-->
  • Recent Articles

    How to Install SaltStack on CentOS 7 / RHEL 7

     SaltStack, or Salt, is a popular open source configuration management solution which can be used to implement configuration management, code deployment and much more. Salt can manage tens of thousands of servers in parallel. 

    In this article, I will show you how to install Salt on two CentOS 7 server instances. In this example , you will have one master server and one agent server (called minion), and you can add more minions later.

    Prerequisites

    Before proceeding, I assume that you have:

    • Deployed two CentOS 7 server instances on VM 
    • Setup private networking on both of the two server instances. 

    The summary of our two servers is as follows.

    SaltStack master server:

    • OS: CentOS 7
    • hostname: salt-master
    • Private IP: 192.168.0.150

    SaltStack agent server 1:

    • OS: CentOS 7
    • hostname: minion1
    • Private IP: 192.168.0.145

    Step 1: SaltStack master server

    1.a Update the system

    Use the sudo user to log into the SaltStack master server, then update the system to the latest stable status:

    root@devopszones # yum update -y && reboot

    After the reboot completes, Please log in.

    devopszones yum update

    1.b Install and configure the salt-master 

    Use the SaltStack official YUM repo to install the latest salt-master program:

    root@devopszones # yum install https://repo.saltproject.io/yum/redhat/salt-repo-latest-3.el7.noarch.rpm -y root@devopszones # yum clean expire-cache root@devopszones # yum install salt-master

    salt stack install


    After the installation finishes, modify the configuration file as below:

    root@devopszones # vi /etc/salt/master

    Find:

    #interface: 0.0.0.0

    Replace the line with:

    interface: 192.168.0.150
    Uncomment the line with:
    hash_type: sha256

    Save and quit:
    :wq

    Start and enable the salt-master service:

    root@devopszones # systemctl start salt-master.service


    root@devopszones # systemctl enable salt-master.service

     

    Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.service to /usr/lib/systemd/system/salt-master.service.

     

    Set firewall rules

     You can either disable firewall or you can set the rules on firewall.

    root@devopszones # firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp

    root@devopszones # firewall-cmd --reload

     

    Step 2: SaltStack agent server

    2.a Update the system

    Use the sudo user to log into the SaltStack master server, then update the system to the latest stable status:

    root@devopszones # yum update -y && reboot

    After the reboot completes, Please log in.

    2.b Install and configure the salt-minion 

    Use the SaltStack official YUM repo to install the latest salt-master program:

    root@devopszones # yum install https://repo.saltproject.io/yum/redhat/salt-repo-latest-3.el7.noarch.rpm -y root@devopszones # yum clean expire-cache root@devopszones # yum install salt-minion
    minion install


    After the installation, modify the configuration file as below:

    After the installation finishes, modify the configuration file as below:

    root@devopszones # vi /etc/salt/minion

    Find:

    #master: salt

    Replace the line with:

    #master: 192.168.0.150
    Uncomment the line with:
    hash_type: sha256

    Save and quit:
    :wq

    Start and enable the salt-minion service:

    root@devopszones # systemctl start salt-minion.service


    root@devopszones # systemctl enable salt-minion.service

     

    Created symlink from /etc/systemd/system/multi-user.target.wants/salt-minion.service to /usr/lib/systemd/system/salt-minion.service.


    Step 3: Test your setup

    1. Login to slatstack master server and check all available agents:

    root@devopszones # salt-key -L

    If everything was successful, you will see the agent server "nagiosclient" listed in the "Unaccepted Keys" segment.
    Salt unaccepted Keys


    Accept "nagiosclient" using this command:

    root@devopszones # salt-key --accept=nagiosclient.org
    devopszones: salt accepted Keys



    Test Case 1: Ping minion

    Command: root@devopszones # salt nagiosclient.org test.ping

    Output:
    nagiosclient.org:
        True
    root@devopszones #

    Test case 2: Get  present working directory

    Command :
    root@devopszones # salt nagiosclient.org cmd.run pwd

    Output:
    nagiosclient.org:
        /root
    root@devopszones #

    No comments