Install And Use SALTStack In A Mixed Environment
What is Salt Stack?
Salt is a new approach to infrastructure management. Easy enough to get running in minutes, scalable enough to manage tens of thousands of servers, and fast enough to communicate with them in seconds. Salt delivers a dynamic communication bus for infrastructures that can be used for orchestration, remote execution, configuration management and much more...
The main porpuse of this document is not just install SaltStack, because it is well documented elsewhere, but rather give you a slight insight of its usability.
The SALT based infrastucture must have a Salt Master, which controls the Salt Minions machines. By Salt Master, you can easily distribute commands directly to Minions as it would be console commands. You can start/stop services, deploy/undeploy packages, manage configurations, etc
Prerequisites
I created a KVM virtual environment in Fedora, based on Falko's document.
Based on Falko's Virtualization howto, I have installed four KVM based virtual machines. I created three base Debian install 7.1 install. One for Salt master and two in order to be Salt minions. I created a CentOS minimal install to be a minion in order to represent mixed environment.
During my work I feel myself confortable to become constantly ROOT user. (Not just keep using sudo by each command)
However I installed VIM and SCREEN for comfortable work environment as well
root@salt-master:/etc/apt# apt-get install screen vim
[root@salt-centos ~]# yum install screen vim
Set up SALT STACK reposotory for Debian
Creating a file for salt repository to /etc/apt/sources.list.d/salt_repo.list
You can just Copy + Paste as I usually do:
echo "deb http://debian.saltstack.com/debian wheezy-saltstack main" | tee /etc/apt/sources.list.d/salt_repo.list
wget -q -O- "http://debian.saltstack.com/debian-salt-team-joehealy.gpg.key" | apt-key add -
apt-get update
Set up SALT STACK reposotory for CentOS
Enable EPEL:
rpm -Uvh http://ftp.linux.ncsu.edu/pub/epel/6/i386/epel-release-6-8.noarch.rpm
INSTALL SALT STACK
In case you have any firewall between Salt-master and its minions, open the listens on ports 4505 and 4506
INSTALL MASTER on Debian:
apt-get install salt-master -y
INSTALL MINION(S) on Debian:
There are several way seting up minions to find salt-master.
I think, the easiest one is to make an entry on each minions in /etc/hosts which directed to its master.
In my case is:
echo "192.168.122.50 salt" >> /etc/hosts
and..
apt-get install salt-minion -y
INSTALL MINION(S) on Centos:
There are several way seting up minions to find salt-master.
I think, the easiest one is to make an entry on each minions in /etc/hosts which directed to its master.
In my case is:
echo "192.168.122.50 salt" >> /etc/hosts
after it install and start salt components..
yum install salt-minion
chkconfig salt-minion on
service salt-minion start
Authorize minions ON MASTER:
NOW, Minions try authorize itself by key on Salt-master.
On Salt-master, you can see minion:
salt-key -L
This time, you have to see:
root@salt-master:~# salt-key -L Accepted Keys: Unaccepted Keys: salt-centos salt-minion1.test.local salt-minion2.test.local Rejected Keys:
You can authorize them:
salt-key -A
And you will see a result like this:
root@salt-master:~# salt-key -A The following keys are going to be accepted: Unaccepted Keys: salt-centos salt-minion1.test.local salt-minion2.test.local Proceed? [n/Y] y Key for minion salt-centos accepted. Key for minion salt-minion1.test.local accepted. Key for minion salt-minion2.test.local accepted.
You can see the accepted minions by:
root@salt-master:~# salt-key -L Accepted Keys: salt-centos salt-minion1.test.local salt-minion2.test.local Unaccepted Keys: Rejected Keys:
At this time, you have a salt managed system. You can test it by:
salt '*' test.ping
root@salt-master:~# salt '*' test.ping salt-minion1.test.local: True salt-minion2.test.local: True salt-centos: True
The installation well done, let's see how we can use it.