Ensure that Salt is installed on any nodes that are directly involved in your SaltStack Config installation or else the installation will fail. In a standard installation, these are the four nodes that will host the Salt master, RaaS, the Redis database, and the PostgreSQL database.

Note:

These steps are part of the pre-installation process for a standard installation of SaltStack Config. This guide explains how to install or upgrade Salt on the node that you are using to run an installation. For instructions on how to install Salt on the rest of your infrastructure after the standard installation, see Install Salt on your infrastructure.

If you are installing SaltStack Config on an existing Salt infrastructure, Salt is already installed. In this case, instead refer to the instructions about how to Upgrade Salt and Python.

Installing Salt on your four installation nodes involves three main tasks:

  • Install Salt on the Salt master(s)
  • Install Salt on the minions
  • Accept the minion keys on the Salt master(s)

The following sections explain how to do these tasks.

Install Salt on the Salt master(s)

In a standard installation, you need to install both the Salt master service and the minion service on the Salt master host.

These instructions install the latest Salt release on Redhat/Centos 7 PY3. If your machine is running a different operating system or version of Python, the script will not work. For information about installing Salt on other operating systems or Python versions, see the SaltStack Package Repo.
Note: Centos 7, by default, blocks connections to the Salt master. You must create firewall rules to allow connectivity:
  • firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp
  • firewall-cmd --reload
For more information, see Opening the Firewall up for Salt.
  1. Install the Salt project repository and key:
    sudo yum install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm
  2. Clear the cache:
    sudo yum clean expire-cache
  3. Install the Salt master service and the minion service on the Salt master node:
    sudo yum install salt-master
    sudo yum install salt-minion
  4. Create a master.conf file in the /etc/salt/minion.d directory. In this file, set the Salt master’s IP address to point to itself:
    master: localhost
  5. Start the Salt master service and minion service:
    sudo systemctl start salt-master
    sudo systemctl enable salt-minion
    sudo systemctl start salt-minion

    Use service salt-minion restart to restart the minions if needed.

Install Salt on the Salt minions

After installing Salt on the Salt master as described in the previous section, the next step is to install the minion service (not the master service) on the three nodes that will become the RaaS, a Redis database, and a PostgreSQL database.

Then, you need to configure the minions to communicate with the Salt master. For more detailed information about installing the minion service, see Minion Configuration in the Salt documentation.

To install the minion service:

  1. Install only the minion service by running the following command:
    sudo yum install salt-minion
  2. Answer y to all prompts to accept all changes.
  3. Configure each minion to communicate with the Salt master by creating a master.conf file in the /etc/salt/minion.d directory. In this file, provide the Salt master’s IP address. For example:
    master: 192.0.2.1
  4. Start the minion service:
    sudo systemctl enable salt-minion
    sudo systemctl start salt-minion

    Use servicesalt-minionrestart to restart the minions if needed.

  5. Repeat the previous steps for all remaining nodes.

Accept the minion keys on the master(s)

At this point, you have installed the Salt master service and minion service, and you have provided your minions with the Salt master’s IP address. Now, in order for the Salt master to send commands to the minions, the next step to accept the minion keys on the Salt master.

Before proceeding:

To accept the keys:

  1. In the Salt master’s terminal, list all the keys that are on Salt master:
    salt-key -L
  2. Check that all the minion IDs are listed in Unacceptedkeys.

    If the minion IDs appear in Acceptedkeys, no further action is needed as this is the end goal.

  3. Accept each minion ID using the following command, replacing the <your-minion-id> with the ID from your network:
    salt-key -a <your-minion-ID>

    Running salt-key-A accepts all keys.

  4. Answer y to all prompts.
  5. Run the salt-key-L command a second time to confirm all minions appear in Acceptedkeys.

What to do next

After all minion keys are accepted, you have successfully installed Salt and can proceed to the next pre-installation step. The next step is to download, verify, and transfer the installation files for your installation scenario. To continue the pre-installation process, see Transfer and import files.