How to deploy the open-source SaltStack for automated server configuration and management

Wanting for an much easier way to deploy configurations to your servers? Jack Wallen aids you get SaltStack set up on both controller and minion.

Impression: Gorodenkoff/Shutterstock

SaltStack is a strong configuration and management device that can make it probable for you to deploy configurations from a solitary manager to numerous minions. With this system your Linux controller can deliver configurations to any related minion running Linux, macOS or Home windows. With this process in location, your admin task can be manufactured noticeably much easier. 

SaltStack configuration deployments are written in Salt code, so the 1 caveat to utilizing the system is that you can have to master how to generate Salt code configurations. But very first, you need to have SaltStack set up on equally a controller and at least a person minion. SaltStack can scale up to tens of hundreds of minions, so even company-degree enterprises can significantly gain from deploying this platform. So let us get busy.

SEE: 20 fantastic habits network directors need—and 10 behavior to split (free PDF) (TechRepublic)

What you are going to require

To make this function, you may need to have at minimum a single Linux server for the controller. I will be demonstrating each controller and minion on Linux Server 20.04. You can use any Linux distribution so extensive as it supports Python (which most do). You can expect to also need to have a consumer with sudo privileges.

How to put in the Salt Controller

1st, we’re heading to put in the Salt Controller. Log into your Ubuntu Server and make sure to update and up grade with the command:

sudo apt-get update && sudo apt-get up grade -y

If the kernel is upgraded, make certain to reboot the server. 

You really should now have Python mounted. To come across out, difficulty the command:

python3 --edition

You ought to see one thing like:

Python 3.8.5

If not, set up Python with the command:

sudo apt-get set up python3 -y

We are going to be setting up SaltStack using a bootstrap script. Download the script with the command:

curl -L -o

Start the script on the controller with the command:

sudo sh put -P -M -N

When the command completes, you must see:

* Information: Salt Put in!

Install Salt on the minions with the command:

sudo sh put -P

Make confident to not set up Salt on the minions with the command to install the controller.

How to configure the controller

The next phase is to configure the Salt controller. Open the controller configuration file with the command:

sudo nano /etcetera/salt/master

Find the adhering to section:

# The deal with of the interface to bind to:
#interface: ...

Uncomment out the interface line (by getting rid of the # character) and change … to that of the IP handle of the controller.

Start off and permit the Salt grasp with the commands:

sudo systemctl start salt-master
sudo systemctl allow salt-grasp

Make confident to make it possible for Salt connections via the firewall with the command:

sudo ufw allow proto tcp from any to any port 4505,4506

How to configure the minion

We can now configure the minion. Open the configuration file for enhancing with the command:

sudo nano /etc/salt/minion

Glimpse for the adhering to line:

grasp: salt

Change salt to the IP tackle of your Salt controller.

Save and close the file. 

We now want to retrieve the community fingerprint of the controller. On the controller, challenge the command:

sudo salt-key --finger-all

You need to see two entries displayed, a single for grasp.pem and a person for Copy the key to your clipboard. On the minion, re-open the configuration file with the command:

sudo nano /and many others/salt/minion

In that file, search for the line:

#grasp_finger: ''

Alter that line to:

master_finger: 'KEY'

Where by Important is the pub crucial you copied to your clipboard.

Eventually, give the minion a title in the line:

# clusters.

Uncomment and modify id: so it appears like:

id: Name

The place Identify is the name you opt for to give the minion.

Conserve and near the file. 

Commence and allow the minion with the command:

sudo systemctl restart salt-minion
sudo systemctl enable salt-minion

How to examination the link

On the minion, print out the minion’s general public crucial with the command:

sudo salt-phone critical.finger --area

Again at the controller, difficulty the command:

sudo salt-essential --finger-all

You ought to now see an Unaccepted essential stated, which matches the minion crucial. You need to accept the vital with the command:

sudo salt-key -A

You may be requested to confirm the acceptance of the essential that is involved with the new minion. Kind Y (or acknowledge the default, which is Y), and the minion critical has been acknowledged. Check the connection with the command:

sudo salt Identify

Wherever Title is the name of the minion. You ought to see:


Where Identify is the identify of the minion.

Congratulations, SaltStack is put in and functioning on each your controller and your minion. Up coming time close to, we will publish some Salt code and deliver a configuration to the minion.

Subscribe to TechRepublic’s How To Make Tech Get the job done on YouTube for all the latest tech tips for business professionals from Jack Wallen.

Also see

Fibo Quantum