How To Install and Configure Salt Stack on RedHat Linux (AWS Instances)

Problem scenario
You want to install SaltStack on RHEL instances for the first time on an AWS server.

Solution in Three Parts
(If you want instructions on how to do this with Debian/Ubuntu and/or Linux SUSE, see this posting.)

Part 1  Create a Salt Master Server
1.  Create a RHEL instance and put it in a Security Group that has access to the Internet for this initial setup, and has connectivity to the other server that will be the Salt Minion.  The IP address you would use is the internal IP address of the server (from an ifconfig command) and not the IP address seen in the EC2 console (one that you would use Putty to connect to).

2.  Assume the root user (sudo su -)

3.  Run these commands:
yum -y install https://repo.saltstack.com/yum/redhat/salt-repo-latest-1.el7.noarch.rpm
yum -y install salt-master

4.  Verify it worked:
salt-master --version

5. Start the salt-master service:
systemctl start salt-master

Part 2  Create a Salt Minion Server
6.  Create a RHEL instance and put it in a Security Group that has access to the Internet for this initial setup and has connectivity to the other server that will be the Salt Master.   The IP address you would use is the internal IP address of the server (from an ifconfig command) and not the IP address seen in the EC2 console (one that you would use Putty to connect to).

7.  Assume the root user (sudo su -)

8.  Run these commands:
yum -y install https://repo.saltstack.com/yum/redhat/salt-repo-latest-1.el7.noarch.rpm
yum -y install salt-minion

9.a.  vi /etc/salt/minion
9.b.  Search for "master: salt"
9.c.  Uncomment this line.  Change "salt" to "saltmaster" or the hostname of the salt master server.

10.   Update the /etc/hosts file to ensure it can resolve the saltmaster hostname via a ping.
11.  Run this command: salt-minion -l debug

Part 3  Configure Salt Master to Communicate With Salt Minion
12.  Log on to the Salt Master server as root.

13.  Run this: salt-key -L

The output should look something like this:

Accepted Keys:
Denied Keys:
Unaccepted Keys:
salt-minion1.continualintegration.com
Rejected Keys:

14.  Run this command:
salt-key -a salt-minion1.continualintegration.com
respond to the prompt with "Y" with no quotes and press enter.

15.  You are done.
Now these commands should work:

  salt '*' test.ping
  salt '*' disk.usage
  salt '*' cmd.run 'ls -l /etc'
  salt '*' network.interfaces
  salt '*' test.echo 'foo: bar'

Leave a comment

Your email address will not be published.