Last active
May 26, 2022 13:53
-
-
Save alexolinux/983429e975d2ace695a11b99fefc315d to your computer and use it in GitHub Desktop.
SaltProject
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Purpose Lab: Install and test salt running on the following structure: | |
| - 1 Salt Master (CentOS 7) | |
| - 1 Salt Minion (CentOS 7) | |
| - 1 Salt Minion (Ubuntu 20.04.4 (Focal Fossa)) | |
| # Download and install the latest release of Salt. | |
| - Salt Master Centos 7: | |
| 1. Run the following commands to install the SaltStack repository and key (Centos 7): | |
| sudo rpm --import https://repo.saltproject.io/py3/redhat/7/x86_64/latest/SALTSTACK-GPG-KEY.pub | |
| curl -fsSL https://repo.saltproject.io/py3/redhat/7/x86_64/latest.repo | sudo tee /etc/yum.repos.d/salt.repo | |
| (Search on https://repo.saltproject.io for any flavours) | |
| 2. Run sudo yum clean expire-cache | |
| 3. Install the salt-minion, salt-master, or other Salt components: | |
| sudo yum install salt-master | |
| sudo yum install salt-minion | |
| sudo yum install salt-ssh #(only additionally) | |
| sudo yum install salt-syndic #(Optional for this lab) | |
| sudo yum install salt-cloud #(Optional for this lab) | |
| sudo yum install salt-api #(Optional for this lab) | |
| 4.1. Edit Salt Master Configuration | |
| sudo vi /etc/salt/master | |
| #Add this line below (Salt Master IP): | |
| interface: 172.31.32.4 | |
| 4.2 Edit Salt Minion(s) Configuration (Salt Master itself configurations as a minion) | |
| sudo vi /etc/salt/minion | |
| #Replace the interface ip with ip of your salt-master (Salt Master IP): | |
| # Set the location of the salt master server. If the master server cannot be | |
| # resolved, then the minion will fail to start. | |
| #master: salt | |
| master: 172.31.32.4 | |
| 5. Enable and start service for salt-minion, salt-master, or other Salt components: | |
| sudo systemctl enable salt-master && sudo systemctl start salt-master | |
| sudo systemctl enable salt-minion && sudo systemctl start salt-minion | |
| sudo systemctl enable salt-syndic && sudo systemctl start salt-syndic | |
| sudo systemctl enable salt-api && sudo systemctl start salt-api | |
| 6. Test setup on Salt-minion server | |
| sudo salt-key -L | |
| Accepted Keys: | |
| Denied Keys: | |
| Unaccepted Keys: | |
| master.mylabserver.com | |
| Rejected Keys: | |
| 7. Accept the unaccepted key with below command | |
| sudo salt-key --accept=master.mylabserver.com | |
| The following keys are going to be accepted: | |
| Unaccepted Keys: | |
| master.mylabserver.com | |
| Proceed? [n/Y] Y | |
| Key for minion master.mylabserver.com accepted. | |
| 8. Finally test your setup with below command | |
| sudo salt master.mylabserver.com test.ping | |
| master.mylabserver.com: | |
| True | |
| - Salt Minion Centos 7: | |
| Follow the above steps "regarding to minion configuration" and certify salt-minion service is enable and running: | |
| - Salt Minion Ubuntu 20.4: | |
| Run the following commands to import the SaltStack repository key, and to create /etc/apt/sources.list.d/salt.list: | |
| # Download key | |
| sudo curl -fsSL -o /usr/share/keyrings/salt-archive-keyring.gpg https://repo.saltproject.io/py3/ubuntu/20.04/amd64/latest/salt-archive-keyring.gpg | |
| # Create apt sources list file | |
| echo "deb [signed-by=/usr/share/keyrings/salt-archive-keyring.gpg arch=amd64] https://repo.saltproject.io/py3/ubuntu/20.04/amd64/latest focal main" | sudo tee /etc/apt/sources.list.d/salt.list | |
| # Run sudo apt-get update | |
| # Install the salt-minion component: | |
| sudo apt-get install salt-minion | |
| sudo apt-get install salt-ssh (only additionally) | |
| - Salt Minion Configuration: | |
| # Specify the Salt master in the minions configuration file: | |
| sudo vi /etc/salt/minion | |
| # Edit Salt Minion(s) Configuration (Salt Master IP) and save it: | |
| master: 172.31.32.4 | |
| # Enable, start, make sure salt-minion service is running on salt-minion nodes: | |
| sudo systemctl enable --now salt-minion | |
| sudo systemctl status salt-minion | |
| - Sync Salt Master x Salt Minions: | |
| # (In Salt Master) Minion keys must be accepted on the Master: | |
| # Run the salt-key command to list the keys known to the Salt Master: | |
| sudo salt-key -L | |
| Accepted Keys: | |
| master.mylabserver.com | |
| Denied Keys: | |
| Unaccepted Keys: | |
| minion1.mylabserver.com | |
| minion2.mylabserver.com | |
| - To accept the keys and allow the Minions to be controlled by the Master, | |
| again use the salt-key command "salt-key -A": | |
| sudo salt-key -A | |
| The following keys are going to be accepted: | |
| Unaccepted Keys: | |
| minion1.mylabserver.com | |
| minion2.mylabserver.com | |
| Proceed? [n/Y] Y | |
| Key for minion minion1.mylabserver.com accepted. | |
| Key for minion minion2.mylabserver.com accepted. | |
| - Communication between the Master and all Minions may be tested in a similar way: | |
| sudo salt *.mylabserver.com test.ping | |
| master.mylabserver.com: | |
| True | |
| minion1.mylabserver.com: | |
| True | |
| minion2.mylabserver.com: | |
| True | |
| References: | |
| <https://docs.saltproject.io/en/latest/ref/configuration/index.html> | |
| <https://cloudsbaba.com/how-to-install-and-configure-saltstack-on-centos-7/> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment