CentOS 6.4 部署saltstack master/minion

实验环境:

salt-master: 10.65.253.121 slatm-3738

salt-monion1: 10.65.253.125 slats1-4739

salt-monion2: 10.65.253.139 slats2-5740

 

Saltstack master.

安装epel yum源

[root@slatm-3738 ~]# rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Retrieving http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

warning: /var/tmp/rpm-tmp.dV3tGo: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY

Preparing...                ########################################### [100%]

   1:epel-release           ########################################### [100%]

 

安装salt-master

[root@slatm-3738 ~]#  yum install salt-master.noarch -y

 

salt-master配置文件

[root@slatm-3738 ~]# grep -v ^# /etc/salt/master | grep -v ^$

default_include: master.d/*.conf

interface: 10.65.253.121

publish_port: 4505

max_open_files: 100000

worker_threads: 5

ret_port: 4506

pidfile: /var/run/salt-master.pid

root_dir: /home/salt/

pki_dir: /etc/salt/pki/master

cachedir: /var/cache/salt/master

timeout: 5

sock_dir: /var/run/salt/master

file_roots:

  base:

    - /srv/salt/data/

pillar_roots:

  base:

    - /srv/pillar/data/

key_logfile: /var/log/salt/key

log_level_logfile: warning

log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'

log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'

nodegroups:

   group1: '10.65.253.125'

   group2: '10.65.253.139'

 

启动salt-master服务

[root@slatm-3738 ~]# /etc/init.d/salt-master start

Starting salt-master daemon:                               [  OK  ]

[root@slatm-3738 salt]# chkconfig salt-master on

 

Saltstack minion.

1. 安装epel yum源

[root@slats1-4739 ~]# rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Retrieving http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

warning: /var/tmp/rpm-tmp.soS8bi: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY

Preparing...                ########################################### [100%]

   1:epel-release           ########################################### [100%]

 

2. 安装软件

[root@slats1-4739 ~]# yum -y install salt-minion

 

3. 更改配置文件

[root@slats1-4739 ~]# grep -v ^# /etc/salt/minion | grep -v ^$

master: 10.65.253.121

master_port: 4506

user: root

pidfile: /var/run/salt-minion.pid

root_dir: /home/salt/

pki_dir: /etc/salt/pki/minion

id: 10.65.253.125

cachedir: /var/cache/salt/minion

sock_dir: /var/run/salt/minion

backup_mode: minion

acceptance_wait_time: 10

acceptance_wait_time_max: 0

file_roots:

  base:

    - /srv/salt

pillar_roots:

  base:

    - /srv/pillar

log_file: /var/log/salt/minion

key_logfile: /var/log/salt/key

log_level: warning

log_datefmt_logfile: '%Y-%m-%d %H:%M:%S'

log_fmt_logfile: '%(asctime)s,%(msecs)03.0f [%(name)-17s][%(levelname)-8s] %(message)s'

 

启动salt-minion服务

[root@slats1-4739 ~]# /etc/init.d/salt-minion start

Starting salt-minion daemon:                               [  OK  ]

[root@slats1-4739 ~]# chkconfig salt-minion on

 

在slat-master上查看/接受minion的key

[root@slatm-3738 ~]# salt-key

Accepted Keys:

Unaccepted Keys:

10.65.253.125

Rejected Keys:

 

[root@slatm-3738 ~]# salt-key -y -a 10.65.253.125

The following keys are going to be accepted:

Unaccepted Keys:

10.65.253.125

Key for minion 10.65.253.125 accepted.

 

查看key的状态:

[root@slatm-3738 ~]# salt-key -L

Accepted Keys:

10.65.253.125

Unaccepted Keys:

Rejected Keys:

 

可以通过命令删除指定的key

# salt-key -y -d 192.168.0.100

 

测试:

查看主机状态:

[root@slatm-3738 ~]# salt '10.65.253.125' test.ping

10.65.253.125:

    True

 

向所有minion上执行命令:

[root@slatm-3738 ~]# salt '*' cmd.run 'uname -a'

10.65.253.125:

    Linux slats1-4739 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

 

给定义的指定组执行命令:

[root@slatm-3738 ~]# salt --nodegroup group1 cmd.run 'uname -a'

10.65.253.125:

    Linux slats1-4739 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

 

执行minion上的自定义脚本

a. 在minion上方个脚本

[root@slats1-4739 ~]# cat /tmp/test.sh

#!/bin/bash

 

echo "hello world."

 

[root@slatm-3738 ~]# salt '*' cmd.run 'sh /tmp/test.sh'

10.65.253.125:

    hello world.

 

[root@slatm-3738 ~]# salt -N group1 cmd.run 'sh /tmp/test.sh'

10.65.253.125:

    hello world.

 

实验: 通过salt-master给client安装vim，并配置/etc/vimrc配置文件。

1. 确认当前salt-master的file roots目录。如果没有需要手工创建。

file_roots:

base:

- /home/salt/srv/data/

pillar_roots:

base:

- /home/salt/srv/pillar/data/

 

[root@slatm-3738 srv]#  /home/salt/srv/data/ -p

[root@slatm-3738 srv]# mkdir /home/salt/srv/pillar/data/ -p

 

2. 定制vim.sls文件

[root@slatm-3738 data]# cat vim.sls

vim:

pgk.installed

 

/etc/vimrc:

file.managed:

- source: salt://vimrc

- mode: 644

- user: root

- group: root

 

准备/etc/vimrc配置文件

[root@slatm-3738 data]# cat vimrc

syntax enable

set textwidth=79

set shiftwidth=4

set tabstop=4

set expandtab

set softtabstop=4

set shiftround

set fileencodings=utf-8

set encoding=utf8

set tenc=utf8

 

3. 测试vim.sls的配置

[root@slatm-3738 data]# salt -N group1 state.sls vim

 

salt-client端的配置:

[root@slats1-4739 ~]# rpm -qa |grep -i vim

vim-minimal-7.2.411-1.8.el6.x86_64

vim-common-7.2.411-1.8.el6.x86_64

vim-enhanced-7.2.411-1.8.el6.x86_64

 

[root@slats1-4739 ~]# cat /etc/vimrc

syntax enable

set textwidth=79

set shiftwidth=4

set tabstop=4

set expandtab

set softtabstop=4

set shiftround

set fileencodings=utf-8

set encoding=utf8

set tenc=utf8