SaltStack是(C/S)架构的集中化管理平台,SaltStack基于Python语言,采用zeromq消息队列进行通信(Tcp,ipc)。 与Puppet相比,SaltStack没有那么笨重,感觉较轻量;不像Puppet有一套自己的DSL用来写配置,SaltStack使用YAML作为配置文件格式,写起来既简单又容易,同时也便于动态生成;此外,SaltStack在远程执行命令时的速度非常快,也包含丰富的模块。
一、基础环境
1、角色、ip、版本、内核
masterA 192.168.1.64 salt-master 2015.5.8 master
minionB 192.168.1.65 salt-minion 2015.5.8 minion
2、安装依赖包
[root@xuegod63 ~]# yum -y install python python-dateutil python-jinja2 python-apt python-yaml python-pkg-resources python-six ca-certificates python-chardet openssl python-m2crypto python-crypto msgpack-python python-zmq python-support libgmp10 python-git python-gitdb git libjs-jquery libzmq1 libcurl3-gnutls perl-modules liberror-perl git-man dctrl-tools
二、安装SaltStack(masterA)
1、安装salt-master
[root@xuegod63 ~]# yum -y install salt-master salt-ssh salt-syndic salt-cloud
2、配置
1)备份配置
[root@xuegod63 ~]# cp /etc/salt/master /etc/salt/master.bak
2)[root@xuegod63 ~]# echo "default_include: master.d/*.conf" >> /etc/salt/master
3)添加以下内容
[root@xuegod63 ~]# mkdir -p /etc/salt/master.d
[root@xuegod63 ~]# cat /etc/salt/master.d/master.conf
interface: 192.168.1.63
publish_port: 4505
ret_port: 4506
pidfile: /var/run/salt-master.pid
sock_dir: /var/run/salt/master
log_file: /var/log/salt/master
key_logfile: /var/log/salt/key
3、重启服务
[root@xuegod63 ~]# /etc/init.d/salt-master restart
[ ok ] Restarting salt master control daemon: salt-master.
4、查看端口和进程
1)查看进程
[root@xuegod63 ~]# ps -ef |grep salt
root 9078 1 0 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9079 9078 3 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9080 9078 0 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9081 9078 0 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9086 9078 0 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9087 9086 5 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9088 9086 4 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9093 9086 5 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9094 9086 5 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9099 9086 4 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
root 9100 9086 0 14:18 ? 00:00:00 /usr/bin/python /usr/bin/salt-master -d
2)查看端口
[root@xuegod63 ~]# netstat -tupnl |grep python
tcp 0 0 192.168.1.63:4505 0.0.0.0:* LISTEN 9517/python
tcp 0 0 192.168.1.63:4506 0.0.0.0:* LISTEN 9539/python
三、安装saltstack(minionB)
1、安装salt-minion包
[root@xuegod64 ~]# yum -y install salt-minion salt-ssh salt-syndic salt-cloud
2、配置
1)备份下配置
[root@xuegod64 ~]# cp /etc/salt/minion /etc/salt/minion.bak
2)[root@xuegod64 ~]# echo "default_include: minion.d/*.conf" >> /etc/salt/minion
3)添加以下内容
[root@xuegod64 ~]# mkdir -p /etc/salt/minion.d
[root@xuegod64 ~]# cat /etc/salt/minion.d/minion.conf
master: 192.168.1.63
id: 192.168.1.64
3、重启服务
[root@xuegod64 ~]# /etc/init.d/salt-minion restart
[ ok ] Restarting salt minion control daemon: salt-minion.
4、查看进程
[root@xuegod64 ~]# ps -ef |grep min
root 8135 1 0 14:27 ? 00:00:00 /usr/bin/python /usr/bin/salt-minion -d
5、使用salt-minion命令测试
[root@xuegod64 ~]# salt-minion -l debug
[DEBUG ] Reading configuration from /etc/salt/minion
[DEBUG ] Including configuration from '/etc/salt/minion.d/minion.conf'
[DEBUG ] Reading configuration from /etc/salt/minion.d/minion.conf
[DEBUG ] Configuration file path: /etc/salt/minion
[INFO ] Setting up the Salt Minion "192.168.1.64"
[DEBUG ] Created pidfile: /var/run/salt-minion.pid
[DEBUG ] Reading configuration from /etc/salt/minion
[DEBUG ] Including configuration from '/etc/salt/minion.d/minion.conf'
[DEBUG ] Reading configuration from /etc/salt/minion.d/minion.conf
[DEBUG ] Attempting to authenticate with the Salt Master at 192.168.1.63
[DEBUG ] Initializing new SAuth for ('/etc/salt/pki/minion', '192.168.1.64', 'tcp://192.168.1.63:4506')
[ERROR ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
[INFO ] Waiting 10 seconds before retry.
[ERROR ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
[INFO ] Waiting 10 seconds before retry.
[ERROR ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
[INFO ] Waiting 10 seconds before retry.
四、签名并测试
1、查看到192.168.1.64还没验证通过
[root@xuegod63 ~]# salt-key list
Accepted Keys:
Denied Keys:
Unaccepted Keys:
192.168.1.64
Rejected Keys:
2、验证通过
[root@xuegod63 ~]# salt-key -a 192.168.1.64
The following keys are going to be accepted:
Unaccepted Keys:
192.168.1.64
Proceed? [n/Y] y
Key for minion 192.168.1.64 accepted.
3、查看下,已经通过验证
[root@xuegod63 ~]# salt-key list
Accepted Keys:
192.168.1.64
Denied Keys:
Unaccepted Keys:
Rejected Keys:
五、测试
1、[root@xuegod63 ~]# cat minion.txt
192.168.1.64
2、[root@xuegod63 ~]# salt `cat minion.txt` cmd.run 'uptime'
192.168.1.64:
16:07:42 up 36 min, 2 users, load average: 0.00, 0.01, 0.05
已看到minion端的uptime信息了
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/9034054/viewspace-2073926/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/9034054/viewspace-2073926/
4631
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
