Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Salt Cookbook
  • Toc
  • feedback
Salt Cookbook

Salt Cookbook

By : Anirban Saha
3.5 (2)
close
Salt Cookbook

Salt Cookbook

3.5 (2)
By: Anirban Saha

Overview of this book

If you are a professional associated with system and infrastructure management, looking at automated infrastructure and deployments, then this book is for you. No prior experience of Salt is required.
Table of Contents (13 chapters)
close
close
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Reader feedback
Customer support
Free Chapter
1
1. Salt Architecture and Components
chevron up
1. Salt Architecture and Components
Introduction
Installing and configuring the Salt master
Configuring the Salt environment and pillar paths
Understanding and configuring Salt pillars
Understanding and writing Salt states
Understanding and writing the top file
Installing and configuring the Salt minion
Configuring environments and grains on the minion
Applying Salt states to minions
2
2. Writing Advanced Salt Configurations
2. Writing Advanced Salt Configurations
Introduction
Writing and retrieving pillar data
Using pillar data in states
Using grains in states
Using conditionals in states and pillars
Using Python functions in conditionals
Using iterations in states
Setting and using variables in states
Testing a state run before applying to minions
Configuring nodegroups
Targeting minions
3
3. Modules, Orchestration, and Scaling Salt
3. Modules, Orchestration, and Scaling Salt
Introduction
Using execution modules
Using state modules
Configuring templates
Using requisites
Using Salt runners
Orchestration with Salt orchestrate
Salt multi-master setup (active-active mode)
Salt multi-master setup (active-passive mode)
4
4. General Administration Tasks
4. General Administration Tasks
Introduction
Running commands
Setting host entries and grains
Setting time zone, locale, and kernel configurations
Handling archive files
Adding groups and users
Performing SSH authentication tasks
Scheduling jobs with cron
Managing volumes
Working with disks and mounts
Managing network configurations
5
5. Advanced Administration Tasks
5. Advanced Administration Tasks
Introduction
Managing package repositories
Managing packages using the default package manager
Managing packages using rvm, gem, and pip
Managing files
Managing services
Managing code repositories with Git
Managing code repositories with svn
Configuring alternatives
6
6. Managing Application Servers
6. Managing Application Servers
Introduction
Apache web server packages and services
Managing web server modules
Adding web server configuration
Web server security with htpasswd
Setting up Java for Apache Tomcat
Apache Tomcat packages, files, and services
Deploying the WAR file in Apache Tomcat
7
7. Managing Databases
7. Managing Databases
Introduction
Using MySQL packages, files, and services
Using MySQL databases
Creating MySQL database users
Running MySQL queries
Providing MySQL user grants
Using PostgreSQL packages, files, and services
Setting up PostgreSQL groups and users
Configuring PostgreSQL databases
8
8. Configuring Salt Cloud
8. Configuring Salt Cloud
Introduction
Configuring the Salt cloud environment
Configuring cloud providers
Configuring cloud profiles
Extending profiles and providers
Configuring cloud maps
Using post-install scripts
Launching, querying, and destroying instances
Performing general cloud functions
9
9. Managing Amazon Web Services
9. Managing Amazon Web Services
Introduction
Implementing security groups
Using elastic load balancers
Configuring DNS with Route53
Configuring Simple Queue Service
Deploying ElastiCache clusters
Configuring CloudWatch alarms
10
10. Salt Event and Reactor System
10. Salt Event and Reactor System
Introduction
Learning the basics of the event system
Listening to events
Firing events
Identifying and working with Salt event types
Integrating and configuring the reactor system
Using reactors for Salt tasks
11
11. Troubleshooting
11. Troubleshooting
Introduction
Troubleshooting the Salt master
Troubleshooting the Salt minion
Dealing with too many open files
Connectivity, DNS, and ports
Dealing with YAML configuration problems
12
Index
Index

Installing and configuring the Salt master

In this section, we are going to configure the most important component of the Salt architecture—the Salt master. We'll install the Salt master package and configure the most important parameters needed for our infrastructure.

How to do it...

Let's see how we can install the Salt master on various types of OS.

Installing the Salt master on RedHat/CentOS/Fedora

  1. Salt packages are available in the EPEL repository. First, the repository needs to be added to the system. As the system being used is CentOS 6.5 (64-bit), we are using the epel-release package at http://dl.fedoraproject.org/pub/epel/6/x86_64/. This needs to be changed as per the version and architecture of the operating system being used:
    [root@salt-master ~]# rpm -ihv \    http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6- 8.noarch.rpm
  2. After the EPEL release package has been installed, we will install the salt-master package with the following command, and the dependencies should automatically be fetched from the repository:
    [root@salt-master ~]# yum –y install salt-master

Installing the Salt master on Ubuntu

While installing the Salt master on Ubuntu, the SaltStack PPA repository needs to be added to the system. It is to be noted that the following commands need to be executed as a privileged user, that is, either the root user can be used, or the sudo command needs to be added before the mentioned commands:

  1. The following command adds the add-apt-repository binary to the system:
    [root@salt-master ~]# apt-get –y install python-software- properties
  2. Now, we will add the repository with the command given here:
    [root@salt-master ~]# add-apt-repository ppa:saltstack/salt
  3. The Salt master package then needs to be installed with the following command:
    [root@salt-master ~]# apt-get -y install salt-master

Configuring the Salt master

The primary configuration file for the Salt master is /etc/salt/master. It is also a good practice to create additional configuration files in /etc/salt/master.d/ with the .conf extension, and they will get read along with all the other files when the Salt master daemon starts.

Most of the Salt configuration parameters are set by default and need not be set explicitly. However, let's look at some of the important parameters that can be altered to suit one's needs:

  • To determine which network interface the service binds to:
    interface: 0.0.0.0
  • The port on which to listen to for client node (minion) communications:
    publish_port: 4505
  • The path that gets prepended to other files such as log_file, pki_dir, and cache_dir if set. It is also to be noted that this path gets prepended to all other defined configuration parameters in the master configuration files, where each of them is also explained in detail:
    root_dir: /
  • The directory to hold the master and minion keys that have already been authenticated or rejected:
    pki_dir: /etc/salt/pki/master
  • The file containing log entries for the master daemon:
    log_file: /var/log/salt/master
  • The file that allows the keys of the host's that match the listed patterns to be accepted automatically (it is always a good practice to define this file). We will uncomment this line and set the filename as follows:
    autosign_file: /etc/salt/autosign.conf
  • Edit the file /etc/salt/autosign.conf and set the content to be a wild card entry as follows (this is being done to facilitate easier demonstrations in the rest of the book, it is to be noted that this is a security risk otherwise):
    *
  • The Salt service daemon then needs to be started and configured to start at boot time.

    On RedHat/CentOS/Fedora:

    [root@salt-master ~]# service salt-master start
[root@salt-master ~]# chkconfig salt-master on

    On Ubuntu, the installation process automatically starts the daemon, hence the daemon needs to be restarted:

    [root@salt-master ~]# service salt-master restart
[root@salt-master ~]# update-rc.d salt-master defaults

    The firewall needs to be configured to allow communication on ports 4505 and 4506 from the minions:

    [root@salt-master ~]# iptables -A INPUT -m state --state new \ -m tcp -p tcp --dport 4505 -j ACCEPT
[root@salt-master ~]# iptables -A INPUT -m state --state new \ -m tcp -p tcp --dport 4506 -j ACCEPT
  • Save the firewall rules:

    On RedHat/CentOS/Fedora:

    [root@salt-master ~]# service iptables save

    On Ubuntu:

    [root@salt-master ~]# iptables-save

In the scenario that a virtualized environment is being used, such as a cloud provider, the aforementioned ports should be opened in the respective security group of the master node.

How it works...

The salt-master is the package for the Salt master service and it also requires a few other dependencies, such as the ZeroMQ library, msgpack, jinja, yaml, and so on, which is automatically pulled along with the package from the configured repositories.

Most of the Salt configuration parameters are set by default and need not be explicitly mentioned in the file. The options can be found commented in the file and act as the defaults. However, if they need to be changed, then they can be uncommented and necessary changes can be made.

We have explicitly uncommented the autosign_file parameter and set the value as /etc/salt/autosign.conf:

autosign_file: /etc/salt/autosign.conf

We then populated the file with a wildcard entry, that is, *, to allow all minions' certificate requests to be automatically signed and accepted by the master.

Finally, the service daemons for salt master are started/restarted, configured to start automatically at boot time, and firewalls are configured to open the ports 4505 and 4506 for communication with the minions using the system-specific commands.

See also

  • The Salt multi-master setup (active-active mode) and Salt multi-master setup (active-passive mode) recipes in Chapter 3, Modules, Orchestration, and Scaling Salt, to learn more about highly available and redundant Salt master setups
  • The Configuring the Salt environment and pillar paths recipe, for advanced configuration of the Salt master
End of Section 3
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete