前言
工作机制:
- Master和Minion都以守护进程的方式运行
- Master监听配置文件里定义的ret_port(接收minion请求),和publish_port(发布消息)的端口
- 当Minion运行时,它会自动连接到配置文件里定义的Master地址ret_port端口进行连接认证
- 当Master和Minion可以正常通信后,就可以进行各种各样的配置管理工作了
一、saltstack的安装部署
1.实验环境:
- server1: 172.25.6.1 master
- server2: 172.25.6.2 minion
- server3: 172.25.6.3 minion
2.安装saltstack
server1:
server2:
server3:
3.启动服务
主节点:
[root@server1 salt]# systemctl start salt-master
[root@server1 salt]# systemctl start salt-minion
[root@server1 salt]# systemctl enable salt-master
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.
service to /usr/lib/systemd/system/salt-master.service.
4505端口:用来链接slave,发布订阅
4506端口:请求响应,模式为:zmq(消息队列)
两个从节点:
[root@server2 2018]# cd /etc/salt/
[root@server2 salt]# vim minion
16 master: 172.25.6.1 指定master
[root@server2 salt]# systemctl start salt-minion
[root@server2 salt]# systemctl enable salt-minion.service
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-minion.
service to /usr/lib/systemd/system/salt-minion.service.
[root@server3 2018]# cd /etc/salt/
[root@server3 salt]# vim minion
16 master: 172.25.6.1 指定master
[root@server3 salt]# systemctl start salt-minion
[root@server3 salt]# systemctl enable salt-minion.service
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-minion.
service to /usr/lib/systemd/system/salt-minion.service.
4.添加连接密钥(查看密钥并加入)/在master添加minion
查看密钥
[root@server1 salt]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
server2
server3
Rejected Keys: