Salt Supervisor Service

The Salt Supervisor Service adhere to the following prerequisites:

• VMware vSphere with Tanzu v8.0: you must be a member of the vSphere Administrator role, or have following vSphere privileges:
  • SupervisorServices.Manage
  • Namespaces.Manage
  • Namespaces.Configure
• VMware Aria Automation Config SaaS: you must have the Organization Administrator role in your organization.

Installing the Salt Supervisor Service

To install the Salt Supervisor Service follow these steps:

1. Downloaded the salt-supervisor-service.zip file and uncompress the contents to a well-know location.
2. Generate a CSP token by following the VMware Aria Automation Config - Generate an API token instructions. Save the token credentials to a secure location. This token will allow the salt-master component to automatically register itself within VMware Aria Automation Config SaaS.
3. Connect to your Supervisor Cluster using the kubectl vsphere login command and list the available Storage Classes by running the following command: kubectl get storageclass. For example:

           [ ~ ]# kubectl get storageclass
           NAME                        PROVISIONER              RECLAIMPOLICY   VOLUMEBINDINGMODE   ALLOWVOLUMEEXPANSION   AGE
           vm-encryption-policy        csi.vsphere.vmware.com   Delete          Immediate           true                   8h
           wcpglobal-storage-profile   csi.vsphere.vmware.com   Delete          Immediate           true                   8h
           

4. Login into your vCenter Client and go to Workload Management:
   
5. Click on Services and then on Add New Service:
   
6. Register the service by uploading the salt-master.yml file retrieved from the downloaded zip file:
   
7. After the file has been uploaded, a popup will appear with the details of the service to be registered. Click on the Finish button:
   
8. Once the salt-master service is active, click on Actions and select Install on Supervisors:
   
9. A popup will appear to install the service. Select the Supervisor Cluster(s) where you want to install the service:
   
10. At the YAML Service Config textarea paste the contents of the values.yml file retrieved from the downloaded zip file, updating the cspAPIToken property with the token generated at step 2, and the storageClassName property with one of the available Storage Classes retrieved at step 3 (you can also check the list of all available configuration properties):
    
11. After clicking OK, a new vSphere Namespace will be created in the selected Supervisor Cluster(s) and the service will be automatically deployed:
    
12. Go to the Network tab and select Services. You will find the External IP of your newly deployed Salt Supervisor Service. Use this IP when configuring the master property of your minions:
    
13. Go to VMware Aria Automation Config SaaS and expand the Administration menu, click on Master Keys, look for the Pending keys, and Accept your master's key:
    
14. Then expand the Minion Keys menu, look for the Pending keys, and Accept your minion's key:
    
15. Now you can deploy your VMs and install a minion by using one of the following methods:
    • Manually (see the Salt install guide);
    • Using VMware Tools (note that you need to install the open-vm-tools-salt-minion package);
    • Using the SaltStack resource in a Cloud Template in VMware Aria Automation Assembler.

Available configuration properties:

Uninstalling the Salt Supervisor Service

To uninstall your Salt Supervisor Service, go to your Supervisor Cluster in the vCenter Client, click on Configure, go to the Supervisor Services - Overview section, select your service and click on Uninstall:

The Salt Supervisor Service uses a Kubernetes StatefulSet to handle the persistent data of the salt components. The current version of Kubernetes used by the Supervisor Cluster does not handle the persistentVolumeClaimRetentionPolicy property that is set to Delete (which will automatically delete the associated Persistent Volumes after the StatefulSet is deleted), so you have to manually delete all the PersistentVolumes or the Supervisor Service uninstall will get stuck forever.

1. Login to your Kubernetes Supervisor Cluster using the kubectl vsphere login
2. Get the list the PersistentVolumeClaims by running the following command: kubectl -n <your-namespace-name> get pvc. For example:

               [ ~ ]# kubectl -n svc-salt-master-domain-c50 get pvc
               NAME                       STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS                AGE
               etc-salt-master-d-salt-0   Bound    pvc-c43f5224-73ad-4bb8-afb4-66c4067d13f2   100Mi      RWO            wcpglobal-storage-profile   4h37m
               etc-salt-pki-salt-0        Bound    pvc-8ba6e71f-7c0c-4a99-a368-111cb3b995e7   100Mi      RWO            wcpglobal-storage-profile   4h37m
               srv-salt-0                 Bound    pvc-5f6081fd-1919-44c3-b322-d8a77bb1cc35   1Gi        RWO            wcpglobal-storage-profile   4h37m
               var-cache-salt-salt-0      Bound    pvc-bd206b51-8f14-4ba7-863d-23451e70fc70   1Gi        RWO            wcpglobal-storage-profile   4h37m
           

3. Delete each pvc by running the following command: kubectl -n <your-namespace-name> delete pvc <pvc-name>. For example:

           [ ~ ]# kubectl -n svc-salt-master-domain-c50 delete pvc etc-salt-master-d-salt-0
           

After all the PersistentVolumeClaims have been deleted, Kubernetes will automatically delete all the associated PersistentVolumes, the associated Namespace will be deleted, and the uninstall process will successfully finish.

Version 0.1.0

• Initial version