saltstack快速安装

centos6.3_x86_64

 

安装EPEL第三方软件源

wget -c http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

rpm -ivh epel-release-6-8.noarch.rpm

安装

yum install salt-master -y  //master

yum install salt-minion     //clients

 

chkconfig --list|grep salt   //master默认监听两个端口， 4505(publish_port)为salt的消息发布系统，4506(ret_port)为salt客户端与服务端通讯的端口,因此确保客户端能跟服务端的这2个端口通讯

salt-master     0:off   1:off   2:off   3:on    4:on    5:on    6:off

salt-syndic     0:off   1:off   2:off   3:on    4:on    5:on    6:off

chkconfig --list|grep salt   //clients   没有端口，只有进程

salt-minion     0:off   1:off   2:off   3:on    4:on    5:on    6:off

配置

/etc/init.d/salt-master start  //master直接启动，若也要做为clients,install salt-minino,修改master和id

vi /etc/salt/minion    //clients

master: 192.168.2.18   //冒号后面有空格

/etc/init.d/salt-minion start  

认证

salt-key -L //all list 详细可salt-key --help

 

实时管理

salt "localhost.localdomain" cmd.run "df -Th"

localhost.localdomain:

    Filesystem    Type    Size  Used Avail Use% Mounted on

    /dev/mapper/VolGroup-lv_root

                  ext4     19G  6.5G   11G  38% /

    tmpfs        tmpfs    244M     0  244M   0% /dev/shm

    /dev/sda1     ext4    485M   40M  420M   9% /boot

群发

salt "*" cmd.run "ls -al /opt/io.sh"

localhost.localdomain:

    -rwxr-xr-x 1 root root 396 Jun  8 18:22 /opt/io.sh

过滤匹配

salt '192.168.*' cmd.run 'echo hi'  

 

正常咱们每台主机的HOSTS都是这样

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

为了区分开来而且MASTER也做为客户端

vi /etc/salt/minion

 39 id: 192.168.2.18  //或者修改成自定义名称 好比 id: salt-master,修改id后客户端必须重启，salt-keys -L 才能认获得 而后加入-a 若是修改过ID，最好把旧的删掉 -d

salt-key -D      //删除全部KEY

salt-key -d key  //删除单个key

salt-key -A      //接受全部KEY

salt-key -a key  //接受单个key

[root@server1 salt]# salt-key -L

Accepted Keys:

Unaccepted Keys:

192.168.2.18

192.168.2.19

Rejected Keys:

[root@server1 salt]# salt-key -a 192.168.2.18

Key for minion 192.168.2.18 accepted.

[root@server1 salt]# salt-key -a 192.168.2.19

Key for minion 192.168.2.19 accepted.

[root@server1 salt]# salt-key -L

Accepted Keys:

192.168.2.18

192.168.2.19

Unaccepted Keys:

Rejected Keys:

 

测试服务端和客户端通信

salt "192.168.2.19" test.ping     //单引号也能够

192.168.2.19:

    True

salt "*" salt.modules.disk    //salt.modules.disk  模块

 

组

服务端：

 vi /etc/salt/master

nodegroups:

    mytest1: 'S@192.168.2.0/24'    

salt -N mytest1 test.ping

192.168.2.18:

    True

client1_2.19:

    True

 

KEYS名字  nodegroups:

    test1: 'L@192.168.2.18,client1_2.19' //多个

    test2: 'client1_2.19'   //单个