SaltStack 基本概念
minion上線后先與master端聯系,把自己的pub key發過去,這時master端通過salt-key -L命令就會看到minion的key,接受該minion-key后,也就是master與minion已經互信
master可以發送任何指令讓minion執行了,salt有很多可執行模塊,比如說cmd模塊
locate salt | grep /usr/ 可以看到salt自帶的所有東西
salt '*' cmd.run 'uptime'
master監聽4505和4506端口,4505對應的是ZMQ的PUB system,用來發送消息,4506對應的是REP system是來接受消息的
SaltStack 基本命令
[root@HOST129100 ~]# salt --version #查看salt版本
salt 2016.11.1 (Carbon)
[root@HOST129100 ~]# salt '*' test.ping #查看在線minion
172.16.129.99:
True
172.16.129.95:
True
172.16.129.97:
True
172.16.129.94:
True
172.16.129.98:
True
172.16.129.91:
True
172.16.129.96:
True
[root@HOST129100 ~]# salt-run manage.status #查看所有minion狀態
down:
up:
- 172.16.129.99
- 172.16.129.98
- 172.16.129.97
- 172.16.129.96
- 172.16.129.95
- 172.16.129.94
- 172.16.129.91
[root@HOST129100 ~]# salt-key -L #查看所有minion-key
Accepted Keys:
172.16.129.91
172.16.129.94
172.16.129.95
172.16.129.96
172.16.129.97
172.16.129.98
172.16.129.99
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@HOST129100 minion]# cat /etc/salt/minion_id #查看master的ip,或者vim /etc/salt/minion
172.16.129.100
[root@HOST129100 salt]# systemctl status salt-minion #查看minion狀態,一般情況下, 停掉master節點的minion
salt-minion.service - The Salt Minion
Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; disabled)
Active: inactive (dead)
Apr 25 10:46:46 HOST129100 systemd[1]: Started The Salt Minion.
Apr 25 10:47:27 HOST129100 salt-minion[18352]: [ERROR ] Error while bringing up minion...g?
Apr 25 10:48:13 HOST129100 systemd[1]: Stopping The Salt Minion...
Apr 25 10:48:13 HOST129100 salt-minion[18352]: [WARNING ] Minion received a SIGTERM. Exiting.
Apr 25 10:48:13 HOST129100 salt-minion[18352]: The Salt Minion is shutdown. Minion recei...d.
Apr 25 10:48:13 HOST129100 systemd[1]: Stopped The Salt Minion.
Apr 25 10:48:50 HOST129100 systemd[1]: Starting The Salt Minion...
Apr 25 10:48:50 HOST129100 systemd[1]: Started The Salt Minion.
Apr 25 10:54:01 HOST129100 systemd[1]: Stopping The Salt Minion...
Apr 25 10:54:01 HOST129100 salt-minion[18611]: [WARNING ] Minion received a SIGTERM. Exiting.
Apr 25 10:54:01 HOST129100 salt-minion[18611]: The Salt Minion is shutdown. Minion recei...d.
Apr 25 10:54:01 HOST129100 systemd[1]: Stopped The Salt Minion.
Hint: Some lines were ellipsized, use -l to show in full.
SaltStack 多MASTER 教程
參考鏈接:
https://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
多主系統,允許Salt主冗余,促進與minion多點通信。所有主都在運行,任何主都可以給minion發送命令。
主不同步任何信息,Keys需要被所有主接收,為了確保file_roots等共享文件一致,需要用git存儲
在master上的 可插拔的minion data緩存,包含Salt mine data,minion grains,minion pillar
默認情況下,salt使用localfs緩存模塊,如果存儲了外部數據,可以代替緩存
安裝步驟
1.在另一台機器上安裝salt-master
yum -y install salt-master
2.將原來master上的master密鑰拷貝到新的master是一份
如果有多個主,保留一起,其他的停掉
scp /etc/salt/pki/master/master* newmaster:/etc/salt/pki/master/
3.啟動新的Master
service salt-master start
4.修改minion配置文件/etc/salt/minion設置兩個master
master:
- master1
- master2
5.重啟minion
service salt-minion restart
6.在新的master上接受所有key
salt-key -L
salt-key -A
注意:
1.2個master並不會共享Minion keys,一個master刪除了一個key不會影響另一個
/etc/salt/pki/master/{minions,minions_pre,minions_rejected}
2.不會自動同步File_roots,所以需要手動去維護,如果用git就沒問題了
默認位置/srv/salt
3.不會自動同步Pillar_Roots,所以需要手工去維護,也可以用git
默認位置/srv/pillar
4.Master的配置文件也是獨立的
/etc/salt/master