Saltstack (modules、返回值cache、syndic、salt-ssh、API)
接上篇内容redhat6.5
server1 172.25.29.1 salt-master
server2 172.25.29.2 salt-minion
server3 172.25.29.3 salt-minion
server4 172.25.29.4 salt-mastersyndic
server5 172.25.29.5 salt-minion
一.Salt modules
1.创建_modules,my_disk.py模块
https://s4.51cto.com/oss/201710/19/4c65cf3328d99320417d7932f8bd21f8.png
2.同步模块
https://s4.51cto.com/oss/201710/19/c79c426feb7b4293a58a7caf20d73873.png
server5的缓存已经有了my_disk
https://s5.51cto.com/oss/201710/19/bad45d53524c92b0f53ee4bf2459e951.png
3.使用disk模块查询server5
https://s5.51cto.com/oss/201710/19/487fe5e92a35d3dc476bbe8c6834bbb3.png
二.salt采集数据的返回值保存到数据库里
采集数据的返回值事件在jobs下面,以文件显示
https://s5.51cto.com/oss/201710/19/2c7a35c1dd2de6ae43b019234a5ced7c.png
外部缓存
https://s5.51cto.com/oss/201710/19/e560efce32f4d35e4d776dc5d07a961c.png
1.安装mysql-python模块
https://s2.51cto.com/oss/201710/19/9329e68337e04feb07634fdff63f54ca.png
在minion server5上远程安装mysql-python模块
https://s4.51cto.com/oss/201710/19/821d74914eb6a6979a5e4fc5e0b50ba5.png
https://s4.51cto.com/oss/201710/19/bdceeffab185d98ed3246a666df1b909.png
2.在master server1上安装mysql-server,初始化设置密码
https://s4.51cto.com/oss/201710/19/724320d882a32275463d277e7d6800b7.png
https://s4.51cto.com/oss/201710/19/3f05e718dbcb0cabd1e5556b5246f585.png
3.创建salt数据,并导入mysql
https://s2.51cto.com/oss/201710/19/1be41db23918ca502d194558fef9b6ea.png
https://s1.51cto.com/oss/201710/19/a7987cf37c07c8dbf33a639e8bb89ba2.png
https://s3.51cto.com/oss/201710/19/6a6f8347149fc0e62b52ad8bd9ca0786.png
导入出现的错误需要注释数据内容
https://s2.51cto.com/oss/201710/19/987634824008a2ccf0b5719f276967f7.png
https://s3.51cto.com/oss/201710/19/86f35d4acd1f4ce3b1f2fb90e67cad11.png
4.在server5上安装mysql,创建salt用户
https://s3.51cto.com/oss/201710/19/f7f78474626b17688039841eefe1d366.png
https://s5.51cto.com/oss/201710/19/29d1e1b49f62b0416c617ff600a98511.png
5.修改配置/etc/salt/master文件,数据库地址为master server1
添加数据库配置
https://s3.51cto.com/oss/201710/19/76d7a628ccbd765798ef934bfb7ef846.png
https://s2.51cto.com/oss/201710/19/8384a11e420cd885011318a37751a549.png
6.测试采集的数据是否保存到master的数据库上
https://s2.51cto.com/oss/201710/19/3597ffd24c08431687d02d1bf3caaa4b.png
远程登陆master server1的数据库
https://s3.51cto.com/oss/201710/19/facfb96244f10c3188cdbc2a24c324e3.png
https://s3.51cto.com/oss/201710/19/235a0acba8e64a5fbb80a3560bb24972.png
数据已经保存
https://s2.51cto.com/oss/201710/19/e12f07151d35184b07b2bc5d05b163a7.png
三.salt采集数据的返回值保存到数据库里
主缓存
https://s5.51cto.com/oss/201710/19/36f3da7328b88e9569be37c41e5dde0c.png
1.在sevrer1上安装mysql-python模块
https://s5.51cto.com/oss/201710/19/7f779ff886dad4edea8cfd2b4b878560.png
2.注释之间server5上配置的外部缓存mysql设置,以免影响主缓存设置
https://s5.51cto.com/oss/201710/19/38344805b09293b060f756e75f174938.png
https://s4.51cto.com/oss/201710/19/5cf3000e0247ab6945352400fe219eb2.png
3.修改server1上的master设置
设置为主缓存
https://s4.51cto.com/oss/201710/19/20a7d96684b407937c4e95cf9aac583e.png
https://s4.51cto.com/oss/201710/19/70c4ff49d882e2f4dce24493b4b8ec08.png
4.采集数据
采集server5的所有项目
https://s4.51cto.com/oss/201710/19/1c950aca9302e64fa86703306bed660d.png
登陆数据库数据已经生成
https://s4.51cto.com/oss/201710/19/6140d52639e3eff360ae9803ed973dbb.png
https://s2.51cto.com/oss/201710/19/63650cd37e978c01650d39d09a492711.png
四.salt syndic
salt的基本设置是一个salt master指挥一组saltminion。syndic允许建立salt命令拓扑结构,它运行在一个master上,并且连接到另一个master。syndic所连接的master可以控制syndic和syndic下的minions
注意事项:各个 syndic 必须提供自己的file_roots目录,文件不会在 master-master 之间自动分发
syndic下边的minion执行的命令会执行syndic top里边的命令。
Syndic 必须运行在master上,并且连接到另一个master(比他更高级)
1.salt syndic配置
需要将server4变为master
https://s1.51cto.com/oss/201710/19/f9ea0134dad4ae2c2e4ba8f103bb9492.png
在server1上安装salt-syndic
https://s1.51cto.com/oss/201710/19/8d49c9a8a92df7f41e252b1f430ed85b.png
https://s1.51cto.com/oss/201710/19/1f4a6ffd528c521ce19dd92f41d55910.png
2.配置server4上的master文件
https://s4.51cto.com/oss/201710/19/8688be81c1231ef43315b1e62d715eae.png
开启base目录
https://s2.51cto.com/oss/201710/19/87b658b252489cdea57ce2e2d79b7021.png
开启pillar目录
https://s2.51cto.com/oss/201710/19/d121c853b138422ec2c23633a55e2653.png
https://s4.51cto.com/oss/201710/19/0c6764ae7f086aee2190f87c6557083e.png
3.设置server1上的syndic master
https://s4.51cto.com/oss/201710/19/1c9a62c071fec4f23ba8e7190ab1c09a.png
https://s4.51cto.com/oss/201710/19/bc7b6a4d953a3e2cbead52f2d3e4a4f7.png
4.在server4上添加server1的salt-key
https://s4.51cto.com/oss/201710/19/5e1b7099128885eb31cfc2fb7974d801.png
5.测试配置成功
https://s1.51cto.com/oss/201710/19/f212620fa1cb92b624b2afa672fc6103.png
五.salt ssh远程连接
salt需要安装和启动minion,这样master才能控制minion。对于远程执行命令,最常见的方法是用ssh,因为直接启动远程的sshd服务即可。salt ssh可以集成两者的优点,同时免安装minion又同时可以使用saltstack的功能特点。
1.安装salt-ssh
https://s4.51cto.com/oss/201710/19/6e57e15bd4447f92e9bd068e11ce9e79.png
2.将原先的其他服务关闭
https://s1.51cto.com/oss/201710/19/3894e71ba73fd66313dd8d413895e748.png
https://s1.51cto.com/oss/201710/19/0b2fd90636894ebe62b19dcc9b2ed76c.png
3.编辑roster文件
https://s1.51cto.com/oss/201710/19/3c8970f73d93310fcf530793959a2a19.png
https://s4.51cto.com/oss/201710/19/aa67bda8aecafe5c5af4daec9bdf11c1.png
4.测试salt ssh成功
https://s4.51cto.com/oss/201710/19/97c96c77e149cdc6739476dc11239fd7.png
六.salt api 安装
1.安装python-cherrypy模块和salt-api
https://s3.51cto.com/oss/201710/19/3c8a3d9442a980747cd50333116166a5.png
https://s4.51cto.com/oss/201710/19/069d4c164b5060807eda575bb73a502b.png
2.生成生成自签名证书
https://s1.51cto.com/oss/201710/19/1400d1d58de5003e9100c95b17d52f1f.png
报错,需要用openssl生成rsa私钥文件
https://s5.51cto.com/oss/201710/19/17acb2bc9187cc938f5259a25ad34ca7.png
生成自签名证书
https://s5.51cto.com/oss/201710/19/4f1640173aeb5d659f38c8d5edb44b09.png
3.配置salt-api ,配置eauth
https://s5.51cto.com/oss/201710/19/d9adcee3ed55a6897144a880254cdedb.png
vim /etc/salt/master.d/api.conf
https://s5.51cto.com/oss/201710/19/aeee46bb79dac447d38ad961d3acde86.png
vim /etc/salt/master.d/eauth.conf
https://s5.51cto.com/oss/201710/19/33a9e055b1692106f9d85715aa6f413f.png
4.创建saltapi用户,设置密码
https://s4.51cto.com/oss/201710/19/2d13e7c0ce071e02b9cac4701f29511f.png
https://s4.51cto.com/oss/201710/19/b311736ea9699adeab147e22f11b3c17.png
5.启动服务
https://s4.51cto.com/oss/201710/19/2539265fccc867f4156c317257476359.png
6.测试使用api
测试工具为操作系统自带的 curl
获取 token 后边的串为认证成功后获取的token串,之后可以不用再次输入密码,直接使用本Token即可
https://s5.51cto.com/oss/201710/19/f820b07e19345b6f4d21aa2d856359af.png
远程执行命令
https://s5.51cto.com/oss/201710/19/37f0ec79eb218cf6a9a5976cb2aa0e7e.png
https://s1.51cto.com/oss/201710/19/ebb5c65ba77f8ea50b50d297c3168c3d.png
7.利用网上的写好的py脚本测试api,需要自己写界面
列出key值
https://s4.51cto.com/oss/201710/19/9780faa73f20e62aee59785523645dc2.png
https://s1.51cto.com/oss/201710/19/618f4a729d90bb1aae4002eb9e946f2b.png
远程server5安装httpd
https://s1.51cto.com/oss/201710/19/9beb938d3142299f172ce93110351ce0.png
https://s1.51cto.com/oss/201710/19/43c7b623b950c753535f48c7c7dcb92c.png
远程server5安装nginx
https://s2.51cto.com/oss/201710/19/0d62552069937eff8f3a59ff084cb81f.png
https://s2.51cto.com/oss/201710/19/d1cfbc05937048c9748a18bdb25cae07.png
https://s2.51cto.com/oss/201710/19/a7afb85a63d7e2d62e6cc389be8480ec.png
页:
[1]