arm 版本salt安装
操作系统: centos7 arrch64 麒麟v10
镜像源:salt3006 rpm包
端口要求:
| 端口 | 类型 | 描述 |
|---|---|---|
| 4505 | 事件发布者/订阅服务器端口(发布作业/事件) | 长连接 |
| 4506 | 数据负载和工作节点执行结果返回 (file services/return data) | 需要时连接 |
salt-master
rpm -ivh salt-3006.8-0.aarch64.rpm
rpm -ivh salt-master-3006.8-0.aarch64.rpm
cp -v /etc/salt/master{,.bak}
tee /etc/salt/master<<EOF
max_minions: 0 # 允许最大的minion数
worker_threads: 15 # 工作线程数
auto_accept: True
netapi_enable_clients:
- local
- local_async
- local_batch
- local_subset
- runner
- runner_async
- ssh
- wheel
- wheel_async
EOF
systemctl enable salt-master --now
systemctl is-active salt-master
salt-api
先部署完salt-master
rpm -ivh salt-api-3006.8-0.aarch64.rpm
# cat /etc/salt/master.d/eauth.conf
external_auth:
pam:
salt-api: # 用户
- .* # 该配置文件给予saltapi用户所有模块使用权限,出于安全考虑一般只给予特定模块使用权限
- '@wheel' # access to all wheel modules
- '@runner' # access to all runner modules
- '@jobs' # access to the jobs runner and/or wheel module
# cat /etc/salt/master.d/api.conf
rest_cherrypy:
host: 0.0.0.0
port: 8000
disable_ssl: True
collect_stats: True
socket_queue_size: 500
thread_poll: 300
log_error_file: /var/log/salt/api_err.log
log_access_file: /var/log/salt/api_acc.log
stats_disable_auth: True
mkdir -p /var/log/salt
>/var/log/salt/api_err.log
>/var/log/salt/api_err.log
chown -R salt.salt /var/log/salt
systemctl enable salt-api --now
systemctl is-active salt-api
systemctl restart salt-master
useradd salt-api
echo "salt-api:123"|chpasswd
curl -sk http://127.0.0.1:8000/login -H 'Accept: application/x-yaml' -d username='salt-api' -d password='123' -d eauth='pam'
curl -sk http://127.0.0.1:8002 -H 'Accept: application/json' -H 'X-Auth-Token: 6c110dfee9fbd83d24a88951cc47338a5799456e' -d client='local' -d tgt='*' -d fun='test.ping'
salt-minion
rpm -ivh salt-3006.8-0.aarch64.rpm
rpm -ivh salt-minion-3006.8-0.aarch64.rpm
echo "master: 127.0.0.1" >/etc/salt/minion
systemctl enable salt-minion --now
浙公网安备 33010602011771号