Ensure that Salt is installed on any nodes that are directly involved in your SaltStack Config installation or else the installation will fail. In a standard installation, these are the four nodes that will host the Salt master, RaaS, the Redis database, and the PostgreSQL database.
These steps are part of the pre-installation process for a standard installation of SaltStack Config. This guide explains how to install or upgrade Salt on the node that you are using to run an installation. For instructions on how to install Salt on the rest of your infrastructure after the standard installation, see Install Salt on your infrastructure.
If you are installing SaltStack Config on an existing Salt infrastructure, Salt is already installed. In this case, instead refer to the instructions about how to Upgrade Salt and Python.
Installing Salt on your four installation nodes involves three main tasks:
- Install Salt on the Salt master(s)
- Install Salt on the minions
- Accept the minion keys on the Salt master(s)
The following sections explain how to do these tasks.
Install Salt on the Salt master(s)
In a standard installation, you need to install both the Salt master service and the minion service on the Salt master host.
firewall-cmd --permanent --zone=public --add-port=4505-4506/tcp
firewall-cmd --reload
- Install the Salt project repository and key:
sudo yum install https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el7.noarch.rpm
- Clear the cache:
sudo yum clean expire-cache
- Install the Salt master service and the minion service on the Salt master node:
sudo yum install salt-master sudo yum install salt-minion
- Create a
master.conf
file in the/etc/salt/minion.d
directory. In this file, set the Salt master’s IP address to point to itself:master: localhost
- Start the Salt master service and minion service:
sudo systemctl start salt-master sudo systemctl enable salt-minion sudo systemctl start salt-minion
Use
service salt-minion restart
to restart the minions if needed.
Install Salt on the Salt minions
After installing Salt on the Salt master as described in the previous section, the next step is to install the minion service (not the master service) on the three nodes that will become the RaaS, a Redis database, and a PostgreSQL database.
Then, you need to configure the minions to communicate with the Salt master. For more detailed information about installing the minion service, see Minion Configuration in the Salt documentation.
To install the minion service:
- Install only the minion service by running the following command:
sudo yum install salt-minion
- Answer
y
to all prompts to accept all changes. - Configure each minion to communicate with the Salt master by creating a
master.conf
file in the/etc/salt/minion.d
directory. In this file, provide the Salt master’s IP address. For example:master: 192.0.2.1
- Start the minion service:
sudo systemctl enable salt-minion sudo systemctl start salt-minion
Use
servicesalt-minionrestart
to restart the minions if needed. - Repeat the previous steps for all remaining nodes.
Accept the minion keys on the master(s)
At this point, you have installed the Salt master service and minion service, and you have provided your minions with the Salt master’s IP address. Now, in order for the Salt master to send commands to the minions, the next step to accept the minion keys on the Salt master.
Before proceeding:
- Ensure the Salt master service is enabled and started (see the final step in the Install Salt on the Salt Master(s) section if needed).
- Ensure the minion is enabled and started on all the nodes (see the final step in the Install Salt on the Salt Minions section if needed).
To accept the keys:
- In the Salt master’s terminal, list all the keys that are on Salt master:
salt-key -L
- Check that all the minion IDs are listed in
Unacceptedkeys
.If the minion IDs appear in
Acceptedkeys
, no further action is needed as this is the end goal. - Accept each minion ID using the following command, replacing the <your-minion-id> with the ID from your network:
salt-key -a <your-minion-ID>
Running
salt-key-A
accepts all keys. - Answer
y
to all prompts. - Run the
salt-key-L
command a second time to confirm all minions appear inAcceptedkeys
.
What to do next
After all minion keys are accepted, you have successfully installed Salt and can proceed to the next pre-installation step. The next step is to download, verify, and transfer the installation files for your installation scenario. To continue the pre-installation process, see Transfer and import files.