saltstack的部署安装[一]
这次试验使用的环境如下
[root@linux-node3 ~]# cat /etc/redhat-release CentOS release 6.8 (Final)
下载的慢可以使用下面这个源
#优化epel源 sed -i 's/mirrors.aliyun.com/mirror.tuna.tsinghua.edu.cn/g' /etc/yum.repos.d/*.repo
安装Saltstack在node3上安装master、minion在node4上安装minion
[root@linux-node3 ~]# yum install -y salt-master salt-minion
[root@linux-node4 ~]# yum install -y salt-minion
安装后查看安装了什么软件
[root@linux-node3 ~]# rpm -qa|grep salt salt-master-2015.5.10-2.el6.noarch salt-2015.5.10-2.el6.noarch salt-minion-2015.5.10-2.el6.noarch [root@linux-node4 ~]# rpm -qa|grep salt salt-minion-2015.5.10-2.el6.noarch salt-2015.5.10-2.el6.noarch
配置minion
# vim /etc/salt/minion 16 master: 192.168.56.13
启动前与启动后
[root@linux-node3 ~]# cd /etc/salt/ [root@linux-node3 salt]# tree . ├── master └── minion 0 directories, 2 files [root@linux-node3 salt]# salt-key # Accepted Keys: Denied Keys: Unaccepted Keys: Rejected Keys: [root@linux-node3 salt]# tree . ├── master ├── minion └── pki └── master ├── minions ├── minions_pre └── minions_rejected 5 directories, 2 files [root@linux-node3 salt]# salt-key -A # The following keys are going to be accepted: Unaccepted Keys: linux-node3.example.com linux-node4.example.com Proceed? [n/Y] y Key for minion linux-node3.example.com accepted. Key for minion linux-node4.example.com accepted. [root@linux-node3 salt]# tree . ├── master ├── minion ├── minion.d │ └── _schedule.conf ├── minion_id └── pki ├── master │ ├── master.pem │ ├── master.pub │ ├── minions │ │ ├── linux-node3.example.com │ │ └── linux-node4.example.com │ ├── minions_autosign │ ├── minions_denied │ ├── minions_pre │ └── minions_rejected └── minion ├── minion_master.pub ├── minion.pem └── minion.pub 9 directories, 11 files [root@linux-node3 salt]# /etc/init.d/salt-minion start Starting salt-minion daemon: [ OK ] [root@linux-node3 salt]# /etc/init.d/salt-master start Starting salt-master daemon: [ OK ] [root@linux-node3 salt]# tree . ├── master ├── minion ├── minion.d ├── minion_id └── pki ├── master │ ├── master.pem │ ├── master.pub │ ├── minions │ ├── minions_autosign │ ├── minions_denied │ ├── minions_pre │ └── minions_rejected └── minion ├── minion.pem └── minion.pub 9 directories, 7 files [root@linux-node4 salt]# tree . └── minion 0 directories, 1 file [root@linux-node4 salt]# tree . └── minion 0 directories, 1 file [root@linux-node4 salt]# /etc/init.d/salt-minion start Starting salt-minion daemon: [ OK ] [root@linux-node4 salt]# tree . ├── minion ├── minion.d ├── minion_id └── pki └── minion ├── minion.pem └── minion.pub 3 directories, 4 files
查看一下salt监听的端口
[root@linux-node3 salt]# lsof -n -i:4505 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME salt-mini 1392 root 24u IPv4 18133 0t0 TCP 192.168.56.13:45305->192.168.56.13:4505 (ESTABLISHED) salt-mast 1429 root 12u IPv4 15166 0t0 TCP *:4505 (LISTEN) salt-mast 1429 root 14u IPv4 18134 0t0 TCP 192.168.56.13:4505->192.168.56.13:45305 (ESTABLISHED) salt-mast 1429 root 15u IPv4 18159 0t0 TCP 192.168.56.13:4505->192.168.56.14:48246 (ESTABLISHED)
如果更改配置需要如下的步骤:
1.停止salt-minion
2.salt-key 删除老的id
3.删除/etc/salt/minion_id
4.删除minion端/etc/salt/pki
5.修改id
6.启动
7.重新salt-key加入
部署成功
[root@linux-node3 salt]# salt '*' test.ping linux-node4.example.com: True linux-node3.example.com: True
创建目录
[root@linux-node3 salt]# pwd /etc/salt [root@linux-node3 salt]# vim master 416 file_roots: 417 base: 418 - /srv/salt/base 419 dev: 420 - /srv/salt/dev 421 test: 422 - /srv/salt/test 423 prod: 424 - /srv/salt/prod [root@linux-node3 salt]# mkdir -pv /srv/salt/{base,dev,test,prod} mkdir: created directory `/srv/salt' mkdir: created directory `/srv/salt/base' mkdir: created directory `/srv/salt/dev' mkdir: created directory `/srv/salt/test' mkdir: created directory `/srv/salt/prod'
使用top.sls
[root@linux-node1 base]# cat /srv/salt/base/top.sls base: 'linux-node1.example.com': - web.lamp 'linux-node2.example.com': - web.lamp
执行
[root@linux-node1 base]# salt 'linux-node2*' state.highstate linux-node2.example.com: ---------- ID: lamp-install Function: pkg.installed Result: True Comment: All specified packages are already installed. Started: 14:32:53.065023 Duration: 684.053 ms Changes: ---------- ID: apache-config Function: file.managed Name: /etc/httpd/conf/httpd.conf Result: True Comment: File /etc/httpd/conf/httpd.conf is in the correct state Started: 14:32:53.751241 Duration: 8.392 ms Changes: ---------- ID: apache-conf Function: file.recurse Name: /etc/httpd/conf.d Result: True Comment: The directory /etc/httpd/conf.d is in the correct state Started: 14:32:53.759716 Duration: 11.675 ms Changes: ---------- ID: apache-auth Function: pkg.installed Name: httpd-tools Result: True Comment: Package httpd-tools is already installed. Started: 14:32:53.771477 Duration: 0.361 ms Changes: ---------- ID: apache-auth Function: cmd.run Name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin Result: True Comment: unless execution succeeded Started: 14:32:53.772457 Duration: 5.783 ms Changes: ---------- ID: /etc/php.ini Function: file.managed Result: True Comment: File /etc/php.ini is in the correct state Started: 14:32:53.778364 Duration: 3.226 ms Changes: ---------- ID: lamp-service Function: service.running Name: httpd Result: True Comment: Service httpd is already enabled, and is in the desired state Started: 14:32:53.782599 Duration: 127.184 ms Changes: Summary ------------ Succeeded: 7 Failed: 0 ------------ Total states run: 7