SaltStack 基本概念
minion上线后先与master端联系,把自己的pub key发过去,这时master端通过salt-key -L命令就会看到minion的key,接受该minion-key后,也就是master与minion已经互信
master可以发送任何指令让minion执行了,salt有很多可执行模块,比如说cmd模块
locate salt | grep /usr/ 可以看到salt自带的所有东西
salt '*' cmd.run 'uptime'
master监听4505和4506端口,4505对应的是ZMQ的PUB system,用来发送消息,4506对应的是REP system是来接受消息的
SaltStack 基本命令
[root@HOST129100 ~]# salt --version #查看salt版本
salt 2016.11.1 (Carbon)
[root@HOST129100 ~]# salt '*' test.ping #查看在线minion
172.16.129.99:
True
172.16.129.95:
True
172.16.129.97:
True
172.16.129.94:
True
172.16.129.98:
True
172.16.129.91:
True
172.16.129.96:
True
[root@HOST129100 ~]# salt-run manage.status #查看所有minion状态
down:
up:
- 172.16.129.99
- 172.16.129.98
- 172.16.129.97
- 172.16.129.96
- 172.16.129.95
- 172.16.129.94
- 172.16.129.91
[root@HOST129100 ~]# salt-key -L #查看所有minion-key
Accepted Keys:
172.16.129.91
172.16.129.94
172.16.129.95
172.16.129.96
172.16.129.97
172.16.129.98
172.16.129.99
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@HOST129100 minion]# cat /etc/salt/minion_id #查看master的ip,或者vim /etc/salt/minion
172.16.129.100
[root@HOST129100 salt]# systemctl status salt-minion #查看minion状态,一般情况下, 停掉master节点的minion
salt-minion.service - The Salt Minion
Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; disabled)
Active: inactive (dead)
Apr 25 10:46:46 HOST129100 systemd[1]: Started The Salt Minion.
Apr 25 10:47:27 HOST129100 salt-minion[18352]: [ERROR ] Error while bringing up minion...g?
Apr 25 10:48:13 HOST129100 systemd[1]: Stopping The Salt Minion...
Apr 25 10:48:13 HOST129100 salt-minion[18352]: [WARNING ] Minion received a SIGTERM. Exiting.
Apr 25 10:48:13 HOST129100 salt-minion[18352]: The Salt Minion is shutdown. Minion recei...d.
Apr 25 10:48:13 HOST129100 systemd[1]: Stopped The Salt Minion.
Apr 25 10:48:50 HOST129100 systemd[1]: Starting The Salt Minion...
Apr 25 10:48:50 HOST129100 systemd[1]: Started The Salt Minion.
Apr 25 10:54:01 HOST129100 systemd[1]: Stopping The Salt Minion...
Apr 25 10:54:01 HOST129100 salt-minion[18611]: [WARNING ] Minion received a SIGTERM. Exiting.
Apr 25 10:54:01 HOST129100 salt-minion[18611]: The Salt Minion is shutdown. Minion recei...d.
Apr 25 10:54:01 HOST129100 systemd[1]: Stopped The Salt Minion.
Hint: Some lines were ellipsized, use -l to show in full.
SaltStack 多MASTER 教程
参考链接:
https://docs.saltstack.com/en/latest/topics/tutorials/multimaster.html
多主系统,允许Salt主冗余,促进与minion多点通信。所有主都在运行,任何主都可以给minion发送命令。
主不同步任何信息,Keys需要被所有主接收,为了确保file_roots等共享文件一致,需要用git存储
在master上的 可插拔的minion data缓存,包含Salt mine data,minion grains,minion pillar
默认情况下,salt使用localfs缓存模块,如果存储了外部数据,可以代替缓存
安装步骤
1.在另一台机器上安装salt-master
yum -y install salt-master
2.将原来master上的master密钥拷贝到新的master是一份
如果有多个主,保留一起,其他的停掉
scp /etc/salt/pki/master/master* newmaster:/etc/salt/pki/master/
3.启动新的Master
service salt-master start
4.修改minion配置文件/etc/salt/minion设置两个master
master:
- master1
- master2
5.重启minion
service salt-minion restart
6.在新的master上接受所有key
salt-key -L
salt-key -A
注意:
1.2个master并不会共享Minion keys,一个master删除了一个key不会影响另一个
/etc/salt/pki/master/{minions,minions_pre,minions_rejected}
2.不会自动同步File_roots,所以需要手动去维护,如果用git就没问题了
默认位置/srv/salt
3.不会自动同步Pillar_Roots,所以需要手工去维护,也可以用git
默认位置/srv/pillar
4.Master的配置文件也是独立的
/etc/salt/master