Maximum performance at minimal cost. Start your server in seconds now!
    Vijona

    How to Install SaltStack on Two CentOS 7 Servers

    SaltStack, commonly referred to as Salt, is an open-source platform used for managing configurations, executing remote commands, deploying code, and more. With its intuitive interface, excellent scalability, and powerful capabilities, Salt can manage vast server infrastructures simultaneously. Its efficiency and ease of deployment have made it a favored tool for infrastructure automation worldwide.

    This guide will walk you through the installation of Salt on two CentOS 7 servers using the agent-master model. In this setup, one server acts as the master while the other serves as the agent (minion). Additional minions can be added later as needed.

    Prerequisites

    Before starting, ensure the following conditions are met:

    • Two CentOS 7 servers are deployed in the same data center.
    • Private networking is configured on both machines. Refer to the article Configuring Private Network.
    • Each machine has a non-root user with sudo privileges.

    Here is a summary of the server details:

    Salt Master Server

    • Operating System: CentOS 7
    • Hostname: master
    • Private IP: 10.99.0.10

    Salt Agent Server 1

    • Operating System: CentOS 7
    • Hostname: minion1
    • Private IP: 10.99.0.11

    Step 1: Tasks on the Salt Master Server

    1.1 Perform a System Update

    Log in to the Salt master server using the sudo-enabled user and update the system:

    Copy Code 
    

    sudo yum update -y && sudo reboot

    After the system reboots, log back in with the same user.

    1.2 Install and Set Up the salt-master Service

    Install the latest version of salt-master using the official YUM repository:

    Copy Code 
    

    sudo yum install https://repo.saltstack.com/yum/redhat/salt-repo-2015.8-2.el7.noarch.rpm
sudo yum clean expire-cache
sudo yum install salt-master

    Next, edit the configuration file:

    Copy Code 
    

    sudo vi /etc/salt/master

    Locate the following line:

    Copy Code 
    

    #interface: 0.0.0.0

    And replace it with:

    Copy Code 
    

    interface: 10.99.0.10

    Then find this line:

    Copy Code 
    

    #hash_type: md5

    And change it to:

    Copy Code 
    

    hash_type: sha256

    Save and exit the editor:

    Copy Code 
    

    :wq

    Now start and enable the Salt master service:

    Copy Code 
    

    sudo systemctl start salt-master.service
sudo systemctl enable salt-master.service

    1.3 Adjust Firewall Settings

    The master server uses TCP ports 4505 and 4506 to communicate with minions. These ports need to be opened in the firewall.

    First, determine the zone of the eth1 interface:

    Copy Code 
    

    sudo firewall-cmd --get-active-zones

    You’ll find that eth1 belongs to the “public” zone. Allow the necessary traffic in that zone:

    Copy Code 
    

    sudo firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp
sudo firewall-cmd --reload

    At this point, the master server is fully prepared. The next step is to set up the Salt agent server.

    Step 2: Tasks on the Salt Agent Server

    2.1 Perform a System Update

    Log into the Salt agent server using the sudo-enabled user and update the system:

    Copy Code 
    

    sudo yum update -y && sudo reboot

    Once the reboot is complete, log in again using the same sudo user.

    2.2 Install and Configure the salt-minion Service

    Install the salt-minion package using the SaltStack repository:

    Copy Code 
    

    sudo yum install https://repo.saltstack.com/yum/redhat/salt-repo-2015.8-2.el7.noarch.rpm
sudo yum clean expire-cache
sudo yum install salt-minion

    Once installed, edit the minion configuration file:

    Copy Code 
    

    sudo vi /etc/salt/minion

    Search for this line:

    Copy Code 
    

    #master: salt

    Replace it with the following:

    Copy Code 
    

    master: 10.99.0.10

    Next, find:

    Copy Code 
    

    #hash_type: sha256

    And replace it with:

    Copy Code 
    

    hash_type: sha256

    Save and exit:

    Copy Code 
    

    :wq

    Now start and enable the Salt minion service:

    Copy Code 
    

    sudo systemctl start salt-minion.service
sudo systemctl enable salt-minion.service

    Once the minion starts, it will try to connect to the Salt master server.

    If you plan to add more minion servers, simply repeat the same setup procedure for each.

    Step 3: Verify the Configuration from the Master Server

    Return to the SSH session on the Salt master server and list all detected minions:

    Copy Code 
    

    sudo salt-key -L

    If the minion was configured correctly, you will see the following:

    Accepted Keys:
Denied Keys:
Unaccepted Keys:
minion1
Rejected Keys:

    To authorize the minion:

    Copy Code 
    

    sudo salt-key --accept=minion1

    Or to approve all waiting minions at once:

    Copy Code 
    

    sudo salt-key -A

    Now test the communication with the minion.

    Example 1: Ping the Minion

    Copy Code 
    

    sudo salt minion1 test.ping

    The result should look like:

    minion1:
    True

    Example 2: Run a Command Remotely

    Copy Code 
    

    sudo salt minion1 cmd.run pwd

    The expected output:

    minion1:
    /root

    Conclusion

    By following this guide, you have successfully configured a Salt master and a minion server on CentOS 7. The agent-master model is now operational, allowing you to remotely execute commands, automate configurations, and expand your infrastructure as needed. SaltStack provides a robust and scalable solution to streamline system administration tasks across multiple machines efficiently.

    Source: vultr.com

    Create a Free Account

    Register now and get access to our Cloud Services.

    Try now

    Posts you might be interested in: