Getting Started With SaltStack on Ubuntu 20.04

Introduction

SaltStack is an open-source configuration management program that automates configuration file deployments, and applications on a server. It operates in a server-client fashion to form a stack running Salt as the main program. In this guide, you learn how to set up a working SaltStack on Ubuntu 20.04 in a Virtual Private Cloud (VPC).

Prerequisites

• Deploy a fresh Ubuntu 20.04 Vultr server to work as the SaltMaster.
• Deploy another Ubuntu.20.04 server to work as the SaltMinion.
• Create a Vultr VPC and add both servers to the network.
• Use SSH to Login as root.

SaltStack requires root privileges to run on both the master and minion server.

Terminologies

1. Master

A root server that interconnects all machines added to the cluster (SaltStack) with the ability to communicate and run commands on any, or group of client machines (minions).

2. Minion

A client machine in the SaltStack and receives instructions from a Salt Master.

3. Formula

File or set of files that instruct minions on commands execute. For example, a file can include installation instructions for a single application like PHP.

4. Pillar

A pre-defined data file on the Salt Master that can be securely passed to minions. A single Pillar can include highly sensitive data, arbitrary data, variables, and minion configurations.

Installation

1. Master Server

1. Update the server.

    # apt update
   

2. Install Salt Master.

    # apt install salt-master
   

3. Start Salt Master

    #systemctl salt-master start
   

2. Minion Server

1. Update the server.

    # apt update
   

2. Install Salt Minion.

    # apt install salt-minion
   

3. Start Salt Minion.

    # systemctl salt-minion start
   

Configuration

The IP Address range 10.0.1.0-10.0.1.2/32 represents the Vultr Private Cloud (VPC) interface. For more information, visit the Vultr VPC documentation.

1. Salt Master

1. Using a text editor of your choice, open and edit the Salt-master configuration file.

    # nano /etc/salt/master
   

2. Find the following interface configuration line, and set it to your VPC address.

    interface: 0.0.0.0
   

   Save the file

3. To secure SaltStack, view and copy the master key fingerprint.

    # salt-key -F master
   

4. Restart Salt-master to load changes.

    # systemctl salt-master restart
   

2. Salt Minion

1. Edit the Salt-minion configuration file.

    # nano /etc/salt/minion
   

2. Find the following master configuration line, and enter your Salt-master address.

    master: 10.0.0.1
   

   Save the file

3. Locate master_finger, and paste your Salt-master key fingerprint generated earlier.

    master_finger: <Fingerprint here>
   

4. Restart Salt-minion to load changes.

    # systemctl salt-minion restart
   

Master Operations

Access the master server and perform the following basic master operations. Accepted minion keys grant the master control privileges on the respective minions.

1. Show all minions.

    # salt-key -L
   

   Output: Accepted Keys: Denied Keys: Unaccepted Keys: example-server Rejected Keys:

   Your minion id (hostname) should display under the Unaccepted Keys: section. To change your minion id, edit the /etc/salt/minion_id file.

2. Accept an unaccepted minion key.

    # salt-key -a example-server
   

3. Accept all unaccepted minion keys.

    # salt-key -A
   

4. Delete a Minion.

    # salt-key -d example-server
   

Test

1. Test communication between the master and a target minion.

    # salt example-server test.version
   

2. Test communication between the master and all accepted minions.

    # salt '*' test.version
   

The above commands print the installed Salt version on each Minion.

Create Formulas

Formula instructions a stored in a init.sls file in the /srv directory.

1. Create a new formulas directory.

    # sudo mkdir -p /srv/formulas
   

2. Create your first formula directory.

    # sudo mkdir -p /srv/salt/php
   

3. Create and edit the formula file init.sls.

    # sudo nano /srv/salt/php/init.sls
   

4. Add the following contents to the file.

    php:
      pkg.installed:
        - name: php
   

   The above formula installs PHP on a minion.

   Save the file.

5. Run the formula.

    # salt example-server state.sls php
   

The formula installs PHP on the example-server minion,to install on all accepted minions, use '*'.

To access preconfigured files, visit the SaltStack-Formulas GitHub repository.

Create Pillars

By default, Pillars are active on the Salt Master, access the server to perform the operations below.

1. Create the Pillar directory.

    # mkdir -p /srv/pillar
   

2. Create the top.sls file.

    # nano /srv/pillar/top.sls
   

3. Add the following contents to the file.

    base:
     '*':
      - data
   

   The above configuration instructs Pillar to associate the data.sls file to the example minion.

   Save the file.

4. Create a simple data.sls file.

    # nano /srv/pillar/data.sls
   

5. Add the following sample code to the file.

    info: hello-world
   

   Save the file.

6. Call all minions to fetch pillars from the master.

    # salt '*' saltutil.refresh_pillar
   

7. Verify that all minions have the new pillar.

    # salt '*' pillar.items
   

More Information

You have successfully used SaltStack to set up a master and a minion, then automated tasks using formulas and pillars. For more information, visit the official SaltStack documentation.