saltstack是一个配置管理系统,能够维护预定义状态的远程节点。是一个分布式远程执行系统,用来在远程结点上执行命令和查询数据。并行的。
运维的核心是降低成本和提高效率
准备三个纯净的虚拟机server1,2,3
包括安装、配置、管理
[root@server11 yum.repos.d]# yum install https://repo.saltstack.com/yum/redhat/salt-repo-3000.el7.noarch.rpm
#阿里云镜像:https://developer.aliyun.com/mirror/saltstack?spm=a2c6h.13651102.0.0.3e221b118vroAq
[root@server11 yum.repos.d]# vim salt-3000.repo #改成阿里云的源http://mirrors.aliyun.com/saltstack
[salt-3000]
name=SaltStack 3000 Release Channel for Python 2 RHEL/Centos $releasever
baseurl=http://mirrors.aliyun.com/saltstack/yum/redhat/7/$basearch/3000
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/saltstack-signing-key, file:///etc/pki/rpm-gpg/centos7-signing-key
[root@server11 yum.repos.d]# yum install -y salt-master.noarch
[root@server11 yum.repos.d]# systemctl enable --now salt-master
[root@server12 salt]# yum install -y salt-minion.noarch
[root@server12 ~]# cd /etc/salt/
[root@server12 salt]# ls
[root@server12 salt]# vim minion
改:
master:192.168.100.241 #都要顶格写
[root@server12 salt]# systemctl enable --now salt-minion.service
%server13也弄minion
[root@server13 salt]# yum install -y salt-minion.noarch
[root@server13 ~]# cd /etc/salt/
[root@server13 salt]# ls
[root@server13 salt]# vim minion
改:
master:192.168.100.241 #都要顶格写
[root@server13 salt]# systemctl enable --now salt-minion.service
[root@server11 yum.repos.d]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
server12 server13
Proceed? [n/Y] y
Key for minion server12 server13 accepted.
[root@server11 yum.repos.d]# salt-key -L
Accepted Keys:
server12
server13
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@server11 yum.repos.d]# yum install lsof -y
[root@server11 yum.repos.d]# lsof -i :4505
[root@server11 yum.repos.d]# salt '*' test.ping#*是指—L列出来的所有主机,检测一下有灭有响应
[root@server11 yum.repos.d]# yum install python-setproctitle.x86_64 -y #安装后重起salt-master
[root@server11 yum.repos.d]# systemctl restart salt-master.service
[root@server12 salt]# pwd
/etc/salt
[root@server12 salt]# ls
cloud cloud.deploy.d cloud.profiles.d master minion minion_id proxy roster
cloud.conf.d cloud.maps.d cloud.providers.d master.d minion.d pki proxy.d
[root@server12 salt]# cat minion_id #如果要改主机名。则改完主机名后要删掉该文件,重新生成
server12
[root@server11 yum.repos.d]# salt server* test.ping
[root@server11 yum.repos.d]# salt server12 test.ping
[root@server11 ~]# salt 'server12' sys.doc service#查看服务使用命令
[root@server11 yum.repos.d]# salt 'server12' sys.doc pkg|grep pkg.install
[root@server11 ~]# salt server12 pkg.install httpd
[root@server11 ~]# salt 'server12' service.start httpd
[root@server11 ~]# salt 'server12' sys.doc file #查看文件使用命令
[root@server11 ~]# cat index.html
server12
[root@server11 ~]# salt-cp server12 index.html /var/www/html/
文件以.sls结尾,SLS是saltstack的核心
[root@server11 srv]# vim /etc/salt/master #可以看到所有文件的根目录是/srv/salt,所以需要创建
[root@server11 ~]# cd /srv/
[root@server11 srv]# ls
[root@server11 srv]# mkdir salt
[root@server11 salt]# pwd
/srv/salt
[root@server11 srv]# cd /srv/salt/
[root@server11 salt]# mkdir apache
[root@server11 salt]# mv ~/index.html apache/
[root@server11 salt]# cd apache/
[root@server11 apache]# pwd
/srv/salt/apache
[root@server11 apache]# vim install.sls
[root@server11 apache]# cat install.sls
httpd:
pkg.installed
[root@server11 apache]# salt server12 state.sls apache.install#调用文本。不用加后缀
%安装多个
[root@server11 apache]# vim install.sls
[root@server11 apache]# cat install.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
- php-mysql
[root@server11 apache]# salt server12 state.sls apache.install
[root@server11 apache]# mkdir files
[root@server11 apache]# mv index.html files/
[root@server11 apache]# vim install.sls
[root@server11 apache]# cat install.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
- php-mysql
file.managed:
- source: salt://apache/files/index.html
- name: /var/www/html/index.html
[root@server11 apache]# salt server12 state.sls apache.install
[root@server12 salt]# yum install tree -y
[root@server12 salt]# cd /var/cache/salt/
[root@server12 salt]# tree .
[root@server12 salt]# cd minion/files/base/apache/files/
[root@server12 files]# ls
index.html
[root@server12 files]# md5sum index.html
f493e0f9f1dba0d3e0da7ce811875763 index.html
[root@server11 apache]# vim files/index.html
[root@server11 apache]# cat files/index.html
server12
server12
[root@server11 apache]# salt server12 state.sls apache.install
@@ -1 +1,2 @@
server12
+server12
[root@server11 apache]# md5sum files/index.html
02f29ea0b1c28693e91a843cf6057b95 files/index.html
[root@server12 files]# md5sum index.html #在server11中改变index文件,执行installsls,会发现server12会发生相应改变,且md5sum与server11中的一致
02f29ea0b1c28693e91a843cf6057b95 index.html
[root@server11 apache]# vim install.sls
[root@server11 apache]# cat install.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
- php-mysql
file.managed:
- source: salt://apache/files/index.html
- name: /var/www/html/index.html
service.running:
- name: httpd
[root@server11 apache]# salt server12 state.sls apache.install
[root@server11 apache]# vim install.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
- php-mysql
file.managed:
- source: salt://apache/files/index.html
- name: /var/www/html/index.html
service.running:
- name: httpd
- enable: true
- reload: true
- watch:
- file: /etc/httpd/conf/httpd.conf
/etc/httpd/conf/httpd.conf:
file.managed:
- source: salt://apache/files/httpd.conf
[root@server11 files]# scp server12:/etc/httpd/conf/httpd.conf .
[root@server11 files]# vim httpd.conf
改成:Listen 8080
[root@server11 apache]# salt server12 state.sls apache.install
#在server12中查看结果
[root@server12 ~]# netstat -antlp#已改成8080
tcp6 0 0 :::8080 :::* LISTEN 3667/httpd
[root@server11 apache]# vim install.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
- php-mysql
file.managed:
- source: salt://apache/files/httpd.conf
- name: /etc/httpd/conf/httpd.conf
service.running:
- name: httpd
- enable: true
- watch:
- file: apache
#/etc/httpd/conf/httpd.conf:
# file.managed:
# - source: salt://apache/files/httpd.conf
[root@server11 apache]# salt server12 state.sls apache.install
[root@server11 apache]# mv install.sls init.sls
[root@server11 apache]# salt server12 state.sls apache#默认的读取init.sls
#apache.sls和init.sls同时存在在apache目录下,执行salt server12 state.sls apache时先找apache.sls,忽略init.sls
