一、SaltStack 安装配置过程
1、服务组件安装
1、master安装
# vim /etc/hosts
192.168.1.10 master
192.168.1.20 minion
# yum -y install epel-release //安装 epel源
# yum -y install salt-master salt-minion //安装服务端和被监控端服务
2、minion安装
# vim /etc/hosts
# yum -y install epel-release
# yum -y install salt-minion //安装被监控端服务
2、服务启动
# vim /etc/salt/minion
#master: salt //第16行下方添加
master: 192.168.1.10 //说明服务端的地址
# systemctl start salt-master
# systemctl start salt-minion
# vim /etc/salt/minion
#master: salt //第16行下方添加
master: 192.168.1.10 //指定服务端的地址
# systemctl start salt-minion
# ps aux | grep salt
root 11175 0.0 0.8 234056 15508 ? Ss 08:19 0:00 /usr/bin/python /usr/bin/salt-minion
root 11181 0.3 1.4 533332 27040 ? Sl 08:19 0:00 /usr/bin/python /usr/bin/salt-minion
......
3、配置认证
# salt-key -a minion //增加一个minion的密钥认证
The following keys are going to be accepted:
Unaccepted Keys:
minion
Proceed? [n/Y] y
Key for minion minion accepted.
# salt-key -A|d //签名所有主机|删除指定的主机
# cd /etc/salt/pki/minion/
# ls //在被监控端看到生成的密钥minion_master.pub
minion_master.pub minion.pem minion.pub
# salt 'minion' test.ping //探测主机是否在线
minion:
True
# salt 'minion' cmd.run 'df -hT' //查看分区
4、grains组件
# salt 'minion' grains.ls //列出所有的grains项目名称
# salt 'minion' grains.items //列出所有的grains项和对应的值
# vim /etc/salt/grains //自定义grains组件
role: zabbix_server
env: test
myname: linux-zabbix
myhostname: minion
# systemctl restart salt-minion
# salt 'minion' grains.items env
domain:
env:
test
fqdn:
minion
myhostname:
minion
myname:
linux-zabbix
role:
zabbix_server
# salt -G env:test cmd.run 'w' //指定env:test子项运行‘w’命令
5、pillar组件
# vim /etc/salt/master //取消下面三行的注释
pillar_roots: //pillar_roots 前面有一个空格
base:
- /srv/pillar
# mkdir -p /srv/pillar //创建pillar文件的存放目录
# cd /srv/pillar/
# vim test.sls //创建配置文件
conf: /etc/123.conf //注意冒号后有空格
myname: saltstack-server
# vim /srv/pillar/top.sls //创建编写入口配置文件
base:
'minion':
- test //注意- 后有空格
# salt '*' pillar.items
master:
----------
minion:
----------
conf:
/etc/123.conf
myname:
saltstack-server
# salt '*' saltutil.refresh_pillar
master:
True
minion:
True
二、Saltstack 配置管理服务
1、配置安装apache
# vim /etc/salt/master //取消注释
file_roots:
base:
- /srv/salt/
# mkdir /srv/salt
# cd /srv/salt
# vim top.sls
base:
'minion':
- apache
# systemctl restart salt-master
# vim /srv/salt/apache.sls
apache-service:
pkg.installed:
- names:
- httpd
- httpd-devel
service.running:
- name: httpd
- enable: True
# salt 'minion' state.highstate
minion:
----------
ID: apache-service
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 09:11:33.886157
Duration: 1135.946 ms
Changes:
----------
ID: apache-service
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: The following packages were installed/updated: httpd-devel
Started: 09:11:35.022221
Duration: 29384.803 ms
Changes:
----------
# httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Apr 2 2020 13:13:23
2、配置远程文件管理
# vim filetest.sls
#该配置段的名字
file_test:
file.managed:
#指定远程客户端要生成的文件
- name: /tmp/httpd.txt
#指定文件从哪里拷贝,test目录相当于是 /srv/salt/test 目录
- source: salt://test/httpd.php
- user: root
- group: root
- mode: 644
# mkdir -p /srv/salt/test
# echo 'apache'>/srv/salt/test/httpd.php
# vim top.sls
base:
'minion':
- apache
- filetest
# salt 'minion' state.highstate
----------
ID: file_test
Function: file.managed
Name: /tmp/httpd.txt
Result: True
Comment: File /tmp/httpd.txt updated
Started: 09:27:06.359565
Duration: 11.056 ms
Changes:
----------
diff:
New file
mode:
0644
Summary
------------
# cat /tmp/httpd.txt
apache
3、配置文件夹管理
# vim filedir.sls
file_dir:
file.recurse:
- name: /tmp/testdir
- source: salt://test
- user: root
- file_mode: 644
- dir_mode: 755
- mkdir: True
- clean: True
# vim top.sls
base:
'minion':
- filedir
# salt 'minion' state.highstate
# salt 'minion' state.highstate
minion:
----------
ID: file_dir
Function: file.recurse
Name: /tmp/testdir
Result: True
Comment: Recursively updated /tmp/testdir
Started: 10:03:10.963932
Duration: 203.504 ms
Changes:
----------
/tmp/testdir/httpd.php:
----------
diff:
New file
mode:
0644
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
# ls /tmp/testdir/
httpd.php
4、远程执行命令
# vim cmd.sls
cmd_test:
cmd.run:
#unless: 表示若/tmp/httpd.txt文件不存在,也就是结果为True则执行-name后面的命令,为false则不执行
- unless: test -f /tmp/httpd.txt
- names:
- touch /tmp/11.txt
- mkdir /tmp/1233
- user: root
#使用 onlyif 表示若/tmp/httpd.txt文件存在,则执行后面的命令
# vim top.sls
base:
'minion':
- cmd
# salt 'minion' state.highstate
minion:
----------
ID: cmd_test
Function: cmd.run
Name: mkdir /tmp/1233
Result: True
Comment: unless execution succeeded
Started: 10:13:15.402465
Duration: 59.776 ms
Changes:
----------
ID: cmd_test
Function: cmd.run
Name: touch /tmp/11.txt
Result: True
Comment: unless execution succeeded
Started: 10:13:15.462395
Duration: 47.15 ms
Changes:
Summary
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
5、远程执行shell脚本
# vim shell.sls
shell_test:
cmd.script:
- source: salt://test/1.sh
- user: root
# vim test/1.sh
#!/bin/bash
touch /tmp/111222333.jsp
echo 'this is jsp page'>> /tmp/111222333.jsp
# vim top.sls
base:
'minion':
- shell
# salt 'minion' state.highstate
minion:
----------
ID: shell_test
Function: cmd.script
Result: True
Comment: Command 'shell_test' run
Started: 10:16:28.555925
Duration: 59.914 ms
Changes:
----------
pid:
50147
retcode:
0
stderr:
stdout:
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
# ls /tmp/
111222333.jsp
评论区