saltstack安装部署以及简单实用

时间:2024-06-12 18:35:20

一,saltstack简介: 

    SaltStack是一种新的基础设施管理方法开发软件,简单易部署,可伸缩的足以管理成千上万的服务器,和足够快的速度控制,与他们交流,以毫秒为单位。

SaltStack提供了一个动态基础设施通信总线用于编排,远程执行、配置管理等等。SaltStack基于python开发,项目于2011年启动,年增长速度较快,五年期

固定基础设施编制和配置管理的开源项目。SaltStack社区致力于保持盐项目集中、友好、健康、开放。

(网上摘抄的,说白了saltStack就是一个自动化工具,可以实现对服务器的批量操作)

二、安装环境

saltstack支持大部分UNIX/Linux及Windows环境。本次安装的环境采用centos6

    host A:192.168.163.229:master

    host B:192.168.163.152:slaver

三,安装

host A:

[root@master ~]# yum install salt-master

[root@master ~]# yum install salt-minion

host B:

[root@slave ~]# yum install salt-minion

如果发现yum 源没有这个包,则需要配置yum 源。

[saltstack-repo]

    name=SaltStack repo for RHEL/CentOS $releasever

    baseurl=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/2016.11

    enabled=

    gpgcheck=

    gpgkey=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/2016.11/SALTSTACK-GPG-KEY.pub

至此,master和slaver安装完成(因为是测试,所以只安装了2台slaver,正式环境,每天机器都需要安装slaver)

四、master和slaver配置

master配置文件路径:/etc/salt/master

vim /etc/salt/master

#修改第16行

interface: 192.168.163.229

注意interface:后面有一个空格,后面再跟本机(master)的ip地址即可。保存文件,启动master。

[root@master ~]# /etc/init.d/salt-master start

Starting salt-master daemon:                               [确定]

[root@master ~]#

用ps命令查看进程,可以看到master启动成功

[root@master ~]# ps -ef| grep salt

root               : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root            : pts/    :: grep salt

修改slaver配置:

[root@master ~]# vim /etc/salt/minion

  #default_include: minion.d/*.conf

 13

 14 # Set the location of the salt master server. If the master server cannot be

 15 # resolved, then the minion will fail to start.

 16 #master: salt

 17 master: 192.168.163.229

 18

 19 # If multiple masters are specified in the 'master' setting, the default behavior

 20 # is to always try to connect to them in the order they are listed. If random_master is

 21 # set to True, the order will be randomized instead. This can be helpful in distributing

 22 # the load of many minions executing salt-call requests, for example, from a cron job.

 23 # If only one master is listed, this setting is ignored and a warning will be logged.

 24 # NOTE: If master_type is set to failover, use master_shuffle instead.

 25 #random_master: False

 26

 27 # Use if master_type is set to failover.

 28 #master_shuffle: False

 29

 30 # Minions can connect to multiple masters simultaneously (all masters

 31 # are "hot"), or can be configured to failover if a master becomes

 32 # unavailable.  Multiple hot masters are configured by setting this

 33 # value to "str".  Failover masters can be requested by setting

 34 # to "failover".  MAKE SURE TO SET master_alive_interval if you are

 35 # using failover.

 36 # master_type: str

 37

 38 # Poll interval in seconds for checking if the master is still there.  Only

 39 # respected if master_type above is "failover". To disable the interval entirely,

 40 # set the value to -1. (This may be necessary on machines which have high number

修改这个文件的第16行为 master: 192.168.163.229  。同样的master:后面有一个空格,后面的ip地址即为master的ip地址,这个很好理解。

修改id为  id: 192.168.163.229    。(在文件的第78行左右)

 # same machine but with different ids, this can be useful for salt compute

  # clusters.

  id: 192.168.163.229

  # Append a domain to a hostname in the event that it does not exist.  This is

  # useful for systems where socket.getfqdn() does not actually result in a

  # FQDN (for instance, Solaris).

  #append_domain:

id即是slaver的"身份证" ,可以自定义,也可以使用ip地址,但需要全局唯一。

保存文件后,启动slaver进程。

[root@master ~]# /etc/init.d/salt-minion start

Starting salt-minion daemon:                               [确定]

[root@master ~]#

[root@master ~]#

[root@master ~]# ps -ef |grep salt

root               : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root           : ?        :: /usr/bin/python2. /usr/bin/salt-master -d

root               : ?        :: /usr/bin/python2. /usr/bin/salt-minion -d

root            : pts/    :: grep salt

另一台host 只安装了slaver,因此只需要配置和启动slaver即可,方法和前面一样。

五,认证

master和slaver启动后,用命令salt-key查看

[root@master ~]# salt-key

Accepted Keys:

Denied Keys:

Unaccepted Keys:

192.168.163.152

192.168.163.229

Rejected Keys:

[root@master ~]#

[root@master ~]#

[root@master ~]#

[root@master ~]#

可以发现 Accepted Keys里面没有内容,Unaccpted Keys 里面有两条记录。刚好就是我们两台slaver,因为现在还没有认证过,所以需要先认证,才会变成Accepted状态。

[root@master minion]# salt-key -a 192.168.163.152

The following keys are going to be accepted:

Unaccepted Keys:

192.168.163.152

Proceed? [n/Y] Y

Key for minion 192.168.163.152 accepted.

[root@master minion]#

[root@master minion]# salt-key -a 192.168.163.229
The following keys are going to be accepted:
Unaccepted Keys:
192.168.163.229
Proceed? [n/Y] Y
Key for minion 192.168.163.229 accepted.
[root@master minion]#
[root@master minion]#
[root@master minion]#
[root@master minion]# salt-key
Accepted Keys:
192.168.163.152
192.168.163.229
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@master minion]#

 

到此完成了认证。

六,简单的salt命令

查看远程主机ip地址

root@master minion]# salt '192.168.163.152' cmd.run 'ifconfig'

192.168.163.152:

    eth1      Link encap:Ethernet  HWaddr :0C:::1E:A6

              inet addr:192.168.163.152  Bcast:192.168.163.255  Mask:255.255.255.0

              inet6 addr: fe80::20c:29ff:fe70:1ea6/ Scope:Link

              UP BROADCAST RUNNING MULTICAST  MTU:  Metric:

              RX packets: errors: dropped: overruns: frame:

              TX packets: errors: dropped: overruns: carrier:

              collisions: txqueuelen:

              RX bytes: (45.0 MiB)  TX bytes: (824.9 KiB)

    lo        Link encap:Local Loopback

              inet addr:127.0.0.1  Mask:255.0.0.0

              inet6 addr: ::/ Scope:Host

              UP LOOPBACK RUNNING  MTU:  Metric:

              RX packets: errors: dropped: overruns: frame:

              TX packets: errors: dropped: overruns: carrier:

              collisions: txqueuelen:

              RX bytes: (11.3 KiB)  TX bytes: (11.3 KiB)

    virbr0    Link encap:Ethernet  HWaddr :::CA:B4:D1

              inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0

              UP BROADCAST RUNNING MULTICAST  MTU:  Metric:

              RX packets: errors: dropped: overruns: frame:

              TX packets: errors: dropped: overruns: carrier:

              collisions: txqueuelen:

              RX bytes: (0.0 b)  TX bytes: (0.0 b)

[root@master minion]#

查看远程主机连通性

[root@master minion]# salt '192.168.163.152' test.ping

192.168.163.152:

    True

[root@master minion]#

好了,本次安装部署介绍完毕,其他salt命令以后再详细介绍。

相关文章