saltstack部署文档

安装部署自动化管理工具SaltStack.在管理多台服务器上,这个工具还是非常好使的,另外由于是 Python写的,也可以很方便的对其进行个性化修改.

机器

IP hosts 角色
10.211.55.4 master salt-master/salt-minion
10.211.55.5 minion salt-minion

master 端配置防火墙(没有配置,直接把防火墙关了)

1
2
3
4
[root@master ~]# vim /etc/sysconfig/iptables
#加入
-A INPUT -m state --state new -m tcp -p tcp --dport 4505 -j ACCEPT
-A INPUT -m state --state new -m tcp -p tcp --dport 4506 -j ACCEPT

安装 epel 源

1
2
[root@master ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[root@minion ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

关闭防火墙

1
2
3
4
5
6
7
8
9
[root@master ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: nat mangle filte[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@minion ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: nat mangle filte[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]

安装配置

master 端安装

1
[root@master ~]# yum -y install salt-master

minion 端安装

1
[root@minion ~]# yum -y install salt-minion

master 端配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# 备份
[root@master ~]# cp /etc/salt/master /etc/salt/master.bak
[root@master ~]# vim /etc/salt/master
# 去掉这几行的注释
405 # Example:
406 # file_roots:
407 # base:
408 # - /srv/salt/
409 # dev:
410 # - /srv/salt/dev/services
411 # - /srv/salt/dev/states
412 # prod:
413 # - /srv/salt/prod/services
414 # - /srv/salt/prod/states
415 #
416 file_roots:
417 base:
418 - /srv/salt
419
# 去掉这几行的注释
529 pillar_roots:
530 base:
531 - /srv/pillar

接着启动 saltmaster 服务

1
2
[root@master ~]# /etc/init.d/salt-master start
Starting salt-master daemon: [ OK ]

minion 端配置

1
2
3
4
5
6
7
8
9
10
11
12
# 备份
[root@minion ~]# cp /etc/salt/minion /etc/salt/minion.bak
[root@minion ~]# vim /etc/salt/minion
# Set the location of the salt master server. If the master server cannot be
# resolved, then the minion will fail to start.
master: master #改成 master 的主机或者 IP
76 # same machine but with different ids, this can be useful for salt compute
77 # clusters.
78 id: salt-minion #定义个名字(建议起个有意义的名字如:nfs、nginx等)
79

接着启动 saltminion 服务

1
2
[root@minion ~]# /etc/init.d/salt-minion start
Starting salt-minion daemon: [ OK ]

验证

master 端

1
2
3
4
5
6
[root@master ~]# salt-key -L#显示所有minion认证信息
Accepted Keys:
Denied Keys:
Unaccepted Keys:
salt-minion
Rejected Keys:
1
2
3
4
5
6
7
8
9
10
11
12
13
[root@master ~]# salt-key -a salt-minion #接受salt-minion的认证信息;可跟参数 -y
The following keys are going to be accepted:
Unaccepted Keys:
salt-minion
Proceed? [n/Y] y
Key for minion salt-minion accepted.
[root@master ~]# salt-key
Accepted Keys:
salt-minion
Denied Keys:
Unaccepted Keys:
Rejected Keys:
1
[root@master ~]# salt-key -A #接受所有Unaccepted状态的minion认证信息

一些简单命令介绍

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[root@master ~]# salt '*' test.ping
salt-minion:
True
[root@master ~]# salt 'salt-minion' test.ping
salt-minion:
True
[root@master ~]# salt '*' cmd.run 'df -h'
salt-minion:
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup-lv_root 31G 3.4G 26G 12% /
tmpfs 497M 96K 497M 1% /dev/shm
/dev/sda1 485M 35M 426M 8% /boot
/dev/mapper/VolGroup-lv_home 31G 178M 29G 1% /home
Home 233G 99G 134G 43% /media/psf/Home
iCloud 233G 99G 134G 43% /media/psf/iCloud
/dev/sr1 4.2G 4.2G 0 100% /media/CentOS_6.5_Final
/dev/sr0 98M 98M 0 100% /media/CDROM

在 master 上也安装上 minion

这样就有两个 minion

Donate comment here