Use Salt States to Create LAMP Stack and Fail2ban Across Salt minions.

Updated by Linode

Contribute on GitHub

View Project | View File | Edit File

Salt States can install and define a server setup on other servers. This tutorial demonstrates the use of Salt States to create a LAMP stack across all Salt Minions.

Configure the Salt Master

Before configuration, install a Salt Master and Salt Minions with the Linode Install Salt guide. This tutorial is written for Debian 8, but can easily be adjusted for other Linux Distributions.

  1. Open the /etc/salt/master file. Then search for file_roots, optionally read the surrounding “File Server settings” section, and edit the following:

    /etc/salt/master
    1
    2
    3
    4
    # Example:
      file_roots:
        base:
          - /etc/salt/base
    

    Copy the above text exactly to ensure the proper two space nesting of YAML formatting. Also notice the other possible Minion States listed under the example base file root.

  2. Create the newly listed file root directory:

    1
    mkdir /etc/salt/base
    

The Salt Master’s configuration file has now been adjusted for a new base directory. The base directory typically contains the SLS files that create a tree like organization for Salt States pertaining to that directory. Additional directories, similar to the base directory, could be created with additional SLS files for different Salt State categories.

Create the Top and Additional SLS Files

The top file creates the top level organization for Salt States and Minions within the directory. Other SLS files typically correspond to the top file listings.

  1. Create the /etc/salt/base/top.sls file and add the following. Again, ensure exact formatting for the YAML two space nesting.

    /etc/salt/base/top.sls
    1
    2
    3
    4
    base:
      '*':
         - lamp
         - extras
    
  2. From step one directly above, a file for the lamp listing is needed. Create a /etc/salt/base/lamp.sls file and add the following:

    /etc/salt/base/lamp.sls
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    apache2:                # ID declaration
      pkg:                  # state declaration
        - installed         # function declaration
    
    mysql-server:
      pkg:
        - installed
    
    php5:
      pkg:
        - installed
    
    php-pear:
      pkg:
        - installed
    
    php5-mysql:
      pkg:
        - installed
    

    The above file defines an extremely simple Salt State using the pkg State module. State modules can be formatted a number of ways. The above text uses only an ID declaration, a state declaration, and the function declaration.

    This Salt State ensures that a LAMP stack is installed across Minions.

  3. From step one above, a file for the extras listing is needed. Create a /etc/salt/base/extras.sls file and add the below syntax:

    /etc/salt/base/extras.sls
    1
    2
    3
    fail2ban:
      pkg:
        - installed
    
  4. Restart the Salt Master:

    1
    systemctl restart salt-master
    

Create the Salt State on the Minions

  1. To install the packages listed above and create a Salt State, run:

    1
    salt '*' state.highstate
    
  2. For additional verification that the services are active on the minion, run:

    1
    salt '*' cmd.run "service --status-all | grep 'apache2\|mysql\|fail2ban'"
    

A LAMP stack and Fail2ban Salt State has been created on all listed Salt Minions. To learn how to configure the LAMP Stack, try the Salt States for Configuration of Apache, MySQL, and PHP (LAMP) guide.

This guide is published under a CC BY-ND 4.0 license.