安装:
首先将yum源指定官方官网位置
或是将包下载下来指定本机的位置
接下来
管理节点安转salt-master
受控节点安装salt-minon
更改minion的配置文件,指向master
启动minion 以及 master
测试一下
-a ACCEPT, --accept=ACCEPT #接受指定
Accept the specified public key (use --include-
rejected and --include-denied to match rejected and
denied keys in addition to pending keys). Globs are
supported.
-A, --accept-all Accept all pending keys. #表是接受所有
它时使用zmq传输的,4505端口进行一个长连接
在master端配置文件中将file_roots打开:
由于没有一下目录,需要自行建立
建立好之后,这里用到了yaml语法,需要先去了解一下
这里有官网的文档 了解yaml
创建一个以.sls结尾的文件
[root@server5 ~]# mkdir /srv/salt
[root@server5 ~]# cd /srv/salt/
[root@server5 salt]#
[root@server5 salt]# ls
[root@server5 salt]# /etc/init.d/salt-master restart #这里需要重新启动一下 因为更改了配置文件 重起才会生效
Stopping salt-master daemon: [ OK ]
Starting salt-master daemon: [ OK ]
[root@server5 salt]# vim ayac.sls
下面安装httpd
apache-install:
pkg.installed:
- pkgs:
- httpd
- php
启用方法以及结果:
[root@server5 salt]# salt server6 state.sls ayac #因为在file_roots中定义base的位置/srv/salt/ 它会在base下寻找 , 前面也已经定义为.sls 格式 所以不用加后缀
server6:
----------
ID: apache-install
Function: pkg.installed
Result: True
Comment: The following packages were installed/updated: httpd, php
Started: 10:48:16.837414
Duration: 11418.871 ms
Changes:
----------
apr:
----------
new:
1.3.9-5.el6_2
old:
apr-util:
----------
new:
1.3.9-3.el6_0.1
old:
apr-util-ldap:
----------
new:
1.3.9-3.el6_0.1
old:
httpd:
----------
new:
2.2.15-29.el6_4
old:
httpd-tools:
----------
new:
2.2.15-29.el6_4
old:
mailcap:
----------
new:
2.1.31-2.el6
old:
php:
----------
new:
5.3.3-26.el6
old:
php-cli:
----------
new:
5.3.3-26.el6
old:
php-common:
----------
new:
5.3.3-26.el6
old:
Summary for server6
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
Total run time: 11.419 s
server6查看
更改apache的配置文件
apache-install:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://httpd/files/httpd.conf
- mode: 644
- user: root
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: apache-install
[root@server5 salt]# ls
ayac.sls httpd wulala.sls
[root@server5 salt]# cd httpd/
[root@server5 httpd]# ls
files
[root@server5 httpd]# cd files/
[root@server5 files]# ls
httpd.conf
[root@server5 files]# pwd
/srv/salt/httpd/files
[root@server5 files]#
[root@server5 salt]# salt server6 state.sls wulala
server6:
----------
ID: apache-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:52:56.668407
Duration: 339.919 ms
Changes:
----------
ID: apache-install
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 10:52:57.009947
Duration: 38.391 ms
Changes:
----------
ID: apache-install
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 10:52:57.049026
Duration: 23.852 ms
Changes:
Summary for server6
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
Total run time: 402.162 ms
源码安装nginx
首先需要源码包以及nginx的启动脚本:
启动脚本的话前面我在lnmp部分有写:
[root@server5 salt]# tree -R .
.
├── ayac.sls
├── httpd
│ └── files
│ └── httpd.conf
├── nginx
│ ├── files
│ │ ├── nginx
│ │ ├── nginx-1.14.0.tar.gz
│ │ ├── nginx.conf
│ │ └── nginx.sls
│ └── ngxinstl.sls
├── pkgs
│ └── make.sls
└── wulala.sls
make.sls 主要负责依赖性的解决
make-gcc:
pkg.installed:
- pkgs:
- pcre-devel
- openssl-devel
- gcc
ngxinstl.sls 主要是安装下载
include:
- pkgs.make
nginx-install:
file.managed:
- name: /mnt/nginx-1.14.0.tar.gz
- source: salt://nginx/files/nginx-1.14.0.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g ' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-threads --with-file-aio --with-http_ssl_module --with-http_stub_status_module &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/nginx
nginx.sls 主体为启动运行
include:
- nginx.ngxinstl
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
nginx-service:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx
- mode: 755
service.running:
- name: nginx
- reload: True
- watch:
- file: /usr/local/nginx/conf/nginx.conf
当然也可以用来一健搭建高可用集群:
将前面的综合起来:
[root@server5 salt]# tree -R haproxy
haproxy
├── files
│ └── haproxy.cfg
└── install.sls
配置文件的话如下:
选个节点搭建haproxy管理点:
initall.sls
haproxy-install:
pkg.installed:
- pkgs:
- haproxy
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://haproxy/files/haproxy.cfg
service.running:
- name: haproxy
- reload: True
- watch:
- file: haproxy-install
~
[root@server5 salt]# vim top.sls
[root@server5 salt]# cat top.sls
base:
'server5':
- haproxy.install
'server1':
- wulala
'server6':
- nginx.files.nginx
执行方式以及结果如下:
[root@server5 salt]# salt '*' state.highstate
server1:
----------
ID: apache-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 15:44:54.649757
Duration: 404.216 ms
Changes:
----------
ID: apache-install
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 15:44:55.056361
Duration: 47.89 ms
Changes:
----------
ID: apache-install
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 15:44:55.105311
Duration: 31.847 ms
Changes:
Summary for server1
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
Total run time: 483.953 ms
server6:
----------
ID: make-gcc
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 15:44:54.412581
Duration: 647.868 ms
Changes:
----------
ID: nginx-install
Function: file.managed
Name: /mnt/nginx-1.14.0.tar.gz
Result: True
Comment: File /mnt/nginx-1.14.0.tar.gz is in the correct state
Started: 15:44:55.063159
Duration: 92.715 ms
Changes:
----------
ID: nginx-install
Function: cmd.run
Name: cd /mnt && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g ' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-threads --with-file-aio --with-http_ssl_module --with-http_stub_status_module &> /dev/null && make &> /dev/null && make install &> /dev/null
Result: True
Comment: /usr/local/nginx exists
Started: 15:44:55.156753
Duration: 0.417 ms
Changes:
----------
ID: /usr/local/nginx/conf/nginx.conf
Function: file.managed
Result: True
Comment: File /usr/local/nginx/conf/nginx.conf is in the correct state
Started: 15:44:55.157296
Duration: 32.068 ms
Changes:
----------
ID: nginx-service
Function: file.managed
Name: /etc/init.d/nginx
Result: True
Comment: File /etc/init.d/nginx is in the correct state
Started: 15:44:55.189503
Duration: 38.17 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: The service nginx is already running
Started: 15:44:55.228704
Duration: 38.413 ms
Changes:
Summary for server6
------------
Succeeded: 6
Failed: 0
------------
Total states run: 6
Total run time: 849.651 ms
server5:
----------
ID: haproxy-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 15:44:55.354906
Duration: 547.014 ms
Changes:
----------
ID: haproxy-install
Function: file.managed
Name: /etc/haproxy/haproxy.cfg
Result: True
Comment: File /etc/haproxy/haproxy.cfg is in the correct state
Started: 15:44:55.904756
Duration: 81.385 ms
Changes:
----------
ID: haproxy-install
Function: service.running
Name: haproxy
Result: True
Comment: The service haproxy is already running
Started: 15:44:55.987244
Duration: 69.5 ms
Changes:
Summary for server5
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
Total run time: 697.899 ms
grains:
在受控节点 端的配置文件里面加入:
在master端:
[root@server5 pillar]# salt '*' grains.item roles
server6:
----------
roles:
- nginx
server1:
----------
roles:
- apache
server5:
----------
roles:
[root@server5 pillar]#
base:
'server5':
- haproxy.install
'roles:apache':
- match: grain
- wulala
'roles:nginx':
- match: grain
- nginx.files.nginx
在Pillar中存储静态数据
在master端的配置文件
pillar_roots:
base:
- /srv/pillar
#
重起服务
建立相应的目录
[root@server5 pillar]# tree -R .
.
├── top.sls
└── web
└── install.sls
1 directory, 2 files
[root@server5 pillar]# ls
top.sls web
[root@server5 pillar]# cd web/
[root@server5 web]# vim install.sls
>
{% if grains['fqdn'] == 'server6' %}
webserver: nginx
{% elif grains['fqdn'] == 'server1' %}
webserver: httpd
{% endif %}
[root@server5 pillar]# cat top.sls
base:
'*':
- web.install
[root@server5 pillar]# salt '*' pillar.items
server6:
----------
webserver:
nginx
server5:
----------
server1:
----------
webserver:
httpd
[root@server5 pillar]# salt '*' pillar.items
server6:
----------
webserver:
nginx
server5:
----------
server1:
----------
webserver:
httpd
[root@server5 pillar]# salt '*' pillar.items
server6:
----------
webserver:
nginx
server5:
----------
server1:
----------
webserver:
httpd