Ubuntu 18.04 server on digital ocean
1 core 1gig ram
Ubuntu 18.04 digital ocean
Linux mint 19 Ryzen 1600, gtx 1060
First update everything runing
sudo apt update && sudo apt ugrade -y
Creating Salt Master
sudo apt-get -y install salt-master hostname -I
Creating Salt Minion
First install the salt minion and edit the minion file to ad your master ip and slave id
sudo apt-get -y install salt-minion sudoedit /etc/salt/minion
master: 22.214.171.124 id: minion1
Somehow my virtual mashine was not connecting to the master even it was done right. So I made my own pc runing linux mint 19 to a minion. I also made a local slave on the same host as master.
Restart your salt-minion service
sudo systemctl restart salt-minion.service
In master write and accept the new slaves.
sudo salt-key -A
Test your setup with
sudo salt '*' cmd.run 'whoami'
Im not sure what those errors are. But we have a connection.
I mean Grains
The master can brainwas the slaves in releasing their secrets with
sudo salt '*' grains.items
For example it will show us the processor that digital ocean is running my virtual mashine.
Want to make more complex things than just single commands? With salt you can declare things like “I want that Firefox is installed”. No matter how many times you run the command it will always check if your wish is granted if it (Firefox is installed) it will not do anything to the minion. This is called Idempotency
First we need to make a new folder on the Saltmaster where to store the rules for the minions.
sudo mkdir -p /srv/salt/
Make a new hello.sls file these are always written in YAML.
Add inside to file this. It will put the file “hello.txt” to all your slaves temporary folder
/tmp/hello.txt: file.managed: - source: salt://hello.txt
Add a file called hello.txt in to the same folder as hello.sls and write inside what ever you like. I will put “See you at https:akseliratamo.fi”
To apply it to your slaves just run.
sudo salt '*' state.highstate
Apply these automatically
If want to run something to all minions by default just make a file named “top.sls”. All minions will periodically ask the master if everthing is as the top.sls says and will change themself accordingly.
Does firewall matter?
It does not. The beauty lies in salt being a “pull” design. Meaning that the minions will contact the master and not the other way around. So it dosent matter what ip or firewall the minion has. Only know domain or ip in the setup needs to be the master IP.
Copyright GPLv2 2018