1. 用yum方式分别安装服务端和客户端(需要epel源) [root@salt-master ~]# yum install salt-master salt-minion [root@salt-minion1 ~]# yum -y install salt-minion [root@salt-minion2 ~]# yum -y install salt-minion
2. 将salt服务加入到开机自启动 [root@salt-master ~]# chkconfig salt-master on [root@salt-minion1 ~]# chkconfig salt-minion on [root@salt-minion2 ~]# chkconfig salt-minion on
3. 启动salt服务端,配置salt客户端并启动 [root@salt-master ~]# /etc/init.d/salt-master start [root@salt-minion1 ~]# sed -i '16a master: 10.0.0.22' /etc/salt/minion [root@salt-minion1 ~]# sed -n '16,17p' /etc/salt/minion #master: salt master: 10.0.0.22 [root@salt-minion1 ~]# /etc/init.d/salt-minion start
4. 查看客户端秘钥 [root@salt-minion1 ~]# tree /etc/salt/pki/minion/ /etc/salt/pki/minion/ |-- minion.pem `-- minion.pub
5. 查看服务端秘钥和未同意的客户端秘钥 [root@salt-master ~]# tree /etc/salt/pki/master /etc/salt/pki/master |-- master.pem |-- master.pub |-- minions |-- minions_autosign |-- minions_denied |-- minions_pre | |-- salt-minion1 | `-- salt-minion2 `-- minions_rejected
[root@salt-master ~]# salt-key #查看所有未接受的minion Accepted Keys: Denied Keys: Unaccepted Keys: salt-minion1 salt-minion2 Rejected Keys:
6. master端添加和删除minion [root@salt-master ~]# salt-key -A #接受所有的minion The following keys are going to be accepted: Unaccepted Keys: salt-minion1 salt-minion2 Proceed? [n/Y] y Key for minion salt-minion1 accepted. Key for minion salt-minion2 accepted. [root@master ~]# salt-key Accepted Keys: minions1 minions2 Denied Keys: Unaccepted Keys: Rejected Keys: [root@salt-master ~]# tree /etc/salt/pki/master /etc/salt/pki/master |-- master.pem |-- master.pub |-- minions | |-- salt-minion1 | `-- salt-minion2 |-- minions_autosign |-- minions_denied |-- minions_pre `-- minions_rejected [root@salt-minion1 ~]# tree /etc/salt/pki/minion/ #这时服务端的秘钥也被放在了客户端上 /etc/salt/pki/minion/ |-- minion.pem |-- minion.pub `-- minion_master.pub [root@salt-master ~]# salt-key -d salt-minion1 #删除salt-minion1 [root@salt-master ~]# salt-key -a salt-minion1 #接受salt-minion1 [root@salt-master ~]# salt-key -D #删除所有的minion [root@salt-master ~]# salt-run manage.up #查看存活的minion [root@salt-master ~]# salt-run manage.down #查看死掉的minion [root@salt-master ~]# salt-run manage.status #查看所有的minion状态 [root@salt-master ~]# salt-run manage.versions #查看master和所有minion的版本信息
7. 修改服务端配置文件 [root@salt-master salt]# grep -A 6 "file_roots:" /etc/salt/master #将×××部分注释去掉 # file_roots: # base: # - /srv/salt/ # dev: # - /srv/salt/dev/services # - /srv/salt/dev/states # prod: -- file_roots: base: - /srv/salt/base test: - /srv/salt/test prod: - /srv/salt/prod [root@salt-master salt]# grep -A 8 "file_roots:" /etc/salt/master|grep -v "#" #添加×××部分 file_roots: base: - /srv/salt/base test: - /srv/salt/test prod: - /srv/salt/prod script: - /srv/salt/script [root@salt-master ~]# mkdir /srv/salt/script #创建script文件夹 [root@salt-master ~]# /etc/init.d/salt-master restart #重启salt-master服务
8. 在服务端测试 [root@salt-master ~]# salt 'salt-minion1' test.ping #测试salt-minion1存活状态 [root@salt-master ~]# salt -L salt-minion1,salt-minion2 test.ping #测试salt-minion1和salt-minion2的存活状态 [root@wangning ~]# salt -S 10.0.0.0/24 test.ping #测试10.0.0.0网段的主机存活状态 [root@salt-master ~]# salt '*' test.ping #给所有客户端发消息测试是否存活,“*”表示所有客户端 salt-minion2: True salt-minion1: True 执行shell命令 [root@salt-master ~]# salt '*' cmd.run 'uptime' #查看所有客户端的负载 salt-minion2: 13:37:35 up 11 days, 22:11, 3 users, load average: 0.00, 0.00, 0.00 salt-minion1: 13:37:35 up 8 days, 2:48, 3 users, load average: 0.00, 0.00, 0.00 [root@salt-master ~]# salt '*' cmd.run 'df -h' #查看所有客户端的文件系统使用情况 其他 [root@salt-master ~]# salt 'salt-minion1' grains.ls #显示salt-minion1的所有信息 [root@salt-master ~]# salt 'salt-minion1' grains.items # 显示salt-minion1所有详细信息,包括CPU、内存、内核等信息 [root@salt-master ~]# salt 'salt-minion1' grains.item cpu_model #显示salt-minion1的CPU信息 [root@salt-master ~]# salt 'salt-minion1' grains.get cpu_model #同上条命令一样 [root@salt-master ~]# salt -G os:CentOS cmd.run 'whoami' #在所有操作系统为CentOS的主机上执行whoami命令 -G:grants
[root@salt-master ~]# grep "pillar_opts:" /etc/salt/master #将False改为True pillar_opts: True [root@salt-master ~]# /etc/init.d/salt-master restart
[root@salt-minion2 ~]# grep -A 3 "grains:" /etc/salt/minion #去掉以下四行注释 grains: roles: - webserver - memcache [root@salt-minion2 ~]# /etc/init.d/salt-minion restart [root@salt-master ~]# salt -G 'roles:memcache' cmd.run 'whoami' #在所有角色为memcache的机器上执行命令whoami
9. 进入/srv/salt目录,创建安装Apache文件 [root@salt-master salt]# cat /srv/salt/apache.sls #注意空格一个都不能多或少,否则出错 apache-install: pkg.installed: - names: - httpd - httpd-devel
apache-service: service.running: - name: httpd - enable: True - reload: True
[root@salt-master ~]# salt '*' state.sls apache #给所有客户端安装Apache软件,在客户端上会采用yum安装
|
|
来自: 土心园 > 《saltstack》