The goal of this use case is to programmatically install the Salt minion service on a minion by connecting a Windows VM to your SaltStack Config environment.
- Have a SaltStack Config environment with RaaS deployed.
- Have a Salt master and Salt minion installed.
- Have a Windows VM deployed.
- Verify that the folder etc/salt/cloud.deploy.d on the Salt master contains these files.
If you do not see the files, contact support.Note: The xxxx in the filename, for example,
salt-xxxx-windows--x86.tar.gz, should match the version of the Salt master. To verify the version of the Salt master, run the salt-master -V command on the Salt master.
- In the Salt master's terminal, install the following libraries by running the
pip3 install pypsexec smbprotocoland
pip3 install impacket --ignore-installedcommands.
- To identify the FQDN of the Salt master, run the
salt saltmaster grains.get fqdncommand in the Salt master's terminal.
- On your Windows machine, verify that the C: \Windows\System32\drivers\etc\hosts file is configured with the Salt master's IP and FQDN.
- Open PowerShell on the Windows machine and run this command to open the required ports:
Port Commands 445
New-NetFirewallRule -Name "SMB445" - DisplayName "SMB445" -Protocol TCP - LocalPort 445
- In the Salt master's terminal, use this command to open ports 4505 and 4506 on the Salt master:
Port Commands 4505-4506
netsh advfirewall firewall add rule name="Salt" dir=in action=allow protocol=TCP localport=4505-4506
See Understanding SaltStack for more information about the Salt communication model.
- Ensure that the FQDN is configured for the Salt master by running the ping [FQDN] command on your Windows machine.
- Make this API call using an SSEAPI client with the correct credentials for your environment.
Note: If you integrated SaltStack Config with vRealize Automation, the vRealize Automation service makes this API call for you when you deploy minions using a cloud template.
from sseapiclient import APIClient client = APIClient('https://<master-ip>', '<ssc-username>', '<sscpassword>', ssl_validate_cert=False) client.api.minions.deploy_minion( master_id = '<master-id>', host_name_ip = '<prospective minion’s ip>', os = ‘<prospective minion’s os>’, minion_id = '<desired-minion-name-for-prospective-minion>', username = '<ssh-username-for-prospective-minion>', password = '<ssh-password-for-prospective-minion>', )The
deploy.minionfunction begins running in your SaltStack Config environment. You can verify that the job is running in the Activity tab of the SaltStack Config user interface or by running the python3 command, followed by client.api.minions.get_minion_deployments().
The minion was successfully deployed and configured from your Windows environment and API call.