salt 初学篇(一)

salt 介绍:

Salt,,一种全新的基础设施管理方式,部署轻松,在几分钟内可运行起来,扩展性好,很容易管理上万台服务器,速度够快,服务器之间秒级通讯。

salt底层采用动态的连接总线, 使其可以用于编配, 远程执行, 配置管理等等.

salt安装:

master:192.168.31.231  mongo1.example.com

minion:192.168.31.232  mongo2.example.com  

minion:192.168.31.233  mongo3.example.com

修改/etc/hosts

192.168.31.231 mongo1.example.com
192.168.31.232 mongo2.example.com
192.168.31.233 mongo3.example.com

系统版本:

[root@mongo1 salt]# uname -r
2.6.32-431.el6.x86_64
[root@mongo1 salt]# uname -n
mongo1.example.com
[root@mongo1 salt]# cat /etc/redhat-release 
CentOS release 6.5 (Final)

安装master:

[root@mongo1 ~]# rpm -ivh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
Retrieving http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
warning: /var/tmp/rpm-tmp.MJ9wJa: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing...                ########################################### [100%]
   1:epel-release           ########################################### [100%]
[root@mongo1 ~]# yum install -y salt-master

修改/etc/salt/master文件:

添加:

publish_port: 4505    #监听salt的消息发布系统端口
ret_port: 4506        #salt客户端与服务端通信的端口

启动master服务:service salt-master start

安装minion:

[root@mongo2 ~]# rpm -ivh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
Retrieving http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm
warning: /var/tmp/rpm-tmp.QcKooE: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing...                ########################################### [100%]
   1:epel-release           ########################################### [100%]
[root@mongo2 ~]# yum install -y salt-minion

修改/etc/salt/minion文件:

添加:

master: mongo1.example.com
id: mongo2

启动minion服务:service salt-minion start

查看认证:

[root@mongo1 pki]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
mongo2
mongo3
Rejected Keys:

添加认证:

[root@mongo1 pki]# salt-key -a mongo2
The following keys are going to be accepted:
Unaccepted Keys:
mongo2
Proceed? [n/Y] y   
Key for minion mongo2 accepted.
[root@mongo1 pki]# salt-key -L
Accepted Keys:
mongo2
Denied Keys:
Unaccepted Keys:
mongo3
Rejected Keys:
[root@mongo1 pki]# salt-key -a mongo3
The following keys are going to be accepted:
Unaccepted Keys:
mongo3.example.com
Proceed? [n/Y] y
Key for minion mongo3 accepted.
[root@mongo1 pki]# salt-key -L
Accepted Keys:
mongo2
mongo3
Denied Keys:
Unaccepted Keys:
Rejected Keys:

或者可以配置自动认证,在/etc/salt/master中添加auto_accept: True,重启master服务。

测试验证:

[root@mongo1 minions]# salt '*' test.ping
mongo3:
    True
mongo2:
    True
[root@mongo1 salt]# salt '*' cmd.run 'date'
mongo3:
    Mon Sep  7 21:42:13 CST 2015
mongo2:
    Mon Sep  7 21:42:14 CST 2015
[root@mongo1 salt]# salt '*' cmd.run 'uptime'
mongo3:
     21:42:18 up  1:44,  1 user,  load average: 0.00, 0.00, 0.00
mongo2:
     21:42:20 up  1:44,  1 user,  load average: 0.00, 0.00, 0.00

 

删除不需要的认证:

[root@mongo1 minions]# pwd
/etc/salt/pki/master/minions
[root@mongo1 minions]# ls
mongo2  mongo2.example.com  mongo3  mongo3.example.com
[root@mongo1 minions]# rm -rf mongo2.example.com mongo3.example.com

 

简单测试脚本:

/srv/salt目录需要手动创建

[root@mongo1 minions]# cd /srv/salt/
[root@mongo1 salt]# ls
test.sh
[root@mongo1 salt]# cat test.sh 
#!/bin/bash
echo "ni hao"
[root@mongo1 salt]# salt '*' cmd.script salt://test.sh
mongo3:
    ----------
    pid:
        2617
    retcode:
        0
    stderr:
    stdout:
        ni hao
mongo2:
    ----------
    pid:
        1733
    retcode:
        0
    stderr:
    stdout:
        ni hao
[root@mongo1 salt]#

 

posted @ 2015-09-07 21:48  cheerong  阅读(421)  评论(0编辑  收藏  举报