This article provides a sample state to update windows salt minions in bulk from the salt master, so it is not necessary to log onto each minion host and do it by hand.
Salt-master: all versions
Salt-minion: all versions
Aria Automation Config: all versions
Below is an example state that can upgrade a salt minion to the latest version:
#Upgrade salt-minion with new repo
#Restart the Salt minion
# Sample command:
# salt minion-id state.sls upgrade.windows_minion pillar='{"package": "salt-minion-py3"}' test=1# Sample to run against all windows servers using the 'os:Windows' grain:
# salt -G 'os:Windows' state.sls upgrade.windows_minion pillar='{"package": "salt-minion-py3"}' test=1
#NOTE: leaving test=1 at the end of the following commands will not run the state, only test it. Remove test=1 to apply the state.
{% set minion = salt['grains.get']('id') %}
{% set platform = salt['grains.get']('kernel') %}
{% if platform == 'Windows' %}
{% set package = salt['pillar.get']('package') %} #If using winrepo, this is the name of the package
upgrade_{{ package }}:
pkg.latest: - name: {{ package }}
restart_minion:
service.running:
- name: salt-minion
- require:
- upgrade_{{ package }}
- watch:
- upgrade_{{ package }}
{% else %}
test_state:
test.configurable_test_state:
- name: {{ minion }}
- changes: False
- result: True
- comment: {{ platform }} is not Windows
{% endif %}
A similar state can be used it you wanted to target a specific version instead of the latest version, for instance version 3006.9.
In this example, you would specify the desired version to be installed:
# Upgrade salt-minion to a specific version
# Restart the Salt minion
#
#Command to run against all windows servers:
#Run against one server by supplying the minion id:
# salt windows_minion_id state.sls upgrade.windows_minion pillar='{"package": "salt-minion-py3"}' test=1
#
#Run against all windows servers using the 'os:Windows' grain:
# salt -G 'os:Windows' state.sls upgrade.windows_minion pillar='{"package": "salt-minion-py3"}' test=1
#NOTE: leaving test=1 at the end of the following commands will not run the state, only test it. Remove test=1 to apply the state.
{% set minion = salt['grains.get']('id') %}
{% set platform = salt['grains.get']('kernel') %}
{% if platform == 'Windows' %}
{% set package = salt['pillar.get']('package') %} # If using winrepo, this is the name of the package
{% set version = '3006.9' %} # Define the specific version you want to install
upgrade_{{ package }}:
pkg.installed:
- name: {{ package }}
- version: {{ version }}
restart_minion:
service.running:
- name: salt-minion
- enable: True
- require:
- pkg: upgrade_{{ package }}
- watch:
- pkg: upgrade_{{ package }}
# Wait for 60 seconds to ensure the service restart is complete
wait_after_restart:
cmd.wait:
- name: sleep 30 # Sleep for 30 seconds
- watch:
- service: restart_minion
check_upgrade_complete:
cmd.run:
- name: salt-call --versions
{% else %}
test_state:
test.configurable_test_state:
- name: {{ minion }}
- changes: False
- result: True
- comment: {{ platform }} is not Windows
{% endif %}
This article assumes that winrepo has been configured as per https://docs.saltstack.com/en/latest/topics/windows/windows-package-manager.html
If using this state as a job in the UI, {"package": "salt-minion-py3"}
will need to be added in the "Pillar override" section so that it can find the package.
NOTE: The job may not return or may return as failed due to the required minion service restart.
You can verify the version directly on the server that was upgraded, or you can run the following from the master to verify the version of the salt-minion:
salt minion-id cmd.run 'salt-call --versions'