一,saltstack简介:
SaltStack是一种新的基础设施管理方法开发软件,简单易部署,可伸缩的足以管理成千上万的服务器,和足够快的速度控制,与他们交流,以毫秒为单位。
SaltStack提供了一个动态基础设施通信总线用于编排,远程执行、配置管理等等。SaltStack基于python开发,项目于2011年启动,年增长速度较快,五年期
固定基础设施编制和配置管理的开源项目。SaltStack社区致力于保持盐项目集中、友好、健康、开放。
(网上摘抄的,说白了saltStack就是一个自动化工具,可以实现对服务器的批量操作)
二、安装环境
saltstack支持大部分UNIX/Linux及Windows环境。本次安装的环境采用centos6
host A:192.168.163.229:master
host B:192.168.163.152:slaver
三,安装
host A:
[iyunv@master ~]# yum install salt-master[iyunv@master ~]# yum install salt-minion
host B:
[iyunv@slave ~]# yum install salt-minion
如果发现yum 源没有这个包,则需要配置yum 源。
[saltstack-repo] name
=SaltStack repo for RHEL/CentOS $releasever baseurl
=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/2016.11 enabled=1
gpgcheck=1
gpgkey=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/2016.11/SALTSTACK-GPG-KEY.pub
至此,master和slaver安装完成(因为是测试,所以只安装了2台slaver,正式环境,每天机器都需要安装slaver)
四、master和slaver配置
master配置文件路径:/etc/salt/master
vim /etc/salt/master
#修改第16行
interface:
192.168.163.229
注意interface:后面有一个空格,后面再跟本机(master)的ip地址即可。保存文件,启动master。
[iyunv@master ~]# /etc/init.d/salt-master start
Starting salt
-master daemon: [确定]
[iyunv@master
~]#
用ps命令查看进程,可以看到master启动成功
[iyunv@master ~]# ps -ef| grep salt
root
91637 1 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91638 91637 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91639 91637 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91640 91637 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91641 91637 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91646 91641 1 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91647 91641 1 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91653 91641 1 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91655 91641 1 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91660 91641 1 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91661 91641 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
92056 2971 0 18:02 pts/0 00:00:00 grep salt
修改slaver配置:
[iyunv@master ~]# vim /etc/salt/minion
12 #default_include: minion.d/*.conf 13
14 # Set the location of the salt master server. If the master server cannot be
15 # resolved, then the minion will fail to start.
16 #master: salt
17 master: 192.168.163.229
18
19 # If multiple masters are specified in the 'master' setting, the default behavior
20 # is to always try to connect to them in the order they are listed. If random_master is
21 # set to True, the order will be randomized instead. This can be helpful in distributing
22 # the load of many minions executing salt-call requests, for example, from a cron job.
23 # If only one master is listed, this setting is ignored and a warning will be logged.
24 # NOTE: If master_type is set to failover, use master_shuffle instead.
25 #random_master: False
26
27 # Use if master_type is set to failover.
28 #master_shuffle: False
29
30 # Minions can connect to multiple masters simultaneously (all masters
31 # are "hot"), or can be configured to failover if a master becomes
32 # unavailable. Multiple hot masters are configured by setting this
33 # value to "str". Failover masters can be requested by setting
34 # to "failover". MAKE SURE TO SET master_alive_interval if you are
35 # using failover.
36 # master_type: str
37
38 # Poll interval in seconds for checking if the master is still there. Only
39 # respected if master_type above is "failover". To disable the interval entirely,
40 # set the value to -1. (This may be necessary on machines which have high number
修改这个文件的第16行为 master: 192.168.163.229 。同样的master:后面有一个空格,后面的ip地址即为master的ip地址,这个很好理解。
修改id为 id: 192.168.163.229 。(在文件的第78行左右)
77 # same machine but with different>78 # clusters.79>80 81 # Append a domain to a hostname in the event that it does not exist. This is
82 # useful for systems where socket.getfqdn() does not actually result in a
83 # FQDN (for instance, Solaris).
84 #append_domain:
id即是slaver的"身份证" ,可以自定义,也可以使用ip地址,但需要全局唯一。
保存文件后,启动slaver进程。
[iyunv@master ~]# /etc/init.d/salt-minion start
Starting salt
-minion daemon: [确定]
[iyunv@master
~]#
[iyunv@master
~]#
[iyunv@master
~]# ps -ef |grep salt
root
91637 1 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91638 91637 0 18:01 ? 00:00:01 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91639 91637 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91640 91637 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91641 91637 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91646 91641 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91647 91641 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91653 91641 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91655 91641 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91660 91641 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
91661 91641 0 18:01 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-master -d
root
92243 1 2 18:09 ? 00:00:00 /usr/bin/python2.6 /usr/bin/salt-minion -d
root
92264 2971 0 18:09 pts/0 00:00:00 grep salt
另一台host 只安装了slaver,因此只需要配置和启动slaver即可,方法和前面一样。
五,认证
master和slaver启动后,用命令salt-key查看
[iyunv@master ~]# salt-key
Accepted Keys:
Denied Keys:
Unaccepted Keys:
192.168.163.152
192.168.163.229
Rejected Keys:
[iyunv@master ~]#
[iyunv@master ~]#
[iyunv@master ~]#
[iyunv@master ~]#
可以发现 Accepted Keys里面没有内容,Unaccpted Keys 里面有两条记录。刚好就是我们两台slaver,因为现在还没有认证过,所以需要先认证,才会变成Accepted状态。
[iyunv@master minion]# salt-key -a 192.168.163.152
The following keys are going to be accepted:
Unaccepted Keys:
192.168.163.152
Proceed
? [n/Y] Y
Key
for minion 192.168.163.152 accepted.
[iyunv@master minion]#
[iyunv@master minion]# salt-key -a 192.168.163.229
The following keys are going to be accepted:
Unaccepted Keys:
192.168.163.229
Proceed? [n/Y] Y
Key for minion 192.168.163.229 accepted.
[iyunv@master minion]#
[iyunv@master minion]#
[iyunv@master minion]#
[iyunv@master minion]# salt-key
Accepted Keys:
192.168.163.152
192.168.163.229
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[iyunv@master minion]#
到此完成了认证。
六,简单的salt命令
查看远程主机ip地址
root@master minion]# salt '192.168.163.152' cmd.run 'ifconfig'
192.168.163.152:
eth1 Link encap:Ethernet HWaddr 00:0C:29:70:1E:A6
inet addr:192.168.163.152 Bcast:192.168.163.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe70:1ea6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:498824 errors:0 dropped:0 overruns:0 frame:0
TX packets:10915 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:47223551 (45.0 MiB) TX bytes:844785 (824.9 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:50 errors:0 dropped:0 overruns:0 frame:0
TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:11658 (11.3 KiB) TX bytes:11658 (11.3 KiB)
virbr0 Link encap:Ethernet HWaddr 52:54:00:CA:B4:D1
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[iyunv@master minion]#
查看远程主机连通性
[iyunv@master minion]# salt '192.168.163.152' test.ping
192.168.163.152:
True
[iyunv@master minion]#
好了,本次安装部署介绍完毕,其他salt命令以后再详细介绍。 | 
QQ群⑧:
窥视卡
雷达卡
发表于 2018-1-3 19:37:49
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡