Saltstack introduction - How to install salt master and salt minion

Saltstack is an automatic configuration management tool, easy extension infrastructure, and high performance.

Using Saltstack can easy to manage large-scale servers, include dynamic connections, can be used for remote/local execution, config management, etc.

Following are Saltstack model :

• Local - setting shell in local machine and execute in local.
• Salt Master and Salt Minions - master as a central node, and pull/push tasks or config to custom (Minion agent)
• Salt SSH - Direct access a remote server and execute the shell (Like Ansable), the client doesn’t need to install the agent.

Here we focus on Salt master and Salt minions, introduction how to install and config.

Salt master and Salt minions

Install Salt master

First, install python on your master server.

yum install python3 -y

Install Saltstack

yum install -y https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el8.no

Install Salt Master and relative dependencies

yum install -y salt-master salt-minion salt-ssh salt-syndic salt-cloud salt-api

Open Saltstack config file in /etc/salt/minion and add master hostname

/etc/salt/minion

master: saltmaster.xxxx.xxx

If you do not’s have the Domain name, can resolve by /etc/hosts

<master ip> <master host>

Start Saltstack Salt master and Salt minion service:

systemctl enable --now salt-master salt-minion

Reload firewall (sudo):

firewall-cmd --zone=public --permanent --add-port={4505,4506}/tcp
firewall-cmd --reload

Install Salt minion

In Salt minion server, install python and Salt minion:

sudo yum install -y python 3
yum install -y https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el8.noarch.rpm
yum install salt-minion -y

Open saltstack cofnig file /etc/salt/minion and add master host:

/etc/salt/minion

master: saltmaster.xxxx.xxx

Enable the Salt minion service

systemctl enable --now salt-minion

Finally, send Salt minion public key to Salt master.

Check Salt master can access Salt minion

In Salt master, execute the following command to accept keys and check can access Salt minion:

salt-key -Asalt-key -L

Try to running commands :

salt '*' cmd.run 'your command to excute'