How to configure SaltStack to provision instances (2/4)

How to deploy a web cluster using SaltStack

In this part of this tutorial series, we’ll walk you through the process of installing salt-stack (salt-cloud) on a Fuga instance. This will be done using the Clouds.yaml file.

Fuga Cloud account

Getting started: installing SaltStack on the saltmaster

First, you will need a single instance (we typically call it the saltmaster) on the Fuga OpenStack Platform. To create this instance please refer to the dedicated tutorials: Create a cloud instance and use Ubuntu 18.04 when you select an image.

Second, we need to use the Clouds.yaml file to let salt-cloud know which OpenStack environment to talk to.

  1. Go to Account -> Access (
  2. If you don't have a API Credential please create one (make sure to store your API Credential password)
  3. Download the Clouds.yaml file
  4. Change the value of password to the password of your API Credential.

Setting up the instance

We will begin this step by adding the salt-stack repository to our package manager and its key.

sudo wget -O - | sudo apt-key add -

sudo bash -c 'echo "deb bionic main" >> /etc/apt/sources.list.d/saltstack.list'

After this, we need to update the package list since we just added a new resource of packages.

sudo apt update

Then install salt-stack and the other packages we need:

sudo apt-get install salt-master salt-cloud python-libcloud

In order to run the Clouds.yaml, we need OpenStack Shade, this is a client library for interacting with OpenStack clouds. We need to install it via pip, so we need to install that first.

sudo apt install python-pip
sudo pip install shade

We also need os-client-config to gather the different configs we are going to use.

sudo pip install os-client-config

As the last part of this step, we need to create a new SSH-Keypair and add it to OpenStack and the saltmaster. We are going to add it to OpenStack using its CLI, of which you can learn more about in the OpenStack CLI tutorials.

We can generate a new pair or use an existing pair. If you want to generate a new pair:


This will generate a new pair for you.

To use the openstack-cli you can either copy the config to /etc/openstack

sudo mkdir /etc/openstack

sudo cp clouds.yaml /etc/openstack/

or you run the command in the same directory as clouds.yaml.

You always need to set OS_CLOUD to fuga before being able to use the cli;

export OS_CLOUD=fuga

Add the Key (by default called id_rsa) to your OpenStack environment with a name (ours are called minion-key):

openstack keypair create --public-key ~/.ssh/ minion-key

Defining the Fuga Provider

To configure SaltStack’s sub-program salt-cloud, we need to create some files. Firstly create a new file

sudo vim /etc/salt/cloud.providers.d/openstack.conf

Copy paste the following config into the file.

driver: openstack
cloud: fuga
region_name: ams

Defining a Profile

The profile file which we are going to create contains specifications for the minions which will be made. Create the file

sudo nano /etc/salt/cloud.profiles.d/c2-medium.conf

Add the following to the file (this will create a c2.medium, with Ubuntu, on the Ipv4-network.):

provider: fuga-openstack-config
image: Ubuntu 18.04 LTS
size: c2.medium
flavor: c2.medium
ssh_username: **USERNAME**
ssh_key_name: minion-key
id: bf66495a-4c0d-4725-88c0-462198f1b1fc
ssh_key_file: /home/**USERNAME**/.ssh/id_rsa
master: **IP OF SALTMASTER**

Replace the user-specific fields (the ones with surrounded with ‘**‘) with your own values.

We used the user account 'ubuntu' so it would be /home/ubuntu/.ssh/id_rsa

Creating the servers

Creating the servers is really easy. If we want a server with the name “first-salt-minion”, just run the following command:

sudo salt-cloud -p fuga-cloud first-salt-minion

This process will create a new server and install a bunch of things on it, please give it some time. If you want some additional information regarding what is going on (especially shortly after you entered the command), use the log-level flag like so:

sudo salt-cloud --log-level LOG_LEVEL -p fuga-cloud-config first-salt-minion

LOG_LEVEL should be replaced with an item of the following selection: all, garbage, trace, debug, profile, info, warning, error, critical, quiet. The default is set to warning.

Salt will, sequentially, create all the VMs, install salt-minion, and have it connect to the saltmaster.

Next, we will install packages with SaltStack. Follow us to the next tutorial!