Learn how to install Salt Master on CentOS 8 with our comprehensive step-by-step guide. Simplify and automate your infrastructure management effectively with SaltStack. #centlinux #linux #saltstack
Table of Contents
What is Salt Master?
Salt Master is the central controller in the SaltStack infrastructure management platform, which is used for remote execution, configuration management, and automation across numerous systems. SaltStack, commonly referred to as Salt, operates on a master-minion architecture, where the Salt Master orchestrates and manages the actions of the Salt Minions.
Key Features
- Centralized Management: Acts as the central point of control, issuing commands and configurations to all connected Salt Minions.
- Remote Execution: Executes commands remotely on any number of Salt Minions simultaneously, facilitating tasks such as software installation, updates, and service restarts.
- Configuration Management: Ensures systems are in the desired state using Salt States, which are declarative files written in YAML that define how a system should be configured.
- Orchestration: Manages complex workflows and dependencies across multiple systems, coordinating actions in a specified order.
- Scalability: Designed to manage thousands of minions, making it suitable for large-scale infrastructure.
- Event-Driven Automation: Responds to events in real-time, allowing for dynamic and automated responses to changes in the infrastructure.
- Security: Uses cryptographic keys for secure communication between the Salt Master and Salt Minions, ensuring data integrity and confidentiality.
How Salt Master Works
Architecture
- Salt Master: The central server that sends commands, configurations, and receives data from Salt Minions.
- Salt Minions: Agents installed on managed systems that execute commands and report back to the master.
Communication
- Utilizes ZeroMQ or TCP for high-speed, bi-directional communication between the master and minions.
- Communication is secured using public key cryptography.
State Management
- Salt Master uses state files (SLS files) to define the desired configuration of systems.
- Minions apply these states to ensure they conform to the specified configurations.
Grains and Pillar
- Grains: Static information about the minions, such as OS type, network interfaces, and hardware details.
- Pillar: Dynamic, customizable data stored on the master, used for configuring minions and managing secrets.
Use Cases
- Infrastructure Automation: Automates repetitive administrative tasks, reducing manual effort and increasing efficiency.
- Configuration Enforcement: Ensures consistency across all systems by applying and maintaining specified configurations.
- Deployment Orchestration: Manages the deployment of applications and services in a coordinated manner across multiple systems.
- Monitoring and Compliance: Monitors system states and ensures compliance with organizational policies and standards.
Benefits
- Efficiency: Centralized control and automation streamline system management, saving time and resources.
- Consistency: Ensures uniform configurations across all managed systems, minimizing configuration drift.
- Scalability: Capable of managing a vast number of systems, making it ideal for large enterprises.
- Flexibility: Extensible through custom modules and integrations, allowing it to adapt to various use cases and environments.
Summary
Salt Master is a powerful tool for centralized management and automation of IT infrastructure. It enables remote execution, configuration management, and complex orchestration tasks across numerous systems, ensuring efficiency, consistency, and scalability. As the central hub in the SaltStack platform, Salt Master simplifies and enhances the management of diverse and large-scale environments.
Recommended Training: Dive Into Ansible – Beginner to Expert in Ansible – DevOps
Environment Specification
We are setting up Salt Master on a minimal installation of CentOS 8 running on a virtual machine. This setup ensures a lightweight and optimized environment with only the essential components required for SaltStack to function efficiently.
Using a minimal installation reduces resource consumption, enhances security by limiting unnecessary packages, and provides a stable foundation for managing infrastructure. Below are the system specifications of our CentOS 8 virtual machine:
- CPU – 3.4 Ghz (2 cores)
- Memory – 2 GB
- Storage – 20 GB
- Operating System – CentOS Linux 8.2
- Hostname – saltstack-master-01.centlinux.com
- IP Address – 192.168.116.206 /24
Read Also: How to install CHEF Server on CentOS 7
Update your Linux OS
Connect with saltstack-master-01.centlinux.com as root user by using a ssh tool.
Update all existing software packages to latest available versions.
# dnf update -yYour Linux operating system has been updated successfully.
Install Python on CentOS 8
SaltStack is written in Python, therefore, it requires Python language support for compilation and execution of SaltStack commands.
Python3 is available in default CentOS 8 AppStream, therefore, you can install it by using dnf command.
# dnf install -y python3Python 3.6 has been installed on Linux server.
Install SaltStack Yum Repository
Although SaltStack packages are available via EPEL (Extra Packages for Enterprise Linux) yum repository. But if you want to install the latest version of the software, then you should install their official yum repository.
Use the following command to install SaltStack official yum repository on CentOS 8.
# dnf install -y https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el8.noarch.rpmBuild cache for newly installed yum repositories.
# dnf makecache
CentOS-8 - AppStream 179 B/s | 4.3 kB 00:24
CentOS-8 - Base 3.5 kB/s | 3.9 kB 00:01
CentOS-8 - Extras 667 B/s | 1.5 kB 00:02
SaltStack Latest Release Channel Python 3 for R 33 kB/s | 224 kB 00:06
Metadata cache created.Install Salt Master on CentOS 8
You have added SaltStack yum repository, now you can easily install latest versions of the software by using dnf command.
Install necessary software packages that are required for a SaltStack Master server.
# dnf install -y salt-master salt-minion salt-ssh salt-syndic salt-cloud salt-apiHere, we are also installing salt-minion package on SaltStack Master, because the Minion will collect and send the system metrics of the Master, even on the same server. Please refer to our next post on how to install Salt Minion on CentOS 8.
Configure Salt Master
Configuration files for SaltStack software are located in /etc/salt directory.
Default configurations are sufficient to start the Master server, but you need to adjust SaltStack Minion configurations before starting its service.
Edit SaltStack Minion Configuration file.
# vi /etc/salt/minionLocate following directive in this file.
#master: saltAnd replace it with following directive.
master: saltstack-master-01.centlinux.comThe master directive tells the Minion about the Master server in use. The SaltStack master hostname must be resolvable. You can either do this by using Local DNS Resolver i.e. /etc/hosts file or configure a authoritative DNS Server for your computer network.
Enable and start Master and Minion services.
# systemctl enable --now salt-master salt-minion
Created symlink /etc/systemd/system/multi-user.target.wants/salt-master.service â /usr/lib/systemd/system/salt-master.service.
Created symlink /etc/systemd/system/multi-user.target.wants/salt-minion.service â /usr/lib/systemd/system/salt-minion.service.Configure Linux Firewall
SaltStack master uses default ports 4505/tcp and 4506/tcp. Therefore, you need to allow incoming traffic to both of these ports in Linux firewall.
# firewall-cmd --permanent --add-port={4505,4506}/tcp
success
# firewall-cmd --reload
successManaging SaltStack Public Keys
On initial connection, a SaltStack minion send its public key to the SaltStack master. This public key must be accepted by the Master to allow a Minion to communicate with SaltStack Master.
List down all the SaltStack public keys.
# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
saltstack-master-01.centlinux.com
Rejected Keys:Currently, there is only one Unaccepted public key. Accept this public key by using following command.
# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
saltstack-master-01.centlinux.com
Proceed? [n/Y] Y
Key for minion saltstack-master-01.centlinux.com accepted.Execute ping command on all the minions.
# salt '*' test.ping
saltstack-master-01.centlinux.com:
TrueCheck versions of all the minions.
# salt '*' test.version
saltstack-master-01.centlinux.com:
3001.1Final Thoughts
Installing Salt Master on CentOS 8 is a crucial step in setting up a centralized automation and configuration management system. By following the outlined steps, including adding the SaltStack repository, installing the necessary packages, and configuring the master settings, you can successfully deploy Salt Master on your server.
Once installed, ensure that the Salt Master service is running and properly configured to communicate with Salt Minions. Accepting Minion keys and testing connectivity with salt '*' test.ping will confirm that your setup is functioning correctly. With Salt Master in place, you can now automate system configurations, execute remote commands, and efficiently manage your infrastructure at scale.
Struggling with Linux server management? I offer professional support to ensure your servers are secure, optimized, and always available. Visit my Fiverr profile to learn more!
FAQs
What is Salt Master in SaltStack?
Salt Master is the central server that manages and controls Salt Minions, enabling remote execution, automation, and configuration management.
What are the prerequisites for installing Salt Master on CentOS 8?
Before installing Salt Master, ensure that your system has a stable internet connection, the correct repository is added, and Python 3 is installed, as SaltStack is Python-based. Additionally, open the required firewall ports (4505 and 4506) for proper communication with Minions.
What is the purpose of configuring the Salt Master after installation?
Configuring Salt Master allows administrators to define critical settings such as network interfaces, authentication mechanisms, file system paths, and external module integrations. Proper configuration ensures seamless communication between the Master and Minions, optimizing automation and remote execution tasks.
How do I verify that Salt Master is working?
Ensure the service is running using systemctl status salt-master, and check for incoming Minion keys using salt-key -L.
What should I do if Salt Minions are not connecting to the Master?
Check network connectivity, ensure ports 4505 and 4506 are open in the firewall, verify Minion configuration, and restart both Master and Minion services.