salt-ssh部署salt-minion

最新推荐文章于 2024-07-19 17:35:15 发布

2401_83412285

最新推荐文章于 2024-07-19 17:35:15 发布

阅读量981

点赞数 8

分类专栏：程序员文章标签： ssh 运维

本文链接：https://blog.csdn.net/2401_83412285/article/details/138795443

版权

程序员专栏收录该内容

685 篇文章 0 订阅

订阅专栏

Result: True

Comment: File /etc/yum.repos.d/epel-8.repo updated

Started: 00:08:00.847604

Duration: 8.213 ms

Changes:

diff:

+++

@@ -7,7 +7,8 @@

enabled=1

gpgcheck=1

countme=1

-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

+#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

+gpgkey=https://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-8

[epel-debuginfo]

name=Extra Packages for Enterprise Linux $releasever - $basearch - Debug

ID: /etc/yum.repos.d/salt-8.repo

Function: file.managed

Result: True

Comment: File /etc/yum.repos.d/salt-8.repo is in the correct state

Started: 00:08:00.855937

Duration: 5.049 ms

Changes:

Summary for p1

Succeeded: 3 (changed=1)

Failed: 0

Total states run: 3

Total run time: 98.368 ms

写一个循环脚本取IP

[root@master ~]# vim circulation_ip.sh

[root@master ~]# cat circulation_ip.sh

#!/bin/bash

while read line;do

cat >> abc << EOF

p$(echo $line | awk ‘{print $1}’):

host: $(echo $line | awk ‘{print $2}’)

EOF

done < host.info

//定义的ip

[root@master ~]# vim host.info

[root@master ~]# cat host.info

1 192.168.129.135

2 192.168.129.136

//执行脚本之后生成的文件

[root@master ~]# chmod +x circulation_ip.sh

[root@master ~]# ./circulation_ip.sh

[root@master ~]# cat abc

p1:

host: 192.168.129.135

p2:

host: 192.168.129.136

测试通信，这里演示不通该如何解决

[root@master ~]# ls .ssh/

known_hosts

[root@master ~]# rm -rf .ssh/known_hosts

[root@master ~]# salt-ssh ‘*’ test.ping

vm1:

retcode:

254

stderr:

stdout:

The host key needs to be accepted, to auto accept run salt-ssh with the -i flag:

The authenticity of host ‘192.168.129.135 (192.168.129.135)’ can’t be established.

ECDSA key fingerprint is SHA256:Nz8CAwwL3HRh/Lvqejqa+eiV3A09xGYYfG2A/W8wRPs.

ECDSA key fingerprint is MD5:8c:b3:22:14:7a:8a:bc:34:f9:9d:3c:3a:07:8a:96:20.

Are you sure you want to continue connecting (yes/no)?

从上面的信息可以看出，第一次访问时需要输入 yes/no ，但是 saltstack 是不支持交互式操作的，所以为了解决这个问题，我们需要对其进行设置，让系统不进行主机验证。

[root@master ~]# vim ~/.ssh/config

StrictHostKeyChecking no

[root@master ~]# salt-ssh ‘*’ test.ping

vm1:

True

免密登录的方式

[root@master ~]# cd .ssh/

[root@master .ssh]# ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:ODjpQpsDmY3Qex0NyquOzgR8UqmsLE1hPFXpufb2qJw root@master

The key’s randomart image is:

±–[RSA 3072]----+

| …o. |

| o o…o |

|. *oo… |

|+*o+ =oo |

|==. +.S |

|+=o* .o. |

|ooB … . |

|+o o . .o. |

|oo. Eo… |

±—[SHA256]-----+

[root@master .ssh]# ls

config id_rsa id_rsa.pub known_hosts

[root@master .ssh]# ssh-copy-id root@192.168.129.135

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed – if you are prompted now it is to install the new keys

root@192.168.129.135’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘root@192.168.129.135’”

and check to make sure that only the key(s) you wanted were added.

[root@master .ssh]# ssh root@192.168.129.135 ‘date’

2021年 11月 27日星期六 00:48:37 CST

//测试，只需要第一次输入，后面都不用输入

[root@master .ssh]# salt-ssh ‘*’ test.ping

Permission denied for host minion1, do you want to deploy the salt-ssh key? (password required):

[Y/n] y

Password for root@p1:

p1:

True

通过salt-ssh初始化系统安装salt-minion

安装 salt-ssh

[root@master ~]# yum -y install salt-ssh

测试连通性

[root@master ~]# salt-ssh ‘*’ test.ping

p1:

True

执行状态命令，初始化系统，安装salt-minion

[root@master ~]# vim /srv/salt/base/init/yum/main.sls

[root@master ~]# cat /srv/salt/base/init/yum/main.sls

{% if grains[‘os’] == ‘RedHat’ %}

/etc/yum.repos.d/centos-{{ grains[‘osmajorrelease’] }}.repo:

file.managed:

source: salt://init/yum/files/centos-{{ grains[‘osmajorrelease’] }}.repo
user: root
group: root
mode: ‘0644’

{% endif %}

/etc/yum.repos.d/epel-{{ grains[‘osmajorrelease’] }}.repo:

file.managed:

source: salt://init/yum/files/epel-{{ grains[‘osmajorrelease’] }}.repo
user: root
group: root
mode: ‘0644’

/etc/yum.repos.d/salt-{{ grains[‘osmajorrelease’] }}.repo:

file.managed:

source: salt://init/yum/files/salt-{{ grains[‘osmajorrelease’] }}.repo
user: root
group: root
mode: ‘0644’

//修改epel-dpdcheck的值

[root@master ~]# vim /srv/salt/base/init/yum/files/epel-8.repo

…

repo=epel- $KaTeX parse error: Expected 'EOF', got '&' at position 11: releasever&̲arch=$ basearch&infra= $KaTeX parse error: Expected 'EOF', got '&' at position 6: infra&̲content=$ contentdir

enabled=1

gpgcheck=1 #1表示开启状态，0表示关闭状态

countme=1

#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

gpgkey=https://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-8 #添加这行内容

//执行

[root@master ~]# salt-ssh ‘p1’ state.sls init.yum.main

p1:

ID: /etc/yum.repos.d/centos-8.repo

Function: file.managed

Result: True

Comment: File /etc/yum.repos.d/centos-8.repo is in the correct state

Started: 00:08:00.762355

Duration: 85.106 ms

Changes:

ID: /etc/yum.repos.d/epel-8.repo

Function: file.managed

Result: True

Comment: File /etc/yum.repos.d/epel-8.repo updated

Started: 00:08:00.847604

Duration: 8.213 ms

Changes:

diff:

+++

@@ -7,7 +7,8 @@

enabled=1

gpgcheck=1

countme=1

-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

+#gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-8

+gpgkey=https://mirrors.aliyun.com/epel/RPM-GPG-KEY-EPEL-8

[epel-debuginfo]

name=Extra Packages for Enterprise Linux $releasever - $basearch - Debug

ID: /etc/yum.repos.d/salt-8.repo

Function: file.managed

Result: True

Comment: File /etc/yum.repos.d/salt-8.repo is in the correct state

Started: 00:08:00.855937

Duration: 5.049 ms

Changes:

Summary for p1

Succeeded: 3 (changed=1)

Failed: 0

Total states run: 3

Total run time: 98.368 ms

执行安装minion

[root@master ~]# cd /srv/salt/base/init/salt-minion/

[root@master salt-minion]# cat main.sls

include:

init.yum.main

salt-minion:

pkg.installed

/etc/salt/minion:

file.managed:

source: salt://init/salt-minion/files/minion.j2
user: root
group: root
mode: ‘0644’
template: jinja
require:
pkg: salt-minion

salt-minion.service:

service.running:

enable: true
reload: true
watch:
file: /etc/salt/minion

//定义成变量

[root@master ~]# vim /srv/salt/base/init/salt-minion/files/minion.j2

…

#master: salt

master: {{ pillar[‘master_ip’] }} #定义成变量

Set http proxy information for the minion when doing requests

…

//在pillar定义变量

[root@master ~]# cat /srv/pillar/base/salt-minion.sls

master_ip: 192.168.129.135

[root@master ~]# cat /srv/pillar/base/top.sls

base:

‘*’:

salt-minion

执行

[root@master ~]# salt-ssh ‘p1’ state.sls init.salt-minion.main

p1:

ID: /etc/yum.repos.d/centos-8.repo

Function: file.managed

Result: True

Comment: File /etc/yum.repos.d/centos-8.repo is in the correct state

Started: 01:50:09.957722

Duration: 28.526 ms

Changes:

ID: /etc/yum.repos.d/epel-8.repo

Function: file.managed

Result: True

Comment: File /etc/yum.repos.d/epel-8.repo is in the correct state

Started: 01:50:09.986371

Duration: 4.075 ms

Changes:

ID: /etc/yum.repos.d/salt-8.repo

Function: file.managed

Result: True

Comment: File /etc/yum.repos.d/salt-8.repo is in the correct state

Started: 01:50:09.990566

Duration: 3.876 ms

Changes:

ID: salt-minion

Function: pkg.installed

Result: True

Comment: All specified packages are already installed

Started: 01:50:10.824043

Duration: 624.715 ms

Changes:

ID: /etc/salt/minion

Function: file.managed

Result: True

Comment: File /etc/salt/minion is in the correct state

Started: 01:50:11.449217

Duration: 42.816 ms

Changes:

ID: salt-minion.service

Function: service.running

Result: True

Comment: Service salt-minion.service is already enabled, and is running

Started: 01:50:11.493433

最后

自我介绍一下，小编13年上海交大毕业，曾经在小公司待过，也去过华为、OPPO等大厂，18年进入阿里一直到现在。

深知大多数Java工程师，想要提升技能，往往是自己摸索成长，自己不成体系的自学效果低效漫长且无助。

因此收集整理了一份《2024年Java开发全套学习资料》，初衷也很简单，就是希望能够帮助到想自学提升又不知道该从何学起的朋友，同时减轻大家的负担。

既有适合小白学习的零基础资料，也有适合3年以上经验的小伙伴深入学习提升的进阶课程，基本涵盖了95%以上Java开发知识点，不论你是刚入门Android开发的新手，还是希望在技术上不断提升的资深开发者，这些资料都将为你打开新的学习之门！

如果你觉得这些内容对你有帮助，需要这份全套学习资料的朋友可以戳我获取！！

由于文件比较大，这里只是将部分目录截图出来，每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频，并且会持续更新！
g

Result: True

Comment: Service salt-minion.service is already enabled, and is running

Started: 01:50:11.493433

最后

自我介绍一下，小编13年上海交大毕业，曾经在小公司待过，也去过华为、OPPO等大厂，18年进入阿里一直到现在。

深知大多数Java工程师，想要提升技能，往往是自己摸索成长，自己不成体系的自学效果低效漫长且无助。

[外链图片转存中…(img-FtSfFIZq-1715571279221)]

[外链图片转存中…(img-FwKOXqKI-1715571279221)]

[外链图片转存中…(img-NST8d2Ht-1715571279222)]

如果你觉得这些内容对你有帮助，需要这份全套学习资料的朋友可以戳我获取！！

由于文件比较大，这里只是将部分目录截图出来，每个节点里面都包含大厂面经、学习笔记、源码讲义、实战项目、讲解视频，并且会持续更新！

2401_83412285

关注

8
点赞
踩
27

收藏

觉得还不错? 一键收藏
0
评论
salt-ssh部署salt-minion

自我介绍一下，小编13年上海交大毕业，曾经在小公司待过，也去过华为、OPPO等大厂，18年进入阿里一直到现在。深知大多数Java工程师，想要提升技能，往往是自己摸索成长，自己不成体系的自学效果低效漫长且无助。因此收集整理了一份《2024年Java开发全套学习资料》，初衷也很简单，就是希望能够帮助到想自学提升又不知道该从何学起的朋友，同时减轻大家的负担。
复制链接

扫一扫