SaltStack - Salt Proxy Minions


There are lot of devices like router, network gear, etc., having custom OS, limited memory and high security considerations. In those devices, we were not able to install the standard salt-minion and subsequently were unable to manage those systems. However, Salt provides an innovative technology to overcome this constrain.

Salt has a separate module, salt proxy minion that controls the remote system using the REST service running in the remote system. This REST service is a HTTP based web service written using the Representational State Transfer (REST) concept and they are both easy to implement and easy to consume.

Every device will have its own SDK and development environment to write complex applications. Salt expects a REST service to be developed in the device as per the Salt interface specification. Salt also provides a python module to write the REST web service. If the device supports python, then it will be easy to develop the REST web service.

Once the REST web service is developed and deployed in the remote system, Salt can be configured to control the remote device using the REST web service instead of the salt minion.

Working Example

Let us learn the concept of salt proxy minion using a live working environment. For the live environment, we chose a Linux system for both the master and the proxy minion. We are going to control the system using REST web service instead of salt-minion.

Install and Configure REST Web Service

Salt provides a sample of the REST web service implementation, which is named as proxyminion_rest_example in its contrib module. Let us install the sample web service.

  • Install ‘bottle’ using the pip. The bottle command is a python web framework to develop web application.

pip install bottle = 0.12.8
  • Download the saltstack/salt-contrib project from github. Otherwise, clone the project using the following command.

git clone
  • Open a terminal and go to the salt-contrib directory.

  • This salt-contrib directory will have a folder, proxyminion_rest_example. This folder contains sample implementation for the REST web service. Go to the proxyminion_rest_example folder.

  • Run the following command to start the REST web service.

python --address <your ip address> --port 8000
  • Open a browser and load http://«your ip address»:8000. This will show the default page with services and packages as shown in the screenshot below.

REST Web Service

Now, we have configured the REST web service and it will check how to configure salt proxy to query the REST web service and control the system.

Configure Salt-Proxy

To configure the Salt-Proxy, we have to follow the steps given below.

  • We have to specify the master node for the salt-proxy. Edit the proxy-configuration file location, which is in/etc/salt /proxy, and enter the following code.

master: <your ip address>
  • Modify / create base pillar file in /srv/pillar/top.sls as shown in the following code block.

      - p8000
  • Add a new pillar file, p8000.sls in the /srv/pillar as shown in the code block below.

   proxytype: rest_sample
   url: http://<your ip address>:8000
  • Start salt-proxy in the debug mode using the following command.

salt-proxy --proxyid = p8000 -l debug
  • Similar to the salt-minion, accept the salt-proxy key as shown below.

salt-key -y -a p8000

The following keys are going to be accepted:
Unaccepted Keys:
Key for minion p8000 accepted.

Running the Salt

Now, run the salt command and call the ping.test function as shown below.

salt p8000

We can run any function supported by the REST web service by using salt, which is similar to salt-minion.

For example, the grain information can be obtained by using the following command.

salt p8000 grains.items