Installing SlapOS Master

Installing SlapOS Master

Installing SlapOS Master Node

SlapOS - Install SlapOS Master

This tutorial will guide through the steps of setting up a SlapOS Master node used to orchestrate a cloud infrastructure. Make sure you have read SlapOS architecture before starting with this tutorial. Once done you will have a system similar to that of, Nexedi's cloud hosting provider.

For this tutorial you will require a computer with command line access on which to install the SlapOS Master (called COMP-ROOT - see SlapOS system requirements). The tutorial will use an arbitrary server from a cloud provider such as OVH or

To install a SlapOS Master, the single line installer is the recommended way. Other approaches are kept in this tutorial for completeness.

Table of Content

  • Single Line Installer
  • Other Methods of Installing a SlapOS Master

Single Line Installer

SlapOS - Command Line Installer

SSH into your server and verify the Debian version:

debian@svenslapostest:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 8.9 (jessie)
Release:        8.9
Codename:       jessie

Change to root user and call the single line installer:

sudo su
root@svenslapostest:/home/debian# wget

This will download, build and install the required packages (ansible, slapos-node, slapos-proxy), configure the computer as a SlapOS standalone node, and deploy SlapOS Master (ERP5) and a Frontend (Apache) service inside.

Note, that in case the necessary files are not available from cache, compilation may take several hours. Once the loader finishes the first run, it can fail with the following message:

TASK [standalone-shared : Check ERP5 state] ************************************
fatal: []: FAILED! => {
  "changed": true,
  "cmd": "/usr/local/bin/erp5-show -s",
  "delta": "0:00:00.059622",
  "end": "2018-03-02 10:08:44.316161",
  "failed": true,
  "rc": 2,
  "start": "2018-03-02 10:08:44.256539",
  "stderr": "",
  "stdout": "Your software is still building, be patient it can take a while",
  "stdout_lines": ["Your software is still building, be patient it can take a while"],
  "warnings": []

This is expected while the software is compiling. You can rerun the script above or check the status of the installation directly by calling:

erp5-show -s

Once installation has successfully completed, the status message will be similar to this one:

root@svenslapostest:/home/debian# erp5-show -s
Build successful, connect to:
username: zope  password: [xxx-password-xxx]

This indicates the SlapOS Master is ready to be configured. Run the bash script a final time to verify there were no errors:

root@localhost:/home/debian# bash slapos-master-standalone
PLAY RECAP *********************************************************************                  : ok=56   changed=15   unreachable=0   failed=0

and then proceed to configuration of the SlapOS Master.

Other Methods of Installing A SlapOS Master

Besides the single line installer, a SlapOS Master can also be setup using the SlapOS client and through a Webrunner. Both methods still work but are discouraged.

Install SlapOS Master using SlapOS client

SlapOS Client

The SlapOS client is a command line Python shell utility to manage SlapOS nodes, instances as well as the SlapOS Master account. It is bundled with every SlapOS node installation.

Ensure your machine has a SlapOS client available (how to use the SlapOS client). You will also need another SlapOS-formatted, dedicated machine on which SlapOS Master will be installed. Enter the client and run:

slapos console

  'COMP-XXXX' # replace with identifier of dedicated machine

Next, configure the certificate authority folder on this machine. Note, that this creates a security vulnerability in case other services are deployed on this computer besides the SlapOS Master XXX FIXED? XXXX.

# create folder for certificate files
mkdir -p /etc/slapos-ssl

# enable access to user and slapsoft group
chmod 770 -R /etc/slapos-ssl
chown -R slapsoft:slapsoft /etc/slapos-ssl

XXX on node? or where? XXXXContinue in the Slap Client and add the configuration:

slapos console

# choose SlapOS Node (use 'slaprunner' when deploying with Webrunner)
computer_id = 'COMP-XXXX' # replace with identifier of dedicated machine

parameter_dict = {
  "timezone": "UTC",
  "site-id": "erp5",
  "bt5": "erp5_full_text_myisam_catalog slapos_configurator",
  "zope-partition-dict": {

    "activities-node": {
      "family": "activities",
      "thread-amount": 3,
      "instance-count": 1,
      "timerserver-interval": 1,
      "computer-guid": computer_id,

    "distribution-node": {
      "family": "distribution",
      "thread-amount": 1,
      "instance-count": 1,
      "computer-guid": computer_id,
      "port-base": 2210,
      "timerserver-interval": 1,

    "admin-node": {
      "family": "admin",
      "thread-amount": 1,
      "instance-count": 1,
      "port-base": 2220,
      "computer-guid": computer_id

    "web-node": {
      "family": "web",
      "thread-amount": 2,
      "instance-count": 1,
      "computer-guid": computer_id,
      "port-base": 2230,

    "service-slapos": {
      "family": "service",
      "thread-amount": 2,
      "instance-count": 1,
      "computer-guid": computer_id,
      "port-base": 2240,
      "ssl-authentication": True,
      "backend-path": "/%(site-id)s/portal_slap",

  "mariadb-computer-guid": computer_id,
  "mariadb": {
    "test-database-amount": 0

  "zodb-software-type": "zeo",
  "zodb-computer-guid": computer_id

# Don't set "certificate-authority-path" if deploying SlapOS Master via Webrunner
ca_path = '/etc/slapos-ssl'
parameter_dict["shared-certificate-authority-path"] = ca_path

# Choose title
title = "SlapOS Master on COMP-XXXX"

Request the SlapOS Master using:

    'computer_guid': computer_id
    '_': json.dumps(parameter_dict, sort_keys=True, indent=2),

Once your instance has been deployed, etc/slapos-ssl access permissions need to be updated again. Note, that as before the following modifications create a security vulnerability if other services than the SlapOS Master are deployed on this computer XXX FIXED? XXXX. Change to:

cd /etc/slapos-ssl
chmod -R 770 cacert.pem crl requests certs crlnumber index.txt newcerts private serial 
chown -R slapsoft:slapsoft cacert.pem crl requests certs crlnumber index.txt newcerts private serial

You can now request XXX how? Get ... from where XXXX the the initial IPv4 url to connect to as well as the login/password using:

  • inituser-login: Admin login. Default is zope
  • inituser-password: Auto generated password for login

Find the instance called balancerXXX Where? XXXX and locate:

  • service-v6: master_url for all future SlapOS nodes (usually /etc/opt/slapos/slapos.cfg)
  • web-v6: access url, accessible with a Frontend

To access the SlapOS web interface you need a Frontend (Apache) reverse proxy (soon to be provided automatically via the Master XXX Done? XXXX). You can use your infrastructure but by default is used. Run:

slapos console
  'Slave frontend for SlapOS Master on COMP-XXXX',
  partition_parameter_kw = {
    'type': 'zope',
    'path': 'erp5',

After a few minutes, you should be able to access the ERP5 interface behind the SlapOS Master. Restart your instances by running:

slapos node restart all

Finish by instantiating another Frontend instance to directly access your SlapOS Dashboard:

slapos console
$HOME/.slapos/slapos.cfg request(
'Slave frontend for SlapOS Master on COMP-XXX',
  'type': 'zope',
  'path': 'erp5/web_site_module/hosting',

Locate the SlapOS Master Slave Frontend instance XXX Where? XXXX, click on the url and append /erp5/. Log in with your inituser and password and continue to configure the SlapOS Master. XXX CEDRIC'S COMMENTS XXX

Install SlapOS Master using Webrunner


Thank You

Image Nexedi Office
  • Nexedi GmbH
  • 147 Rue du Ballon
  • 59110 La Madeleine
  • France