The Complete Magazine on Open Source

Infrastructure management made easy with Salt Stack

SHARE
and / 1758 0

Infrastructure Management

The tremendous success of technologies like virtualisation and cloud computing has made infrastructure management a more challenging task for system administrators. This article introduces a simple and powerful tool called Salt Stack for infrastructure management.

Earlier, systems administrators had to visit each and every server to install or configure any software. This particular style of infrastructure management was very tedious and time consuming. Back then, administrators would remotely log in, a practice that was very successful for some time. Secure Shell (SSH) is a fine example for accessing a remote server. But administrators then had to establish a remote connection with every server and issue commands separately to each one. In the current cloud computing era, administrators use automation tools that can perform policy based configurations and installations on all the servers at once, automatically. For this purpose, there are a few useful open source tools like Salt Stack, Puppet, Chef, etc.

Figure 1 Set up for admin to install SaltStack

Figure 1: Set up for admin to install SaltStack components using SSH connections

Figure 2 Salt Master configuration

Figure 2: Salt Master configuration

An introduction to Salt Stack

Salt (Salt-Stack) is an infrastructure automation and management system coded in Python by Thomas S. Hatch. According to official documentation, “Salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more.’’ Hatch used the ZeroMQ messaging library to facilitate the high-speed requirements and built Salt using ZeroMQ for all networking layers. Running commands on remote systems is the core function of Salt. It can execute commands across thousands of systems, in seconds.

This article walks you through the fundamental concepts you need to learn as you start using Salt.

Installation

Let’s begin by installing Salt. In this article, a Debian based distro—Ubuntu 14.04 LTS—is used; for other distros, please check the installation manuals. Salt is designed based on the client-server model. Let us assume a simple infrastructure environment, as shown in Figure 1. The administrator considers his/her machine as the master and other machines as clients. Salt installation happens in two steps. In the first one, we install the Salt Master package in the master machine with the following commands as per the official recommendation (https://docs.saltstack.com/en/latest/topics/installation/ubuntu.html):

$ sudo add-apt-repository ppa:saltstack/salt

$sudo add-apt-repository ppa:saltstack/salt2015-5

$sudo apt-get install python-software-properties

$sudo apt-get install software-properties-common

$sudo apt-get update

$sudo apt-get install salt-api

$sudo apt-get install salt-cloud

$sudo apt-get install salt-master

$sudo apt-get install salt-ssh

sudo apt-get install salt-syndic

In the second step, we install the Salt Minion package in client machines with the following commands, again as per the official recommendation:

$sudo add-apt-repository ppa:saltstack/salt

$sudo add-apt-repository ppa:saltstack/salt2015-5

$sudo apt-get install python-software-properties

$sudo apt-get install software-properties-common

$sudo apt-get update

$sudo apt-get install salt-api

$sudo apt-get install salt-cloud

$sudo apt-get install salt-minion

$sudo apt-get install salt-ssh

$sudo apt-get install salt-syndic

For this step, administrators can use conventional SSH connections as shown in Figure 1 for installation in all the client machines.

Figure 3 Salt Minion configuration

Figure 3: Salt Minion configuration

Figure 4 Salt Master-Salt Minions authentication

Figure 4: Salt Master-Salt Minions authentication

Salt configuration

After the installation of Salt Master on the master machine, we need to configure it by modifying the corresponding configuration file called master (which is present in the /etc/salt directory), using any text editor (as shown in Figure 2) to set the master IP address by uncommenting the interface field. Before this, it’s better to stop the Salt Master daemon running on the master machine with the following command:

$sudo service salt-master stop

After the configuration of Salt Master, we can start it with the following command:

$sudo service salt-master start

After installing Salt Minion in the client machines, we need to edit the corresponding configuration file called minion (which is present in the /etc/salt directory), using any text editor (as shown in Figure 3), in order to set the master IP address by uncommenting master. Before this is done, it’s better to stop the Salt Minion daemon running on the client machines with the following command:

$sudo service salt-minion stop

After the configuration of Salt Minion, we can start it with the following command:

$sudo service salt-minion start

Now, Salt Master and Salt Minion will authenticate each other using the RSA public key crypto system. We can check this on the master machine, as shown in Figure 4.

After this, let’s test the whole environment by giving a simple ping test, as shown in Figure 5.

Figure 5 Salt Master-Salt Minions ping test

Figure 5: Salt Master-Salt Minions ping test

Figure 6 Installing Apache2 in all the Minions

Figure 6: Installing Apache2 in all the Minions

Figure 7 Indicating how we can check the firewall status and enabling it in all the Minions

Figure 7: Indicating how we can check the firewall status and enabling it in all the Minions

Executing commands on all the Minions at one time

Let us look at the case when the administrator has to install Apache2 in all the client machines. This can be completed by executing a single command on the Salt Master as shown in Figure 6, where we can also see the responses from all the client machines.

Let us look at another case where the administrator needs to enable the firewall in all the machines. This can be completed by executing a single command on the Salt Master as shown in Figure 7. The responses from all the client machines can also be seen in Figure 7.

Salt Stack is a simple and powerful tool in the hands of systems administrators. Running commands on remote systems is its core function. Salt can execute commands across thousands of systems in seconds.