SaltStack is an open-source configuration management program that automates configuration file deployments, and applications on a server. It operates in a server-client fashion to form a stack running Salt as the main program. In this guide, you learn how to set up a working SaltStack on Ubuntu 20.04 in a Virtual Private Cloud (VPC).
SaltStack requires root privileges to run on both the master and minion server.
A root server that interconnects all machines added to the cluster (SaltStack) with the ability to communicate and run commands on any, or group of client machines (minions).
A client machine in the SaltStack and receives instructions from a Salt Master.
File or set of files that instruct minions on commands execute. For example, a file can include installation instructions for a single application like PHP.
A pre-defined data file on the Salt Master that can be securely passed to minions. A single Pillar can include highly sensitive data, arbitrary data, variables, and minion configurations.
Update the server.
# apt update
Install Salt Master.
# apt install salt-master
Start Salt Master
#systemctl salt-master start
Update the server.
# apt update
Install Salt Minion.
# apt install salt-minion
Start Salt Minion.
# systemctl salt-minion start
The IP Address range 10.0.1.0-10.0.1.2/32
represents the Vultr Private Cloud (VPC) interface. For more information, visit the Vultr VPC documentation.
Using a text editor of your choice, open and edit the Salt-master configuration file.
# nano /etc/salt/master
Find the following interface
configuration line, and set it to your VPC address.
interface: 0.0.0.0
Save the file
To secure SaltStack, view and copy the master key fingerprint.
# salt-key -F master
Restart Salt-master to load changes.
# systemctl salt-master restart
Edit the Salt-minion configuration file.
# nano /etc/salt/minion
Find the following master
configuration line, and enter your Salt-master address.
master: 10.0.0.1
Save the file
Locate master_finger
, and paste your Salt-master key fingerprint generated earlier.
master_finger: <Fingerprint here>
Restart Salt-minion to load changes.
# systemctl salt-minion restart
Access the master server and perform the following basic master operations. Accepted minion keys grant the master control privileges on the respective minions.
Show all minions.
# salt-key -L
Output: Accepted Keys: Denied Keys: Unaccepted Keys: example-server Rejected Keys:
Your minion id (hostname) should display under the Unaccepted Keys:
section. To change your minion id, edit the /etc/salt/minion_id
file.
Accept an unaccepted minion key.
# salt-key -a example-server
Accept all unaccepted minion keys.
# salt-key -A
Delete a Minion.
# salt-key -d example-server
Test communication between the master and a target minion.
# salt example-server test.version
Test communication between the master and all accepted minions.
# salt '*' test.version
The above commands print the installed Salt version on each Minion.
Formula instructions a stored in a init.sls
file in the /srv
directory.
Create a new formulas directory.
# sudo mkdir -p /srv/formulas
Create your first formula directory.
# sudo mkdir -p /srv/salt/php
Create and edit the formula file init.sls
.
# sudo nano /srv/salt/php/init.sls
Add the following contents to the file.
php:
pkg.installed:
- name: php
The above formula installs PHP on a minion.
Save the file.
Run the formula.
# salt example-server state.sls php
The formula installs PHP on the example-server
minion,to install on all accepted minions, use '*'
.
To access preconfigured files, visit the SaltStack-Formulas GitHub repository.
By default, Pillars are active on the Salt Master, access the server to perform the operations below.
Create the Pillar directory.
# mkdir -p /srv/pillar
Create the top.sls
file.
# nano /srv/pillar/top.sls
Add the following contents to the file.
base:
'*':
- data
The above configuration instructs Pillar to associate the data.sls
file to the example
minion.
Save the file.
Create a simple data.sls
file.
# nano /srv/pillar/data.sls
Add the following sample code to the file.
info: hello-world
Save the file.
Call all minions to fetch pillars from the master.
# salt '*' saltutil.refresh_pillar
Verify that all minions have the new pillar.
# salt '*' pillar.items
You have successfully used SaltStack to set up a master and a minion, then automated tasks using formulas and pillars. For more information, visit the official SaltStack documentation.