Alright, now that we’ve taken a comprehensive look at Linux-based servers, it’s time to start learning about server management. Manual labor is okay when you’re configuring and maintaining one or two servers at a time, but when you’re responsible for the maintenance of tens, hundreds or even thousands of machines, it’s inevitable for you to automate tasks. There are many ways to perform automation, but this time I’m focusing on Salt, or the SaltStack platform.
What is Salt?
Salt, in short, is a Python-based open-source configuration management software and remote execution engine (it’s a mouthful I know, but keep reading). Salt is all about the “Infrastructure as a Code” (IaC) approach to maintenance. IaC’s purpose with maintenance is to manage targets through machine-readable definition files instead of the usual physical approach or configuration tools. This makes maintenance much more efficient and enables remote configurations. It’s also easily repeatable and scales easily.
Essentially, Salt is based on the principles mentioned above. It uses a simple Master-Minion design in which all the machines that receive orders are marked as minions and the master machine sends out orders. To quote saltstack.com:
Salt minions do their own work. Communication from the Salt master is a lightweight set of instructions that basically says “if you are a minion with these properties: run this command with these arguments.” Salt minions determine if they match the properties when the command is received. Each Salt minion already has all of the commands that it needs stored locally, so the command can be executed and the results quickly returned back to the Salt master. The Salt master doesn’t do anything for a minion that it can do (often better) on its own.
Now that we understand the bare essentials, let’s take a look at Salt in practice!
Installing Salt and setting it up
In order to use Salt you need a Master and a Minion. If you just want to test Salt out, you can install both of these on the same machine but here I used separate laptops, my trusty HP EliteBook 2570p and an older HP Pavilion DV6 with a Linux live USB stick, both running Xubuntu 16.04.3. I’m using both machines in my local network.
Start by installing either the master or the minion. To install the Master, use the following commands in order:
sudo apt-get update
sudo apt-get -y install salt-master
The “hostname -I” displays your IP address which you need to give to the minion so it can connect to the Master. If you have a firewall up and running, be sure to open ports 4505 and 4506, I use UFW so I opened them with “sudo ufw allow 4505” and “sudo ufw allow 4506“.
To install a Minion, start with “sudo apt-get -y install salt-minion“. After the installation, use the command “sudoedit /etc/salt/minion” and scroll all the way to the end of the document and add your Master’s IP address and, if you want to, an id for your minion (if you’re using a Live USB the id is mandatory).
After this, use “sudo systemctl restart salt-minion.service” to enable the changes.
After you’ve setup your minion, access your master and use “sudo salt-key -A” to accept the newly added minion. Use “Y” to accept and you’re done! You should now have a working Salt master and minion.
To test this out, I used “sudo salt ‘*’ cmd.run ‘whoami’” command, but you can start using any you want.
I also tested it by installing htop on the minion with “sudo salt ‘*’ pkg.install htop”:
Salt’s State System allows you to set your minions into states that you’ve defined. States can include many different commands for program installation or user adding, for example. States are a handy way to automate your maintenance and do things more efficiently.
To use a state, you need to write one. First, start by creating the correct folder for the state files with “sudo mkdir -p /srv/salt/” and the use “sudoedit /srv/salt/statename.sls” to create your first state. State files are written in YAML which uses two spaces with indentations so always use those two spaces with indentations!
Here I created a simple state file that installs Apache, htop and Thunderbird on the targeted minions. I modified Joona Leppälahti’s state file meant for LAMP installation.
Here’s an example of a successful state use. States can be used with the command “sudo salt ‘*’ state.apply statename”. This screenshot was taken after the second time I used the state file, otherwise it would display the changes made, but because I applied it the second time nothing changed. Using states is rather easy, as demonstrated.
Grains are a vital part of Salt. Here’s a quote from saltstack.com:
Grains are used to get data about your systems. Grains are static information about the underlying operating system, memory, disks, and many other system properties.
Grains are gathered automatically when the minion starts and are refreshed periodically or by using a remote execution command.
So what can you do with grains? You can gather inventory using the grains execution module, which lets you list all grains, find systems with a specific grain value, and so on.
So grains are used to retrieve information. I wanted to test this out so I used the command “sudo salt ‘*’ grains.items“. This lists all grains data.
Using Salt in home conditions
I was tasked with using Salt at home for something small and practical. I often buy used laptops and build custom PCs, so I thought I would make a state file that I could use to install all the basic programs that I need. I also wanted to create a new user called “Oliver”. I decided to again use Joona Leppälahti’s state files as inspiration. I combined the previous state file I made with Joona’s “user” file and it worked great! Now I only need to replace the name “opiskelija” with my own and it’s all set up.
http://terokarvinen.com/2018/salt-quickstart-salt-stack-master-and-slave-on-ubuntu-linux – Instructions for Salt installation
http://terokarvinen.com/2018/salt-states-i-want-my-computers-like-this – Instructions for state files
https://docs.saltstack.com/en/getstarted/ – For getting started with Salt
https://en.wikipedia.org/wiki/Salt_(software) – Additional info on Salt
https://en.wikipedia.org/wiki/Infrastructure_as_Code – Additional info on IaC