本文共 3799 字,大约阅读时间需要 12 分钟。
saltstack的安装和初步试用体验
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 | 1. 本例中,主机server200-21为salt-master,其他主机为salt-minion 2. 【salt-master】 安装: [root@server200-21 download] # yum install salt-master 启动服务: [root@server200-21 download] # service salt-master start Starting salt-master daemon: [ OK ] 防火墙放行端口:4505:4506 (接下来先跳转到第3步,配置一个minion) 列出salt-key: salt-key -L 最初没有需要accept的key: [root@server200-21 ~] # salt-key -L Accepted Keys: Unaccepted Keys: Rejected Keys: 有minion申请连接到master后: [root@server200-21 ~] # salt-key -L Accepted Keys: Unaccepted Keys: test230 Rejected Keys: 可以accept所有被pending的key: salt-key -A 也可以accept指定key [root@server200-21 ~] # salt-key -a test230 The following keys are going to be accepted: Unaccepted Keys: test230 Proceed? [n /Y ] y Key for minion test230 accepted. 附上【salt-key】常用命令 Actions: -l ARG, --list=ARG List the public keys. The args "pre" , "un" , and "unaccepted" will list unaccepted /unsigned keys. "acc" or "accepted" will list accepted /signed keys. "rej" or "rejected" will list rejected keys. Finally, "all" will list all keys. -L, --list-all List all public keys. (Deprecated: use "--list all" ) -a ACCEPT, --accept=ACCEPT Accept the specified public key (use --include-all to match rejected keys in addition to pending keys). Globs are supported. -A, --accept-all Accept all pending keys -r REJECT, --reject=REJECT Reject the specified public key (use --include-all to match accepted keys in addition to pending keys). Globs are supported. -R, --reject-all Reject all pending keys --include-all Include non-pending keys when accepting /rejecting -p PRINT, --print=PRINT Print the specified public key -P, --print-all Print all public keys -d DELETE, --delete=DELETE Delete the specified key. Globs are supported. -D, --delete-all Delete all keys -f FINGER, --finger=FINGER Print the specified key's fingerprint -F, --finger-all Print all keys' fingerprints 3. 【salt-minion】 安装: [root@test230 download] # yum install salt-minion 配置master和自己的 id : [root@test230 download] # cat /etc/salt/minion |grep ^[^#] master: 10.0.200.21 id : test230 启动服务: [root@test230 download] # service salt-minion start Starting salt-minion daemon: [ OK ] 注意:master的端口需要开放才能访问。 [root@test230 download] # service salt-minion restart Stopping salt-minion daemon: [FAILED] Starting salt-minion daemon: [ OK ] 等待master接受minion的key master已接受 4. 测试 [root@server200-21 ~] # salt '*' test.ping test230: True 接下来,测试安装一个服务: 配置master: [root@server200-21 ~] # cat /etc/salt/master |grep -v ^$|grep -v ^# file_roots: base: - /srv/salt [root@server200-21 ~] # mkdir /srv/salt/ [root@server200-21 ~] # cd /srv/salt/ [root@server200-21 salt] # ls servers.sls top .sls [root@server200-21 salt] # cat top.sls base: '*' : - servers [root@server200-21 salt] # cat servers.sls dnsmasq: pkg: - installed 执行: [root@server200-21 salt] # salt '*' state.highstate test230: ---------- ID: dnsmasq Function: pkg.installed Result: True Comment: Package dnsmasq is already installed. Started: 16:58:12.932112 Duration: 1153.556 ms Changes: Summary ------------ Succeeded: 1 Failed: 0 ------------ Total states run: 1 [root@server200-21 salt] # salt '*' cmd.run 'rpm -qa |grep dns' test230: dnsmasq-2.48-13.el6.x86_64 查看: [root@test230 ~] # which dnsmasq /usr/sbin/dnsmasq |