How to Install SaltStack on CentOS 7 / RHEL 7

 SaltStack, or Salt, is a popular open source configuration management solution which can be used to implement configuration management, code deployment and much more. Salt can manage tens of thousands of servers in parallel. 

In this article, I will show you how to install Salt on two CentOS 7 server instances. In this example , you will have one master server and one agent server (called minion), and you can add more minions later.

Prerequisites

Before proceeding, I assume that you have:

• Deployed two CentOS 7 server instances on VM 
• Setup private networking on both of the two server instances. 

The summary of our two servers is as follows.

SaltStack master server:

• OS: CentOS 7
• hostname: salt-master
• Private IP: 192.168.0.150

SaltStack agent server 1:

• OS: CentOS 7
• hostname: minion1
• Private IP: 192.168.0.145

Step 1: SaltStack master server

1.a Update the system

Use the sudo user to log into the SaltStack master server, then update the system to the latest stable status:

root@devopszones # yum update -y && reboot

After the reboot completes, Please log in.

1.b Install and configure the salt-master 

Use the SaltStack official YUM repo to install the latest salt-master program:

root@devopszones # yum install https://repo.saltproject.io/yum/redhat/salt-repo-latest-3.el7.noarch.rpm -y root@devopszones # yum clean expire-cache root@devopszones # yum install salt-master

After the installation finishes, modify the configuration file as below:

root@devopszones # vi /etc/salt/master

Find:

#interface: 0.0.0.0

Replace the line with:

interface: 192.168.0.150

Uncomment the line with:

hash_type: sha256

Save and quit:
:wq

Start and enable the salt-master service:

root@devopszones # systemctl start salt-master.service

root@devopszones # systemctl enable salt-master.service

 

Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.service to /usr/lib/systemd/system/salt-master.service.

 

Set firewall rules

 You can either disable firewall or you can set the rules on firewall.

root@devopszones # firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp

root@devopszones # firewall-cmd --reload

 

Step 2: SaltStack agent server

2.a Update the system

Use the sudo user to log into the SaltStack master server, then update the system to the latest stable status:

root@devopszones # yum update -y && reboot

After the reboot completes, Please log in.

2.b Install and configure the salt-minion 

Use the SaltStack official YUM repo to install the latest salt-master program:

root@devopszones # yum install https://repo.saltproject.io/yum/redhat/salt-repo-latest-3.el7.noarch.rpm -y root@devopszones # yum clean expire-cache root@devopszones # yum install salt-minion

After the installation, modify the configuration file as below:

After the installation finishes, modify the configuration file as below:

root@devopszones # vi /etc/salt/minion

Find:

#master: salt

Replace the line with:

#master: 192.168.0.150

Uncomment the line with:

hash_type: sha256

Save and quit:
:wq

Start and enable the salt-minion service:

root@devopszones # systemctl start salt-minion.service

root@devopszones # systemctl enable salt-minion.service

 

Created symlink from /etc/systemd/system/multi-user.target.wants/salt-minion.service to /usr/lib/systemd/system/salt-minion.service.

Step 3: Test your setup

1. Login to slatstack master server and check all available agents:

root@devopszones # salt-key -L

If everything was successful, you will see the agent server "nagiosclient" listed in the "Unaccepted Keys" segment.

Accept "nagiosclient" using this command:

root@devopszones # salt-key --accept=nagiosclient.org

Test Case 1: Ping minion

Command: root@devopszones # salt nagiosclient.org test.ping

Output:

nagiosclient.org:

    True

root@devopszones #

Test case 2: Get  present working directory

Command :

root@devopszones # salt nagiosclient.org cmd.run pwd

Output:

nagiosclient.org:

    /root

root@devopszones #