salt- first experience

Prepare two machines
192.168.204.128 Salt-Master
192.168.204.127 Salt-Minion

SaltStack development in python, lightweight and very easy to use management tool; using C / S mode, and is composed of master Minion, communicate through ZeroMQ, very fast.
ZeroMQ is a queue-based messaging multi-threaded high performance communication library.
By deploying SaltStack environment, we can do on thousands of servers to perform batch commands to configure centralized management according to different business characteristics, distribution of documents, data collection server, operating system and basic software package management, is shipped SaltStack and maintenance personnel to improve efficiency, standardize business configuration and operation of the weapon.

Configuration epel sources: such as Ali cloud

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

==============================
【192.168.204.128 salt-master】

yum install salt-master -y
chkconfig salt-master on

修改配置文件：
vim /etc/salt/master
注释file_roots: （416-418行）
注释pillar_roots: （529-531行）

/etc/init.d/salt-master start

==============================
【192.168.204.127 salt-minion】

yum install salt-minion -y
chkconfig salt-minion on

修改配置文件：
vim /etc/salt/minion

master: 192.168.204.128   # 16行，改为主ip
id: wdcp    # 74行，写个标识自定义

/etc/init.d/salt-minion start

==============================
【192.168.204.128 salt-master】

# salt-key
第四行发现了 wdcp 

# salt-key -A
输入y

# salt '*' test.ping  # 检测“所有”主机是否存活

# salt 'wdcp' test.ping 

# salt '*' cmd.run 'df -h'

# salt "*" cmd.run "ip add showeth0|grep global"

cmd.run 远程在客户端上执行 shell命令，然后返回输出
cmd.script 在客户端运行指定的脚步

# salt'192.168.1.113_client' cmd.script salt://deluser.sh

==============================
[grains]
grains are collected at the time of starting minion to some information, such as operating system type, NIC ip,
kernel version, CPU architecture, etc.

# 列出所有的grains项目名字
salt cs177 grains.ls

# 列出所有项目以及值
salt cs177 grains.items

# grains的信息并不是动态的，并不会实时变更
# 可以根据grains收集的信息，做配置管理工作
# grains 支持自定义信息

【自定义grains】
在minion上，vim /etc/salt/grains
role: nginx
env: test

重启minion 服务后
在master salt '*' grains.item role env

可以借助grains 的一些属性信息来至执行
salt -G role:nginx cmd.run "hostname"

==============================

【pillar】

首先在 master，vim /etc/salt/master
删除3行注释

pillar_root:
  base:
    - /srv/pillar

注意格式，
mkdir /srv/pillar
vim /srv/pillar/test.sls
内容如下：
conf: /etc/123.conf

***** 另外写一个入口文件，告诉salt，哪里开始
vim /srv/pillar/top.sls
内容如下：
base:
  'cs177':  // 机器名，或者 “*”
    - test

重启master
当更改完pillar配置文件后，我们可以刷新pillar配置来获取新的pillar状态
salt '*' saltutil.refresh_pillar

验证： salt '*' pillar.item conf

pillar 同样可以用来作为salt的匹配对象。比如：salt -I 'conf:/etc/123.conf' test.ping

==============================
[installation configuration httpd]

在 master上 vim /etc/salt/master
再删除3行注释
file_roots:
  base:
    - /srv/salt

mkdir /srv/salt; cd /srv/salt
vim /srv/salt/top.sls
内容如下：
base:
  '*':
    - httpd

意思是，在所以的客户端执行 httpd模块

master 上 vim /srv/salt/httpd.sls
内容如下：
httpd-services:
  pkg.installed:
    - names:
      - httpd
      - httpd-devel
  service.running
    - name: httpd
    - enable: True

执行： salt 'cs177' state.highstate
执行过程会比较慢，因为客户端上在yum install httpd httpd-devel

==============================
[file] Configuration Management

在master 上 vim /srv/salt/test.sls
内容如下：
file_test:
  file.managed:
    - name: /tmp/aliyun.epel
    - source: salt://test/123/1.txt
    - user: root
    - group: root
    - mode: 600

此处的salt://test/123/1.txt 相当于/srv/salt/test/123/1.txt

mkdir /srv/salt/test/123 -p
cp /etc/passwd /srv/salt/test/123/1.txt

vim /srv/salt/top.sls
内容如下：
base:
  '*':
    - test

执行：salt 'cs177' state.highstate
检查cs177是否有该文件

==============================
[directory] Configuration Management

==============================

==============================

==============================

==============================

# mkdir /srv/{salt,pillar}

vim /srv/salt/host_file.sls   #后缀名，很重要
----------------------
/etc/hosts:
  file.managed:
    - source: salt://files/hosts
    - user: root
    - group: root
    - mode: 644
----------------------
mkdir /srv/salt/files
cp /etc/hosts /srv/salt/files/

# salt '*' state.sls host_file
解释：用//files/hosts把minion的/etc/hosts替换

==============================

[root@localhost files]# salt-cp '*' /etc/hosts /etc/
{'nagions166': {'/etc/hosts': True}, 'wdcp': {'/etc/hosts': True}}

==============================
vim /srv/salt/nginx_install.sls
----------------------
nginx-install:
  pkg.installed:   #相当于yum install
    - names:       # namesssssssssss
      - nginx

/etc/hosts:
  file.managed:
    - source: salt://files/hosts
    - user: root
    - group: root
    - mode: 644
    - require:    #指定依赖关系
      - pkg: nginx-install
  service.running:  #冒号，冒号冒号
    - names:
      - nginx

---

# salt 'nagios166' state.sls nginx_install
静静等待

#curl -I 192.168.204.166
查看返回结果

----------------------
#salt '*' cron.list_tab root

#vim crontab.sls
创建crontab
----------------------
/usr/sbin/ntpdate times.aliyun.com >>/dev/null:
  cron.present:
    - user: root
    - minute: '*/5'
----------------------
#删除crontab

----------------------
/usr/sbin/ntpdate times.aliyun.com >>/dev/null:
  cron.absent:
    - name: /usr/sbin/ntpdate times.aliyun.com >>/dev/null
----------------------

==============================

4505（publish_port）为saltstack的消息发布系统
4506（ret_port）为saltstack客户端与服务端通信的端口。
[root@saltstack saltstack]# netstat -nptul|grep python
tcp 0 0 0.0.0.0:4505 0.0.0.0:* LISTEN1990/python2.6
tcp 0 0 0.0.0.0:4506 0.0.0.0:* LISTEN2014/python2.6
  saltstack服务端的配置文件是/etc/salt/master ，服务端配置文件可以不用配置，默认情况下salt-master在所有接口上监听4505和4506两个端口，如果想绑定某个具体的ip，需要对/etc/salt/master配置文件中额interface做出修改，修改后需要重启服务。

==============================

Use salt-ssh batch installation minion
change] [master configuration file / etc / salt / roster

mysql138:
host: 192.168.204.138
user: root
passwd: channel
port: 22
timeout: 3

Too many machines? Add to a batch script

#!/bin/bash
for i in cat /root/hostip
do
echo"$i:">> /etc/salt/roster ##$i表示取文件的每行内容
echo" host: $i" >> /etc/salt/roster
echo" user: USERNAME" >>/etc/salt/roster
echo" passwd: PASSWORD" >>/etc/salt/roster
echo" sudo: True" >>/etc/salt/roster
echo" timeout: 10" >>/etc/salt/roster
done

---

File / root / hostip content

10.10.10.30
10.10.10.31
10.10.10.32

==============================
http://blog.csdn.net/hnhuangyiyang/article/details/50421422
or where question ah ah ah
estimate still can not find epel

==============================
http://opensgalaxy.com/2015/08/13/saltstack%E5%85% A5% E9% 97% A8%
E3% 80% 90salt-ssh% E3% 80% 91% E4% BD% BF% E7% 94% A8 / watching is good,

https://blog.51cto.com/rfyiamcool/1357677

==============================

==============================