参考文档
http://docs.saltstack.cn/contents.html
快速安装
初始配置 控制端master配置 # vim /etc/salt/master interface: 192.168.100.132 注:192.168.1.229 是本机服务端的IP地址 默认监听所有接口 # auto_accept: True 注:修改auto_accept为True,自动接受客户端的KEY,当然也可以这里不设置,手动接受就行,接受方式:salt-key -a keyname 控制端默认监听tcp 4505 4506 注意防火墙配置 客户端minion配置 # vim /etc/salt/minion master: 192.168.100.132 id: 192.168.100.138 注:192.168.100.132 是服务端的IP地址 id :客户端的标识,用服务端连接时,就是用此标识来连接客户端,建议为主机域名 配置服务 # systemctl enable salt-master.service # systemctl start salt-master.service # systemctl enable salt-minion.service # systemctl start salt-minion.service ## 测试被控主机的连通性 # salt '*' test.ping ## 根据被控主机的grains信息进行匹配过滤 # salt -G 'os:Centos' test.ping ## 显示被控主机的操作系统类型 # salt '*' grains.item os ## 远程代码执行测试 # salt '*' cmd.exec_code python 'import sys; print sys.version'
常用命令
# salt-key -L 查看key列表 # salt-key -a KYENAME #允许一个key # salt-key -A #允许所有 # salt-key -d KEYNAME #删除一个key # salt-key -D #删除所有key ##使用ip地址或子网匹配 # salt -S 192.168.100.138 test.ping # salt -S 192.168.100.0/24 test.ping ##使用正则表达式: # salt -E 'virtmach[0-9]' test.ping ##指定列表 # salt -L 'foo,bar,baz,quo' test.ping ##拷贝文件 # salt-cp '*' file.py /root ##超级命令(生产中不建议使用) # salt '*' cmd.run 'yum install net-tool' ##查看客户端状态 # salt-run manage.status # salt-run manage.versions ##工具箱 # salt '192.168.100.138' saltutil.running \查看正在执行的任务 # salt '192.168.100.138' saltutil.kill_job 20170310143800082264 \删除正在运行的任务
模块使用
包安装模块
##命令输出
192.168.100.138:
----------
ID: pkg.init
Function: pkg.installed
Name: mtr
Result: True
Comment: The following packages were installed/updated: mtr
Started: 12:17:31.424942
Duration: 15219.658 ms
Changes:
----------
mtr:
----------
new:
2:0.85-7.el7
old:
----------
ID: pkg.init
Function: pkg.installed
Name: nmap
Result: True
Comment: The following packages were installed/updated: nmap
Started: 12:17:46.667926
Duration: 5258.072 ms
Changes:
----------
nmap:
----------
new:
2:6.40-7.el7
old:
nmap-ncat:
----------
new:
2:6.40-7.el7
old:
----------
ID: pkg.init
Function: pkg.installed
Name: lrzsz
Result: True
Comment: The following packages were installed/updated: lrzsz
Started: 12:17:51.969501
Duration: 2646.444 ms
Changes:
----------
lrzsz:
----------
new:
0.12.20-36.el7
old:
Summary for 192.168.100.138
------------
Succeeded: 3 (changed=3)
Failed: 0
------------
Total states run: 3
Total run time: 23.124 s
文件维护模块
##使用file.managed 维护文件
# vim top.sls
base:
'192.168.100.138':
- init.pkg
- init.limit
# cd init/
# vim limit.sls
limit-conf-config:
file.managed:
- name: /etc/security/limits.conf #minion端 文件路径
- source: salt://init/files/limits.conf #master端 文件路径
- user: root
- group: root
- mode: 644
# mkdir files
# cd files
# cp /etc/security/limits.conf .
##随意修改 limits.conf文件内容 验证是某同步
# salt '*' state.highstate
192.168.100.138:
----------
ID: pkg.init
Function: pkg.installed
Name: mtr
Result: True
Comment: Package mtr is already installed
Started: 13:09:50.532559
Duration: 672.412 ms
Changes:
----------
ID: pkg.init
Function: pkg.installed
Name: nmap
Result: True
Comment: Package nmap is already installed
Started: 13:09:51.205178
Duration: 0.426 ms
Changes:
----------
ID: pkg.init
Function: pkg.installed
Name: lrzsz
Result: True
Comment: Package lrzsz is already installed
Started: 13:09:51.205686
Duration: 0.315 ms
Changes:
----------
ID: limit-conf-config
Function: file.managed
Name: /etc/security/limits.conf
Result: True
Comment: File /etc/security/limits.conf updated
Started: 13:09:51.208228
Duration: 56.86 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,4 @@
-#this is test
+#this is test!!
# /etc/security/limits.conf
#
#This file sets the resource limits for the users logged in via PAM.
Summary for 192.168.100.138
------------
Succeeded: 4 (changed=1)
Failed: 0
------------
Total states run: 4
Total run time: 730.013 ms
把数据返回到mysql服务器
# vim /etc/salt/master mysql.host: '192.168.100.138' mysql.user: 'salt' mysql.pass: 'salt' mysql.db: 'salt' mysql.port: 3306 master_job_cache: mysql //master端直接写入mysql,如果不配置此行默认是minion端写入 # vim /etc/salt/minion mysql.host: '192.168.100.138' mysql.user: 'salt' mysql.pass: 'salt' mysql.db: 'salt' mysql.port: 3306 # salt '*' test.ping --return mysql