版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
一.saltstack简介
1.saltstack简介:
Saltstack是基于Python开发的一套C/S架构,具备Puppet、Ansible功能于一身的配置管理工具,功能十分强大,各模块融合度及复用性极高;使用号称世界上最快的消息队列ZeroMQ使得Saltstack能够秒级在数万台服务器上进行各种操作,而且使用RAS Key方式确认身份,传输采用AES加密,安全性能更高;
Saltstack不仅仅是一款配置管理工具,还是一款做云计算和数据中心架构编排利器。目前Salt-cloud项目也已经合并到Saltstack主项目里,Saltstack已经支持Docker相关模块,在友好地支持各大云平台之后,配合Saltstack的Mine实现各云平台业务自动扩展。
2.通信端口:
- master端:4505
- minion端:4506
salt的master会监听端口4505和4506,4505是salt用来发布信息的;4506是用来为salt客户端与服务端通信的端口监听返回数据。minion端不监听端口,在minion启动后会自动与master通过注册连接,通过后一直保持连接。
3.主要功能:
- 一个配置管理系统,能够维护预定义状态的远程节点(比如,确保指定的报被安装,指定的服务在运行)
- 一个分布式远程执行系统,用来在远程节点(可以是单个节点,也可以是任意规则挑选出来的节点)上执行命令和查询数据
二.实验
1.部署实验环境
server1:
yum install salt-master -y ##这里已经配好了yum源(包含所有依赖关系)
server2:
yum insall -y salt-minion
server3:
yum install -y salt-minion
2.打开salt-master
[root@server1 salt]# systemctl start salt-master
[root@server1 salt]# netstat -antlp
3.配置server2、server3的salt-minion
[root@server2 ~]# cd /etc/salt/
[root@server2 salt]# ls
cloud cloud.maps.d master minion.d proxy.d
cloud.conf.d cloud.profiles.d master.d pki roster
cloud.deploy.d cloud.providers.d minion proxy
[root@server2 salt]# vim minion
16 master: 172.25.31.1
[root@server2 salt]# systemctl start salt-minion
server3同样操作
3.将server2、server3加入
[root@server1 salt]# salt-key -L ##-L列出所有
[root@server1 salt]# salt-key -A ##加入
4.查看端口具体信息
[root@server1 salt]# yum install -y lsof
[root@server1 salt]# lsof -i :4505
[root@server1 salt]# vim master
[root@server1 salt]# systemctl restart salt-master
二.saltstack的应用
1.为server2安装httpd
[root@server1 apache]# pwd
/srv/salt/apache
[root@server1 apache]# ls
apache.sls files install.sls
[root@server1 apache]# cat install.sls
install-apache:
pkg.installed:
- pkgs:
- httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
service.running:
- name: httpd
- reload: True
- watch:
- file: install-apache
[root@server1 apache]# cd files/
[root@server1 files]# ls
httpd.conf
[root@server1 apache]# salt server2 state.sls apache.install
[root@server2 minion]# tree .
.
├── accumulator
├── extmods
├── files
│ └── base
│ ├── apache
│ │ ├── files
│ │ │ └── httpd.conf
│ │ └── install.sls
│ └── nginx
│ └── install.sls
├── highstate.cache.p
├── pkg_refresh
├── proc
└── sls.p
8 directories, 6 files
安装所有
[root@server1 apache]# cat apache.sls
install-apache:
pkg.installed:
- pkgs:
- httpd
/etc/httpd/conf/httpd.conf
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
service.running:
- name: httpd
- watch:
- file: /etc/httpd/conf/httpd.conf
[root@server1 salt]# cat top.sls
base:
'*':
- apache.install
[root@server1 salt]# salt '*' state.highstate
server2:
----------
ID: install-apache
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 11:47:42.671750
Duration: 679.907 ms
Changes:
----------
ID: install-apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 11:47:43.354708
Duration: 27.683 ms
Changes:
----------
ID: install-apache
Function: service.running
Name: httpd
Result: True
Comment: Started Service httpd
Started: 11:47:43.383628
Duration: 122.231 ms
Changes:
----------
httpd:
True
Summary for server2
------------
Succeeded: 3 (changed=1)
Failed: 0
------------
Total states run: 3
Total run time: 829.821 ms
server3:
----------
ID: install-apache
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 11:47:42.600298
Duration: 663.636 ms
Changes:
----------
ID: install-apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 11:47:43.266732
Duration: 34.541 ms
Changes:
----------
ID: install-apache
Function: service.running
Name: httpd
Result: True
Comment: Started Service httpd
Started: 11:47:43.302496
Duration: 171.214 ms
Changes:
----------
httpd:
True
Summary for server3
------------
Succeeded: 3 (changed=1)
Failed: 0
------------
Total states run: 3
Total run time: 869.391 ms
2.为server2安装nginx
[root@server1 salt]# ls
apache nginx pkgs top.sls
[root@server1 salt]# cd nginx/
[root@server1 nginx]# ls
files install.sls service.sls
[root@server1 salt]# cat pkgs/install.sls
nginx-make:
pkg.installed:
- pkgs:
- gcc
- make
- zlib-devel
- pcre-devel
[root@server1 nginx]# cat install.sls
include:
- pkgs.install
install-nginx:
file.managed:
- name: /mnt/nginx-1.15.8.tar.gz
- source: salt://nginx/files/nginx-1.15.8.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.15.8.tar.gz && cd nginx-1.15.8 && sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx && make && make install
- creates: /usr/local/nginx
[root@server1 nginx]# cd files/
[root@server1 files]# ls
nginx-1.15.8.tar.gz nginx.conf
[root@server1 files]# cd ..
[root@server1 nginx]# ls
files install.sls service.sls
[root@server1 nginx]# cat service.sls
include:
- nginx.install
/usr/local/nginx/sbin/nginx: ##命令方式启动
cmd.run:
- creates: /usr/local/nginx/logs/nginx.pid
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
/usr/local/nginx/sbin/nginx -s reload:
cmd.wait:
- watch:
- file: /usr/local/nginx/conf/nginx.conf
[root@server1 nginx]# salt server2 state.sls nginx.install
[root@server1 salt]# cd /var/cache/salt/
[root@server1 salt]# ls
master
[root@server1 salt]# cd master/
[root@server1 master]# ls
file_lists jobs minions proc queues roots syndics tokens
[root@server1 master]# cd jobs/
[root@server1 jobs]# ls ##这里包含缓存文件
0b 0f 16 1f 39 5b 5e 61 88 89 a1 a6 b6 c0 c2 c3 c4 d0 f0
先关闭server3中以命令方式启动的nginx进程
[root@server1 salt]# ls
apache nginx pkgs top.sls
[root@server1 salt]# cd nginx/
[root@server1 nginx]# ls
files install.sls service.sls
[root@server1 nginx]# cat install.sls
include:
- pkgs.install
install-nginx:
file.managed:
- name: /mnt/nginx-1.15.8.tar.gz
- source: salt://nginx/files/nginx-1.15.8.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.15.8.tar.gz && cd nginx-1.15.8 && sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx && make && make install
- creates: /usr/local/nginx
[root@server1 nginx]# cat service.sls
include:
- nginx.install
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
service-nginx
file.managed:
- name: /usr/lib/systemd/system/nginx.service ##以systemd方式启动
- source: salt://nginx/files/nginx.service
service.running:
- name: nginx
- reload: True
- watch:
- file: /usr/local/nginx/conf/nginx.conf
[root@server1 nginx]# cd files/
[root@server1 files]# ls
nginx-1.15.8.tar.gz nginx.conf nginx.service
[root@server1 files]# cat nginx.service
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@server1 files]# cd ../..
[root@server1 salt]# ls
apache nginx pkgs top.sls
[root@server1 nginx]# salt '*' state.highstate