5.1 Using bootstrap

Salt provides an installation script that simplifies installing Salt to running one command. This script is available from https://bootstrap.saltproject.io (you can visit this page now, assuming you’re comfortable reading Bash scripts, and review its content).

Running scripts directly

It is generally a bad idea to run scripts downloaded directly from the internet as one cannot be sure they do not contain malicious code. In any environment other than scratch environments like these we’re creating and destroying for these lessons you should download the script, validate its content, then store it in your own repository so that you have a ’known good copy’ to use (I discuss setup and use of controlled repositories in Devops from Scratch (Technical Support)[Boo20a]).

In the following we will use the script direct from https://bootstrap.saltproject.io as risk of compromise is low and will be localised to the VM we are working on.

Setup to Follow Along

If you have not done so already, setup according to §1.3.1 and, if you need to archive any current class files §1.3.2.1.

1cd sfs

On Mac/Linux:

1cp -r course-material/sfsP2010cp010 classroom

On Windows:

1xcopy course-material\sfsP2010cp010 classroom /E

All Platforms:

1cd classroom 
2vagrant up

Connect to the new VM.

1vagrant ssh

You should now be in the VM at a shell prompt. We will now download and run the Salt bootstrap script.

1curl  -L https://bootstrap.saltproject.io | sudo sh -s -- -X stable 3004.1

Let’s break that line down.

curl -L https://bootstrap.saltproject.io: curl is a utility for accessing resources form URLs, in this case https://bootstrap.saltproject.io. The -L tells curl to follow any redirects it receives (basically, this ensures curl tracks down the script even if it has moved on the server).

The pipe (|) tells the shell ‘take everything output from the command on the left side and pass it to the input of the command on the right’.

sudo tells the shell to run the following command as the privileged user root. The commant to be run is sh, which runs a new shell and the -s tells sh to read commands from its input stream (in this case it will read the script curl is downloading). The -- tells sh that characters to its right are to be parred as parameters to the bootstrap script rather than being options passed to the sh command.

The upshot of this is that the bootstrap script is run as root passing the options -X stable 3004.1.

The -X option tells the bootstrap script to not start any services (by default it assumes we want to run the minion service, we get to this later Chapter 7). The two arguements tell the bootstrap script to use the stable repository and to install version 3004.1 of Salt.

When run you will see a stream of log output showing the bootstrap script installing the components required to run Salt and the Salt itself.

You can confirm Salt is installed by checking that salt-cmd is installed.

1command -v salt-call

This will show the path to the installed salt-call command if everything installed.

command -v salt-call
1/usr/bin/salt-call

We can perform a very somple test to ensure Salt will run.

1sudo salt-call --local test.ping

This runs salt-call locally1 (the --local option) calling the state module test.ping (a simple, and for local Salt, largely pointless, test that Salt is present and responding). The return should be True.

sudo salt-call –local test.ping
1local: 
2  True

Setup to Follow Along

Tear-down to Follow Along

Unusually, we no longer need this VM so you can shut it down and remove it from your host computer.

Assuming you are at the command prompt on the classroom VM, quit back to your host.

1exit

On your host computer.

1cd sfs/classroom 
2vagrant destroy -f

1By default, Salt require privilege to run, hence the sudo. We will see later how we can allow users limited access to Salt commands without the need for them all to hold root privilege.