The First Few Things I’ve Learned About CentOS and Salt (In Vagrant)

I’ve been doing quite a bit of work this week in provisioning a development environment using CentOS, Salt, and Vagrant. There are few things I ran into along the way that were interesting enough to remember for a later time.

Disappearing Guest Additions

By default, Salt calls `yum -y update` during the process of installing itself. This, depending on your yum configuration, updates every package with an update available–including the kernel.

When the kernel is updated, it seems that the Guest Additions required by Virtualbox for proper communication between the virtual machine and your local machine get lost in the shuffle. Once they do, the box will not fire up again properly until after a `vagrant destroy`.

To get around this, I created a custom yum.conf file that excludes kernel updates by default. This file is synced over to the virtual machine through shell provisioning before Salt is initiated. As you can imagine, this significantly reduces the time spent provisioning the box as well.

In the future I’ll have to figure out if we can find or package a CentOS box that has a newer version of the kernel already installed.

Disappearing Salt Installation Script

Salt has a great installation process available where you can feed bootstrap.salt.org directly into a shell script. This URL currently redirects you to the shell script’s location inside a GitHub repository. When the script runs, it automatically detects what packages are required on your machine and determines how they should be installed.

Unfortunately, GitHub returns a 404 every so often when calling the URL repeatedly via Vagrant’s use of Curl. This means that when first building out your configuration and doing a lot of `vagrant destroy`/`vagrant up`, things fail quite often when Salt can’t install itself on the box.

Luckily, you can specify a custom bootstrap script to run in Vagrant. I copied the version verbatim from Salt’s GitHub account and now include it locally with the WSUWP Environment.

As a bonus, this allowed me to do one extra thing. The process of installing Salt through Vagrant uses the current stable version of Salt for your Linux distribution. I was able to force the use of ‘testing’ packages in the bootstrap script so that my CentOS box would have Salt 0.17.1, rather than the stable RPM for 0.16.4.

Over Firewalled

As an Ubuntu user, the common–well, to me at least–default use of iptables in CentOS always confuses me. Account for this when provisioning and provide some default rules. Things like incoming HTTP requests are blocked by default. This can be annoying if you aren’t expecting it and start troubleshooting problems that you think are with Nginx.

Picking a CentOS Vagrant Box

I first used the nrel.gov minimal box from vagrantbox.es, but MySQL 5.1.69 was preinstalled and at the time it seemed like I had to uninstall all of those packages before reinstalling with the 5.5 packages. It’s possible that the repositories I settled on (see next point) would have made it easier to upgrade, but I got the impression that the box had other preinstalled stuff and I decided to switch. The Puppet Labs box, even though I’m using Salt, has been exactly what I’ve needed thus far.

Better Server Software Repositories

The default repositories for CentOS 6.4 are still on PHP 5.3 and MySQL 5.1, which is a little lame. Thanks to the recommendation of Zach Brown, I went with the Remi repositories for installing PHP, MySQL, and Memcached. For Nginx, we’re able to use a repository maintained by Nginx directly. Both of these repositories have been great so far.