Saltstack
Jon Hathaway

Jon Hathaway

HATech Academy – Saltstack 101

Introduction
This Intro to Saltstack training session introduces the student to Saltstack, its architecture and why it is so different to other options like Puppet, Chef and Ansible. The training labs in will introduce basic setup and configuration, state modules and execution modules, and how to query the infrastructure and retrieve an inventory of all connected devices. The presentation for this lab can be downloaded from : https://hatech.io/download/intro-to-saltstack/

LAB 1 -Create Resource Group

  1. Login to your Azure Account
  2. Click on the Resource Groups menu
  3. Click ‘+’ add to create a new Resource Group
  4. Provide a name for the Resource Group
  5. For this lab choose West US for the Region
  6. Click OK

Create Salt Master node

  1. Select the Virtual Machines menu
  2. Click ‘+’ to create a new Virtual Machine Instance
  3. Choose Ubuntu 16.04 as the instance OS
  4. Click Create
  5. Give it a name of ‘saltmaster’
  6. Provide a Username
  7. Choose Password instead of SSH Key and enter a password
  8. Select the Resource Group that you created above
  9. Click OK
  10. Choose B1MS as the instance size
  11. Click OK
  12. Click Advanced Network Security Group
  13. Click Network Security Group (firewall)
  14. Create New to add a new Firewall
  15. Click default-allow-ssh
  16. Add the following Destination Ports – 80,4505,4505
  17. Click Save
  18. Click OK to exit the Security settings
  19. Click OK to exit the Optional settings
  20. Check the Summary and click Create

Create Salt Minion node

  1. Select the Virtual Machines menu
  2. Click ‘+’ to create a new Virtual Machine Instance
  3. Choose Ubuntu 16.04 as the instance OS
  4. Click Create
  5. Give it a name of ‘saltmaster’
  6. Provide a Username
  7. Choose Password instead of SSH Key and enter a password
  8. Select the Resource Group that you created above
  9. Click OK
  10. Choose B1MS as the instance size
  11. Click OK
  12. Ensure the virtual network is the same as the Salt Master
  13. Click Advanced for Network Security Group
  14. Click Network Security group (firewall)
  15. Click saltmaster-nsg or whatever name you gave the security group above
  16. Click Save
  17. Click OK to exit the Security settings
  18. Click OK to exit the Optional settings
  19. Check the Summary and click Create

Install SaltMaster

  1. From Virtual Machines menu, click on the Salt Master node
  2. Copy the public IP address
  3. SSH into the node ex. ssh tkelley@
  4. Run 
    sudo su
  5. Run 
    wget -O - https://repo.saltstack.com/apt/ubuntu/18.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -
  6. Run 
    echo "deb http://repo.saltstack.com/apt/ubuntu/18.04/amd64/latest bionic main" >> /etc/apt/sources.list.d/saltstack.list
  7. Run 
    apt-get update && apt-get install -y salt-api salt-master salt-minion salt-ssh
  8. Run 
    mkdir /srv/salt
  9. Run 
    service salt-master status and ensure salt-master is running
  10. Exit Box

Install SaltMinion

  1. From Virtual Machines menu, click on the Salt Master node
  2. Copy the public IP address
  3. SSH into the node ex. ssh tkelley@
  4. Run 
    sudo su
  5. Run 
    wget -O - https://repo.saltstack.com/apt/ubuntu/18.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -
  6. Run 
    echo "deb http://repo.saltstack.com/apt/ubuntu/18.04/amd64/latest bionic main" >> /etc/apt/sources.list.d/saltstack.list
  7. Run 
    apt-get update && apt-get install -y salt-api salt-minion salt-ssh
  8. Run 
    mkdir /srv/salt
  9. Run 
    service salt-minion status and ensure salt-minion is running
  10. Exit Box

Configure & Test

  1. Run 
    nano /etc/salt/minion
  2. On line 16, delete the # and change salt to the IP address of the master
  3. Run control + x to exit the file
  4. Press y to save changes
  5. Press Enter to exit the file
  6. Run 
    service salt-minion restart
  7. Accept minion key
  8. From Virtual Machines menu, click on the Salt Master node
  9. Copy the public IP address
  10. SSH into the node ex. ssh tkelley@
  11. Run 
    sudo su
  12. Run 
    salt-key -L
  13. It may take a moment but in the Unaccepted Keys: section a key name for the
  14. Salt Minion should be there
  15. When it appears, run 
    salt-key -a
  16. Press y to accept the key
  17. Run 
    salt '*' test.ping
LAB 2 – Saltstack Execution Modules
The following lab is an example of some of the commands that can be executed from the command line on the Salt master:
  1. The following command checks connectivity between the Master and the minions 
    salt '*' test.ping
  2. The following command is an example of reading a file on the minion and sending the output to the salt master 
    salt '*' cmd.run 'cat /etc/hosts'
  3. The following installs Apache on all the connected minions 
    salt '*' pkg.install 'apache2'
  4. The following removes Apache on all the connected minions 
    salt '*' pkg.remove 'apache2'

LAB 3 – Saltstack State Modules

The following lab is an example of how we can declare a state that we wish a minion to match:

  1. Create a new file called /srv/salt/webserver/init.sls
    cd /srv/salt
mkdir webserver
nano webserver/init.sls
  2. Create a state to install apache
    apache2:
  pkg.installed: []
  service.running:
    - require:
      - pkg: apache2
  3. Apply the state to your minions
    salt '*' state.apply webserver

Share this post

You must be logged in to post a comment.