Fungsi Salt pada topologi master/minion. Saltmaster bertindak sebagai kontrol pusat untuk klien, yang disebut minion. Minion berfungsi sebagai agents yang terhubung ke master
Percobaan dibawah menggunakan 2 VM dengan OS Ubuntu 22.04
Install repo salt
Install repo pada server Master dan Minion
sudo curl -fsSL -o /etc/apt/keyrings/salt-archive-keyring.gpg https://repo.saltproject.io/salt/py3/ubuntu/22.04/amd64/latest/salt-archive-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch=amd64] https://repo.saltproject.io/salt/py3/ubuntu/22.04/amd64/latest jammy main" | sudo tee /etc/apt/sources.list.d/salt.list
Output
root@saltmaster:/etc/apt/sources.list.d# cat salt.list
deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch=amd64] https://repo.saltproject.io/salt/py3/ubuntu/22.04/amd64/latest jammy main
Jalankan apt update
apt update
Install salt pada server Master
apt -y install salt-master salt-ssh salt-syndic salt-cloud salt-api
Start service salt-master
systemctl enable --now salt-master.service
root@saltmaster:~# systemctl status salt-master.service
● salt-master.service - The Salt Master Server
Loaded: loaded (/lib/systemd/system/salt-master.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2023-01-05 20:16:57 UTC; 2s ago
Docs: man:salt-master(1)
file:///usr/share/doc/salt/html/contents.html
https://docs.saltproject.io/en/latest/contents.html
Main PID: 4680 (/opt/saltstack/)
Tasks: 26 (limit: 2322)
Memory: 200.6M
CPU: 5.227s
CGroup: /system.slice/salt-master.service
├─4680 "/opt/saltstack/salt/run/run master MainProcess"
├─4730 "/opt/saltstack/salt/run/run master PubServerChannel._publish_daemon"
├─4731 "/opt/saltstack/salt/run/run master EventPublisher"
├─4734 "/opt/saltstack/salt/run/run master Maintenance"
├─4735 "/opt/saltstack/salt/run/run master ReqServer ReqServer_ProcessManager"
├─4736 "/opt/saltstack/salt/run/run master ReqServer MWorkerQueue"
├─4737 "/opt/saltstack/salt/run/run master ReqServer MWorker-0"
├─4738 "/opt/saltstack/salt/run/run master ReqServer MWorker-1"
├─4739 "/opt/saltstack/salt/run/run master ReqServer MWorker-2"
├─4740 "/opt/saltstack/salt/run/run master ReqServer MWorker-3"
├─4747 "/opt/saltstack/salt/run/run master FileServerUpdate"
Install salt pada server Minion
apt -y install salt-minion salt-ssh salt-syndic salt-cloud salt-api
Start service salt-minion
systemctl enable --now salt-minion.service
root@saltminion:~# systemctl status salt-minion.service
● salt-minion.service - The Salt Minion
Loaded: loaded (/lib/systemd/system/salt-minion.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2023-01-05 20:18:14 UTC; 5s ago
Docs: man:salt-minion(1)
file:///usr/share/doc/salt/html/contents.html
https://docs.saltproject.io/en/latest/contents.html
Main PID: 3210 (/opt/saltstack/)
Tasks: 3 (limit: 2322)
Memory: 76.2M
CPU: 1.869s
CGroup: /system.slice/salt-minion.service
├─3210 "/opt/saltstack/salt/run/run minion"
└─3216 "/opt/saltstack/salt/run/run minion MultiMinionProcessManager MinionProcessManager"
Setting konfig master pada server Minion
Buat file pada path berikut
nano /etc/salt/minion.d/master.conf
Lalu edit master menyesuaikan ip dari server Master
root@saltminion:~# cat /etc/salt/minion.d/master.conf
master: 172.13.13.178
Restart service salt-minion
root@saltminion:~# systemctl restart salt-minion
Add salt key server Minion
Cek public keys
salt-key -L
root@saltmaster:~# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
saltminion
Rejected Keys:
Pada bagian Unaccepted Keys akan muncul hostname server minion
Selanjutnya add dengan perintah berikut
salt-key -a saltminion
Atau bisa dengan perintah berikut untuk menerima semua Unaccepted Keys
salt-key -A
root@saltmaster:~# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
saltminion
Proceed? [n/Y] y
Key for minion saltminion accepted.
Cek lagi public key
root@saltmaster:~# salt-key -L
Accepted Keys:
saltminion
Denied Keys:
Unaccepted Keys:
Rejected Keys:
Hostname saltminion sudah masuk ke Accepted Keys
Test Salt
root@saltmaster:~# salt '*' test.version
saltminion:
3005.1
Help Salt
Beberapa option beserta contoh salt bisa dicek dengan perintah berikut
salt '*' [ options ] sys.doc
salt -E '.*' [ options ] sys.doc cmd
Sebagai referensi Install Salt dengan OS lain bisa dicek pada page Manual Install