How to configure masterless Salt Minion
Configuring and running masterless salt-minion on Debian
| UPDATED
SaltStack
SaltStack is a configuration management platform written python to automate the process of configuring your device by writing salt configurations.
Masterless SaltStack
Ideally SaltStack architecture is based on Master and Minion, where Master send instructions and configurations to Minion and Minion follows those instruction and apply the configuration or states.
In masterless architecture we only have Minion and all the configuration are stored locally and we can run commands in Minion itself to apply the states.
Setup
In this article we will configure masterless salt minion in debian device.
Install salt-minion
Import repository key
Run below command to import SaltStack repository key
$ wget -O - https://repo.saltstack.com/py3/debian/10/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -Add SaltStack repo in source.list
Create /etc/apt/sources.list.d/saltstack.list and save below repo URL in it
deb http://repo.saltstack.com/py3/debian/10/amd64/latest buster mainInstall package
Run below command to install salt-minion package
$ sudo apt-get update
$ sudo apt-get install salt-minionConfiguring salt-minion
Ideally in master minion architecture we configure master host in minion config file so that minion can connect to master, but in masterless configuration we have to configure two things in minion config file.
- Tell minion to run commands locally and not connect to master for fetching states
- Tell minion from where it can read the states locally
Create a new /etc/salt/minion.d/minion-masterless.conf file and add below config in it
file_client: local
file_roots:
base:
- /srv/salt/baseHere file_client: local tells minions to look for configuration locally instead of connecting to master for fetching the configuration
file_roots tell minions where to look for configuration files or states,
here we have given /srv/salt/base you can modify it and can give any custom location.
Run command to apply states
First make sure that you have already have state files available under /srv/salt/base directory.
Now to apply states we have to run salt-call command which will tell salt-minion to apply the states
by reading state files from the configured location.
$ sudo salt-call --local state.applyThis command will tell salt-minion to apply state and --local argument is used to tell salt-minion to look for states locally from the directory which is configured in /etc/salt/minion.d/minion-masterless.conf file which is /srv/salt/base
Stop salt-minion service to run in background
As we are running in masterless mode, so there is no need for salt-minion to connect to master
so we have to stop salt-minion service from running it in background.
$ sudo systemctl stop salt-minionRunning salt-minion as non-root user
In order to run Salt as non-root user we have to change ownership and permission of salt related directories so that desires user can read and write to required directories.
Run below command to change ownership and permission
$ sudo chown user -R /etc/salt /var/cache/salt /var/log/salt /var/run/salt
$ sudo chmod 755 -R /etc/salt /var/cache/salt /var/log/salt /var/run/salt