saltstack(1)
自动化运维工具:saltstack配置yum源:(解决依赖性)
两台虚拟机:
dd4:yum install salt-master
dd5:yum install salt-minion
dd5:vim /etc/salt/minion (指定master)
注意:master和minion之间通信是要有证书的所以两台虚拟机要时间同步,要有解析
/etc/init.d/salt-minion start
dd4:/etc/init.d/salt-master start
master 与minion之间交流要有key (为了安全起见)
dd4:
salt-key -L (列出钥匙)
Accepted Keys:
Denied Keys:
Unaccepted Keys:
dd5.example.com
salt-key -A (拿到钥匙)
The following keys are going to be accepted:
Unaccepted Keys:
dd5.example.com
Proceed? y
Key for minion dd5.example.com accepted.
测试:(支持操作一个网段的主机)
cmd.run(远程模块 支持任何shell脚本)
模块远程安装httpd:(base)
dd4:vim /etc/salt/master (注意格式 空格空格 !!!)
file_roots:
base:
-/srv/salt
/etc/init.d/salt-master restart
mkdir /srv/salt/httpd
mkdir file
vim apache.sls(必需要以.sls结尾) (pkgfile service都是所调用的模块 下面是模块调用的方法)
apache-install: (安装软件包)
pkg.installed:
- name:httpd
apache-config: (更改配置文件)
file.managed:
- name:/etc/httpd/conf/httpd.conf
- source:salt://httpd/file/httpd.conf
- mode:644
- user:root
- group:root
-require:
- pkg:apache-install (这个写的是> apache-service: (启动服务)
service.running:
- name:httpd
- enable:Ture (开机自启)
-> - watch: (minion与master之间建立更改联系)
- file:apache-config
默认md5方式加密传输:
dd4:cd /srv/salt/httpd/file
md5sum httpd.conf
dd5:cd /var/cache/salt/minion/files/base/httpd/file
md5sum httpd.conf
测试:
不同服务对应不同虚拟机:(再开一台虚拟机 dd3 本地要有解析)
cd /srv/salt
vim top.sls
base:
'dd5.example.com':
-httpd.apache
'dd3.example.com':
-httpd.apache
源码安装:
cd /srv/salt/nginx
vim install.sls
nginx-install:
pkg.installed:
- pkgs:
- gcc
-pcre-devel
-openssl-devel
file.managed: (把服务器端的源码推到客户端的哪里)
- name:/mnt/nginx-1.10.1.tar.gz (放到客户端的哪里)
- source:salt://nginx/file/nginx-1.10.1.tar.gz (来源:服务端的资源在哪里 客户端去哪里找 )
cmd.run:
- name:cd /mnt;tar zxf nginx-1.10.1.tar.gz;cd nginx-1.10.1;./configure--prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module--with-file-aio --with-threads &> /dev/null && make &>/dev/null && make install &> /dev/null
-creates: /usr/local/nginx (如果存在就不执行)
- unless:test -d /usr/local/nginx(第二种方式除非这个目录不存在时安装)
测试: salt 'dd3.example.com' state.slsnginx.install
源码安装nginx升级版:
cd /srv/salt
mkdir pkg
vim install.sls
pkg-install:
pkg.installed:
- pkgs:
- gcc
-pcre-devel
-openssl-devel
mkdir user
vim nginx.sls
nginx-user:
group.present:
- name:nginx
- gid:1000
user.present:
- name:nginx
- uid:1000
- gid:1000
- shell:/sbin/nologin
cd /srv/salt/nginx
vim install.sls
include:
-pkg.install
-user.nginx
nginx-source:
file.managed:
- name:/mnt/nginx-1.10.1.tar.gz
- source:salt://nginx/file/nginx-1.10.1.tar.gz
nginx-install:
cmd.run:
- name:cd /mnt;tar zxf nginx-1.10.1.tar.gz;cd nginx-1.10.1;./configure--prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module--with-http_stub_status_module --with-file-aio --with-threads &>/dev/null && make &> /dev/null && make install &>/dev/null
-creates: /usr/local/nginx
-require:
- pkg: pkg-install
- file:nginx-source
- user: nginx-user
nginx服务的配置:
cd /srv/salt/nginx
vim service.sls
include:
-nginx.install
nginx-config:
file.managed:
- name:/usr/local/nginx/conf/nginx.conf
- source:salt://nginx/file/nginx.conf
nginx-init:
file.managed:
- name: /etc/init.d/nginx
- source:salt://nginx/file/nginx
-mode: 755
cmd.run:
- name:chkconfig --add nginx
- unless:chkconfig --list nginx
-require:
- file:nginx-init
service.running:
- name:nginx
- enable:True
-> - watch:
- file: nginx-config
nginx+haproxy (用haproxy做负载均衡)
dd1dd3 dd4 dd22(haproxy)
mkdir/srv/salt/haproxy/
vimhaproxy.sls
Vim /file/haproxy.cfg
cd /srv/salt
vim top.sls
base:
'dd3.example.com':
- nginx.nginx
'dd4.example.com':
-nginx.nginx
'dd22.example.com':
-haproxy.haproxy
页:
[1]