基礎入門:
1.就一個字:快;多線程並發執行
2.底層基於python
3.豐富的api
4.運行模式:本地運行;master/minion;salt SSH
5.三大功能:遠程執行;配置管理;雲管理
6.支持的操作系統比較豐富
安裝配置:
- 前提准備
必須先關閉所有機器的iptables和selinux
所有的客戶端要加入hosts文件,保證互相用ping hostname能ping通
本次的實驗架構如下:
所有機器的hosts文件如下追加:
[root@centos5 ~]# cat /etc/hosts- 172.1.1.5 centos4
172.1.1.6 centos5172.1.1.7 centos6
-
軟件安裝:centos 64位安裝源
rpm -Uvh http://mirrors.yun-idc.com/epel/6/x86_64/epel-release-6-8.noarch.rpmmaster端:yum install salt-master -yminion端:yum install salt-minion -y
加入開機啟動:
chkconfig salt-master on #服務端開機自啟動chkconfig salt-minion on #客戶端開機自啟動
- 服務端啟動:
/etc/init.d/salt-master start
- 客戶端啟動:
修改客戶端配置文件:
[root@centos6 ~]# vim /etc/salt/minionmaster: 172.1.1.7[root@centos6 ~]# /etc/init.d/salt-minion start #啟動服務
開始使用
- 首先需要認證:
- minion端的證書文件位置
[root@centos5 ~]# cd /etc/salt/pki/minion/[root@centos5 minion]# lsminion.pem minion.pub
- master端的證書文件位置
[root@centos6 ~]# cd /etc/salt/pki/master/[root@centos6 master]# lsmaster.pem minions minions_denied minions_rejectedmaster.pub minions_autosign minions_pre[root@centos6 master]# tree ././├── master.pem├── master.pub├── minions├── minions_autosign├── minions_denied├── minions_pre│ └── centos6└── minions_rejected
- 查看未認證的主機並實現對minion的增刪改查:
- 這是在master端的操作:
- 查操作
[root@centos6 master]# salt-key Accepted Keys: #通過接受的主機列表Denied Keys: #黑名單Unaccepted Keys: #待接收的主機列表centos4centos5centos6Rejected Keys: #拒絕接入的名單
- 具體操作
新增操作之后會將master的公鑰放到minion的
/
etc
/
salt
/
pki
/
minion
/ 下
salt-key -L #列出
salt-key -A #添加全部未認證的keyssalt-key -a centos* #單個添加(或者通配符)salt-key -D #刪除所有salt-key -d centos* #單個刪除或者統配
- 遠程執行:(在master端)
- 第一個測試指令:用於查看minion的存活狀態(需要先salt-key -A) salt '*' test.ping
[root@centos6 master]# salt '*' test.ping #測試指令centos5: Truecentos4: Truecentos6: Minion did not return. [Not connected] #未連接狀態
- 遠程執行模塊salt '*' cmd.run ‘cmd’
[root@centos6 master]# salt '*' cmd.run 'uptime'centos5: 22:42:29 up 20 min, 1 user, load average: 0.00, 0.00, 0.00centos4: 22:40:34 up 20 min, 1 user, load average: 0.12, 0.05, 0.08
- 配置管理
vim /etc/salt/master #打開下面的注釋file_roots: base: - /srv/salt
[root@centos6 srv]# mkdir /srv/salt #配置文件目錄的創建[root@centos6 srv]# /etc/init.d/salt-master restart #重啟服務 Stopping salt-master daemon: [ OK ] Starting salt-master daemon: [ OK ]
- 開始寫一個配置吧:先去安裝一個apache,並讓服務啟動
[root@centos6 salt]# cd /srv/salt/[root@centos6 salt]# vim apache.sls (嚴格控制空格,不要用tab鍵)- apache-install: pkg.installed: - names: - httpd - httpd-devel apache-service: service.running: - name: httpd - enable: True - reload: True
- [root@centos6 salt]# salt '*' state.sls apache #執行命令
- ‘’返回結果‘’
- centos5: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: Package httpd is already installed. Started: 23:04:40.668754 Duration: 810.705 ms Changes: ---------- ID: apache-install Function: pkg.installed Name: httpd-devel Result: True Comment: Package httpd-devel is already installed. Started: 23:04:41.479650 Duration: 0.509 ms Changes: ---------- ID: apache-service Function: service.running Name: httpd Result: True Comment: Service httpd has been enabled, and is running Started: 23:04:41.480874 Duration: 507.976 ms Changes: ---------- httpd: True Summary ------------ Succeeded: 3 (changed=1) Failed: 0 ------------ Total states run: 3 centos4: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: Package httpd is already installed. Started: 23:02:47.847090 Duration: 1554.792 ms Changes: ---------- ID: apache-install Function: pkg.installed Name: httpd-devel Result: True Comment: Package httpd-devel is already installed. Started: 23:02:49.402300 Duration: 0.817 ms Changes: ---------- ID: apache-service Function: service.running Name: httpd Result: True Comment: Service httpd has been enabled, and is running Started: 23:02:49.403861 Duration: 381.817 ms Changes: ---------- httpd: True Summary ------------ Succeeded: 3 (changed=1) Failed: 0 ------------ Total states run: 3
- 牛逼的入口文件:top文件
[root@centos6 salt]# vim top.slsbase: 'centos*': - apache - [root@centos6 salt]# salt '*' state.highstate #執行入口文件