Getting Started with Salt - Basic Installation and Setup
Traducciones al EspañolEstamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.
Salt is a Python-based configuration management platform designed to control a number of slave servers (called Minions in Salt terminology) from a single master server. This guide walks you through configuring a Salt Master and Minion, and is relevant to any supported Linux distribution.
Before You Begin
You will need at least two Linodes: One will function as the Salt Master and the other(s) as Salt Minions.
Set each Linode’s hostname. The hostname will be used to identify each Linode within Salt so be specific with their naming (e.g. master, minion1, minion2, etc.).
We recommend that you configure private IP addresses for each system if your Linodes are located in the same data center.
Install Using Salt Bootstrap
Salt Bootstrap is a configuration script which automatically detects the operating system it’s running on, sets the correct repositories, and installs Salt. The install script is intended to be run on the Salt master and all minion machines.
curl -L https://bootstrap.saltproject.io -o install_salt.sh sudo sh install_salt.sh -P -M -N
-Nflag indicates not to install
salt-minion, since this system is the Salt master.
curl -L https://bootstrap.saltproject.io -o install_salt.sh sudo sh install_salt.sh -P
Coordinate Network Addressing
#interface:line near the top of the file and replace the address placeholder with the address of your Salt master’s Linode. If your Linodes are located in the same data center, you can use the Linode’s private IP address.
- File: /etc/salt/master
# The address of the interface to bind to: interface: 203.0.113.0
sudo systemctl restart salt-master
NoteThis step must be performed on each Salt minion.
#master: salt near the top of
/etc/salt/minion, and replace
salt with your Salt master’s IP address:
- File: /etc/salt/minion
1 2 3
# Set the location of the salt master server. If the master server cannot be # resolved, then the minion will fail to start. master: 203.0.113.0
Authenticate Minions to the Salt Master
Get Salt Master Key Fingerprint
From the Salt master, list its key fingerprint, and all Minions linked to it with their key fingerprints:
sudo salt-key --finger-all
You should see the minion hostname or IP addresses listed under Unaccepted Keys, and a SHA256 fingerprint of each key. Here the fingerprints are truncated with
... to avoid clutter.
Local Keys: master.pem: e9:6a:86:bf... master.pub: 4b:2a:81:79... Accepted Keys: Unaccepted Keys: minion1: c7:b2:55:83:46... minion2: f8:41:ce:73:f8...
Configure Salt Minions
Add the Salt Master’s
/etc/salt/minion, between the single quotes:
- File: /etc/salt/minion
1 2 3 4
# Fingerprint of the master public key to validate the identity of your Salt master # before the initial key exchange. The master fingerprint can be found by running # "salt-key -f master.pub" on the Salt master. master_finger: '4b:2a:81:79...'
sudo systemctl restart salt-minion
List the Minion’s fingerprint hash and verify it with what’s reported by the Salt Master in Step 1 above:
sudo salt-call key.finger --local
Once each Minion ID has been verified, accept them all from the Salt Master:
sudo salt-key -A
To accept an individual minion, specify it by hostname or IP address:
sudo salt-key -a hostname
Verify the status of accepted minions. The command below should return the hostname or IP address of each Minion which has been verified and is running.
sudo salt-run manage.up
For more information about Salt keys, see the salt-key man page.
Test Master-Minion Connection
Ping all Minions:
sudo salt '*' test.ping
The output should show
true for each Minion:
root@saltmaster:~# salt '*' test.ping minion1: True minion2: True
Package Management Overview
Packages are installed or removed from Minions using the pkg state module. As long as you’re running a Linux distribution supported by SaltStack, the Salt module controls the distribution’s package manager, be it
yum, etc. Packages can be targeted to individual Minions by specifying the minion’s hostname or IP address, or to all Minions by using
Install packages using the same package name used in the system repositories of the Salt minion. For example,
apache is the Apache httpd server package in Debian and Ubuntu, while
httpd is the package name in RHEL-based systems. If your Salt Minions are a version of Debian or Ubuntu, you would install or remove Apache with the examples below.
Install Apache to all Minions:
sudo salt '*' pkg.install apache2
Remove Apache from
sudo salt 'minion5' pkg.remove apache2
List all packages installed on
sudo salt 'minion1' pkg.list_pkgs
Services are controlled using the service module.
Restart Apache on all Minions:
sudo salt '*' service.start apache2
View status of the
mariadb service on
sudo salt 'minion1' service.status mariadb
Salt is a complex ecosystem which requires study and practice to thoroughly grasp. The Salt documentation has many examples, tutorials, and reference pages which will help.
This page was originally published on