salt 介绍:
Salt,,一种全新的基础设施管理方式,部署轻松,在几分钟内可运行起来,扩展性好,很容易管理上万台服务器,速度够快,服务器之间秒级通讯。
salt底层采用动态的连接总线, 使其可以用于编配, 远程执行, 配置管理等等.
salt安装:
master:192.168.31.231 mongo1.example.com
minion:192.168.31.232 mongo2.example.com
minion:192.168.31.233 mongo3.example.com
修改/etc/hosts
192.168.31.231 mongo1.example.com
192.168.31.232 mongo2.example.com
192.168.31.233 mongo3.example.com
系统版本:
[root@mongo1 salt]# uname -r
2.6.32-431.el6.x86_64
[root@mongo1 salt]# uname -n
mongo1.example.com
[root@mongo1 salt]# cat /etc/redhat-release
CentOS release 6.5 (Final)
安装master:
[root@mongo1 ~]# rpm -ivh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
Retrieving http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
warning: /var/tmp/rpm-tmp.MJ9wJa: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing... ########################################### [100%]
1:epel-release ########################################### [100%]
[root@mongo1 ~]# yum install -y salt-master
修改/etc/salt/master文件:
添加:
publish_port: 4505 #监听salt的消息发布系统端口
ret_port: 4506 #salt客户端与服务端通信的端口
启动master服务:service salt-master start
安装minion:
[root@mongo2 ~]# rpm -ivh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
Retrieving http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
warning: /var/tmp/rpm-tmp.QcKooE: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing... ########################################### [100%]
1:epel-release ########################################### [100%]
[root@mongo2 ~]# yum install -y salt-minion
修改/etc/salt/minion文件:
添加:
master: mongo1.example.com
id: mongo2
启动minion服务:service salt-minion start
查看认证:
[root@mongo1 pki]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
mongo2
mongo3
Rejected Keys:
添加认证:
[root@mongo1 pki]# salt-key -a mongo2 The following keys are going to be accepted: Unaccepted Keys: mongo2 Proceed? [n/Y] y Key for minion mongo2 accepted. [root@mongo1 pki]# salt-key -L Accepted Keys: mongo2 Denied Keys: Unaccepted Keys: mongo3 Rejected Keys: [root@mongo1 pki]# salt-key -a mongo3 The following keys are going to be accepted: Unaccepted Keys: mongo3.example.com Proceed? [n/Y] y Key for minion mongo3 accepted. [root@mongo1 pki]# salt-key -L Accepted Keys: mongo2 mongo3 Denied Keys: Unaccepted Keys: Rejected Keys:
或者可以配置自动认证,在/etc/salt/master中添加auto_accept: True,重启master服务。
测试验证:
[root@mongo1 minions]# salt '*' test.ping mongo3: True mongo2: True
[root@mongo1 salt]# salt '*' cmd.run 'date' mongo3: Mon Sep 7 21:42:13 CST 2015 mongo2: Mon Sep 7 21:42:14 CST 2015 [root@mongo1 salt]# salt '*' cmd.run 'uptime' mongo3: 21:42:18 up 1:44, 1 user, load average: 0.00, 0.00, 0.00 mongo2: 21:42:20 up 1:44, 1 user, load average: 0.00, 0.00, 0.00
删除不需要的认证:
[root@mongo1 minions]# pwd /etc/salt/pki/master/minions [root@mongo1 minions]# ls mongo2 mongo2.example.com mongo3 mongo3.example.com [root@mongo1 minions]# rm -rf mongo2.example.com mongo3.example.com
简单测试脚本:
/srv/salt目录需要手动创建
[root@mongo1 minions]# cd /srv/salt/ [root@mongo1 salt]# ls test.sh [root@mongo1 salt]# cat test.sh #!/bin/bash echo "ni hao" [root@mongo1 salt]# salt '*' cmd.script salt://test.sh mongo3: ---------- pid: 2617 retcode: 0 stderr: stdout: ni hao mongo2: ---------- pid: 1733 retcode: 0 stderr: stdout: ni hao [root@mongo1 salt]#