-
Notifications
You must be signed in to change notification settings - Fork 2
2.2. Deploy management server
+----------+
|management|
+----+-----+
|
|
+----------+ |
|saltmaster+----------+------
+----------+
Install manually a minimal system on management node, and configure static ip on it to be reachable by saltmaster. We will assume here that interface is enp0s8. Edit /etc/sysconfig/network-scripts/ifcfg-enp0s8 as following:
TYPE=Ethernet
BOOTPROTO=static
NAME=enp0s8
DEVICE=enp0s8
ONBOOT=yes
IPADDR=10.1.0.1
NETMASK=255.255.0.0
And start interface:
ifup enp0s8
Then stop and disable network manager and firewall:
systemctl stop NetworkManager
systemctl disable NetworkManager
systemctl stop firewalld
systemctl disable firewalld
On saltmaster, deploy local ssh key on master:
ssh-copy-id 10.1.0.1
We now need to copy huge files on master. This means os_dvd and banquise repository. Choice was to not do this step using Salt Stack as it is not made to copy such number of large files (this would needs a LOT of RAM).
From saltmaster:
ssh 10.1.0.1 mkdir -p /var/www/html/
scp -r /var/www/html/banquise.local.repo 10.1.0.1:/var/www/html/banquise.local.repo
scp -r /var/www/html/os_dvd.local.repo 10.1.0.1:/var/www/html/os_dvd.local.repo
ssh 10.1.0.1 restorecon -r /var/www/html/
Depending on your hardware, it could take a while...
+----------+
|management|
+----+-----+
|
△
+----------+ |
|saltmaster+-----▷----+------
+----------+
Now, from saltmaster, boostrap the management node. This step will ensure the management node can install packages, install the salt-minion package, and start the service so that the management node register on the saltmaster (it will also add the saltmaster ip in the hosts file).
Note: if Salt complains about not knowing "boostrap", use "boostrap.init" instead in the command.
Use (root password of master will be asked, and accept deploying the key):
salt-ssh "management1.sphen.local" state.apply bootstrap -l debug
Check that management tried to register on saltmaster (salt-minion service running on management), using:
salt-key
If yes, accept the key (if not, ensure that on management salt-minion service is installed and running, and that "salt" and "saltmaster" are set in /etc/hosts, also check you disabled firewall on saltmaster and that salt-master service is running on saltmaster. Also, you can restart salt-minion on management to retry to register on saltmaster):
salt-key -a management1.sphen.local
And ask salt to deploy repository server on master, to ensure all goes well after boostrap (mandatory for the following):
salt "management*" state.apply repository.server -l debug -v
Before last step, ensure the directories to be exported by your nfs configuration exists (for example, in default configuration, ensure /opt and /home directories exist on management node).
Now please read the next part entirely before any action.
/ ?
('< <°) ?
/V\ (V) <°)
<(_) ]/__)> (V)
~~ ]/__)>
--- START ---
Finally, you can deploy management. In normal time, you will use from saltmaster 'salt "management*" state.highstate' to apply configuration or changes on the management. However, because this is the first install you should ssh on management and use salt-call to display all information on what is going on, and to prevent time out of salt-minion.
ssh on management (ssh 10.1.0.1) and use when logged on management:
salt-call state.highstate -l debug
If it starts, you can go take a coffee. This step is not that long, but depending of your hardware, it could take around 1 to 20 minutes.
Once finished, exit management and from saltmaster ensure all is ok:
salt "management*" state.highstate -v
If all is green, you are OK, and your management is ready. If not, do not hesitate to ask for help (see mail at top).
BUG FIX: please ssh on management, and restart shinken to enable Webui2 interface: systemctl restart shinken*
--- END ---
Install firefox and xauth on management to reach phpldapadmin and shinken web interface later.
yum install firefox xauth
You are done with the management.
Time to go take a cofee...
/
<`) <`)
/V\ /V\ <`)
\(_)> \(_)> /V\
~~ ~~ \(_)>
~~