Loading

saltstack(主机改名)

已存在salt中的机器,为了规范,需要将这批主机改名

操作流程:在master把这批机器剔除;然修改这批机器的主机名、在/etc/salt目录下、用mv把minion_id和pki的目录重命名、重启salt-minion服务(在mster段能再次监控到这台主机后、可把上面重命名的文件删除) 

环境:http://www.cnblogs.com/zzzhfo/p/6126223.html

把salt-client-01改名为salt-minion-01

  • 在salt-server上把salt-client-01剔除
[root@salt-server /]# salt-key -L
Accepted Keys:
salt-client-01
salt-client-02
Denied Keys:
Unaccepted Keys:
Rejected Keys:

[root@salt-server /]# salt-key -d 'salt-client-01' -y
Deleting the following keys:
Accepted Keys:
salt-client-01
Key for minion salt-client-01 deleted.
[root@salt-server /]# salt-key -L
Accepted Keys:
salt-client-02
Denied Keys:
Unaccepted Keys:
salt-client-01
Rejected Keys:

修改主机名

 

[root@salt-client-01 /]# cat /etc/sysconfig/network  #重启生效
NETWORKING=yes
HOSTNAME=salt-minion-01
[root@salt-client-01 /]# hostname salt-minion-01
[root@salt-client-01 /]# bash

 

删除minion_id和pki(建议使用mv命令)

[root@salt-minion-01 /]# cd /etc/salt/
[root@salt-minion-01 salt]#mv minion_id minion_id.bak
[root@salt-minion-01 salt]# mv pki pki.bak
[root@salt-minion-01 salt]# /etc/init.d/salt-minion restart
Stopping salt-minion daemon:                               [  OK  ]
Starting salt-minion daemon:                               [  OK  ]
[root@salt-minion-01 salt]# ls
minion  minion.d  minion_id  minion_id.bak  pki  pki.bak

 

查看minion的日志信息

 error :salt主缓存节点的公钥,这盐奴才将等待10秒前试图认证

[root@salt-minion-01 salt]# tail /var/log/salt/minion 
2016-09-29 00:56:47,173 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:56:57,199 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:57:07,227 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:57:17,255 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:57:27,283 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:57:37,308 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:57:47,336 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:57:57,364 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:58:07,382 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
2016-09-29 00:58:17,409 [salt.crypt                               ][ERROR   ][1525] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate

 

在master端重新认证(可能存在延迟、多刷新几次)

[root@salt-server master]# salt-key -L
Accepted Keys:
salt-client-02
Denied Keys:
Unaccepted Keys:
salt-client-01
salt-minion-01
Rejected Keys:

 

[root@salt-server master]# salt-key -a 'salt-minion-01' -y
The following keys are going to be accepted:
Unaccepted Keys:
salt-minion-01
Key for minion salt-minion-01 accepted.
[root@salt-server master]# salt-key -L
Accepted Keys:
salt-client-02
salt-minion-01
Denied Keys:
Unaccepted Keys:
salt-client-01
Rejected Keys:
[root@salt-server master]# salt '*' test.ping
salt-minion-01:
    True
salt-client-02:
    True

 

上面用salt-key -L 查看到salt-client-01在等待认证,是因为缓存的原因

[root@salt-server master]# pwd
/etc/salt/pki/master
[root@salt-server master]# ll minions   #通过认证的key
total 8
-rw-r--r--. 1 root root 451 Sep 28 00:20 salt-client-02
-rw-r--r--. 1 root root 451 Sep 29 00:41 salt-minion-01
[root@salt-server master]# ll minions_pre  等待认证的key
total 4
-rw-r--r--. 1 root root 451 Sep 29 00:35 salt-client-01
[root@salt-server master]# cd minions_pre
[root@salt-server minions_pre]# ls
salt-client-01  #把它删除 再次查看就不会存在了
[root@salt-server minions_pre]# rm -rf salt-client-01 
[root@salt-server minions_pre]# ls
[root@salt-server minions_pre]# salt-key -L
Accepted Keys:
salt-client-02
salt-minion-01
Denied Keys:
Unaccepted Keys:
Rejected Keys:

 

[root@salt-server minions_pre]# salt-key -L
Accepted Keys:
salt-client-02
salt-minion-01
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@salt-server minions_pre]# salt '*' test.ping
salt-minion-01:
    True
salt-client-02:
    True
[root@salt-server minions_pre]# salt '*' cmd.run 'df -h'
salt-minion-01:
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda3        18G  917M   16G   6% /
    tmpfs           495M   12K  495M   1% /dev/shm
    /dev/sda1       485M   31M  429M   7% /boot
salt-client-02:
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda3        18G  916M   16G   6% /
    tmpfs           495M   12K  495M   1% /dev/shm
    /dev/sda1       485M   31M  429M   7% /boot

 

posted @ 2016-12-03 16:42  KubeSec  阅读(1045)  评论(0编辑  收藏  举报