Site icon CentLinux

How to install Salt Master on CentOS 8

Share on Social Media

Learn how to install Salt Master on CentOS 8 with our comprehensive step-by-step guide. Simplify and automate your infrastructure management effectively with SaltStack. #centlinux #linux #saltstack

What is Salt Master?

Salt Master is the central controller in the SaltStack infrastructure management platform, which is used for remote execution, configuration management, and automation across numerous systems. SaltStack, commonly referred to as Salt, operates on a master-minion architecture, where the Salt Master orchestrates and manages the actions of the Salt Minions.

Key Features

How to install Salt Master on CentOS 8

How Salt Master Works

Architecture

Communication

State Management

Grains and Pillar

Use Cases

Benefits

Summary

Salt Master is a powerful tool for centralized management and automation of IT infrastructure. It enables remote execution, configuration management, and complex orchestration tasks across numerous systems, ensuring efficiency, consistency, and scalability. As the central hub in the SaltStack platform, Salt Master simplifies and enhances the management of diverse and large-scale environments.

Recommended Training: Dive Into Ansible – Beginner to Expert in Ansible – DevOps

Environment Specification

We are setting up Salt Master on a minimal installation of CentOS 8 running on a virtual machine. This setup ensures a lightweight and optimized environment with only the essential components required for SaltStack to function efficiently.

Using a minimal installation reduces resource consumption, enhances security by limiting unnecessary packages, and provides a stable foundation for managing infrastructure. Below are the system specifications of our CentOS 8 virtual machine:

Read Also: How to install CHEF Server on CentOS 7

Update your Linux OS

Connect with saltstack-master-01.centlinux.com as root user by using a ssh tool.

Update all existing software packages to latest available versions.

# dnf update -y

Your Linux operating system has been updated successfully.

Install Python on CentOS 8

SaltStack is written in Python, therefore, it requires Python language support for compilation and execution of SaltStack commands.

Python3 is available in default CentOS 8 AppStream, therefore, you can install it by using dnf command.

# dnf install -y python3

Python 3.6 has been installed on Linux server.

Install SaltStack Yum Repository

Although SaltStack packages are available via EPEL (Extra Packages for Enterprise Linux) yum repository. But if you want to install the latest version of the software, then you should install their official yum repository.

Use the following command to install SaltStack official yum repository on CentOS 8.

# dnf install -y https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el8.noarch.rpm

Build cache for newly installed yum repositories.

# dnf makecache
CentOS-8 - AppStream                            179  B/s | 4.3 kB     00:24
CentOS-8 - Base                                 3.5 kB/s | 3.9 kB     00:01
CentOS-8 - Extras                               667  B/s | 1.5 kB     00:02
SaltStack Latest Release Channel Python 3 for R  33 kB/s | 224 kB     00:06
Metadata cache created.

Install Salt Master on CentOS 8

You have added SaltStack yum repository, now you can easily install latest versions of the software by using dnf command.

Install necessary software packages that are required for a SaltStack Master server.

# dnf install -y salt-master salt-minion salt-ssh salt-syndic salt-cloud salt-api

Here, we are also installing salt-minion package on SaltStack Master, because the Minion will collect and send the system metrics of the Master, even on the same server. Please refer to our next post on how to install Salt Minion on CentOS 8.

Configure Salt Master

Configuration files for SaltStack software are located in /etc/salt directory.

Default configurations are sufficient to start the Master server, but you need to adjust SaltStack Minion configurations before starting its service.

Edit SaltStack Minion Configuration file.

# vi /etc/salt/minion

Locate following directive in this file.

#master: salt

And replace it with following directive.

master: saltstack-master-01.centlinux.com

The master directive tells the Minion about the Master server in use. The SaltStack master hostname must be resolvable. You can either do this by using Local DNS Resolver i.e. /etc/hosts file or configure a authoritative DNS Server for your computer network.

Enable and start Master and Minion services.

# systemctl enable --now salt-master salt-minion
Created symlink /etc/systemd/system/multi-user.target.wants/salt-master.service â /usr/lib/systemd/system/salt-master.service.
Created symlink /etc/systemd/system/multi-user.target.wants/salt-minion.service â /usr/lib/systemd/system/salt-minion.service.

Configure Linux Firewall

SaltStack master uses default ports 4505/tcp and 4506/tcp. Therefore, you need to allow incoming traffic to both of these ports in Linux firewall.

# firewall-cmd --permanent --add-port={4505,4506}/tcp
success
# firewall-cmd --reload
success

Managing SaltStack Public Keys

On initial connection, a SaltStack minion send its public key to the SaltStack master. This public key must be accepted by the Master to allow a Minion to communicate with SaltStack Master.

List down all the SaltStack public keys.

# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
saltstack-master-01.centlinux.com
Rejected Keys:

Currently, there is only one Unaccepted public key. Accept this public key by using following command.

# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
saltstack-master-01.centlinux.com
Proceed? [n/Y] Y
Key for minion saltstack-master-01.centlinux.com accepted.

Execute ping command on all the minions.

# salt '*' test.ping
saltstack-master-01.centlinux.com:
    True

Check versions of all the minions.

# salt '*' test.version
saltstack-master-01.centlinux.com:
    3001.1

Final Thoughts

Installing Salt Master on CentOS 8 is a crucial step in setting up a centralized automation and configuration management system. By following the outlined steps, including adding the SaltStack repository, installing the necessary packages, and configuring the master settings, you can successfully deploy Salt Master on your server.

Once installed, ensure that the Salt Master service is running and properly configured to communicate with Salt Minions. Accepting Minion keys and testing connectivity with salt '*' test.ping will confirm that your setup is functioning correctly. With Salt Master in place, you can now automate system configurations, execute remote commands, and efficiently manage your infrastructure at scale.

Struggling with Linux server management? I offer professional support to ensure your servers are secure, optimized, and always available. Visit my Fiverr profile to learn more!

FAQs

What is Salt Master in SaltStack?
Salt Master is the central server that manages and controls Salt Minions, enabling remote execution, automation, and configuration management.

What are the prerequisites for installing Salt Master on CentOS 8?
Before installing Salt Master, ensure that your system has a stable internet connection, the correct repository is added, and Python 3 is installed, as SaltStack is Python-based. Additionally, open the required firewall ports (4505 and 4506) for proper communication with Minions.

What is the purpose of configuring the Salt Master after installation?
Configuring Salt Master allows administrators to define critical settings such as network interfaces, authentication mechanisms, file system paths, and external module integrations. Proper configuration ensures seamless communication between the Master and Minions, optimizing automation and remote execution tasks.

How do I verify that Salt Master is working?
Ensure the service is running using systemctl status salt-master, and check for incoming Minion keys using salt-key -L.

What should I do if Salt Minions are not connecting to the Master?
Check network connectivity, ensure ports 4505 and 4506 are open in the firewall, verify Minion configuration, and restart both Master and Minion services.

Exit mobile version