h3. Installing salt master and salt minion (agent) on CentOS 6
{color:#313131}Beginning with version 0.9.4, Salt has been available in{color}{color:#313131} {color}[EPEL|http://fedoraproject.org/wiki/EPEL]{color:#313131}. It is installable using yum. Salt should work properly with all mainstream derivatives of RHEL, including CentOS.{color}
Salt and all dependencies have been accepted into the yum repositories for EPEL5 and EPEL6. The latest salt version can be found in epel-testing, while an older but more tested version can be found in regular epel.
h5. Salt (master) dependencies:
* PyYAML
* libyaml
* m2crypto
* openpgm
* sshpass
* python-babel
* python-crypto
* python-jinja2
* python-msgpack
* python-zmq
* zeromq3
Now installing salt-master.
{code}
[root@tiber07vm2 ~]# yum install salt-master
[root@tiber07vm2 ~]# salt --version
salt 0.16.4
{code}
Install python pip to install python additional modules
{code}
[root@tiber07vm2 ~]# yum install python-setuptools
[root@tiber07vm2 ~]# easy_install pip
{code}
Upgrade salt which is supported version salt-ssh (first resolved the dependancies for it)
{code}
[root@tiber07vm2 ~]# pip install markupsafe
[root@tiber07vm2 ~]# pip install --upgrade salt
[root@tiber07vm2 ~]# salt --version
salt 0.17.1
[root@tiber07vm2 ~]# salt-ssh --version
salt-ssh 0.17.1
{code}
h5. Basically salt-stack comes with two environment
* Stack master (Server) \-> stack minion (Agent)
* Stack master (SSH) \-> Master connects to agent using ssh, so no additional salt agent is required.
h5. Managed Node Requirements
h5. 1) Salt (minion) dependencies:
On the managed nodes, you only need Python 2.4 or later,
* m2crypto
* openpgm
* python-babel
* python-crypto
* python-jinja2
* python-msgpack
* python-yaml
* python-zmq
* zeromq3
Now installing salt-minion.
{code}
[root@tiber07vm2 ~]# yum install salt-minion
[root@tiber07vm2 ~]# salt-minion --version
salt-minion 0.16.4
{code}
h5. Inventory of manged hosts:
Edit the /etc/salt/minion file on salt-minion server and add entry for salt-master server
{code}
[root@tiber07vm4 ~]# cat /etc/salt/minion
master: tiber07vm2.glam.colo
{code}
Start the master and minion services on salt master and client server
{code}
[root@tiber07vm2 ~]# /etc/init.d/salt-master start
Starting salt-master daemon: [ OK ]
[root@tiber07vm2 ~]# /etc/init.d/salt-minion start
Starting salt-minion daemon: [ OK ]
[root@tiber07vm4 ~]# /etc/init.d/salt-minion start
Starting salt-minion daemon: [ OK ]
{code}
Check discovery for new minion and view the certificate requests on master:
{code}
[root@tiber07vm2 ~]# salt-key -L
Accepted Keys:
Unaccepted Keys:
tiber07vm2
tiber07vm4
Rejected Keys:
{code}
Looks perfect now\!\!
Accept the certificate requests on master:
{code}
[root@tiber07vm2 ~]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
tiber07vm2
tiber07vm4
Proceed? [n/Y] Y
Key for minion tiber07vm2 accepted.
Key for minion tiber07vm4 accepted.
{code}
Verify to see keys are accepted
{code}
[root@tiber07vm2 ~]# salt-key -L
Accepted Keys:
tiber07vm2
tiber07vm4
Unaccepted Keys:
Rejected Keys:
{code}
h5. Test the connection with the children:
Great you have done so far, now it is time to test
{code}
[root@tiber07vm2 ~]# salt 'tiber07vm4' test.ping
tiber07vm4:
True
[root@tiber07vm2 ~]# salt '*' test.ping
tiber07vm4:
True
tiber07vm2:
True
{code}
h5. 2) Salt (ssh) dependencies:
On the managed nodes, you only need Python 2.4 or later.
h5. SSH trust : since you want pass wordless authentication from your master machine ,its advisable to establish a trust
{code}
ssh-copy-id tiber07vm2
ssh-copy-id tiber07vm4
{code}
Inventory of manged hosts will be at /etc/salt/roster, this example configuration contains host without password (shared auth_key) and with password host entries.
{code}
[root@tiber07vm2 ~]# cat /etc/salt/roster
tiber07vm2:
host: tiber07vm2
user: root
tiber07vm4:
host: tiber07vm4
user: root
passwd: myrootpassword
{code}
h5. Test the connection with the children:
Great you have done all, now it is time to test
{code}
[root@tiber07vm2 ~]# salt-ssh '*' test.ping
tiber07vm2:
True
tiber07vm4:
True
{code}
h5. Sample run :
{code}
[root@tiber07vm2 ~]# salt-ssh 'tiber07vm4' -r 'uptime'
tiber07vm4:
02:38:11 up 20 days, 14:16, 1 user, load average: 0.09, 0.08, 0.02
[root@tiber07vm2 ~]# salt-ssh '*' -r 'uptime'
tiber07vm2:
02:38:22 up 20 days, 14:16, 1 user, load average: 0.08, 0.08, 0.02
tiber07vm4:
02:38:23 up 20 days, 14:16, 1 user, load average: 0.08, 0.08, 0.02
{code}
h5. Known Errors and fixes:
{code}[root@tiber07vm2 ~]# salt-ssh 'tiber07vm2' -r 'uptime'
OSError: [Errno 38] Function not implemented
{code}
Ohh LXC\!\!, You will get python OSError because of not to write /dev/shm (tmpfs), so to enable it update your /dev/shm mount options (rw, noexec) and remount /dev/shm.
{code}
[root@tiber07vm2 ~]# cat /etc/fstab
/dev/root / rootfs defaults 0 0
none /dev/shm tmpfs rw,nosuid,nodev,noexec 0 0
#none /dev/shm tmpfs nosuid,nodev 0 0
[root@tiber07vm2 ~]# mount /dev/shm
{code}
{color:#313131}Beginning with version 0.9.4, Salt has been available in{color}{color:#313131} {color}[EPEL|http://fedoraproject.org/wiki/EPEL]{color:#313131}. It is installable using yum. Salt should work properly with all mainstream derivatives of RHEL, including CentOS.{color}
Salt and all dependencies have been accepted into the yum repositories for EPEL5 and EPEL6. The latest salt version can be found in epel-testing, while an older but more tested version can be found in regular epel.
h5. Salt (master) dependencies:
* PyYAML
* libyaml
* m2crypto
* openpgm
* sshpass
* python-babel
* python-crypto
* python-jinja2
* python-msgpack
* python-zmq
* zeromq3
Now installing salt-master.
{code}
[root@tiber07vm2 ~]# yum install salt-master
[root@tiber07vm2 ~]# salt --version
salt 0.16.4
{code}
Install python pip to install python additional modules
{code}
[root@tiber07vm2 ~]# yum install python-setuptools
[root@tiber07vm2 ~]# easy_install pip
{code}
Upgrade salt which is supported version salt-ssh (first resolved the dependancies for it)
{code}
[root@tiber07vm2 ~]# pip install markupsafe
[root@tiber07vm2 ~]# pip install --upgrade salt
[root@tiber07vm2 ~]# salt --version
salt 0.17.1
[root@tiber07vm2 ~]# salt-ssh --version
salt-ssh 0.17.1
{code}
h5. Basically salt-stack comes with two environment
* Stack master (Server) \-> stack minion (Agent)
* Stack master (SSH) \-> Master connects to agent using ssh, so no additional salt agent is required.
h5. Managed Node Requirements
h5. 1) Salt (minion) dependencies:
On the managed nodes, you only need Python 2.4 or later,
* m2crypto
* openpgm
* python-babel
* python-crypto
* python-jinja2
* python-msgpack
* python-yaml
* python-zmq
* zeromq3
Now installing salt-minion.
{code}
[root@tiber07vm2 ~]# yum install salt-minion
[root@tiber07vm2 ~]# salt-minion --version
salt-minion 0.16.4
{code}
h5. Inventory of manged hosts:
Edit the /etc/salt/minion file on salt-minion server and add entry for salt-master server
{code}
[root@tiber07vm4 ~]# cat /etc/salt/minion
master: tiber07vm2.glam.colo
{code}
Start the master and minion services on salt master and client server
{code}
[root@tiber07vm2 ~]# /etc/init.d/salt-master start
Starting salt-master daemon: [ OK ]
[root@tiber07vm2 ~]# /etc/init.d/salt-minion start
Starting salt-minion daemon: [ OK ]
[root@tiber07vm4 ~]# /etc/init.d/salt-minion start
Starting salt-minion daemon: [ OK ]
{code}
Check discovery for new minion and view the certificate requests on master:
{code}
[root@tiber07vm2 ~]# salt-key -L
Accepted Keys:
Unaccepted Keys:
tiber07vm2
tiber07vm4
Rejected Keys:
{code}
Looks perfect now\!\!
Accept the certificate requests on master:
{code}
[root@tiber07vm2 ~]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
tiber07vm2
tiber07vm4
Proceed? [n/Y] Y
Key for minion tiber07vm2 accepted.
Key for minion tiber07vm4 accepted.
{code}
Verify to see keys are accepted
{code}
[root@tiber07vm2 ~]# salt-key -L
Accepted Keys:
tiber07vm2
tiber07vm4
Unaccepted Keys:
Rejected Keys:
{code}
h5. Test the connection with the children:
Great you have done so far, now it is time to test
{code}
[root@tiber07vm2 ~]# salt 'tiber07vm4' test.ping
tiber07vm4:
True
[root@tiber07vm2 ~]# salt '*' test.ping
tiber07vm4:
True
tiber07vm2:
True
{code}
h5. 2) Salt (ssh) dependencies:
On the managed nodes, you only need Python 2.4 or later.
h5. SSH trust : since you want pass wordless authentication from your master machine ,its advisable to establish a trust
{code}
ssh-copy-id tiber07vm2
ssh-copy-id tiber07vm4
{code}
Inventory of manged hosts will be at /etc/salt/roster, this example configuration contains host without password (shared auth_key) and with password host entries.
{code}
[root@tiber07vm2 ~]# cat /etc/salt/roster
tiber07vm2:
host: tiber07vm2
user: root
tiber07vm4:
host: tiber07vm4
user: root
passwd: myrootpassword
{code}
h5. Test the connection with the children:
Great you have done all, now it is time to test
{code}
[root@tiber07vm2 ~]# salt-ssh '*' test.ping
tiber07vm2:
True
tiber07vm4:
True
{code}
h5. Sample run :
{code}
[root@tiber07vm2 ~]# salt-ssh 'tiber07vm4' -r 'uptime'
tiber07vm4:
02:38:11 up 20 days, 14:16, 1 user, load average: 0.09, 0.08, 0.02
[root@tiber07vm2 ~]# salt-ssh '*' -r 'uptime'
tiber07vm2:
02:38:22 up 20 days, 14:16, 1 user, load average: 0.08, 0.08, 0.02
tiber07vm4:
02:38:23 up 20 days, 14:16, 1 user, load average: 0.08, 0.08, 0.02
{code}
h5. Known Errors and fixes:
{code}[root@tiber07vm2 ~]# salt-ssh 'tiber07vm2' -r 'uptime'
OSError: [Errno 38] Function not implemented
{code}
Ohh LXC\!\!, You will get python OSError because of not to write /dev/shm (tmpfs), so to enable it update your /dev/shm mount options (rw, noexec) and remount /dev/shm.
{code}
[root@tiber07vm2 ~]# cat /etc/fstab
/dev/root / rootfs defaults 0 0
none /dev/shm tmpfs rw,nosuid,nodev,noexec 0 0
#none /dev/shm tmpfs nosuid,nodev 0 0
[root@tiber07vm2 ~]# mount /dev/shm
{code}
No comments:
Post a Comment