for Salt to install the package from this
source.
Having multiple sources in the same release may result in the
default install candidate being newer than what is desired. If this
is the case, the desired version must be specified using the
version
parameter.
If the pkgs
parameter is being used to install multiple
packages in the same state, then instead of using version
,
use the method of version specification described in the Multiple
Package Installation Options section below.
Running the shell command apt-cache policy pkgname
on a minion
can help elucidate the APT configuration and aid in properly
configuring states:
root@saltmaster:~# salt ubuntu01 cmd.run 'apt-cache policy ffmpeg'
ubuntu01:
ffmpeg:
Installed: (none)
Candidate: 7:0.10.11-1~precise1
Version table:
7:0.10.11-1~precise1 0
500 http://ppa.launchpad.net/jon-severinsson/ffmpeg/ubuntu/ precise/main amd64 Packages
4:0.8.10-0ubuntu0.12.04.1 0
500 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages
4:0.8.1-0ubuntu1 0
500 http://us.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages
The release is located directly after the source's URL. The actual
release name is the part before the slash, so to install version
4:0.8.10-0ubuntu0.12.04.1 either precise-updates
or
precise-security
could be used for the fromrepo
value.
Force strict package naming. Disables lookup of package alternatives.
New in version 2014.1.1.
Install a specific version of a package. This option is ignored if
either "pkgs" or "sources" is used. Currently, this option is supported
for the following pkg providers: apt
,
ebuild
,
pacman
,
yumpkg
, and
zypper
. The version number includes the
release designation where applicable, to allow Salt to target a
specific release of a given version. When in doubt, using the
pkg.latest_version
function for an uninstalled package will tell
you the version available.
# salt myminion pkg.latest_version httpd
myminion:
2.2.15-30.el6.centos
Also, while this function is not yet implemented for all pkg frontends,
pkg.list_repo_pkgs
will
show all versions available in the various repositories for a given
package, irrespective of whether or not it is installed.
# salt myminion pkg.list_repo_pkgs httpd
myminion:
----------
base:
|_
----------
httpd:
2.2.15-29.el6.centos
updates:
|_
----------
httpd:
2.2.15-30.el6.centos
The version strings returned by either of these functions can be used as version specifiers in pkg states.
Force the package to be held at the current installed version. Currently works with YUM & APT-based systems.
New in version 2014.7.0.
Allow the package to be updated outside Salt's control (e.g. auto updates on Windows). This means a package on the Minion can have a newer version than the latest available in the repository without enforcing a re-installation of the package.
New in version 2014.7.0.
Example:
httpd:
pkg.installed:
- fromrepo: mycustomrepo
- skip_verify: True
- skip_suggestions: True
- version: 2.0.6~ubuntu3
- refresh: True
- hold: False
New in version 2014.7.0.
For requested packages that are already installed and would not be
targeted for upgrade or downgrade, use pkg.verify to determine if any
of the files installed by the package have been altered. If files have
been altered, the reinstall option of pkg.install is used to force a
reinstall. Types to ignore can be passed to pkg.verify (see example
below). Currently, this option is supported for the following pkg
providers: yumpkg
.
Examples:
httpd:
pkg.installed:
- version: 2.2.15-30.el6.centos
- pkg_verify: True
mypkgs:
pkg.installed:
- pkgs:
- foo
- bar: 1.2.3-4
- baz
- pkg_verify:
- ignore_types: [config,doc]
Normalize the package name by removing the architecture, if the architecture of the package is different from the architecture of the operating system. The ability to disable this behavior is useful for poorly-created packages which include the architecture as an actual part of the name, such as kernel modules which match a specific kernel version.
New in version 2014.7.0.
Example:
gpfs.gplbin-2.6.32-279.31.1.el6.x86_64:
pkg.installed:
- normalize: False
Multiple Package Installation Options: (not supported in Windows or pkgng)
pkgs
will be installed via a single command.Example:
mypkgs:
pkg.installed:
- pkgs:
- foo
- bar
- baz
- hold: True
NOTE:
For apt
,
ebuild
,
pacman
, yumpkg
,
and zypper
, version numbers can be specified
in the pkgs
argument. For example:
mypkgs:
pkg.installed:
- pkgs:
- foo
- bar: 1.2.3-4
- baz
Additionally, ebuild
,
pacman
and
zypper
support the <
, <=
, >=
, and
>
operators for more control over what versions will be installed. For
example:
mypkgs:
pkg.installed:
- pkgs:
- foo
- bar: '>=1.2.3-4'
- baz
NOTE:
When using comparison operators, the expression must be enclosed
in quotes to avoid a YAML render error.
With ebuild
is also possible to specify a use
flag list and/or if the given packages should be in package.accept_keywords
file and/or the overlay from which you want the package to be installed.
For example:
mypkgs:
pkg.installed:
- pkgs:
- foo: '~'
- bar: '~>=1.2:slot::overlay[use,-otheruse]'
- baz
A list of packages to install from a software repository. Each package will be installed individually by the package manager.
Warning
Unlike pkgs
, the names
parameter cannot specify a version.
In addition, it makes a separate call to the package management
frontend to install each package, whereas pkgs
makes just a
single call. It is therefore recommended to use pkgs
instead of
names
to install multiple packages, both for the additional
features and the performance improvement that it brings.
foo
,
bar
, baz
, etc. refer to the name of the package, as it would
appear in the output of the pkg.version
or pkg.list_pkgs
salt
CLI commands.mypkgs:
pkg.installed:
- sources:
- foo: salt://rpms/foo.rpm
- bar: http://somesite.org/bar.rpm
- baz: ftp://someothersite.org/baz.rpm
- qux: /minion/path/to/qux.rpm
Whether to install the packages marked as recommended. Default is
True
. Currently only works with APT-based systems.
New in version 2015.5.0.
httpd:
pkg.installed:
- install_recommends: False
Only upgrade the packages, if they are already installed. Default is
False
. Currently only works with APT-based systems.
New in version 2015.5.0.
httpd:
pkg.installed:
- only_upgrade: True
salt.states.pkg.
latest
(name, refresh=None, fromrepo=None, skip_verify=False, pkgs=None, **kwargs)¶Ensure that the named package is installed and the latest available
package. If the package can be updated, this state function will update
the package. Generally it is better for the
installed
function to be
used, as latest
will update the package
whenever a new package is available.
Multiple Package Installation Options:
(Not yet supported for: Windows, FreeBSD, OpenBSD, MacOS, and Solaris pkgutil)
mypkgs:
pkg.latest:
- pkgs:
- foo
- bar
- baz
Whether to install the packages marked as recommended. Default is
True
. Currently only works with APT-based systems.
New in version 2015.5.0.
httpd:
pkg.latest:
- install_recommends: False
Only upgrade the packages, if they are already installed. Default is
False
. Currently only works with APT-based systems.
New in version 2015.5.0.
httpd:
pkg.latest:
- only_upgrade: True
salt.states.pkg.
mod_aggregate
(low, chunks, running)¶The mod_aggregate function which looks up all packages in the available low chunks and merges them into a single pkgs ref in the present low data
salt.states.pkg.
purged
(name, version=None, pkgs=None, normalize=True, **kwargs)¶Verify that a package is not installed, calling pkg.purge
if necessary
to purge the package. All configuration files are also removed.
Normalize the package name by removing the architecture, if the architecture of the package is different from the architecture of the operating system. The ability to disable this behavior is useful for poorly-created packages which include the architecture as an actual part of the name, such as kernel modules which match a specific kernel version.
New in version Beryllium.
Multiple Package Options:
name
parameter will be ignored if this option is passed. It accepts
version numbers as well.New in version 0.16.0.
salt.states.pkg.
removed
(name, version=None, pkgs=None, normalize=True, **kwargs)¶Verify that a package is not installed, calling pkg.remove
if necessary
to remove the package.
Normalize the package name by removing the architecture, if the architecture of the package is different from the architecture of the operating system. The ability to disable this behavior is useful for poorly-created packages which include the architecture as an actual part of the name, such as kernel modules which match a specific kernel version.
New in version Beryllium.
Multiple Package Options:
name
parameter will be ignored if this option is passed. It accepts
version numbers as well.New in version 0.16.0.
salt.states.pkg.
uptodate
(name, refresh=False, **kwargs)¶New in version 2014.7.0.
Verify that the system is completely up to date.
Any keyword arguments to pass through to pkg.upgrade
.
New in version 2015.5.0.