Skip to main content
SaltStack Support

Creating an OS image with salt-minion pre-installed

Creating an image with salt-minion already installed is a quick way to have the node ready for management. There are some things to be aware of when setting this up.

The first time the minion starts, it picks an id, usually the hostname, though sometimes its the FQDN depending on how your machine and network are setup.  If when you bake the minion into the image, that process actually starts the minion, then you'll need to shutdown the minion (service salt-minion stop) and remove /etc/salt/minion_id before freezing the image or else all machines that are based on that image will have the same id.

In addition, the minion generates a key on first startup.  The minion_id file (/etc/salt/minion_id) and the minion's key (/etc/salt/pki/minion) are not the same thing.  

If the minion starts as part of the process of setting up the image, then during that process you'll want to shut down the minion and remove  the directory /etc/salt/pki/minion.  Then, after the image is deployed the minion will start on boot, create a key for itself, and then send the master that key.  At that point (normally) you would run 'salt-key' on the master to see what minions are asking to register.  If all the keys you see are valid, just run 'salt-key -Ay' to accept them all and you are now able to control the minions.

  • Was this article helpful?