centos6.8安裝saltstack，初步使用

最新推荐文章于 2022-03-22 11:24:37 发布

互联网老欣

最新推荐文章于 2022-03-22 11:24:37 发布

阅读量502

点赞数

文章标签： centos

本文链接：https://blog.csdn.net/gusucheng/article/details/106244813

版权

#安装SaltStack源

[root@linux-node1 ~]# yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-2.el6.noarch.rpm
[root@linux-node1 ~]# rm -f /etc/yum.repos.d/zabbix.repo
[root@linux-node1 ~]# yum install salt-master

[root@linux-node2 ~]# yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-2.el6.noarch.rpm
[root@linux-node2 ~]# rm -f /etc/yum.repos.d/zabbix.repo
[root@linux-node2 ~]# yum install salt-minion

#服务端上安装salt-master (服务端上也要安装salt-minion)
yum install salt-master
yum install salt-minion

#客户端上安装salt-minion
yum install salt-minion

#启动salt-master服务
[root@linux-node1 ~]# systemctl start salt-master.service

#修改服务端上的minion配置文件
[root@linux-node1 salt]# cp /etc/salt/minion{,.bak}
[root@linux-node1 salt]# vim /etc/salt/minion
master: 192.168.56.11

#修改客户端minion并启动salt-minion
[root@linux-node2 salt]# vim /etc/salt/minion
master: 192.168.56.11

[root@linux-node2 salt]# systemctl start salt-minion.service

************** 加入到master前 ************************
[root@linux-node2 salt]# tree
.
├── cloud
├── cloud.conf.d
├── cloud.deploy.d
├── cloud.maps.d
├── cloud.profiles.d
├── cloud.providers.d
├── master
├── master.d
├── minion
├── minion.d
├── minion_id
├── pki
│   ├── master
│   └── minion
│    ├── minion.pem #私钥
│    └── minion.pub #公钥
├── proxy
├── proxy.d
└── roster

[root@linux-node1 salt]# tree
.
├── cloud
├── cloud.conf.d
├── cloud.deploy.d
├── cloud.maps.d
├── cloud.profiles.d
├── cloud.providers.d
├── master
├── master.d
├── minion
├── minion.bak
├── minion.d
├── minion_id
├── pki
│   ├── master
│   │   ├── master.pem
│   │   ├── master.pub
│   │   ├── minions
│   │   ├── minions_autosign
│   │   ├── minions_denied
│   │   ├── minions_pre #机器没有加入前会放到minions_pre目录下
│   │   │   ├── linux-node1.example.com #都是以minion_id行式 (也就是机器名)
│   │   │   └── linux-node2.example.com
│   │   └── minions_rejected
│   └── minion
│    ├── minion.pem
│    └── minion.pub
├── proxy
├── proxy.d
└── roster

************** 加入到master后 ************************

[root@linux-node1 salt]# salt-key
Accepted Keys:
Denied Keys:
Unaccepted Keys:
linux-node1.example.com
linux-node2.example.com
Rejected Keys:

The following keys are going to be accepted:
Unaccepted Keys:
linux-node1.example.com
linux-node2.example.com
Proceed? [n/Y] Y
Key for minion linux-node1.example.com accepted.
Key for minion linux-node2.example.com accepted.

#已经加入了
[root@linux-node1 salt]# salt-key
Accepted Keys:
linux-node1.example.com
linux-node2.example.com
Denied Keys:
Unaccepted Keys:
Rejected Keys:

[root@linux-node2 salt]# tree
.
├── cloud
├── cloud.conf.d
├── cloud.deploy.d
├── cloud.maps.d
├── cloud.profiles.d
├── cloud.providers.d
├── master
├── master.d
├── minion
├── minion.d
│   └── _schedule.conf
├── minion_id
├── pki
│   ├── master
│   └── minion
│    ├── minion_master.pub #多了一个master的公钥
│    ├── minion.pem
│    └── minion.pub
├── proxy
├── proxy.d
└── roster

11 directories, 10 files

[root@linux-node1 salt]# tree
.
├── cloud
├── cloud.conf.d
├── cloud.deploy.d
├── cloud.maps.d
├── cloud.profiles.d
├── cloud.providers.d
├── master
├── master.d
├── minion
├── minion.bak
├── minion.d
│   └── _schedule.conf
├── minion_id
├── pki ##pki目录
│   ├── master
│   │   ├── master.pem
│   │   ├── master.pub
│   │   ├── minions #由先前的minions_pre切换到minios目录
│   │   │   ├── linux-node1.example.com
│   │   │   └── linux-node2.example.com
│   │   ├── minions_autosign
│   │   ├── minions_denied
│   │   ├── minions_pre
│   │   └── minions_rejected
│   └── minion
│    ├── minion_master.pub
│    ├── minion.pem
│    └── minion.pub
├── proxy
├── proxy.d
└── roster

16 directories, 15 files

#测试ping
[root@linux-node1 salt]# salt '*' test.ping
linux-node2.example.com:
True
linux-node1.example.com:
True

#注意星号要转义
[root@linux-node1 salt]# salt \* test.ping
linux-node2.example.com:
True
linux-node1.example.com:
True

# cmd模块 run方法 'uptime'参数
salt '*' cmd.run 'uptime'

[root@linux-node1 salt]# salt '*' cmd.run 'uptime'
linux-node1.example.com:
11:46:22 up 21:55, 1 user, load average: 0.01, 0.04, 0.05
linux-node2.example.com:
11:46:18 up 21:54, 1 user, load average: 0.00, 0.02, 0.05

[root@linux-node1 salt]# salt '*' cmd.run 'w'
linux-node1.example.com:
12:55:22 up 23:04, 1 user, load average: 0.01, 0.02, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 192.168.56.1 09:17 2.00s 0.79s 0.62s /usr/bin/python /usr/bin/salt * cmd.run w
linux-node2.example.com:
12:55:18 up 23:03, 1 user, load average: 0.09, 0.04, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 192.168.56.1 09:17 2:04m 0.07s 0.07s -bash

#master开启了4505 4506端口 (注意minion下是没有端口的)
[root@linux-node1 salt]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 16631/mysqld
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1309/sshd
tcp 0 0 0.0.0.0:4505 0.0.0.0:* LISTEN 21403/python
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1414/master
tcp 0 0 0.0.0.0:4506 0.0.0.0:* LISTEN 21409/python
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 19761/zabbix_agentd
tcp6 0 0 :::80 :::* LISTEN 16087/httpd
tcp6 0 0 :::22 :::* LISTEN 1309/sshd
tcp6 0 0 ::1:25 :::* LISTEN 1414/master
tcp6 0 0 :::10050 :::* LISTEN 19761/zabbix_agentd

#采用4505端口发送
[root@linux-node1 salt]# lsof -ni:4505
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
salt-mast 21403 root 16u IPv4 78905 0t0 TCP *:4505 (LISTEN)
salt-mast 21403 root 18u IPv4 83947 0t0 TCP 192.168.56.11:4505->192.168.56.11:49407 (ESTABLISHED)
salt-mast 21403 root 19u IPv4 87049 0t0 TCP 192.168.56.11:4505->192.168.56.12:51556 (ESTABLISHED)
salt-mini 22991 root 21u IPv4 85293 0t0 TCP 192.168.56.11:49407->192.168.56.11:4505 (ESTABLISHED)

#4506端口收
[root@linux-node1 salt]# lsof -ni:4506
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
salt-mast 21409 root 24u IPv4 77920 0t0 TCP *:4506 (LISTEN)

[root@linux-node1 salt]# vim /etc/salt/master
file_roots:
base:
- /srv/salt/base
dev:
- /srv/salt/dev
prod:
- /srv/salt/prod
test:
- /srv/salt/test


#建立目录
[root@linux-node1 salt]# mkdir -p /srv/salt/{base,dev,test,prod}

#改完master配置必须重启salt-master服务
[root@linux-node1 salt]# systemctl restart salt-master.service

#创建web目录
[root@linux-node1 salt]# cd /srv/salt/base/
[root@linux-node1 base]# pwd
/srv/salt/base
[root@linux-node1 base]# mkdir web
[root@linux-node1 base]# cd web

#编写apache.sls文件
[root@linux-node1 web]# vim apache.sls
apache-install:
pkg.installed:
- name: httpd

apache-service:
service.running:
- name: httpd
- enable: True

[root@linux-node2 salt]# yum remove httpd


## salt是命令 'linux-node2.example.com'是目标 state是远程执行的模块 sls是方法 web是目录 apache是文件
[root@linux-node1 web]# salt 'linux-node2.example.com' state.sls web.apache
linux-node2.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 13:53:57.361781
Duration: 8559.935 ms
Changes:
----------
httpd:
----------
new:
2.4.6-80.el7.centos.1
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 13:54:07.350630
Duration: 243.628 ms
Changes:
----------
httpd:
True

Summary for linux-node2.example.com
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 8.804 s

#停掉linux-node2上的httpd
[root@linux-node2 salt]# systemctl stop httpd.service

#再执行
[root@linux-node1 web]# salt 'linux-node2.example.com' state.sls web.apache
linux-node2.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed #提示包已经安装了
Started: 14:09:32.099679
Duration: 977.899 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running #开机已经自动启动了,因为linux-node2前面已经停掉了httpd
Started: 14:09:33.078774
Duration: 132.193 ms
Changes:
----------
httpd:
True

Summary for linux-node2.example.com
------------
Succeeded: 2 (changed=1) #改变了一项：开机自启动
Failed: 0
------------
Total states run: 2
Total run time: 1.110 s

[root@linux-node1 base]# vim top.sls
base:
'*':
- web.apache

[root@linux-node1 base]# salt '*' state.sls web.apache

#两台都停掉httpd
[root@linux-node1 base]# systemctl stop httpd
[root@linux-node2 salt]# systemctl stop httpd

#全部执行 (参数不加，由top.sls决定) --高级状态
[root@linux-node1 base]# salt '*' state.highstate
linux-node2.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 14:48:16.962059
Duration: 1013.283 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started: 14:48:17.976423
Duration: 136.678 ms
Changes:
----------
httpd:
True

Summary for linux-node2.example.com
------------
Succeeded: 2 (changed=1)
Failed: 0
------------
Total states run: 2
Total run time: 1.150 s
linux-node1.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 14:48:21.009377
Duration: 1019.871 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started: 14:48:22.030378
Duration: 217.506 ms
Changes:
----------
httpd:
True

Summary for linux-node1.example.com
------------
Succeeded: 2 (changed=1)
Failed: 0
------------
Total states run: 2
Total run time: 1.237 s

#先停掉linux-node1上httpd
[root@linux-node1 base]# systemctl stop httpd

[root@linux-node1 base]# salt 'linux-node1*' state.highstate test=True
linux-node1.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 14:54:07.268184
Duration: 1012.446 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: None
Comment: Service httpd is set to start #httpd服务要设置启动
Started: 14:54:08.281650
Duration: 41.331 ms
Changes: