Diff Files Across Salt Minions

Simple file management in Salt is trivial with the file.managed function, and it can quickly get extended with some Jinja templating. Say, for instance, each collection of minions for a given data center has its own NTP server it needs to hit, then you might like a way to check that each minion’s NTP config file is identical without having to run a high state. Of course templating abstracts problems like this away, but in environments where it’s possible for manual changes to sneak in, this becomes useful.

Seeing a single file’s contents from many minions is trivial with:

salt 'web*' cmd.run 'cat /etc/ntp.conf'

Now, to quickly get a diff across each of those files, use:

salt-run survey.diff 'web*' cmd.run 'cat /etc/ntp.conf'

The survey runner will take the results of the selected execution module, cmd.run in this case, and will aggregate the results into pools of the unique results.

The only limitation I ran into is that this runner only supports globbing on targets, so targeting by grains, pillar data, or node groups isn’t really straightforward. Check the SaltStack documentation for more information on how the survey runner works.