Installing and configuring the Salt minion
In this recipe, we will learn about minions, how they work, and how to install and configure them.
How to do it...
We will install the Salt minion on a second node and name the node salt-minion. First, we will install the salt-minion package.
Installing the Salt minion on RedHat/CentOS/Fedora
- Install the
epel-releaserpm to configure the EPEL repository:[root@salt-minion ~]# rpm -ihv \ http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6- 8.noarch.rpm - After the EPEL release package has been installed, we will install the
salt-minionpackage with the following command and the dependencies should automatically be fetched from the repository:[root@salt-minion ~]# yum –y install salt-minion
Installing the Salt minion on Ubuntu
When installing the Salt minion in Ubuntu, the SaltStack PPA repository needs to be added to the system. It is to be noted that the following commands need to be executed as a privileged user, that is, either the root user can be used, or the sudo command needs to be added before the mentioned commands.
- The following command adds the
add-apt-repositorybinary to the system:[root@salt-minion ~]# apt-get –y install python-software- properties - Now, we will add the repository with the following command:
[root@salt-minion ~]# add-apt-repository ppa:saltstack/salt - The Salt minion package then needs to be installed with the following command:
[root@salt-minion ~]# apt-get -y install salt-minion
Configuring the Salt minion
The configuration file for the Salt minion is /etc/salt/minion. It is also a good practice to create additional configuration files in /etc/salt/minion.d/ with the .conf extension, and they will get read along with all other files when the Salt minion daemon starts.
- In
/etc/salt/minion, uncomment and edit the following parameter:master: salt-master
- Start the
salt-minionservice daemon and configure it to start automatically at boot time:On RedHat/CentOS/Fedora:
[root@salt-minion ~]# service salt-minion start [root@salt-minion ~]# chkconfig salt-minion on
On Ubuntu, the installation process automatically starts the daemon, hence the daemon needs to be restarted:
[root@salt-minion ~]# service salt-minion restart [root@salt-minion ~]# update-rc.d salt-minion defaults
How it works...
In Salt, the client nodes on which the configured states are applied are known as minions. The minion configuration file is /etc/salt/minion, which contains the configurable parameters for the minion, and most of the parameters use the default values as mentioned in the file and are commented. Any change in the parameters can be made by uncommenting and editing the parameters.
In this recipe, we configured the repositories from which to fetch the salt-minion package. We then installed the package and the dependencies get automatically fetched from the repositories.
Next, we edited the /etc/salt/minion file, uncommented the master parameter, and edited it to have the value salt-master (as we named our salt master salt-master in the earlier recipes). Do note that, for this parameter to work on the minions, there needs to be a DNS entry or an entry in /etc/hosts of the minions for the salt-master pointing to the IP of the Salt master. This parameter enables the minion to communicate with the Salt master on the TCP ports 4505 and 4506, as we configured in the first recipe of this chapter.
The rest of the parameters can be left as defaults. Finally, we started the salt-master daemon and configured it to start automatically at boot time.
There's more...
There is one more parameter in the /etc/salt/minion file, which may be interesting for some. The id parameter enables us to set the minion ID explicitly, without which the hostname of the minion is taken up as the minion ID by default. The minion ID is the name that the Salt master is able to see when the minion requests its certificate to be signed and authenticated by the master. After the certificate signing is complete, the master knows the minion by the same minion ID and any communication which involves the minion name from the master to the minion happens using this minion ID.
For example, the minion node can have a hostname prodapp01, but we can set its minion ID in the /etc/salt/minion file, as follows:
id: appserver
This parameter will make this node known to the Salt master as appserver and not prodapp01, although the hostname is prodapp01. Without this parameter, the master will know this node as prodapp01.
The masterless minion
There is a feature in Salt that enables the minions to run in a masterless mode. In this case, the minion acts as its own master. The minion can be configured for this by changing the value of the file_client parameter in the /etc/salt/minion file from remote to local and configuring the paths to states and pillars.
Uncomment and edit the following parameters in /etc/salt/minion. The value of local for the file_client parameter enables the minion to look for states locally on it:
file_client: local
Next, the state and pillar paths need to be set for the minion to find the state and pillar data on the system. The state and pillar files then need to be placed in these directories as discussed in earlier recipes:
file_roots:
base:
- /opt/salt-cookbook/base
development:
- /opt/salt-cookbook/development
pillar_roots:
base:
- /opt/salt-cookbook/pillar/base
development:
- /opt/salt-cookbook/pillar/developmentWe will learn the technique to run Salt to get the state and pillar data in the last recipe of this chapter.
See also
- The Installing and configuring the Salt master and Configuring the Salt environment and pillar paths recipes, to learn about the master, its port configurations, state, and pillar configurations
- The Configuring environments and grains on the minion and Applying Salt states to minions recipes, to learn about advanced minion configurations and synchronizing minions with masters
