saltstack 的安装
##参考: saltstack配置gitfs与开发环境 通过githook来更新
Salt自动化之自动更新Gitfs 通过webhook来更新
##前置准备
RHEL7 slow ssh login GSSAPIAuthentication no
[解决hostname -f 慢的问题]https://www.centos.org/forums/viewtopic.php?t=16082
echo -e "192.168.14.101\tmng.bd.com\tmng" >> /etc/hosts
#依赖安装
python -V yum install systemd-python yum groupinstall 'Development Tools'
repo 准备
1 epel
##yum -y install epel-release echo '[epel] name=Extra Packages for Enterprise Linux 7 - $basearch baseurl=http://mirrors.aliyun.com/epel/7/$basearch http://us1.mirrors.aliyuncs.com/epel/7/$basearch failovermethod=priority enabled=1 gpgcheck=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 [epel-debuginfo] name=Extra Packages for Enterprise Linux 7 - $basearch - Debug baseurl=http://mirrors.aliyun.com/epel/7/$basearch/debug http://us1.mirrors.aliyuncs.com/epel/7/$basearch/debug failovermethod=priority enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 gpgcheck=0 [epel-source] name=Extra Packages for Enterprise Linux 7 - $basearch - Source baseurl=http://mirrors.aliyun.com/epel/7/SRPMS http://us1.mirrors.aliyuncs.com/epel/7/SRPMS failovermethod=priority enabled=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 gpgcheck=0' > /etc/yum.repos.d/epel_aliyun.repo
1 salt
cat <<END > /etc/yum.repos.d/salt.repo [saltstack-repo] name=SaltStack repo for Red Hat Enterprise Linux \$releasever baseurl=https://repo.saltstack.com/yum/redhat/\$releasever/\$basearch/latest enabled=1 gpgcheck=1 gpgkey=https://repo.saltstack.com/yum/redhat/\$releasever/\$basearch/latest/SALTSTACK-GPG-KEY.pub https://repo.saltstack.com/yum/redhat/\$releasever/\$basearch/latest/base/RPM-GPG-KEY-CentOS-7 END
yum makecache
安装
服务器端
yum --enablerepo=epel install GitPython -y yum install salt-master salt-api salt-ssh -y #create file_root mkdir -p /data/salt/srv mkdir -p /data/salt/srv/sources cd /data/salt/srv/sources wget https://openresty.org/download/openresty-1.11.2.2.tar.gz mkdir -p /data/salt/srv/minions/yum.repos.d mv /data/salt/srv/minion /data/salt/srv/minions mkdir -p /data/salt/pillar mkdir -p /data/salt/formulas mkdir -p /data/salt/formulas/base cp /etc/yum.repos.d/epel_aliyun.repo /data/salt/srv/minions/yum.repos.d/. cp /etc/yum.repos.d/salt.repo /data/salt/srv/minions/yum.repos.d/. ftp /etc/salt/ ftp /data/salt/srv/ ftp /data/salt/srv/minions/ ftp /data/salt/pillar/ cd /data/salt/formulas git clone https://github.com/Arthurgyh/salt_intranet cd salt_intranet git pull git submodule update init #调试: salt-master -l debug salt --version salt-api --version salt-ssh --version systemctl enable salt-master.service service salt-master start service salt-master stop 调整配置: mv /etc/salt/* /data/salt/master/.
客户端
yum install salt-minion salt-minion -l debug salt '*' state.sls_id minion_custom_states minions.install
接受客户端
salt-key -L salt-key -a aliyun_guo -y salt-key -a zsweb5 -y salt-key -a zsmd1 -y salt-key -d zsmd2 -y salt-key -D #delete all
服务器端 salt-ssh
yum install salt-ssh -y salt-ssh '*' test.ping -i
测试
salt 'zsmd2' pillar.data nginx
更新配置
yum install salt-ssh -y salt '*' state.highstate
一些扩展
nodegroups.py 根据 master的nodegroups配置, 生成 pillar
mkdir -p /srv/salt/ext/pillar cp /usr/lib/python2.7/site-packages/salt/pillar/nodegroups.py /srv/salt/ext/pillar/.
使用方法, salt'pillar.get'
安装GUI
1 [2]https://github.com/Lothiraldan/saltpad/blob/master/docs/installation/salt-api-cherrypy-cors.md
curl -i http://localhost:8000/ curl -i -H accept=application/json -d username=dev -d password=dev -d eauth=pam http://localhost:8000/login mkdir -p /data/tmp/saltpad /data/aps/saltpad /data/tmp/softs cd /data/tmp/softs wget https://github.com/Lothiraldan/saltpad/releases/download/v0.3.1/dist.zip unzip dist.zip -d /data/tmp/saltpad mv /data/tmp/saltpad /data/aps/saltpad/
经验教训
yaml 配置文件, 冒号后面必须要有空格。