/
Salt Master Installation

Salt Master Installation

Owned by Swaminathan Mathivanan
Last updated: Sept 01, 2020
3 min read

We will perform these install processes on the Master server. The first step is to make sure our system packages are up to date

[root@host ~]# apt-get update Hit:1 http://by.archive.ubuntu.com/ubuntu bionic InRelease Hit:2 http://by.archive.ubuntu.com/ubuntu bionic-updates InRelease Hit:3 http://by.archive.ubuntu.com/ubuntu bionic-backports InRelease Get:4 http://security.ubuntu.com/ubuntu bionic-security InRelease [88,7 kB] Get:5 http://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest bionic InRelease [2.126 B] Get:6 http://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest bionic/main amd64 Packages [3.200 B] Ign:7 https://dl.bintray.com/tetrate/getenvoy-deb bionic InRelease Get:8 https://dl.bintray.com/tetrate/getenvoy-deb bionic Release [5.356 B] Get:10 http://security.ubuntu.com/ubuntu bionic-security/main amd64 DEP-11 Metadata [38,5 kB] Get:11 http://security.ubuntu.com/ubuntu bionic-security/main DEP-11 48x48 Icons [17,6 kB] Get:12 http://security.ubuntu.com/ubuntu bionic-security/main DEP-11 64x64 Icons [41,5 kB] Get:13 http://security.ubuntu.com/ubuntu bionic-security/universe amd64 DEP-11 Metadata [42,1 kB] Get:14 http://security.ubuntu.com/ubuntu bionic-security/universe DEP-11 48x48 Icons [16,4 kB] Get:15 http://security.ubuntu.com/ubuntu bionic-security/universe DEP-11 64x64 Icons [111 kB] Get:16 http://security.ubuntu.com/ubuntu bionic-security/multiverse amd64 DEP-11 Metadata [2.464 B] Fetched 369 kB in 1s (258 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done All packages are up to date. [root@host ~]#

Now, we need to download the repository key for SaltStack and import it into our system.

[root@host ~]# wget -O- https://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add - --2020-03-08 19:00:32-- https://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest/SALTSTACK-GPG-KEY.pub Resolving repo.saltstack.com (repo.saltstack.com)... 54.192.230.5, 54.192.230.104, 54.192.230.29, ... Connecting to repo.saltstack.com (repo.saltstack.com)|54.192.230.5|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1727 (1,7K) [application/octet-stream] Saving to: 'STDOUT' - 100%[==================>] 1,69K --.-KB/s in 0s 2020-03-08 19:00:34 (374 MB/s) - written to stdout [1727/1727] OK [root@host ~]#

Next, we can add the repository itself.

echo "deb http://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest bionic main" | sudo tee /etc/apt/sources.list.d/saltstack.list deb http://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest bionic main [root@host ~]#

Now, we need to update our repo list so our available system packages are up to date.

[root@host ~]# apt-get update Hit:1 http://by.archive.ubuntu.com/ubuntu bionic InRelease Hit:2 http://by.archive.ubuntu.com/ubuntu bionic-updates InRelease Hit:3 http://by.archive.ubuntu.com/ubuntu bionic-backports InRelease Get:4 http://security.ubuntu.com/ubuntu bionic-security InRelease [88,7 kB] Get:5 http://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest bionic InRelease [2.126 B] Get:6 http://repo.saltstack.com/py3/ubuntu/18.04/amd64/latest bionic/main amd64 Packages [3.200 B] Ign:7 https://dl.bintray.com/tetrate/getenvoy-deb bionic InRelease Get:8 https://dl.bintray.com/tetrate/getenvoy-deb bionic Release [5.356 B] Get:10 http://security.ubuntu.com/ubuntu bionic-security/main amd64 DEP-11 Metadata [38,5 kB] Get:11 http://security.ubuntu.com/ubuntu bionic-security/main DEP-11 48x48 Icons [17,6 kB] Get:12 http://security.ubuntu.com/ubuntu bionic-security/main DEP-11 64x64 Icons [41,5 kB] Get:13 http://security.ubuntu.com/ubuntu bionic-security/universe amd64 DEP-11 Metadata [42,1 kB] Get:14 http://security.ubuntu.com/ubuntu bionic-security/universe DEP-11 48x48 Icons [16,4 kB] Get:15 http://security.ubuntu.com/ubuntu bionic-security/universe DEP-11 64x64 Icons [111 kB] Get:16 http://security.ubuntu.com/ubuntu bionic-security/multiverse amd64 DEP-11 Metadata [2.464 B] Fetched 369 kB in 1s (258 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done All packages are up to date. [root@host ~]#

Next, lets install SaltStack Master packages.

[root@host ~]# apt -y install salt-api salt-cloud salt-master salt-ssh salt-syndic Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: git git-man ieee-data liberror-perl libnorm1 libpgm-5.2-0 libzmq5 python3-cherrypy3 python3-croniter python3-git python3-gitdb python3-gnupg python3-jinja2 python3-libcloud python3-lockfile python3-msgpack python3-netaddr python3-openssl python3-psutil python3-repoze.lru python3-routes python3-smmap python3-webob python3-zmq salt-common Suggested packages: git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-cvs git-mediawiki git-svn python-git-doc python-jinja2-doc python-lockfile-doc ipython3 python-netaddr-docs python-openssl-doc python3-openssl-dbg python-psutil-doc python3-paste python3-nose python-webob-doc python3-botocore python3-pycurl python3-twisted The following NEW packages will be installed: git git-man ieee-data liberror-perl libnorm1 libpgm-5.2-0 libzmq5 python3-cherrypy3 python3-croniter python3-git python3-gitdb python3-gnupg python3-jinja2 python3-libcloud python3-lockfile python3-msgpack python3-netaddr python3-openssl python3-psutil python3-repoze.lru python3-routes python3-smmap python3-webob python3-zmq salt-api salt-cloud salt-common salt-master salt-ssh salt-syndic 0 upgraded, 30 newly installed, 0 to remove and 0 not upgraded. Need to get 16,5 MB of archives. After this operation, 98,8 MB of additional disk space will be used. Created symlink /etc/systemd/system/multi-user.target.wants/salt-master.service → /lib/systemd/system/salt-master.service. Setting up salt-api (3000+ds-1) ... Created symlink /etc/systemd/system/multi-user.target.wants/salt-api.service → /lib/systemd/system/salt-api.service. Setting up salt-syndic (3000+ds-1) ... Created symlink /etc/systemd/system/multi-user.target.wants/salt-syndic.service → /lib/systemd/system/salt-syndic.service. Processing triggers for systemd (237-3ubuntu10.39) ... Processing triggers for man-db (2.8.3-2ubuntu0.1) ... Processing triggers for ureadahead (0.100.0-21) ... Processing triggers for libc-bin (2.27-3ubuntu1) ... [root@host ~]#

Salt Master Configuration

Using the nano or vim text editor, open the file /etc/salt/master.

[root@host ~]# vim /etc/salt/master

Now, find the following line.

#interface: 0.0.0.0

Once the value is located, uncomment it out and then specify the servers IP replacing the 0.0.0.0 IP address. In this example, we will use <xxx.xxx.xxx.xxx>. This will be the IP address from which we will control the minion servers.

# The address of the interface to bind to: interface: <xxx.xxx.xxx.xxx>

Use :wq to save the file and exit. After editing, we should restart the service.

[root@host ~]# systemctl restart salt-master.service [root@host ~]#

Next, we need to create a key that will be used by the minions to connect to the master nodes. We generated a unique key, so yours will be different.

root@host:~# salt-key -F master Local Keys: master.pem: f8:01:d9:13:19:3f:a2:37:a5:03:cb:e8:0e:3d:9f:75:7c:f7:36:10:1d:51:70:b2:4c:b8:5f:04:4b:04:fc:28 master.pub: d0:71:50:26:f7:05:d7:84:6c:f8:38:1f:ce:5b:d8:6a:80:6c:1a:76:05:a8:48:3a:d7:5a:86:ff:bc:14:3b:49 root@host:~#

You will want to make note of the master.pub key as we will need to add it into the configuration on the salt minion shortly.

Lastly, we will want to open the default ports in the firewall. By default, Salt uses ports 4505 and 4506.

[root@host ~]# ufw allow proto tcp from any to any port 4505,4506



 

Related content