zoukankan      html  css  js  c++  java

  • Saltstack基本安装部署

    配置环境
    主节点 controller:172.16.100.10
    监控节点 compute:172.16.100.20

    主节点

    #####安装软件包#####
# curl -o /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
# yum -y install salt-master salt-minion
# systemctl start salt-master.service 
# ^start^enable

#####修改minion配置文件#####
# vim /etc/salt/minion 
master: 172.16.100.10                主节点地址
id: FQDN                             不设置的话为默认主机名,存放位置/etc/salt/minion_id
# systemctl start salt-minion
# ^start^enable
# tree /etc/salt/pki/
/etc/salt/pki/
├── master
│   ├── master.pem
│   ├── master.pub
│   ├── minions
│   ├── minions_autosign
│   ├── minions_denied
│   ├── minions_pre                  存放监控节点公钥
│   │   ├── compute                
│   │   └── controller           
│   └── minions_rejected
└── minion
    ├── minion.pem
    └── minion.pub

    监控节点

    #####安装软件包#####
# curl -o /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
# yum -y install salt-minion

#####修改配置文件#####
# vim /etc/salt/minion
master: 172.16.100.10
# systemctl start salt-minion
# ^start^enable
# tree /etc/salt/pki/minion
/etc/salt/pki/minion
├── minion.pem
└── minion.pub                        服务启动生成的公钥会传输到主节点的/etc/salt/pki/master/minions_pre目录下

    主节点

    #####添加监控节点#####
# salt-key -a compute,controller     
# salt-key                             查看允许通信的监控主机
Accepted Keys:
compute
controller
Denied Keys:
Unaccepted Keys:
Rejected Keys:
# tree /etc/salt/pki
/etc/salt/pki
├── master
│   ├── master.pem
│   ├── master.pub
│   ├── minions                        公钥从minios_pre转到minios
│   │   ├── compute
│   │   └── controller
│   ├── minions_autosign
│   ├── minions_denied
│   ├── minions_pre
│   └── minions_rejected
└── minion
    ├── minion_master.pub
    ├── minion.pem
    └── minion.pub
# netstat -lpta |grep 4505           发送端口
tcp        0      0 0.0.0.0:4505            0.0.0.0:*               LISTEN      67903/python        
tcp        0      0 172.16.100.10:52424     172.16.100.10:4505      ESTABLISHED 69995/python        
tcp        0      0 172.16.100.10:4505      172.16.100.20:60225     ESTABLISHED 67903/python        
tcp        0      0 172.16.100.10:4505      172.16.100.10:52424     ESTABLISHED 67903/python 
# netstat -lpta |grep 4506           接受端口
tcp        0      0 0.0.0.0:4506            0.0.0.0:*               LISTEN      67925/python        
tcp        0      0 172.16.100.10:4506      172.16.100.10:51547     ESTABLISHED 67925/python        
tcp        0      0 172.16.100.10:51547     172.16.100.10:4506      ESTABLISHED 69995/python        
tcp        0      0 172.16.100.10:4506      172.16.100.20:44469     ESTABLISHED 67925/python
  • 相关阅读:
    Atitit.Java exe bat  作为windows系统服务程序运行
    Atitit. Object-c语言 的新的特性  attilax总结
    Atitit. Object-c语言 的新的特性  attilax总结
    Atitit。Time base gc 垃圾 资源 收集的原理与设计
    Atitit。Time base gc 垃圾 资源 收集的原理与设计
    Atitit.go语言golang语言的新的特性  attilax总结
    Atitit.go语言golang语言的新的特性  attilax总结
    Atitit.pdf 预览 转换html attilax总结
    Atitit.pdf 预览 转换html attilax总结
    Atitit.office word  excel  ppt pdf 的web在线预览方案与html转换方案 attilax 总结
  • 原文地址:https://www.cnblogs.com/testder/p/9307805.html
Copyright © 2011-2022 走看看