How to Install and Configure Saltstack

How to Install and Configure SaltStack on Ubuntu

As discussed in our previous article, Saltstack is a powerful Configuration system that works based on python and uniquely it works based on Event-Driven Messaging to communicate between the components of Salt stack. So, understanding the SaltStack better in terms of the Architectural and Working model is very important. Hence, In our previous article, we have discussed what is SaltStack and what are the components of SaltStack and its architectural design, and How it works. In this article, we will discuss How to Install and Configure Saltstack on Ubuntu.

Salt Master Installing and Configuration.

Salt Master is nothing but a service application that runs as a Daemon. To install the salt daemon in Ubuntu, we have multiple options like installing via apt-get repo and official bootstrap script. But, the easiest and most efficient way of installing is via Bootstrap Script. Because it will get the dependency and other related packages by itself. Now Lets really get into the tutorial of HOw to Install and Configure SaltStack on Ubuntu.

Installing Salt Master

Let’s discuss how to install Salt Master via Bootstrap script in the following steps.

STEP 1: Login or SSH into the Salt Master.

STEP 2: Download the bootstrap script from the official website https://bootstrap.saltstack.

$ curl -L https://bootstrap.saltstack.com -o install_salt.sh

STEP 3: Execute the Shell script you downloaded

$ sudo sh install_salt.sh -P -M

Here, the flag -P is to use pip as the source for downloading the dependency source. And -M is to mention the daemon as the Master.

Configuring Salt Master

Now, let’s configure the installed Salt Master by following the below steps.

STEP 1: Create the necessary directory.

$ sudo mkdir /srv/salt
$ sudo mkdir /srv/pillar
$ sudo mkdir /srv/formulas

STEP 2: Editing the Master Configuration file

Now, we need to configure the Configuration file of the Salt Master. For that, open the below file,

$ sudonano /etc/salt/master

Once you opened the file, look for the following line and add as mentioned. Remember the configuration file is in YAML format and you need to be careful with the syntax

file_roots:
  base:
    - /srv/salt
    - /srv/formulas

Here, /srv/salt folder is will have the admin instructions, and /srv/formulas folder are for pre-packaged configurations. Then, check for piller_roots lines, and add the lines as mentioned.

pillar_roots:
  base:
    - /srv/pillar

This is where Salt master will store the sensitive and configuration information of minions.

STEP 3: Restart the Salt Master Service

Now, let us restart the salt master service by running the following command

$ sudo restart salt-master

Once the restart is completed, all the configuration with the Salt master is done. Now, Jump into the Salt Minion Configuration.

Salt Minion Installation and Configuration

Remember the Salt Master and Minion can be installed with the same bootstrap script. Let’s see how to install Salt Minion using the bootstrap script. However, Remember you are using the same method to install Salt Minion you used for installing the Salt Master.

Installing Salt Minion

Just like Salt Master Installation, we can install the Salt Minion using the bootstrap script.

Let’s discuss how to install Salt Minion via Bootstrap script in the following steps.

STEP 1: Login or SSH into the Salt Minion Machine.

STEP 2: Download the bootstrap script from the official website https://bootstrap.saltstack.

$ curl -L https://bootstrap.saltstack.com -o install_salt.sh

STEP 3: Execute the Shell script you downloaded (WITHOUT -M Tag)

$ sudo sh install_salt.sh -P

Here, the flag -P is to use pip as the source for downloading the dependency source. Remember Not to use -M as it is meant for installing the Salt Master.

Configuring Salt Minion

Remember the Salt stack is using SSH and ZeroMQ based Communications. Hence, we need to do the additional configuration to make the Salt Minion to communicate with the Salt Master.

Let’s follow the below steps to configure.

STEP 1: Get the Public Key Fingerprint of Salt Master (On Salt Master Server)

(Salt Master Machine) $ sudo salt-key -F master

This will show the following output

Local Keys:
master.pem:  32:ca:12:55:6d:16:31:bc:20:55:4b:a4:6d:16:31:2d
master.pub:  1d:ed:10:d7:b0:6d:16:31:bc:bc:ed:41:00:a3:ed:20

Now copy the master.pub value and keep it aside, we will be needing it to configure the minion.

STEP 2: Salt Minion Configuration file (On Salt Minion Machine)

Open the following file and edit the below details.

$ sudo nano /etc/salt/minion

Then, look for the master tag in the above file and add the IP address of the Master machine.

master: salt_master_IP_Addr

Note!

Make sure the Salt Minion machine is connected and open to Salt Master in terms of network connectivity

Then, Add the copied fingerprint to the master_finger tag in the same file.

master_finger: 1d:ed:10:d7:b0:6d:16:31:bc:bc:ed:41:00:a3:ed:20

STEP 3: Restart the Service

Now, restart the Salt minion daemon after all these configuration changes:

$ sudo restart salt-minion

STEP 4: Send the Salt Minion Fingerprint to Salt Master.

Now, send the Salt Minion’s fingerprint to the Salt Master by running the following command.

$ sudo salt-call key.finger --local

This will give you the following output.

local:
    ac:84:31:bc:20:55:a4:6d:16:bc:ed:41:bc:ed:41:00

Then, Just copy the output for your reference.

STEP 5: Verify the Salt Minion Key in Salt Master Machine

Now, you need to see all the incoming key request in the salt Master by running this command.

$ sudo salt-key --list all

It will give you the list of all Accepted, Denied, Rejected and Unaccepted Keys of Minions. Like below.

Accepted Keys:
Applicationserver
Denied Keys:
Unaccepted Keys:
minionserver
Rejected Keys:

As mentioned above, we can see the Salt Minion’s instance name in the Unaccepted Key’s list. Here it is minionserver.

Now, Run the below command to see the key in Slat minion matching.

$ sudo salt-key -f minionserver

Then, you can see the following output with the key of Salt Minion machine.

Unaccepted Keys:
minionserver: ac:84:31:bc:20:55:a4:6d:16:bc:ed:41:bc:ed:41:00

STEP 6: Accept the Salt Minion Key in the Salt Master (On Salt Master machine)

Now, Run the below command to accept the Key.

$ sudo salt-key -a saltminion

Now, you can see the key list in the master as we have added the Salt Minion in the Salt Master server.

Accepted Keys:
minionserver
Applicationserver
Denied Keys:
Unaccepted Keys:
Rejected Keys:

STEP 7: Verify the connection

As the final test, you can run the ping command from the Salt Master to ensure the connection between the Salt Master and Minion.

$ sudo salt '*' test.ping

Then, This will give you the output as mentioned below.

 minionserver:
    True

If you see this, all the configuration we made here are correct. That’s all the Installation and Configuration of the SaltStack.

Conclusion

In this article, we have discussed how to install and configure the SaltStack on Ubuntu. In the Upcoming article, we will discuss How to Install and Configure the Slatstack in other platforms like Windows, MacOS. Later, we will discuss how to write execution modules and Minion State files in detail. Stay tuned and subscribe DigitalVarys for more articles and study materials on DevOpsAgileDevSecOps and App Development.

1 thought on “How to Install and Configure SaltStack on Ubuntu”

Leave a Reply