Friday, January 3, 2025
Google search engine
HomeGuest BlogsHow To Install Salt master and minion on Ubuntu 22.04

How To Install Salt master and minion on Ubuntu 22.04

.tdi_3.td-a-rec{text-align:center}.tdi_3 .td-element-style{z-index:-1}.tdi_3.td-a-rec-img{text-align:left}.tdi_3.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_3.td-a-rec-img{text-align:center}}

Over the years, technology has immensely grown resulting in increased complexity of working environments. This technological advancement has brought several automation tools into play. The most popular system automation tools are Ansible, Puppet, Chef, Foreman, Katello, CFEngine, Salt stack etc.

SaltStack commonly referred to as Salt is a powerful open-source configuration management and event-driven orchestration tool. It was first developed by Salt, Thomas S. Hatch after a high demand for high-speed data collection and task management tools for data centre systems. During development, the ZeroMQ messaging library was used to gain the high-speed requirements and networking layers for Saltstack.

Just like ansible, Salt supports the Infrastructure as Code approach in orchestration, management, configuration, and network deployment. The Saltstack is made up of the following components:

.tdi_2.td-a-rec{text-align:center}.tdi_2 .td-element-style{z-index:-1}.tdi_2.td-a-rec-img{text-align:left}.tdi_2.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_2.td-a-rec-img{text-align:center}}

  • Salt Master: its main task is to control and manage a given number of salt slaves by sending configuration and commands.
  • Salt Minions: are slave daemons that receive configurations and commands from the salt master.
  • Formula: these are salt states/configuration management files that are already written
  • Execution: refers to ad-hoc commands and modules executed against single or multiple salt minions.

Below is a diagram illustrating the SaltStack architecture.

SaltStack architecture

The main features offered by SaltStack are:

  • It is easy to set up and provides a single remote execution architecture that can manage the diverse requirements of any number of servers.
  • Fault tolerance, Salt minions can connect to multiple masters at one time
  • Supports a simple programming interface(Python API). This makes it modular and easily extensible.
  • Scalable Configuration Management, it can handle ten thousand minions per master
  • Supports parallel Execution model
  • It supports a flexible management approach
  • Language Agnostic in that the configuration files, templating engine and file type support any type of language.

Install Salt master and minion on Ubuntu 22.04

In this guide, we will walk through how to set up the SaltStack with:

  • Ubuntu 22.04 Salt master
  • Ubuntu 22.04 minion

For installation on Ubuntu 20.04/18.04 use below guide:

Update the APT package repositories:

sudo apt update -y

Install the required packages:

sudo apt install curl vim python3 -y

Step 1: Add SaltStack Repositories

We will add the SaltStack repositories on our Ubuntu master and minion. The commands to use are:

sudo curl -fsSL -o /etc/apt/keyrings/salt-archive-keyring.gpg https://repo.saltproject.io/salt/py3/ubuntu/22.04/amd64/latest/salt-archive-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch=amd64] https://repo.saltproject.io/salt/py3/ubuntu/22.04/amd64/latest jammy main" | sudo tee /etc/apt/sources.list.d/salt.list

Once added, update the APT repositories.

sudo apt update

Step 1: Install and Configure Salt master

Once the repository has been added, we can install the Salt master on the selected node.

sudo apt install salt-common salt-master

After installing it, we need to make the configurations to the Salt master. Open the configuration file for editing:

sudo vim /etc/salt/master

We will set the bind address for the master node as shown;

# The address of the interface to bind to: 
interface: 0.0.0.0

For the changes to take effect, restart the service:

sudo systemctl restart salt-master

Allow the ports through the firewall if you have it enabled:

sudo ufw allow proto tcp from any to any port 4505,4506

Confirm status of the service.

$ systemctl status salt-master
 salt-master.service - The Salt Master Server
     Loaded: loaded (/lib/systemd/system/salt-master.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2023-02-03 06:04:24 UTC; 10s ago
       Docs: man:salt-master(1)
             file:///usr/share/doc/salt/html/contents.html
             https://docs.saltproject.io/en/latest/contents.html
   Main PID: 2571 (/opt/saltstack/)
      Tasks: 45 (limit: 4538)
     Memory: 206.9M
        CPU: 8.134s
     CGroup: /system.slice/salt-master.service
             ├─2571 "/opt/saltstack/salt/run/run master MainProcess"
             ├─2633 "/opt/saltstack/salt/run/run master PubServerChannel._publish_daemon"
             ├─2634 "/opt/saltstack/salt/run/run master EventPublisher"
             ├─2635 "/opt/saltstack/salt/run/run master Maintenance"
             ├─2638 "/opt/saltstack/salt/run/run master ReqServer ReqServer_ProcessManager"
             ├─2639 "/opt/saltstack/salt/run/run master ReqServer MWorkerQueue"
             ├─2640 "/opt/saltstack/salt/run/run master ReqServer MWorker-0"
             ├─2641 "/opt/saltstack/salt/run/run master FileServerUpdate"
             ├─2642 "/opt/saltstack/salt/run/run master ReqServer MWorker-1"
             ├─2649 "/opt/saltstack/salt/run/run master ReqServer MWorker-2"
             ├─2650 "/opt/saltstack/salt/run/run master ReqServer MWorker-3"
             └─2653 "/opt/saltstack/salt/run/run master ReqServer MWorker-4"

Feb 03 06:04:23 jammy systemd[1]: Starting The Salt Master Server...
Feb 03 06:04:24 jammy systemd[1]: Started The Salt Master Server.
Feb 03 06:04:25 jammy salt-master[2639]: [ERROR   ] ReqServer clients tcp://0.0.0.0:4506
Feb 03 06:04:26 jammy salt-master[2639]: [ERROR   ] ReqServer workers ipc:///var/run/salt/master/workers.ipc

Step 3: Install and Configure Salt Minion

We can also install the Salt Minion using the repositories we added earlier. On the desired Salt Minion node, execute the command below:

sudo apt install salt-minion

Once complete, make configurations:

sudo vim /etc/salt/minion

Now provide the IP address of your Master node:

# Set the location of the salt master server. If the master server cannot be 
# resolved, then the minion will fail to start. 
master: 192.168.205.22

Now leave this open and proceed as shown below.

Authenticate Minions on Salt Master

For Minions to be added, they must be authenticated using the master’s public fingerprint. On the master node, list the available fingerprints:

$ sudo salt-key --finger-all
Local Keys:
master.pem:  78:83:7e:99:15:90:47:62:04:68:23:9c:3f:b1:3f:24:95:16:23:6a:46:1f:16:71:89:1c:47:b1:6e:5b:5c:5b
master.pub:  ea:f9:f8:a7:f9:14:17:f3:0f:80:8f:4c:bf:a0:6b:15:01:ce:7c:98:db:57:26:98:83:1b:c8:63:ed:57:f6:4f

Copy the displayed master.pub and paste it into the Minion config file:

$ sudo vim /etc/salt/minion
# Fingerprint of the master public key to validate the identity of your Salt master 
# before the initial key exchange. The master fingerprint can be found by running 
# "salt-key -f master.pub" on the Salt master. 
master_finger: 'ea:f9:f8:a7:f9:14:17:f3:0f:80:8f:4c:bf:a0:6b:15:01:ce:7c:98:db:57:26:98:83:1b:c8:63:ed:57:f6:4f'

Proceed and assign the minion a name:

# clusters. 
id: minion1

You can now save the configuration file and restart the minion service

sudo systemctl restart salt-minion

Make sure it starts without an error:

$ systemctl status  salt-minion
 salt-minion.service - The Salt Minion
     Loaded: loaded (/lib/systemd/system/salt-minion.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2023-02-03 06:07:42 UTC; 4s ago
       Docs: man:salt-minion(1)
             file:///usr/share/doc/salt/html/contents.html
             https://docs.saltproject.io/en/latest/contents.html
   Main PID: 3793 (/opt/saltstack/)
      Tasks: 7 (limit: 4538)
     Memory: 79.8M
        CPU: 2.477s
     CGroup: /system.slice/salt-minion.service
             ├─3793 "/opt/saltstack/salt/run/run minion"
             └─3800 "/opt/saltstack/salt/run/run minion MultiMinionProcessManager MinionProcessManager"

Feb 03 06:07:41 jammy systemd[1]: Starting The Salt Minion...
Feb 03 06:07:42 jammy systemd[1]: Started The Salt Minion.

To check the fingerprint of the minion, use the command:

$ sudo salt-call key.finger --local 
local:
    1a:d5:dd:60:6f:4a:5f:95:dd:73:4d:25:4c:f9:64:de:01:71:47:6a:27:b8:5b:b1:96:0e:7f:74:e3:5f:29:a2

To verify if the minion has the same fingerprint on the master node, use:

$ sudo salt-key --finger-all                              
Local Keys:
master.pem:  78:83:7e:99:15:90:47:62:04:68:23:9c:3f:b1:3f:24:95:16:23:6a:46:1f:16:71:89:1c:47:b1:6e:5b:5c:5b
master.pub:  ea:f9:f8:a7:f9:14:17:f3:0f:80:8f:4c:bf:a0:6b:15:01:ce:7c:98:db:57:26:98:83:1b:c8:63:ed:57:f6:4f
Unaccepted Keys:
minion1:  1a:d5:dd:60:6f:4a:5f:95:dd:73:4d:25:4c:f9:64:de:01:71:47:6a:27:b8:5b:b1:96:0e:7f:74:e3:5f:29:a2

After confirming that the fingerprints are matching, accept the minion on the Salt master:

$ sudo salt-key -a minion1
The following keys are going to be accepted:
Unaccepted Keys:
minion1
Proceed? [n/Y] y
Key for minion minion1 accepted.

Or accept all pending keys:

sudo salt-key -A -y

To be sure that the salt-minion has been added, we will run the ping command below:

$ sudo salt minion1 test.ping
minion1:
    True

Step 4: Execute Remote tasks on Saltstack

From the Salt master, we can now execute our remote commands to all the added minions. In this guide, we will learn how to execute simple tasks from the salt master.

To view the available disk space in the minion, use the command:

sudo salt '*' disk.usage 

Execution output:

Install Salt master and minion on Ubuntu 22.04

To install an application such as apache, use the command:

sudo salt minion1 pkg.install apache2              

Execution output:

Install Salt master and minion on Ubuntu 22.04 1

To execute shell commands on the minions, use cmd.run. For example

sudo salt '*' cmd.run 'ls -l /var' 

Sample output:

Install Salt master and minion on Ubuntu 22.04 2

Step 5: Use Master State Files to manage Salt Minions

Apart from the above remote commands, we can use state files to manage the salt minions. State files are configuration management files which are saved with the .sls extension. They usually have a desired state of the minions declared and config checks to satisfy it.

For this guide, we will create a simple state file. This state file will ensure that Rsync, curl, and Apache is installed on the minion.

Begin by creating the environment base:

sudo mkdir /srv/salt

Create the state file:

$ sudo vim /srv/salt/setup.sls
network_utilities: 
 pkg.installed: 
   - pkgs: 
     - rsync 
     - curl 

apache_pkg: 
 pkg.installed: 
   - name: apache2 

apache_service: 
 service.running: 
   - name: apache2 
   - enable: True 
   - require: 
     - pkg: apache_pkg

To execute the state file, use the command:

$ sudo salt '*' state.apply setup
minion1:
----------
          ID: network_utilities
    Function: pkg.installed
      Result: True
     Comment: All specified packages are already installed
     Started: 11:48:48.645870
    Duration: 65.026 ms
     Changes:   
----------
          ID: apache_pkg
    Function: pkg.installed
        Name: apache2
      Result: True
     Comment: All specified packages are already installed
     Started: 11:48:48.711270
    Duration: 9.536 ms
     Changes:   
----------
          ID: apache_service
    Function: service.running
        Name: apache2
      Result: True
     Comment: The service apache2 is already running
     Started: 11:48:48.723654
    Duration: 41.374 ms
     Changes:   

Summary for minion1
------------
Succeeded: 3
Failed:    0
------------
Total states run:     3
Total run time: 115.936 ms

Conclusion

That marks the end of this detailed guide on how to install Salt master and minion on Ubuntu 22.04. Now you can easily orchestrate and configure your systems as desired. I hope this was helpful.

See more guides on this page:

.tdi_4.td-a-rec{text-align:center}.tdi_4 .td-element-style{z-index:-1}.tdi_4.td-a-rec-img{text-align:left}.tdi_4.td-a-rec-img img{margin:0 auto 0 0}@media(max-width:767px){.tdi_4.td-a-rec-img{text-align:center}}

RELATED ARTICLES

Most Popular

Recent Comments