Saltstack也是配置管理工具的一种,这篇文章主要介绍一下Saltstack的安装与设定。
安装准备
本文的安装与设定信息如下
IP | Hostname | OS | Saltstack软件 |
---|---|---|---|
192.169.31.131 | host131 | CentOS7.4 | salt-master salt-minion |
192.169.31.132 | host132 | CentOS7.4 | salt-minion |
192.169.31.133 | host133 | CentOS7.4 | salt-minion |
192.169.31.134 | host134 | CentOS7.4 | salt-minion |
安装Master
安装Salt master需要如下步骤:
Step 1: yum install -y epel-release
Salt需要epel源的支持,安装前需要先安装epel-release。Step 2: yum -y install salt-master salt-minion
版本确认
[root@host131 ~]# salt --version
salt 2015.5.10 (Lithium)
[root@host131 ~]# salt-master --version
salt-master 2015.5.10 (Lithium)
[root@host131 ~]# salt-minion --version
salt-minion 2015.5.10 (Lithium)
[root@host131 ~]# salt-key --version
salt-key 2015.5.10 (Lithium)
[root@host131 ~]#
安装Agent
安装Slat minion需要如下步骤:
- Step 1: yum install -y epel-release
- Step 2: yum -y install salt-minion
版本确认
[root@host132 ~]# salt-minion --version
salt-minion 2015.5.10 (Lithium)
[root@host132 ~]#
设定
对安装了minion的四台机器进行设定,设定文件:/etc/salt/minion
修改项目为如下两项:
设定文件 | 设定key | 设定值 | 说明 |
---|---|---|---|
/etc/salt/minion | master | host131 | salt-master的host名或者ip |
/etc/salt/minion | id | host13* | salt minion的host名 |
在安装了master和minion的host131执行如下两条命令将master和minion服务进程启动起来
systemctl enable salt-master salt-minion
systemctl start salt-master salt-minion
在安装了inion的host132/host133/host134的Agent机器上执行如下两条命令将minion服务进程启动起来
systemctl enable salt-minion
systemctl start salt-minion
Agent认证配置
Salt-master和salt-minion之间建立关联的前提除了进程能够正常运行,机器之间网络连通正常之外,认证的设定也是需要的,使用salt-key可以在master侧对minion的证书的接受/拒绝进行操作。可以看到目前四个minion的证书尚未通过认证。
[root@host131 ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
host131
host132
host133
host134
Rejected Keys:
[root@host131 ~]#
使用-A或者–accept-all可以接受所有的证书,也可以使用-a按照需要进行接受
[root@host131 ~]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
host131
host132
host133
host134
Proceed? [n/Y] Y
Key for minion host131 accepted.
Key for minion host132 accepted.
Key for minion host133 accepted.
Key for minion host134 accepted.
[root@host131 ~]#
接受之后的状况
[root@host131 ~]# salt-key -L
Accepted Keys:
host131
host132
host133
host134
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@host131 ~]#
简单动作确认
[root@host131 ~]# salt host132 test.ping
host132:
True
[root@host131 ~]# salt host133 cmd.run hostname
host133:
host133
[root@host131 ~]# salt host134 cmd.run salt-minion --version
salt 2015.5.10 (Lithium)
[root@host131 ~]#