When we brought the SaltStack family of products onboard last year we had lots of use cases that we knew this great technology could help our customer achieve. Use cases like software deployment, self-healing, drift remediation and so much more. Also we have been hard at work integrating SaltStack Config into vRealize Automation to provide additional capabilities.

I am excited however to introduce our latest project that helps Salt bring value to your organization, open-source Salt Modules that provide hooks into components such as VMware Cloud on AWS, NSX-T and vSphere. These additional modules bring a rich set of capabilities to Salt and provide real value for our customers so they can manage SDDC. You can find the modules here on github and the quickstart guide here. I also wanted to bring to your attention another module that was created earlier this year for vRealize Automation found here.

The vRealize Automation module can be used to configure an existing vRealize Automation instance, you can create cloud accounts, cloud zones, projects and cloud templates, and so much more. It is a great way to keep a standard configuration handy for your automation platform.

This open source project is available to both Salt and SaltStack Config customers and is a work in progress so we will see even more capabilities being delivered! A general list is below:

Getting Started

In order to get the modules loaded, login to your salt controller where the modules will be located, it might be a good idea to have a dev system designated for this. You will want to pip install the modules to get all the modules loaded up on the system, the link to the latest version is https://pypi.org/project/saltext.vmware/. For example you could do something like this on your controller :

pip3 install saltext.vmware

This will install a collection of salt extension modules for use with vSphere, vCenter, ESXi, VMC on AWS. Then you can run the commands via CLI or build out State Files to call the modules. I would recommend using State Files and Pillar if you have SaltStack Config. Pillar data can be kept in the Config–>Pillar section or on the salt- controller in /srv/pillar. Just remember to refresh pillar if you create pillar files and create a top.sls in /srv/pillar as well.

The quickstart guide I referenced above also has instructions on creating the necessary pillar files for the vSphere modules. For ESXi and vSphere modules there is a service_instance argument that looks for pillar data for the vCenter credentials. If you want to store the pillar data locally then create a directory called /srv/pillar. Create a top.sls file in the /srv/pillar directory:

The vmware_config refers to the pillar file vmware_config.sls, that may look something like this:

  host: vcenter.corp.local
  password: password1
  user: Admin

So when you call the module via a state file you can then do things like add ESXi hosts, example state could look like this:

    - name: vmware_esxi.add
    - host:
    - root_user: root
    - password: {{ password }}
    - cluster_name: mycluster
    - verify_host_cert: False

Once you run your state files in SaltStack Config you will see return data in the Activity–>Completed.

The modules and other data are generally located in:


There are currently no out-of-the-box state files but you can easily write your own. When looking at the python code in the modules just reference __virtualname__ as the first part of the command(module name) and the the functions then arguments.

For instance to reference what arguments need to be passed for the VMC Security Group create function you can reference the code:

Creating State Files

You can create state files to interact with these modules. Here is an example of a state file using pillar data to create a “test” VMC SDDC:

{% set sddc_name = salt['pillar.get']('sddc_name',) %}
{% set numhosts = "2" %}
    - name: vmc_sddc.create:
    - hostname: {{ pillar['vars']['hostname'] }}
    - refresh_key: {{ pillar['vars']['refresh_key'] }}
    - authorization_host: console.cloud.vmware.com
    - org_id: {{ pillar['vars']['org_id'] }}
    - sddc_name: {{ sddc_name }}
    - num_hosts: {{ numhosts }}
    - provider: ZEROCLOUD
    - region: US_WEST_1
    - verify_ssl: False

If you are creating state files in SaltStack Config then you can then create a job to call this state file. You would then just run the job against the salt- controller that has the modules loaded.

There are also a number of state_modules being developed that will allow the states to directly call the module without using the module.run function. The state_modues are listed here on the github page.

vRealize Automation Module

The vRealize Automation module is a bit different as we created that to be a custom module. So basically the module files can be git cloned down to /srv/salt/_modules (if this directory does not exist then you will need to create it). The modules can be found here. Then you will want to run the saltutil.refresh_modules command, then you can create state files similar to the one above and just pass the arguments for the function you are calling.

For example to create an AWS Cloud Account in vRealize Automation via the module you can use a state file like this:

    - name: vra.create_aws_ca
    - url: {{ pillar['vars']['url'] }}
    - username: {{ pillar['vars']['username'] }}
    - password: {{ pillar['vars']['password'] }}
    - aws_key_id: {{ pillar['vars']['aws_key_id'] }}
    - aws_access_key: {{ pillar['vars']['aws_access_key'] }}
    - m_name: AWS-Cloud-Account
    - region_name: us-west-1,us-west-2

This is a great start to our collection of SDDC modules for Salt. I am really looking forward to the development of these modules from both the open community and Salt folks here at VMware. The thought of our customers using SaltStack to manage their SDDC is super exciting and stay tuned to the github site to track progress and new developments!