基本环境
六台虚拟机
172.25.254.130 --- node1(master)
172.25.254.131 --- node2
172.25.254.132 --- node3
172.25.254.133 --- node4
172.25.254.134 --- node5
172.25.254.135 --- node6
安装yum源
使用的saltstack包,配置的私有仓库,在所有节点配置yum源,参考https://www.cnblogs.com/zyxnhr/p/10637533.html
安装matser包,并启动
[root@node1 yum.repos.d]# yum install salt-master
[root@node1 yum.repos.d]# systemctl start salt-master
[root@node1 yum.repos.d]# systemctl enable salt-master
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.service to /usr/lib/systemd/system/salt-master.service.
安装monion,并启动
[root@node3 ~]# yum install salt-minion
[root@node2 yum.repos.d]# systemctl start salt-minion
[root@node2 yum.repos.d]# systemctl enable salt-minion
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-minion.service to /usr/lib/systemd/system/salt-minion.service.
master配置
root@node1 ~]# vim /etc/salt/states
interface: 0.0.0.0 state_top: top.sls file_roots: base: - /etc/salt/states
[root@node1 ~]# systemctl restart salt-master
客户端minon配置
每个客户端节点都要配置
[root@node2 ~]# vim /etc/salt/minion
master: 172.25.254.130 #node1的master ip id: 172.25.254.131 #本机标识
[root@node2 ~]# systemctl restart salt-minion
管理秘钥
查看:
[root@node1 ~]# salt-key -L
Accepted Keys: Denied Keys: Unaccepted Keys: 172.25.254.131 172.25.254.133 172.25.254.134 172.25.254.135 172.25.254.132 Rejected Keys:
[root@node1 ~]# salt-key -a 172.25.254.131 The following keys are going to be accepted: Unaccepted Keys: 172.25.254.131 Proceed? [n/Y] y Key for minion 172.25.254.131 accepted. [root@node1 ~]# salt-key -L Accepted Keys: 172.25.254.131 Denied Keys: Unaccepted Keys: 172.25.254.133 172.25.254.134 172.25.254.135 172.25.254.132 Rejected Keys: [root@node1 ~]# salt-key -a 172.25.254.132 The following keys are going to be accepted: Unaccepted Keys: 172.25.254.132 Proceed? [n/Y] y Key for minion 172.25.254.132 accepted. [root@node1 ~]# salt-key -a 172.25.254.133 The following keys are going to be accepted: Unaccepted Keys: 172.25.254.133 Proceed? [n/Y] y Key for minion 172.25.254.133 accepted. [root@node1 ~]# salt-key -a 172.25.254.134 The following keys are going to be accepted: Unaccepted Keys: 172.25.254.134 Proceed? [n/Y] y Key for minion 172.25.254.134 accepted. [root@node1 ~]# salt-key -a 172.25.254.135 The following keys are going to be accepted: Unaccepted Keys: 172.25.254.135 Proceed? [n/Y] y Key for minion 172.25.254.135 accepted. [root@node1 ~]# salt-key -L Accepted Keys: 172.25.254.131 172.25.254.133 172.25.254.134 172.25.254.135 172.25.254.132 Denied Keys: Unaccepted Keys: Rejected Keys:
验证测试
[root@node1 ~]# salt "*" test.ping #测试所有连通性 172.25.254.131: True 172.25.254.132: True 172.25.254.133: True 172.25.254.134: True 172.25.254.135: True [root@node1 ~]# salt "*" cmd.run 'uptime' 172.25.254.134: 22:35:20 up 1 day, 6:07, 1 user, load average: 0.00, 0.01, 0.05 172.25.254.132: 22:35:21 up 1 day, 6:07, 2 users, load average: 0.00, 0.01, 0.05 172.25.254.133: 22:35:20 up 1 day, 6:07, 1 user, load average: 0.00, 0.01, 0.05 172.25.254.135: 22:35:20 up 1 day, 6:06, 1 user, load average: 0.00, 0.01, 0.05 172.25.254.131: 22:35:21 up 1 day, 6:07, 1 user, load average: 0.00, 0.01, 0.05
单个测试及其他操作
[root@node1 ~]# salt '172.25.254.131' test.ping 172.25.254.131: True
salt-key -A -y#添加所有
salt-key -D #删除所有
salt-key -d nodename #删除一个
则saltstack的基本配置完成,后续常用操作继续更新!