centos yum安装saltstack

时间:2021-05-31 16:26:38

1.导入安装源

centos5

rpm -Uvh http://ftp.linux.ncsu.edu/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm

centos6

rpm -Uvh http://ftp.linux.ncsu.edu/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

2.安装salt软件包

master端

yum install salt-master

minion端(俗称的client端)

yum install salt-minion

3.配置修改

master端

[root@ldap ~]# sed -e 's/#.*//' -e '/^$/ d' /etc/salt/master
interface: 0.0.0.0
publish_port: 4505
user: root
max_open_files: 100000
ret_port: 4506
pidfile: /var/run/salt-master.pid
syndic_log_file: syndic.log
log_file: /var/log/salt/master
key_logfile: /var/log/salt/key
log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'

minion端

[root@monitor ~]# sed -e 's/#.*//' -e '/^$/ d' /etc/salt/minion
master: salt.server.365dw.cn
master_port: 4506
pidfile: /var/run/salt-minion.pid
pki_dir: /etc/salt/pki/minion
id: client01.server.365dw.cn
cachedir: /var/cache/salt/minion

4.重启服务端及客户端

master端:

/etc/init.d/iptables stop
/etc/init.d/salt-master restart

minion端:

/etc/init.d/iptables stop
/etc/init.d/salt-minion restart

5.证书认证

slat-key -L 查看后发现Unaccepted keys
[root@ldap ~]# salt-key -L
Accepted Keys:
Unaccepted Keys:
client01.server.365dw.cn
Rejected Keys: salt-key -A 认证,Proceed输入Y
[root@ldap ~]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
client01.server.365dw.cn
Proceed? [n/Y] Y
Key for minion client01.server.365dw.cn accepted. 再次salt-key -L查看,Unaccepted Keys未认证的客户端变成了accept的客户端。
[root@ldap ~]# salt-key -L
Accepted Keys:
client01.server.365dw.cn
Unaccepted Keys:
Rejected Keys:

6.测试,使用salt内置的cmd.run命令进行ping 测试。

[root@ldap ~]# salt '*' cmd.run 'ping -c1 www.365dw.cn'
client01.server.365dw.cn:
PING www.365dw.cn (112.124.43.79) 56(84) bytes of data.
64 bytes from 112.124.43.79: icmp_seq=1 ttl=128 time=12.5 ms --- www.365dw.cn ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 12.534/12.534/12.534/0.000 ms