参考文档
http://docs.saltstack.cn/contents.html
快速安装
初始配置 控制端master配置 # vim /etc/salt/master interface: 192.168.100.132 注:192.168.1.229 是本机服务端的IP地址 默认监听所有接口 # auto_accept: True 注:修改auto_accept为True,自动接受客户端的KEY,当然也可以这里不设置,手动接受就行,接受方式:salt-key -a keyname 控制端默认监听tcp 4505 4506 注意防火墙配置 客户端minion配置 # vim /etc/salt/minion master: 192.168.100.132 id: 192.168.100.138 注:192.168.100.132 是服务端的IP地址 id :客户端的标识,用服务端连接时,就是用此标识来连接客户端,建议为主机域名 配置服务 # systemctl enable salt-master.service # systemctl start salt-master.service # systemctl enable salt-minion.service # systemctl start salt-minion.service ## 测试被控主机的连通性 # salt '*' test.ping ## 根据被控主机的grains信息进行匹配过滤 # salt -G 'os:Centos' test.ping ## 显示被控主机的操作系统类型 # salt '*' grains.item os ## 远程代码执行测试 # salt '*' cmd.exec_code python 'import sys; print sys.version'
常用命令
# salt-key -L 查看key列表 # salt-key -a KYENAME #允许一个key # salt-key -A #允许所有 # salt-key -d KEYNAME #删除一个key # salt-key -D #删除所有key ##使用ip地址或子网匹配 # salt -S 192.168.100.138 test.ping # salt -S 192.168.100.0/24 test.ping ##使用正则表达式: # salt -E 'virtmach[0-9]' test.ping ##指定列表 # salt -L 'foo,bar,baz,quo' test.ping ##拷贝文件 # salt-cp '*' file.py /root ##超级命令(生产中不建议使用) # salt '*' cmd.run 'yum install net-tool' ##查看客户端状态 # salt-run manage.status # salt-run manage.versions ##工具箱 # salt '192.168.100.138' saltutil.running \\查看正在执行的任务 # salt '192.168.100.138' saltutil.kill_job 20170310143800082264 \\删除正在运行的任务
模块使用
包安装模块
##命令输出 192.168.100.138: ---------- ID: pkg.init Function: pkg.installed Name: mtr Result: True Comment: The following packages were installed/updated: mtr Started: 12:17:31.424942 Duration: 15219.658 ms Changes: ---------- mtr: ---------- new: 2:0.85-7.el7 old: ---------- ID: pkg.init Function: pkg.installed Name: nmap Result: True Comment: The following packages were installed/updated: nmap Started: 12:17:46.667926 Duration: 5258.072 ms Changes: ---------- nmap: ---------- new: 2:6.40-7.el7 old: nmap-ncat: ---------- new: 2:6.40-7.el7 old: ---------- ID: pkg.init Function: pkg.installed Name: lrzsz Result: True Comment: The following packages were installed/updated: lrzsz Started: 12:17:51.969501 Duration: 2646.444 ms Changes: ---------- lrzsz: ---------- new: 0.12.20-36.el7 old: Summary for 192.168.100.138 ------------ Succeeded: 3 (changed=3) Failed: 0 ------------ Total states run: 3 Total run time: 23.124 s
文件维护模块
##使用file.managed 维护文件 # vim top.sls base: '192.168.100.138': - init.pkg - init.limit # cd init/ # vim limit.sls limit-conf-config: file.managed: - name: /etc/security/limits.conf #minion端 文件路径 - source: salt://init/files/limits.conf #master端 文件路径 - user: root - group: root - mode: 644 # mkdir files # cd files # cp /etc/security/limits.conf . ##随意修改 limits.conf文件内容 验证是某同步 # salt '*' state.highstate 192.168.100.138: ---------- ID: pkg.init Function: pkg.installed Name: mtr Result: True Comment: Package mtr is already installed Started: 13:09:50.532559 Duration: 672.412 ms Changes: ---------- ID: pkg.init Function: pkg.installed Name: nmap Result: True Comment: Package nmap is already installed Started: 13:09:51.205178 Duration: 0.426 ms Changes: ---------- ID: pkg.init Function: pkg.installed Name: lrzsz Result: True Comment: Package lrzsz is already installed Started: 13:09:51.205686 Duration: 0.315 ms Changes: ---------- ID: limit-conf-config Function: file.managed Name: /etc/security/limits.conf Result: True Comment: File /etc/security/limits.conf updated Started: 13:09:51.208228 Duration: 56.86 ms Changes: ---------- diff: --- +++ @@ -1,4 +1,4 @@ -#this is test +#this is test!! # /etc/security/limits.conf # #This file sets the resource limits for the users logged in via PAM. Summary for 192.168.100.138 ------------ Succeeded: 4 (changed=1) Failed: 0 ------------ Total states run: 4 Total run time: 730.013 ms
把数据返回到mysql服务器
# vim /etc/salt/master mysql.host: '192.168.100.138' mysql.user: 'salt' mysql.pass: 'salt' mysql.db: 'salt' mysql.port: 3306 master_job_cache: mysql //master端直接写入mysql,如果不配置此行默认是minion端写入 # vim /etc/salt/minion mysql.host: '192.168.100.138' mysql.user: 'salt' mysql.pass: 'salt' mysql.db: 'salt' mysql.port: 3306 # salt '*' test.ping --return mysql