Setup Salt Minion in a Python3 Virtual Environment on a Redhat or Centos

Salt Minion requires python 2.x (python 2.x retired on 1st of 2020) or python 3.x and set of modules which are not available on the default python which was shipped with the operating system.

Why?

By running Salt Minion in a Python3.x venv (virtual environment); All packages installed within this venv would not interfere with packages outside the environment and will be contained only inside this virtual environment. In simple terms this venv do not meddle with default python came along with the OS.

How and What?

Follow the below steps to

  • Build and configure Python 3.x
  • Download salt from GitHub and create directories
  • Update configuration files
    • /etc/hosts
    • minion_id
    • logrotate configuration
  • Activate venv
  • Start salt minion and verify
  • Validate Salt Master can manage newly added minion

Steps

1 Install the dependency and build packages before installing Python3

yum install -y libffi-devel gcc gcc-c++ zlib zlib-devel readline-devel openssl-devel bzip2-devel sqlite-devel wget curl git nc

2 Download Python and Copy Python 3.6.10 from local repo to target VM

scp Python-3.6.10.tgz root@target_vm:/root/

3 Run below commands to build, configure and install python

#cd /opt
#cp /root/Python-3.6.10.tgz /opt
#tar xvf Python-3.6.10.tgz
#cd Python-3.6.10
#./configure
#make 
#make altinstall
(alternate install where modules and libraries does not mix up with existing system default Python version)

4 Verify Python 3.6.10 installed successfully

#which python3.6
 /usr/local/bin/python3.6

5 Download, Copy and extract salt and salt-minion to target VM’s root partition

#cp salt.tgz root@target_vm:/root/
#cp salt-minion.tgz root@target_vm:/root/
#tar xvf /root/salt.tgz /
#tar xvf /root/salt-minion.tgz /

6 Update Configuration files

a. /etc/hosts file by adding below two lines at the end

# Salt Master IP - Change it to production SALT Master IP
10.10.10.100   salt     
# Target VM IP and host name - Change it to the production target IP and host name 
10.10.10.150    target_vm 

b. /salt-minion/etc/salt/minion_id file by adding the target VM hostname

[root@target_vm]#cat /salt-minion/etc/salt/minion_id
target_vm
[root@target_vm]#

c. Configure logrotate

i. Check logrotate is installed or not

 [root@target_vm]#yum list logrotate
 Loaded plugins: product-id, rhui-lb, search-disabled-repos, subscription-manager
 This system is not registered with an entitlement server. You can use subscription-manager to register.
 Installed Packages
 logrotate.x86_64 3.8.6-17.el7 @rhui-rhel-7-server-rhui-rpms

ii. If not installed, install logrotate

 [root@target_vm]#yum install -y logrotate

iii. Configure logrotate for Salt Minion by creating a config file

 [root@target_vm]# vi /etc/logrotate.d/salt-minion
 /salt-minion/var/log/salt/minion {
 size 100M
 missingok
 notifempty
 rotate 7
 daily
 sharedscripts
 delaycompress
 postrotate
     pkill salt-minion && salt-minion -c /salt-minion/etc/salt -d
 endscript
 }

iv. Verify and validate logrotate configured for salt minion

 [root@target_vm]# logrotate -d /etc/logrotate.d/salt-minion
 reading config file /etc/logrotate.d/salt-minion
 Allocating hash table for state file, size 15360 B
 Handling 1 logs
 rotating pattern: /salt-minion/var/log/salt/minion  after 1 days (7 rotations)
 empty log files are not rotated, old logs are removed
 considering log /salt-minion/var/log/salt/minion
   log does not need rotating (log has been already rotated)not running postrotate script, since no logs were rotated

7 Activate venv on the target VM. Notice that after running the command name of venv is added at the beginning of the prompt(salt-minion)

[root@target_vm]#source /salt-minion/bin/activate
(salt-minion)[root@target_vm]#

8 Health checks

a. Verify all required modules are installed in the venv using pip freeze or pip list command

(salt-minion)  [root@target_vm] # pip freeze
 certifi==2019.11.28
 chardet==3.0.4
 concurrent-log-handler==0.9.16
 distro==1.4.0
 futures==3.1.1
 idna==2.8
 Jinja2==2.10.3
 MarkupSafe==1.1.1
 msgpack==0.6.2
 msgpack-python==0.5.6
 portalocker==1.5.2
 psutil==5.6.7
 pycrypto==2.6.1
 PyYAML==5.2
 pyzmq==18.1.1
 requests==2.22.0
 -e git+https://github.com/saltstack/salt@4dd05bef806924fe0b878c839a2fa0fa5c0502ef#egg=salt
 tornado==4.5.3
 urllib3==1.25.7

b. Verify target VM hostname is updated in minion_id

(salt-minion) [root@target_vm] #cat /salt-minion/etc/salt/minion_id
target_vm

9 Start the salt minion as daemon and verify

(salt-minion)  [root@target_vm]#salt-minion -c /salt-minion/etc/salt -d
 (salt-minion)  [root@target_vm]# ps auxf | grep salt-minion
 root       852  0.0  0.0 112716   980 pts/0    S+   00:52   0:00          _ grep --color=auto salt-minion
 root       721 13.7  1.1 556612 46524 ?        Sl   00:51   0:03 /salt-minion/bin/python3.6 /salt-minion/bin/salt-minion -c /salt-minion/etc/salt -d
 (salt-minion)  [root@target_vm]#

10 Verify Salt Master accepted keys of target VM and latter is added as minion successfully

a. Login to salt master server and run below command to accept keys

[root@salt-master]#salt-key -c ./etc/salt -A

b. Verify target VM is added as minion successfully

[root@salt-master]#salt '*' test.ping
target_vm
True

Hope you’ve followed all the steps and able to configure Salt Minion in a Python virtual environment successfully.

If you enjoyed this post, I’d be very grateful if you’d help it spread by emailing it to a friend, or sharing it on Twitter or Facebook. Thank you!

What am I missing here? Let me know in the comments and I’ll add it in!

References:

https://docs.saltstack.com/en/latest/ref/configuration/minion.html

https://github.com/saltstack/salt

https://docs.saltstack.com/en/latest/topics/development/hacking.html

Image Courtesy: https://www.socallinuxexpo.org/

Many Thanks for stopping by!! Wish you Happy New Year 2020!

One thought on “Setup Salt Minion in a Python3 Virtual Environment on a Redhat or Centos

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s