一、SaltStack的介绍
SaltStack,简称salt,自动化管理工具,一种全新的基础设施管理方式,部署轻松,在几分钟内可运行起来,扩展性好,很容易管理上万台服务器,速度够快,服务器之间秒级通讯。
salt使用python语言开发。
salt的运行方式:
1.Local
2.Master/Minion (传统)
3.Salt SSH
salt的三大功能:
1.远程执行
2.配置管理
3.云管理
二、SaltStack安装及配置
saltstack没有在默认的安装包里,安装它需要先安装epel第三方源。
centos6安装
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
server:
# yum install -y salt-master
Client1:
# yum install -y salt-minion
Client2:
# yum install -y salt-minion
把服务加入到开机自动启动
## server # chkconfig salt-master on ## client # chkconfig salt-minion on
在Client端,配置/etc/salt/minion
# 16行变更 #master: salt --> master: 192.168.92.3 master: 192.168.92.3 #id:为空,表示FQN名
启动master和client
# service salt-master start #或 # /etc/init.d/salt-master start # service salt-minion start #或 # /etc/init.d/salt-minion start
三、使用
1.key认证
查看认证状态
添加认证客户端
## -A 全部主机 # salt-key -A ## -a 添加个别主机 # salt-key -a server # salt-key -a client
再次查看key认证状态:
注意:
删除 # salt-key -d xx 全部删掉 # salt-key -D (慎用)
2.远程执行功能
# salt '*' test.ping
client:
True
server:
True
# salt '*' cmd.run 'uptime'
client:
00:57:47 up 2:31, 1 user, load average: 0.05, 0.03, 0.05
server:
00:57:47 up 29 min, 1 user, load average: 0.03, 0.05, 0.08
# salt '*' cmd.run 'df -h'
client:
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_wuyouwei-lv_root
18G 4.0G 13G 25% /
tmpfs 491M 80K 491M 1% /dev/shm
/dev/sda1 477M 35M 418M 8% /boot
server:
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_wuyouwei-lv_root
18G 3.9G 13G 24% /
tmpfs 491M 88K 491M 1% /dev/shm
/dev/sda1 477M 35M 418M 8% /boot
3.配置管理(安装软件)
在server端,编辑/etc/salt/master
## 把注释放开 --->
file_roots:
base:
- /srv/salt/
# base前面必须是2个空格
# - 前面是4个空格
若/srv/salt/目录不存在,请创建。
# mkdir /srv/salt/ # /etc/init.d/salt-master restart
(很重要)在server端写状态配置
# cd /srv/salt/ [root@server salt]# ll total 0 [root@server salt]# vim apache.sls
#编辑内容,注意空格
执行安装命令
# salt '*' state.sls apache
server:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 01:22:39.526997
Duration: 1258.992 ms
Changes:
----------
ID: apache-install
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: Package httpd-devel is already installed.
Started: 01:22:40.786220
Duration: 0.55 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 01:22:40.787406
Duration: 35.421 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
client:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 01:22:39.542822
Duration: 1315.972 ms
Changes:
----------
ID: apache-install
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: Package httpd-devel is already installed.
Started: 01:22:40.859029
Duration: 0.584 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started: 01:22:40.860278
Duration: 138.662 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=1)
Failed: 0
------------
Total states run: 3
apache已经成功安装,正常启动
注:若将Client端的apache服务停掉,还是会自动同步启动
定义高级状态
# 编辑入口文件
# vim top.sls
base:
'*':
- apache
执行
# salt '*' state.highstate