centOS 6.5 部署SaltStack

xiaowei8782088 · 发表于 2018-4-25 08:29:46

环境

IP地址	角色	系统环境
192.168.3.110	master	CentOS 6.5
192.168.3.12	minion	CentOS 6.5

(1)、python 2.7安装
https://www.python.org/ftp/python/2.7.8/Python-2.7.8.tgz

# tar xvzf Python-2.7.8.tgz
# cd Python-2.7.8
# ./configure --prefix=/usr/local
# make --jobs=`grep processor /proc/cpuinfo | wc -l`
# make install

## 将python头文件拷贝到标准目录，以避免编译saltstack时，找不到所需的头文件

# cd /usr/local/include/python2.7
# cp -a ./* /usr/local/include/

## 备份旧版本的python，并符号链接新版本的python

# cd /usr/bin
# mv python python2.6
# ln -s /usr/local/bin/python

## 修改yum脚本，使其指向旧版本的python，已避免其无法运行
# vim /usr/bin/yum
#!/usr/bin/python --> #!/usr/bin/python2.6

(2)、PyYAML模块安装
http://pyyaml.org/download/libyaml/yaml-0.1.5.tar.gz
https://pypi.python.org/packages/source/P/PyYAML/PyYAML-3.11.tar.gz

# tar xvzf yaml-0.1.5.tar.gz# cd yaml-0.1.5
# ./configure --prefix=/usr/local
# make --jobs=`grep processor /proc/cpuinfo | wc -l`
# make install
# tar xvzf PyYAML-3.11.tar.gz
# cd PyYAML-3.11
# python setup.py install

(3)、setuptools模块安装
https://pypi.python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz

# tar xvzf setuptools-7.0.tar.gz
# cd setuptools-7.0
# python setup.py install

(4)、markupsafe模块安装
https://pypi.python.org/packages/source/M/MarkupSafe/MarkupSafe-0.9.3.tar.gz

# tar xvzf MarkupSafe-0.9.3.tar.gz
# cd MarkupSafe-0.9.3
# python setup.py install

(5)、jinja2模块安装
https://pypi.python.org/packages/source/J/Jinja2/Jinja2-2.7.3.tar.gz

# tar xvzf Jinja2-2.7.3.tar.gz
# cd Jinja2-2.7.3
# python setup.py install

(6)、autocon模块安装
http://ftp.gnu.org/gnu/autoconf/autoconf-2.69.tar.gz

注意：
系统自带的autoconf版本为2.63，在编译ZeroMQ时，由于版本较低，会报错不通过，故需安装大于2.63的版本。
# tar xvzf autoconf-2.69.tar.gz
# cd autoconf-2.69
# ./configure
# make
# make install

　　如果原来已经装过，还需要覆盖原来的。
cp /usr/local/bin/autoconf /usr/bin/
cp /usr/local/bin/autoreconf /usr/bin/

## 其他依赖库安装

# yum -y install libuuid.x86_64 libuuid-devel.x86_64
# yum -y install uuid.x86_64 uuid-devel.x86_64
# yum -y install uuid-c++.x86_64 uuid-c++-devel.x86_64

https://github.com/jedisct1/libsodium/archive/1.0.1.tar.gz

# tar xvzf libsodium-1.0.1.tar.gz
# cd libsodium-1.0.1
# ./autogen.sh
# ./configure --prefix=/usr/local
# make --jobs=`grep processor /proc/cpuinfo | wc -l`
# make install

./autogen.sh 报错：
Can't exec "aclocal": 没有那个文件或目录 at /usr/share/autoconf/Autom4te/FileUtils.pm line 326.
autoreconf: failed to run aclocal: 没有那个文件或目录

解决方法：

1	yum install automake

1
2
3
4
5
6
7

报错：
configure.ac:418: error: possibly undefined macro: AC_LIBTOOL_WIN32_DLL
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
autoreconf: /usr/bin/autoconf failed with exit status: 1
[size=1em]解决方法：
[size=1em]

yum install libtool

　　

http://download.zeromq.org/zeromq-4.0.5.tar.gz
https://pypi.python.org/packages/source/p/pyzmq/pyzmq-14.4.1.tar.gz

# tar xvzf zeromq-4.0.5.tar.gz
# cd zeromq-4.0.5
# ./autogen.sh
# ./configure --prefix=/usr/local
# make --jobs=`grep processor /proc/cpuinfo | wc -l`
# make install

# tar xvzf pyzmq-14.4.1.tar.gz
# cd pyzmq-14.4.1
# python setup.py configure --zmq=/usr/local
# python setup.py install

(7)、M2Crypto模块安装
# yum -y install swig.x86_64

http://www.openssl.org/source/openssl-1.0.1g.tar.gz

# tar xvzf openssl-1.0.1g.tar.gz
# cd openssl-1.0.1g
# ./config shared --prefix=/usr/local
# make && make install
cp -a /usr/local/include/openssl /usr/include/vim Python-2.7.8/Modules/Setup
# Socket module helper for socket(2)
_socket socketmodule.c timemodule.c
# Socket module helper for SSL support; you must comment out the other
# socket line above, and possibly edit the SSL variable:
#SSL=/usr/local/ssl
_ssl _ssl.c \
      -DUSE_SSL -I$(SSL)/include -I$(SSL)/include/openssl \
      -L$(SSL)/lib -lssl -lcrypto
取消那四行的注释

# vim/etc/ld.so.conf
/usr/local/lib
/usr/local/lib64

# /sbin/ldconfig

# cd Python-2.7.8
# make && make install

https://pypi.python.org/packages/source/M/M2Crypto/M2Crypto-0.22.3.tar.gz

# tar xvzf M2Crypto-0.22.3.tar.gz
# cd M2Crypto-0.22.3
# python setup.py install
saltstack安装
https://github.com/saltstack/salt/releases/download/v2014.7.0/salt-2014.7.0.tar.gz
# tar xvzf salt-2014.7.0.tar.gz
# cd salt-2014.7.0
# python setup.py install
# salt --versions-report
如果报错：
[root@jwh ~]#  salt --versions-report
Traceback (most recent call last):
  File "/usr/local/binlt", line 10, in <module>
salt_main()
  File "/usr/localb/python2.7/site-packageslt/scripts.py", line 466, in salt_main
import salt.cli.salt
  File "/usr/localb/python2.7/site-packageslt/clilt.py", line 9, in <module>
import salt.utils.job
  File "/usr/localb/python2.7/site-packageslt/utils/job.py", line 8, in <module>
import salt.minion
  File "/usr/localb/python2.7/site-packageslt/minion.py", line 20, in <module>
from salt.config import DEFAULT_MINION_OPTS
  File "/usr/localb/python2.7/site-packageslt/config.py", line 36, in <module>
import salt.syspaths
  File "/usr/localb/python2.7/site-packageslt/syspaths.py", line 108, in <module>
SPM_FORMULA_PATH = __generated_syspaths.SPM_FORMULA_PATH
AttributeError: 'module' object has no attribute 'SPM_FORMULA_PATH'
[root@jwh ~]#解决方法：
pip install --upgrade salt

[root@jwh ~]#  salt --versions-report
Salt Version:
         Salt: 2015.8.0
Dependency Versions:
         cffi: Not Installed
   cherrypy: Not Installed
   dateutil: Not Installed
      gitdb: Not Installed
   gitpython: Not Installed
      ioflo: 1.5.5
      Jinja2: 2.8
      libgit2: Not Installed
      libnacl: 1.4.5
   M2Crypto: 0.22
         Mako: 1.0.4
msgpack-pure: 0.1.3
msgpack-python: 0.4.8
mysql-python: Not Installed
   pycparser: Not Installed
   pycrypto: 2.6.1
      pygit2: Not Installed
      Python: 2.7.8 (default, Sep  1 2016, 22:45:32)
python-gnupg: Not Installed
      PyYAML: 3.12
      PyZMQ: 15.4.0
         RAET: 0.6.5
      smmap: Not Installed
      timelib: Not Installed
      Tornado: 4.4.1
         ZMQ: 4.1.5
System Versions:
         dist: centos 6.5 Final
      machine: x86_64
      release: 2.6.32-431.el6.x86_64
      system: Linux
      version: CentOS 6.5 Final
[root@jwh ~]#　　

SaltStack配置
(1)、master端

# mkdir /etc/salt
# cp -a conf/master /etc/salt/
# cp -a pkg/suse/salt-master /etc/init.d/
# chmod +x /etc/init.d/salt-master
# chkconfig --level 235 salt-master on

# mkdir -p /var/log/salt /srv/salt

# vim /etc/salt/master
interface: 192.168.3.110
auto_accept: True

# ln -s /usr/local/bin/salt-master /usr/bin/
# service salt-master start
[root@jwh salt-2014.7.0]# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address             Foreign Address          State    PID/Program name
tcp       0    0 0.0.0.0:49359             0.0.0.0:*                LISTEN    1339/rpc.statd
tcp       0    0 0.0.0.0:111                0.0.0.0:*                LISTEN    1293/rpcbind
tcp       0    0 0.0.0.0:22                0.0.0.0:*                LISTEN    1512/sshd
tcp       0    0 127.0.0.1:631             0.0.0.0:*                LISTEN    1394/cupsd
tcp       0    0 192.168.3.110:4505       0.0.0.0:*                LISTEN    2064/python
tcp       0    0 127.0.0.1:25             0.0.0.0:*                LISTEN    1600/master
tcp       0    0 192.168.3.110:4506       0.0.0.0:*                LISTEN    2168/python
tcp       0    0 :::111                   :::*                      LISTEN    1293/rpcbind
tcp       0    0 :::22                      :::*                      LISTEN    1512/sshd
tcp       0    0 ::1:631                   :::*                      LISTEN    1394/cupsd
tcp       0    0 ::1:25                   :::*                      LISTEN    1600/master
tcp       0    0 :::43813                   :::*                      LISTEN    1339/rpc.statd
[root@jwh salt-2014.7.0]#[root@jwh salt-2014.7.0]#  ps aux | grep python
root    2062  0.2  6.5 359184 15524 ?       S 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2063  0.0  2.2 354132  5428 ?       S 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2064  0.0  2.7 367108  6584 ?       Sl 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2067  0.0  3.1 357000  7368 ?       S 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2069  1.1 10.3 366748 24392 ?       S 10:35 0:04 /usr/local/bin/python /usr/bin/salt-master -d
root    2156  0.8  7.1 910700 16932 ?       Sl 10:35 0:02 /usr/local/bin/python /usr/bin/salt-master -d
root    2157  0.0  6.6 359184 15624 ?       S 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2168  0.0  6.7 607012 15972 ?       Sl 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2175  0.8  9.1 372552 21572 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    2176  0.8  9.1 372552 21576 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    2177  0.8  9.1 372556 21584 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    2178  0.8  9.1 372556 21576 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    2179  0.8  9.1 372556 21588 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    3363  0.0  0.3 103256 840 pts/0 S+ 10:41 0:00 grep python
[root@jwh salt-2014.7.0]#minion端
# mkdir /etc/salt
# cp -a conf/minion /etc/salt/
# cp -a pkg/suse/salt-minion /etc/init.d/
# chmod +x /etc/init.d/salt-minion
# chkconfig --level 235 salt-minion on

# mkdir -p /var/log/salt

# vim /etc/salt/minion
master: 192.168.3.110

# ln -s /usr/local/bin/salt-minion /usr/bin/
# service salt-minion start
[root@jwh salt-2014.7.0]#  ps aux | grep python
root    2062  0.2  6.5 359184 15524 ?       S 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2063  0.0  2.2 354132  5428 ?       S 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2064  0.0  2.7 367108  6584 ?       Sl 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2067  0.0  3.1 357000  7368 ?       S 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2069  1.1 10.3 366748 24392 ?       S 10:35 0:04 /usr/local/bin/python /usr/bin/salt-master -d
root    2156  0.8  7.1 910700 16932 ?       Sl 10:35 0:02 /usr/local/bin/python /usr/bin/salt-master -d
root    2157  0.0  6.6 359184 15624 ?       S 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2168  0.0  6.7 607012 15972 ?       Sl 10:35 0:00 /usr/local/bin/python /usr/bin/salt-master -d
root    2175  0.8  9.1 372552 21572 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    2176  0.8  9.1 372552 21576 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    2177  0.8  9.1 372556 21584 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    2178  0.8  9.1 372556 21576 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    2179  0.8  9.1 372556 21588 ?       Sl 10:35 0:03 /usr/local/bin/python /usr/bin/salt-master -d
root    3363  0.0  0.3 103256 840 pts/0 S+ 10:41 0:00 grep python　　SaltStack简单使用
## 查看当前的salt key信息
# salt-key -L
[root@jwh salt-2014.7.0]# salt-key -L
Accepted Keys:
jiang.jwhdomain
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@jwh salt-2014.7.0]#　　## 测试被控主机的连通性
# salt '*' test.ping
[root@jwh salt-2014.7.0]# salt '*' test.ping
jiang.jwhdomain:
True
[root@jwh salt-2014.7.0]#　　远程命令执行测试
# salt '*' cmd.run 'uptime'
[root@jwh salt-2014.7.0]# salt '*' cmd.run 'uptime'
jiang.jwhdomain:
   10:56:06 up 24 min,  3 users,  load average: 0.05, 0.37, 0.57
[root@jwh salt-2014.7.0]#　　## 根据被控主机的grains信息进行匹配过滤
# # salt -G 'os:Centos' test.ping
[root@jwh salt-2014.7.0]# salt -G 'os:Centos' test.ping
jiang.jwhdomain:
True
[root@jwh salt-2014.7.0]#　　## 显示被控主机的操作系统类型
# salt '*' grains.item os
[root@jwh salt-2014.7.0]# salt '*' grains.item os
jiang.jwhdomain:
----------
os:
      CentOS
[root@jwh salt-2014.7.0]#　　## 远程代码执行测试
# salt '*' cmd.exec_code python 'import sys; print sys.version'
[root@jwh salt-2014.7.0]# salt '*' cmd.exec_code python 'import sys; print sys.version'
jiang.jwhdomain:
2.7.8 (default, Sep  1 2016, 22:45:32)
[GCC 4.4.7 20120313 (Red Hat 4.4.7-17)]
[root@jwh salt-2014.7.0]#　　

常用模块介绍
(1)、cp模块（实现远程文件、目录的复制，以及下载URL文件等操作）
## 将主服务器file_roots指定位置下的目录复制到被控主机
# salt '*' cp.get_dir salt://hellotest /data

##将主服务器file_roots指定位置下的文件复制到被控主机
# salt '*' cp.get_file salt://hellotest/rocketzhang /root/rocketzhang

## 下载指定URL内容到被控主机指定位置
# salt '*' cp.get_url http://xxx.xyz.com/download/0/files.tgz /root/files.tgz

(2)、cmd模块（实现远程的命令行调用执行）
# salt '*' cmd.run 'netstat -ntlp'

[root@jwh salt-2014.7.0]# salt '*' cmd.run 'ifconfig'
jiang.jwhdomain:
eth1    Link encap:Ethernet  HWaddr 00:0C:29:23:28:A8
            inet addr:192.168.3.12  Bcast:192.168.3.255  Mask:255.255.255.0
            inet6 addr: fe80::20c:29ff:fe23:28a8/64 Scope:Link
            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
            RX packets:725 errors:0 dropped:0 overruns:0 frame:0
            TX packets:591 errors:0 dropped:0 overruns:0 carrier:0
            collisions:0 txqueuelen:1000
            RX bytes:71530 (69.8 KiB)  TX bytes:80196 (78.3 KiB)
lo       Link encap:Local Loopback
            inet addr:127.0.0.1  Mask:255.0.0.0
            inet6 addr: ::1/128 Scope:Host
            UP LOOPBACK RUNNING  MTU:16436  Metric:1
            RX packets:184 errors:0 dropped:0 overruns:0 frame:0
            TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
            collisions:0 txqueuelen:0
            RX bytes:15824 (15.4 KiB)  TX bytes:15824 (15.4 KiB)
[root@jwh salt-2014.7.0]#(3)、cron模块（实现被控主机的crontab操作）
## 为指定的被控主机、root用户添加crontab信息
# salt '*' cron.set_job root '*/5' '*' '*' '*' '*' 'date >/dev/null 2>&1'
# salt '*' cron.raw_cron root

## 删除指定的被控主机、root用户的crontab信息
# salt '*' cron.rm_job root 'date >/dev/null 2>&1'
# salt '*' cron.raw_cron root

(4)、dnsutil模块（实现被控主机通用DNS操作）
## 为被控主机添加指定的hosts主机配置项
# salt '*' dnsutil.hosts_append /etc/hosts 127.0.0.1 rocketzhang.qq.com

(5)、file模块（被控主机文件常见操作，包括文件读写、权限、查找、校验等）
# salt '*' file.get_sum /etc/resolv.conf md5
# salt '*' file.stats /etc/resolv.conf
更多功能可以看文档哈 ^_^

(6)、network模块（返回被控主机网络信息）
# salt '*' network.ip_addrs
# salt '*' network.interfaces
更多功能可以看文档哈 ^_^

(7)、pkg包管理模块（被控主机程序包管理，如yum、apt-get等）
# salt '*' pkg.install nmap
# salt '*' pkg.file_list nmap

(8)、service 服务模块（被控主机程序包服务管理）
# salt '*' service.enable crond
# salt '*' service.disable crond
# salt '*' service.status crond
# salt '*' service.stop crond
# salt '*' service.start crond
# salt '*' service.restart crond
# salt '*' service.reload crond
　　

　　Salt Master报错:Minion did not return. [No response] | Polar Snow
　　https://docs.20150509.cn/2015/11/23/Salt-Master%e6%8a%a5%e9%94%99-Minion-did-not-return-No-response/
　　

账号		自动登录	找回密码
密码			立即注册

Centos6.5×64安装配置openmeetings3.0.3详

大疆运维招人啦，

C++ :try 语句块和异常处理

C++的多态

Red Hat RHCE 8 (EX294) Cert Guide

Java/C++ 区别：看完这一篇，就够用！

别再用过时库了！这 13 个顶级 C++ 库才是

[经验分享] centOS 6.5 部署SaltStack

浏览过的版块

扫码加入运维网微信交流群