Saltstack部署

本地换成国内源,如阿里云源

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

三台机器

[root@node-01 ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.197.164   master
192.168.197.165   slave1
192.168.197.166   slave2
[root@node-01 ~]#

添加SaltStack源

分别对三台机器添加源。

 sudo rpm --import https://repo.saltproject.io/py3/redhat/7/x86_64/latest/SALTSTACK-GPG-KEY.pub
 
 
  curl -fsSL https://repo.saltproject.io/py3/redhat/7/x86_64/latest.repo | sudo tee /etc/yum.repos.d/salt.repo

安装SaltStack

node-01执行
yum -y install salt-master salt-minion

node-02、node-03执行

yum -y install salt-minion

配置SaltStack

node-01修改vi /etc/salt/master第16行

interface: 192.168.57.130

node-02、node-03修改第16行,指定master地址为node-01

master: 192.168.57.130

重启SaltStack

node-01 执行命令

systemctl restart salt-master
systemctl enable salt-master

node-02、node-03执行命令

systemctl restart salt-minion
systemctl enable salt-minion

列出master上的密钥及认证

[root@node-01 ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
master
node-02
node-03
Rejected Keys:

[root@node-01 ~]# salt-key -a node-02

The following keys are going to be accepted:
Unaccepted Keys:
node-02
Proceed? [n/Y] y
Key for minion node-02 accepted.
[root@node-01 ~]# salt-key -a node-03
The following keys are going to be accepted:
Unaccepted Keys:
node-03
Proceed? [n/Y] y
Key for minion node-03 accepted.

[root@node-01 ~]# salt-key -a node-02
The following keys are going to be accepted:
Unaccepted Keys:
node-02
Proceed? [n/Y] y
Key for minion node-02 accepted.
[root@node-01 ~]# salt-key -a node-03
The following keys are going to be accepted:
Unaccepted Keys:
node-03
Proceed? [n/Y] y
Key for minion node-03 accepted.

验证
检查存活主机

[root@node-01 ~]# salt '*' test.ping

node-03:
    True
node-02:
    True
[root@node-01 ~]# 


. 基础概念
salt同时支持命令式和声明试两种配置方式,简单的介绍下两种编程范式的概念:

命令式:主要是关注每一步怎么做,先做什么后做什么(how to do),特点是if/esle, while等控制语句比较多
声明式:重点关注需要什么(what is needed),不关注具体的实现步骤,  面向对象里使用的比较多,k8s也是基于声明试api实现
对于salt而言,可以简单粗暴的认为salt "*" cmd.run "ls -l /etc/salt"属于命令式范式,而类似salt "*" state.sls  a.b.c 这种属于声明式范式

虽然不完成准确(sls文件内也存在命令式的内容),但包含了大多数情况。
posted @ 2023-09-10 13:13  解放者-cracer  阅读(25)  评论(0编辑  收藏  举报