|
|
satlstack号称自动化运维的利器,那么saltstack能不能实现自身的批量部署呢?如果你也有这样的疑问,那么就更要看这篇文章了。答案当然是肯定的啦!saltstack可以利用salt-ssh来实现自身的批量部署。首先看待salt-ssh,很容易想到它是一个依赖 ssh 来进行远程命令执行的工具,这样做的好处是你不必在客户端安装minion程序,就可以实现远程命令的执行,而且salt-ssh支持salt的绝大部分功能。 既然不安装minion端,那么master怎样识别到客户端并与客户端进行通信呢?这里主要使用的是一个roster 配置文件来实现的,首先我们来看下环境:
hadoop0.updb.com 192.168.0.100 OS:CentOS 6.5 Role:master
uadoop4.updb.com 192.168.0.204 OS:CentOS 6.5 Role:minion
uadoop5.updb.com 192.168.0.205 OS:CentOS 6.5 Role:minion
在开始实验之前,uadoop4、uadoop5两个节点上是不存在minion服务的,最终的目的是通过salt-ssh在uadoop4、uadoop5上自动化部署好minion端。
首先,我们来配置roster状态文件,让master能够与uadoop4、uadoop5来通信
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
| ## 在/etc/salt/目录下创建roster文件,内容如下
[iyunv@hadoop0 ~]# cat /etc/salt/roster
uadoop4:
host: 192.168.0.204 ## 主机
user: root ## ssh连接的用户名
passwd: upbjsxt ## ssh连接的密码
port: 22 ## 端口
timeout: 3
uadoop5:
host: 192.168.0.205 ## 主机
user: root ## ssh连接的用户名
passwd: upbjsxt ## ssh连接的密码
port: 22 ## 端口
timeout: 3
## 不需要重启master服务就可以使用salt-ssh来测试
[iyunv@hadoop0 ~]# salt-ssh 'uadoop[4,5]' test.ping
uadoop5:
True
uadoop4:
True
## 需要注意的是,由于salt-ssh并没有继承salt的zeroMQ,所以执行起来要慢的多,-r选项可以执行系统命令
[iyunv@hadoop0 ~]# salt-ssh 'uadoop[4,5]' -r 'free -m'
uadoop4:
----------
retcode:
0
stderr:
stdout:
total used free shared buffers cached
Mem: 988 174 814 0 35 55
-/+ buffers/cache: 83 905
Swap: 2047 0 2047
uadoop5:
----------
retcode:
0
stderr:
stdout:
total used free shared buffers cached
Mem: 988 172 815 0 34 55
-/+ buffers/cache: 82 906
Swap: 2047 0 2047
|
ok,你会发现使用salt-ssh也是件非常简单的事情,接下来进入minion的批量部署,如下
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
| ## 将所有的与minion部署相关的文件全部放在/srv/salt/epel目录下
[iyunv@hadoop0 epel]# pwd
/srv/salt/epel
[iyunv@hadoop0 epel]# tree -f
.
├── ./epel-release-6-8.noarch.rpm
└── ./salt_install.sls
0 directories, 2 files
## salt_install文件内容
[iyunv@hadoop0 epel]# cat salt_install.sls
## 首先要安装epel扩展源,然后才能使用yum的方式安装salt-minion
epel_install:
file.managed:
- name: /tmp/epel-release-6-8.noarch.rpm ## 指定4、5节点的epel安装包的存放路径
- source: salt://epel/epel-release-6-8.noarch.rpm ## 指定从master的哪个位置拷贝epel的rpm包
- user: root ## 文件的拥有者
- group: root ## 文件的所属组
cmd.run:
- name: rpm -ivh /tmp/epel-release-6-8.noarch.rpm ## 执行rpm包的安装
- unless: test -f /etc/yum.repos.d/epel.repo ## 如果存在这个文件就不再执行安装程序
- require:
- file: epel_install ## 安装epel包要在epel文件拷贝之后
cache_yum:
cmd.run:
- name: yum makecache ## 生成yum的缓存
- require:
- file: epel_install ## 生成缓存要在epel安装之后
salt_install:
pkg.installed: ## 安装salt-minion
- name: salt-minion
- require: ## 安装minion要在epel安装之后
- file: epel_install
## 远程执行
[iyunv@hadoop0 salt]# salt-ssh 'uadoop[4,5]' state.sls epel.salt_install
uadoop4:
----------
cmd_|-cache_yum_|-yum makecache_|-run:
----------
__run_num__:
2
changes:
----------
pid:
1993
retcode:
0
stderr:
stdout:
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* base: ftp.stust.edu.tw
* epel: ftp.cuhk.edu.hk
* extras: mirrors.btte.net
* updates: mirrors.btte.net
Metadata Cache Created
comment:
Command "yum makecache" run
name:
yum makecache
result:
True
cmd_|-epel_install_|-rpm -ivh /tmp/epel-release-6-8.noarch.rpm_|-run:
----------
__run_num__:
1
changes:
----------
pid:
1991
retcode:
0
stderr:
warning: /tmp/epel-release-6-8.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
stdout:
Preparing... ##################################################
epel-release ##################################################
comment:
Command "rpm -ivh /tmp/epel-release-6-8.noarch.rpm" run
name:
rpm -ivh /tmp/epel-release-6-8.noarch.rpm
result:
True
file_|-epel_install_|-/tmp/epel-release-6-8.noarch.rpm_|-managed:
----------
__run_num__:
0
changes:
----------
diff:
New file
mode:
0644
comment:
File /tmp/epel-release-6-8.noarch.rpm updated
name:
/tmp/epel-release-6-8.noarch.rpm
result:
True
pkg_|-salt_install_|-salt-minion_|-installed:
----------
__run_num__:
3
changes:
----------
PyYAML:
----------
new:
3.10-3.1.el6
old:
libyaml:
----------
new:
0.1.6-1.el6
old:
m2crypto:
----------
new:
0.20.2-9.el6
old:
openpgm:
----------
new:
5.1.118-3.el6
old:
python-babel:
----------
new:
0.9.4-5.1.el6
old:
python-backports:
----------
new:
1.0-3.el6.centos
old:
python-backports-ssl_match_hostname:
----------
new:
3.4.0.2-4.el6.centos
old:
python-chardet:
----------
new:
2.0.1-1.el6.centos
old:
python-crypto:
----------
new:
2.0.1-22.el6
old:
python-jinja2:
----------
new:
2.2.1-2.el6_5
old:
python-msgpack:
----------
new:
0.1.13-3.el6
old:
python-ordereddict:
----------
new:
1.1-2.el6.centos
old:
python-requests:
----------
new:
1.1.0-4.el6.centos
old:
python-six:
----------
new:
1.7.3-1.el6.centos
old:
python-urllib3:
----------
new:
1.5-7.el6.centos
old:
python-zmq:
----------
new:
14.3.1-1.el6
old:
salt:
----------
new:
2014.7.0-3.el6
old:
salt-minion:
----------
new:
2014.7.0-3.el6
old:
sshpass:
----------
new:
1.05-1.el6
old:
zeromq3:
----------
new:
3.2.4-1.el6
old:
comment:
The following packages were installed/updated: salt-minion.
name:
salt-minion
result:
True
uadoop5:
----------
cmd_|-cache_yum_|-yum makecache_|-run:
----------
__run_num__:
2
changes:
----------
pid:
1937
retcode:
0
stderr:
stdout:
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* base: mirror.neu.edu.cn
* epel: ftp.cuhk.edu.hk
* extras: mirror.neu.edu.cn
* updates: mirror01.idc.hinet.net
Metadata Cache Created
comment:
Command "yum makecache" run
name:
yum makecache
result:
True
cmd_|-epel_install_|-rpm -ivh /tmp/epel-release-6-8.noarch.rpm_|-run:
----------
__run_num__:
1
changes:
----------
pid:
1935
retcode:
0
stderr:
warning: /tmp/epel-release-6-8.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
stdout:
Preparing... ##################################################
epel-release ##################################################
comment:
Command "rpm -ivh /tmp/epel-release-6-8.noarch.rpm" run
name:
rpm -ivh /tmp/epel-release-6-8.noarch.rpm
result:
True
file_|-epel_install_|-/tmp/epel-release-6-8.noarch.rpm_|-managed:
----------
__run_num__:
0
changes:
----------
diff:
New file
mode:
0644
comment:
File /tmp/epel-release-6-8.noarch.rpm updated
name:
/tmp/epel-release-6-8.noarch.rpm
result:
True
pkg_|-salt_install_|-salt-minion_|-installed:
----------
__run_num__:
3
changes:
----------
PyYAML:
----------
new:
3.10-3.1.el6
old:
libyaml:
----------
new:
0.1.6-1.el6
old:
m2crypto:
----------
new:
0.20.2-9.el6
old:
openpgm:
----------
new:
5.1.118-3.el6
old:
python-babel:
----------
new:
0.9.4-5.1.el6
old:
python-backports:
----------
new:
1.0-3.el6.centos
old:
python-backports-ssl_match_hostname:
----------
new:
3.4.0.2-4.el6.centos
old:
python-chardet:
----------
new:
2.0.1-1.el6.centos
old:
python-crypto:
----------
new:
2.0.1-22.el6
old:
python-jinja2:
----------
new:
2.2.1-2.el6_5
old:
python-msgpack:
----------
new:
0.1.13-3.el6
old:
python-ordereddict:
----------
new:
1.1-2.el6.centos
old:
python-requests:
----------
new:
1.1.0-4.el6.centos
old:
python-six:
----------
new:
1.7.3-1.el6.centos
old:
python-urllib3:
----------
new:
1.5-7.el6.centos
old:
python-zmq:
----------
new:
14.3.1-1.el6
old:
salt:
----------
new:
2014.7.0-3.el6
old:
salt-minion:
----------
new:
2014.7.0-3.el6
old:
sshpass:
----------
new:
1.05-1.el6
old:
zeromq3:
----------
new:
3.2.4-1.el6
old:
comment:
The following packages were installed/updated: salt-minion.
name:
salt-minion
result:
True
## 根据反馈的结果看到已经安装成功
|
需要手动修改uadoop4、uadoop5上的minion配置文件,只用修改两行
1
2
3
4
5
6
| [iyunv@uadoop4 tmp]# vi /etc/salt/minion
master: 192.168.0.100
id: uadoop4
[iyunv@uadoop5 ~]# vi /etc/salt/minion
master: 192.168.0.100
id: uadoop5
|
master上远程启动uadoop4、uadoop5的minion服务
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
| [iyunv@hadoop0 epel]# salt-ssh 'uadoop[4,5]' -r '/etc/init.d/salt-minion restart'
uadoop5:
----------
retcode:
0
stderr:
stdout:
Stopping salt-minion daemon: [FAILED]
Starting salt-minion daemon: [ OK ]
uadoop4:
----------
retcode:
0
stderr:
stdout:
Stopping salt-minion daemon: [FAILED]
Starting salt-minion daemon: [ OK ]
|
启动成功,master上接受minions的认证请求
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
| [iyunv@hadoop0 epel]# salt-key -L
Accepted Keys:
hadoop1
hadoop2
hadoop3
hadoop4
hadoop5
uadoop0
uadoop1
uadoop2
uadoop3
Unaccepted Keys:
uadoop4
uadoop5
Rejected Keys:
[iyunv@hadoop0 epel]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
uadoop4
uadoop5
Proceed? [n/Y] Y
Key for minion uadoop4 accepted.
Key for minion uadoop5 accepted.
## 测试master与新部署的两个minions通信是否正常
[iyunv@hadoop0 epel]# salt 'uadoop[4,5]' test.ping
uadoop5:
True
uadoop4:
True
|
ok,通信正常,说明我们使用salt-ssh已经成功的部署好了两个节点上的minion,如果有很多个节点,那么使用salt-ssh是很容易完成minions的批量部署的,而且salt-ssh也常用在master对不能安装minion服务的主机远程命令的执行。除了自身的执行速度较慢之外,salt-ssh还是足够强大,能够满足我们的需求。本文中需要手动修改每个节点minion的配置文件,因为每个minion id是不一样的,所以这个问题还是没有办法避免,好在minion配置文件需要我们修改的地方只有两行,所以这个问题就不是什么问题了。
|
|
|
[复制链接]
QQ群⑧:
窥视卡
雷达卡
发表于 2014-11-17 14:03:44
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡
