saltstack远程执行安装包

saltstack

saltstack主要用来远程执行，配置管理和云管理1，更新yum源

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

2，更新epel源

mkdir /home/linuxea/tools -p && cd /home/linuxea/tools
wget http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm
rpm -qa |grep epel

3，yum安装服务端：yum install salt-master启动服务端，监听端口4405,4406

[root@master ~]#  service salt-master start
[root@master ~]# lsof -i :4505
COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
salt-mast 26847 root   12u  IPv4  65103      0t0  TCP *:4505 (LISTEN)
[root@master ~]# lsof -i :4506
COMMAND     PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
salt-mast 26881 root   20u  IPv4  65251      0t0  TCP *:4506 (LISTEN)
[root@master ~]# 

客户端：yum install salt-minion

[root@minion ~]#  service salt-minon start
[root@minion ~]# vim /etc/salt/minion
master: 10.0.0.7

id: minios.10.0.0.8.com

把minion_id修改，不使用此ID

[root@minion ~]# cat /etc/salt/minion_id 
10.0.0.8
[root@minion ~]# mv /etc/salt/minion_id /etc/salt/minion_id.bak
[root@minion ~]# 

master和minon需要认证！---------->id的认证

[root@master ~]# salt-key 
Accepted Keys:
Denied Keys:
Unaccepted Keys:
10.0.0.8
minios.10.0.0.8.com
Rejected Keys:
[root@master ~]# 

添加认证

[root@master ~]# salt-key -a minios.10.0.0.8.com
The following keys are going to be accepted:
Unaccepted Keys:
minios.10.0.0.8.com
Proceed? [n/Y] y
Key for minion minios.10.0.0.8.com accepted.
[root@master ~]# 

在查看，minios.10.0.0.8.com已经被认证

[root@master ~]# salt-key 
Accepted Keys:
minios.10.0.0.8.com
Denied Keys:
Unaccepted Keys:
10.0.0.8
Rejected Keys:
[root@master ~]# 

测试minios.10.0.0.8.com，返回True是正常（*代表所有）

[root@master ~]# salt 'minios.10.0.0.8.com' test.ping
minios.10.0.0.8.com:
    True
[root@master ~]# 

使用cmd.run模块远程执行！远程查看硬盘

[root@master ~]# salt 'minios.10.0.0.8.com' cmd.run 'df -h'
minios.10.0.0.8.com:
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda2        18G  2.5G   14G  16% /
    tmpfs           491M  236K  491M   1% /dev/shm
    /dev/sda1       283M   28M  240M  11% /boot

远程查看系统时间

[root@master ~]# salt 'minios.10.0.0.8.com' cmd.run 'uptime'
minios.10.0.0.8.com:
     06:16:18 up  3:00,  2 users,  load average: 0.00, 0.01, 0.00
[root@master ~]# 

配置管理！

default_include: master.d/*.conf ----------->配置文件放置interface: 0.0.0.0-------------------------->监听端口user: root---------------------------------->默认用户

例如：

file_roots:
   (两个空格)base:  
  （四个空格） - /etc/salt/states
   dev:
     - /etc/salt/states/prod
     - /srv/salt/dev/states
   prod:
     - /srv/salt/prod/services
     - /srv/salt/prod/states

本文修改:

[root@master ~]# vim /etc/salt/master 
default_include: master.d/*.conf
interface: 0.0.0.0
state_top: top.sls --------------------->后缀
user: root
file_roots:
   base:
     - /etc/salt/status

   dev:
     - /etc/salt/services/dev
[root@master ~]# mkdir -p /etc/salt/status
[root@master ~]# mkdir -p /etc/salt/services/dev
[root@master ~]# /etc/init.d/salt-master restart
Stopping salt-master daemon:                               [确定]
Starting salt-master daemon:                               [确定]
[root@master ~]# 

log位置

[root@master ~]# tail -f /var/log/salt/master 

编写状态文件！给每个类型创建分支创建一个安装文件包的分支文件目录

[root@master status]# mkdir /etc/salt/status/init

在top.sls中调用init目录下的pkg文件

[root@master ~]# vim /etc/salt/status/top.sls
#huanjing
base:

  'minios.10.0.0.8.com':
    - init.pkg

创建pkg文件，写入需要安装的文件，格式如下：

[root@master status]# vim /etc/salt/status/pkg.sls
pkg.init:
  pkg.installed:
    - names:
      - lrzsz
      - mtr
      - nmap
      - nginx

目录结构如下：

[root@master status]# tree /etc/salt/
/etc/salt/
├── master
├── pki
│   └── master
│       ├── master.pem
│       ├── master.pub
│       ├── minions
│       │   └── minios.10.0.0.8.com
│       ├── minions_autosign
│       ├── minions_denied
│       ├── minions_pre
│       │   └── 10.0.0.8
│       └── minions_rejected
├── services
│   └── dev
└── status
    ├── init
    ├── pkg.sls
    └── top.sls

11 directories, 7 files
[root@master status]

执行测试：

[root@master init]# salt 'minios.10.0.0.8.com'  state.sls init.pkg
minios.10.0.0.8.com:
----------
          ID: pkg.init
    Function: pkg.installed
        Name: mtr
      Result: True
     Comment: Package mtr is already installed.
     Started: 07:31:40.877509
    Duration: 921.628 ms
     Changes:   
----------
          ID: pkg.init
    Function: pkg.installed
        Name: nmap
      Result: True
     Comment: Package nmap is already installed.
     Started: 07:31:41.799288
    Duration: 0.439 ms
     Changes:   
----------
          ID: pkg.init
    Function: pkg.installed
        Name: lrzsz
      Result: True
     Comment: Package lrzsz is already installed.
     Started: 07:31:41.799851
    Duration: 0.328 ms
     Changes:   
----------
          ID: pkg.init
    Function: pkg.installed
        Name: nginx
      Result: True
     Comment: Package nginx is already installed.
     Started: 07:31:41.800254
    Duration: 0.321 ms
     Changes:   

Summary
------------
Succeeded: 4
Failed:    0
------------
Total states run:     4
[root@master init]# 

在minios.10.0.0.8.com查看

[root@minion ~]# rpm -qa mtr
mtr-0.75-5.el6.x86_64
[root@minion ~]# rpm -qa nmap
nmap-5.51-4.el6.x86_64
[root@minion ~]# rpm -qa nginx
nginx-1.0.15-12.el6.x86_64
[root@minion ~]# rpm -qa lrzsz
lrzsz-0.12.20-27.1.el6.x86_64
[root@minion ~]#