Share on Social Media

Learn how to install Salt Master on CentOS 8 with our comprehensive step-by-step guide. Simplify and automate your infrastructure management effectively with SaltStack. #centlinux #linux #saltstack

What is Salt Master?

Salt Master is the central controller in the SaltStack infrastructure management platform, which is used for remote execution, configuration management, and automation across numerous systems. SaltStack, commonly referred to as Salt, operates on a master-minion architecture, where the Salt Master orchestrates and manages the actions of the Salt Minions.

Key Features

  • Centralized Management: Acts as the central point of control, issuing commands and configurations to all connected Salt Minions.
  • Remote Execution: Executes commands remotely on any number of Salt Minions simultaneously, facilitating tasks such as software installation, updates, and service restarts.
  • Configuration Management: Ensures systems are in the desired state using Salt States, which are declarative files written in YAML that define how a system should be configured.
  • Orchestration: Manages complex workflows and dependencies across multiple systems, coordinating actions in a specified order.
  • Scalability: Designed to manage thousands of minions, making it suitable for large-scale infrastructure.
  • Event-Driven Automation: Responds to events in real-time, allowing for dynamic and automated responses to changes in the infrastructure.
  • Security: Uses cryptographic keys for secure communication between the Salt Master and Salt Minions, ensuring data integrity and confidentiality.

How Salt Master Works

Architecture

  • Salt Master: The central server that sends commands, configurations, and receives data from Salt Minions.
  • Salt Minions: Agents installed on managed systems that execute commands and report back to the master.

Communication

  • Utilizes ZeroMQ or TCP for high-speed, bi-directional communication between the master and minions.
  • Communication is secured using public key cryptography.

State Management

  • Salt Master uses state files (SLS files) to define the desired configuration of systems.
  • Minions apply these states to ensure they conform to the specified configurations.

Grains and Pillar

  • Grains: Static information about the minions, such as OS type, network interfaces, and hardware details.
  • Pillar: Dynamic, customizable data stored on the master, used for configuring minions and managing secrets.

Use Cases

  • Infrastructure Automation: Automates repetitive administrative tasks, reducing manual effort and increasing efficiency.
  • Configuration Enforcement: Ensures consistency across all systems by applying and maintaining specified configurations.
  • Deployment Orchestration: Manages the deployment of applications and services in a coordinated manner across multiple systems.
  • Monitoring and Compliance: Monitors system states and ensures compliance with organizational policies and standards.

Benefits

  • Efficiency: Centralized control and automation streamline system management, saving time and resources.
  • Consistency: Ensures uniform configurations across all managed systems, minimizing configuration drift.
  • Scalability: Capable of managing a vast number of systems, making it ideal for large enterprises.
  • Flexibility: Extensible through custom modules and integrations, allowing it to adapt to various use cases and environments.

Summary

Salt Master is a powerful tool for centralized management and automation of IT infrastructure. It enables remote execution, configuration management, and complex orchestration tasks across numerous systems, ensuring efficiency, consistency, and scalability. As the central hub in the SaltStack platform, Salt Master simplifies and enhances the management of diverse and large-scale environments.

Recommended Online Training: SaltStack for the Absolute Beginners – Practical DevOps

5808644 ea29 2show?id=oLRJ54lcVEg&offerid=1074530.5808644&bids=1074530

Environment Specification

We are using a minimal installed CentOS 8 virtual machine with following specifications.

  • CPU – 3.4 Ghz (2 cores)
  • Memory – 2 GB
  • Storage – 20 GB
  • Operating System – CentOS Linux 8.2
  • Hostname – saltstack-master-01.centlinux.com
  • IP Address – 192.168.116.206 /24

Update your Linux OS

Connect with saltstack-master-01.centlinux.com as root user by using a ssh tool.

Update all existing software packages to latest available versions.

# dnf update -y

Your Linux operating system has been updated successfully.

Install Python on CentOS 8

SaltStack is written in Python, therefore, it requires Python language support for compilation and execution of SaltStack commands.

Python3 is available in default CentOS 8 AppStream, therefore, you can install it by using dnf command.

# dnf install -y python3

Python 3.6 has been installed on Linux server.

Install SaltStack Yum Repository

Although SaltStack packages are available via EPEL (Extra Packages for Enterprise Linux) yum repository. But if you want to install the latest version of the software, then you should install their official yum repository.

Use the following command to install SaltStack official yum repository on CentOS 8.

# dnf install -y https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el8.noarch.rpm

Build cache for newly installed yum repositories.

# dnf makecache
CentOS-8 - AppStream                            179  B/s | 4.3 kB     00:24
CentOS-8 - Base                                 3.5 kB/s | 3.9 kB     00:01
CentOS-8 - Extras                               667  B/s | 1.5 kB     00:02
SaltStack Latest Release Channel Python 3 for R  33 kB/s | 224 kB     00:06
Metadata cache created.

Install Salt Master on CentOS 8

You have added SaltStack yum repository, now you can easily install latest versions of the software by using dnf command.

Install necessary software packages that are required for a SaltStack Master server.

# dnf install -y salt-master salt-minion salt-ssh salt-syndic salt-cloud salt-api

Here, we are also installing salt-minion package on SaltStack Master, because the Minion will collect and send the system metrics of the Master, even on the same server. Please refer to our next post on how to install Salt Minion on CentOS 8.

Configure Salt Master

Configuration files for SaltStack software are located in /etc/salt directory.

Default configurations are sufficient to start the Master server, but you need to adjust SaltStack Minion configurations before starting its service.

Edit SaltStack Minion Configuration file.

# vi /etc/salt/minion

Locate following directive in this file.

#master: salt

And replace it with following directive.

master: saltstack-master-01.centlinux.com

The master directive tells the Minion about the Master server in use. The SaltStack master hostname must be resolvable. You can either do this by using Local DNS Resolver i.e. /etc/hosts file or configure a authoritative DNS Server for your computer network.

Enable and start Master and Minion services.

# systemctl enable --now salt-master salt-minion
Created symlink /etc/systemd/system/multi-user.target.wants/salt-master.service â /usr/lib/systemd/system/salt-master.service.
Created symlink /etc/systemd/system/multi-user.target.wants/salt-minion.service â /usr/lib/systemd/system/salt-minion.service.

Configure Linux Firewall

SaltStack master uses default ports 4505/tcp and 4506/tcp. Therefore, you need to allow incoming traffic to both of these ports in Linux firewall.

# firewall-cmd --permanent --add-port={4505,4506}/tcp
success
# firewall-cmd --reload
success

Managing SaltStack Public Keys

On initial connection, a SaltStack minion send its public key to the SaltStack master. This public key must be accepted by the Master to allow a Minion to communicate with SaltStack Master.

List down all the SaltStack public keys.

# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
saltstack-master-01.centlinux.com
Rejected Keys:

Currently, there is only one Unaccepted public key. Accept this public key by using following command.

# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
saltstack-master-01.centlinux.com
Proceed? [n/Y] Y
Key for minion saltstack-master-01.centlinux.com accepted.

Execute ping command on all the minions.

# salt '*' test.ping
saltstack-master-01.centlinux.com:
    True

Check versions of all the minions.

# salt '*' test.version
saltstack-master-01.centlinux.com:
    3001.1

Final Thoughts

In this guide, you have learned how to install SaltStack Master on CentOS 8. Before you start to use SaltStack software, we strongly recommend you to purchase and read Mastering SaltStack – Second Edition (PAID LINK) by Joseph Hall. This book will guide you about the Saltstack architecture and basic concepts with practical examples.

Leave a Reply