classes:lesson_6_-

Slatstack

“SaltStack software orchestrates the build and ongoing management of any modern infrastructure. SaltStack is also the most scalable and flexible configuration management software for event-driven automation of CloudOps, ITOps and DevOps.” – from the Saltstack Web Site

Saltstack traditionally operates in a master/minion architecture. While it is possible to run a Saltstack implementation with no master, this tutorial will focus on the more traditional approach. In this tutorial, our Saltstack master will run on the same system as our web proxy and our continuous integration service, Jenkins. In your enterprise these can certainly run on separate systems; however, we will later do some cool things with this particular architecture and service pairing.

Install Saltstack Master

On master, install the Saltstack salt-master service by adding the signing keys and repository, then update and install.

ssh waytta@master
wget -O - https://repo.saltstack.com/apt/debian/8/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -
sudo sh -ec 'echo deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main >> /etc/apt/sources.list.d/saltstack.list'
sudo apt-get update
sudo apt-get install salt-master
sudo sh -ec 'echo kvm* >> /etc/salt/autosign.conf'

Configure Saltstack Master

To configure the Saltstack master service on master, create the file /etc/salt/master.conf.d/waytta-master.conf with these configuration options:

waytta-master.conf

state_output: mixed

file_roots:
  base:
    - /srv/salt

fileserver_backend:
  - git
  - roots

gitfs_provider: GitPython

gitfs_remotes:
  - git@master:waytta/salt-states.git

autosign_file: /etc/salt/autosign.conf

ext_pillar:
  - git: master git@master:waytta/salt-states.git root=pillars

Restart the salt-master service:

sudo service salt-master restart

Install Saltstack Minion(s)

To install and configure the salt-minion service on our minions, perform the following steps on both kvm1 & kvm2:

sudo sh -ec 'echo \\n192.168.1.1 master >> /etc/hosts'
wget -O - https://repo.saltstack.com/apt/debian/8/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -
sudo sh -ec 'echo deb http://repo.saltstack.com/apt/debian/8/amd64/latest jessie main >> /etc/apt/sources.list.d/saltstack.list'
sudo apt-get update
sudo apt-get install salt-minion
sudo sh -ec 'echo "master: master\n" > /etc/salt/minion.d/minion.conf'
sudo /etc/init.d/salt-minion restart

Confirm Connectivity

On master, confirm the security keys for kvm1 & kvm2 are accepted and listed in the output:

sudo salt-key -L
Accepted Keys:
kvm1
kvm2
Denied Keys:
Unaccepted Keys:
Rejected Keys:

Finally, run a test command on master to confirm it can execute commands on the minions:

sudo salt '*' test.ping
kvm1:
    True
kvm2:
    True

Congratulations, you've completed this lesson.

Resources

Saltstack - Installation from the Saltstack repository
Saltstack - Walkthrough tutorial
Saltstack - Git Fileserver Backend Walkthrough