How to Install SaltStack Minion on CentOS / RHEL 8 - CentLinux

Latest

Sunday, 16 August 2020

How to Install SaltStack Minion on CentOS / RHEL 8

How to Install SaltStack Minion on CentOS / RHEL 8

This article will guide you about how to install SaltStack minion on CentOS / RHEL 8.

 

Table of Contents:

 

What is SaltStack Minion?:

SaltStack or Salt is a Python-based, open-source software for event based IT automation, remote task execution, and configuration management. It supports "Infrastructure as Code" approach to data center system and network deployment and management, configuration automation, SecOps orchestration, vulnerability remediation, and hybrid cloud control. (Courtesy: Wikipedia)

SaltStack minion is the agent software that is installed on the managed node and it is used to execute commands on that node and report back to SaltStack master server.

 

Environment Specification:

We are using a minimal CentOS 8 virtual machine with following specification.

  • CPU - 3.4 Ghz (2 cores)
  • Memory - 2 GB
  • Storage - 20 GB
  • Operating System - CentOS Linux 8.2
  • Hostname – saltstack-minion-01.centlinux.com
  • IP Address - 192.168.116.228 /24

 

Update Linux Software Packages:

Connect with saltstack-minion-01.centlinux.com as root user by using a ssh tool.

It is a best practice to update software packages on Linux operating system before installing anything new. Therefore, execute following dnf command to update all CentOS / RHEL 8 software packages.

# dnf update -y

 

Install Python on CentOS / RHEL 8:

SaltStack is Python-based software, therefore it requires Python language support to compile and execute SaltStack commands.

Python 3.6 is available in default CentOS / RHEL 8 AppStream, therefore, we can easily install it by using dnf command.

# dnf install -y python3

 

Install SaltStack Official Yum Repository:

Although SaltStack software packages are available via EPEL (Extra Packages for Enterprise Linux) yum repository.

But if you want to install the latest version of the software, then you have to install SaltStack official yum repository as follows.

# dnf install -y https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el8.noarch.rpm

Build cache for newly installed yum repositories.

# dnf makecache CentOS-8 - AppStream 5.1 kB/s | 4.3 kB 00:00 CentOS-8 - Base 8.8 kB/s | 3.9 kB 00:00 CentOS-8 - Extras 2.2 kB/s | 1.5 kB 00:00 SaltStack Latest Release Channel Python 3 for R 132 kB/s | 224 kB 00:01 Metadata cache created.

 

Install SaltStack Minion on CentOS / RHEL 8:

We have added SaltStack official yum repository, now we can install packages by using the dnf command.

# dnf install -y salt-minion

 

Configure SaltStack Minion:

Default configurations of SaltStack minion works fine, except that you need to tell the Minion about the Master server.

Therefore, edit SaltStack minion configuration file by using vim text editor.

# vi /etc/salt/minion

Locate following directive therein.

#master: salt

and replace the above directive with the following directive.

master: saltstack-master-01.centlinux.com

Where saltstack-master-01.centlinux.com is the SaltStack Master server that we have configured in our previous article. Please refer to How to install SaltStack Master on CentOS / RHEL 8.

Enable and start salt-minion service.

# systemctl enable --now salt-minion Created symlink /etc/systemd/system/multi-user.target.wants/salt-minion.service รข /usr/lib/systemd/system/salt-minion.service.

 

Add Minion to SaltStack Master Server:

Connect with saltstack-master-01.centlinux.com as root user by using PuTTY.

Display list of all public keys known to SaltStack master server.

# salt-key -L Accepted Keys: saltstack-master-01.centlinux.com Denied Keys: Unaccepted Keys: saltstack-minion-01.centlinux.com Rejected Keys:

You can see that, there is one unaccepted key i.e. saltstack-minion-01.centlinux.com. It is the public key of our SaltStack minion.

Accept this key by using following command.

# salt-key -A The following keys are going to be accepted: Unaccepted Keys: saltstack-minion-01.centlinux.com Proceed? [n/Y] Y Key for minion saltstack-minion-01.centlinux.com accepted.

 

Remote Execution of commands on SaltStack Minion:

Your Minion has been added in SaltStack Master inventory. You can now execute commands on this minion.

For demonstration, we are remotely installing Apache web server on saltstack-minion-01.centlinux.com.

# salt 'saltstack-minion-01.centlinux.com' cmd.run 'dnf install -y httpd'

01-remote-execution-saltstack-minion-command

Enable and start Apache service on saltstack-minion-01.

# salt 'saltstack-minion-01.centlinux.com' cmd.run 'systemctl enable --now httpd.service' saltstack-minion-01.centlinux.com: Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service -> /usr/lib/systemd/system/httpd.service.

Allow http service in Linux firewall on saltstack-minion-01.

# salt 'saltstack-minion-01.centlinux.com' cmd.run 'firewall-cmd --add-service=http' saltstack-minion-01.centlinux.com: success

Now, access the newly configured web server by using curl command.

# curl -I http://saltstack-minion-01.centlinux.com HTTP/1.1 403 Forbidden Date: Tue, 11 Aug 2020 19:25:57 GMT Server: Apache/2.4.37 (centos) Content-Location: index.html.zh-CN Vary: negotiate,accept-language TCN: choice Last-Modified: Fri, 14 Jun 2019 03:37:43 GMT ETag: "fa6-58b405e7d6fc0;5ac9f026acb21" Accept-Ranges: bytes Content-Length: 4006 Content-Type: text/html; charset=UTF-8 Content-Language: zh-cn

Apache web server has been installed and configured on your SaltStack minion.

 

Conclusion:

We have successfully installed SaltStack Minion on CentOS / RHEL 8 server and remotely execute commands on it. Before you start to use SaltStack, we strongly recommend you to purchase and read Mastering SaltStack - Second Edition by Joseph Hall. This book will guide you about the Saltstack architecture, basic concepts and practical examples.

No comments:

Post a Comment