自动化运维工具saltstack

Posted liang-yao

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了自动化运维工具saltstack相关的知识,希望对你有一定的参考价值。

SaltStack底层网络架构采用ZeroMQ 实现。SaltStack项目的设计初衷是为了实现一个快速的远程执行系统,后来在研发过程中不断加入新的功能,逐渐形成如今的Salt。

 

角色:

master:中心控制系统

minion:被管理客户端

 

安装SaltStack存储库和密钥:

yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-2.el7.noarch.rpm

salt-master安装salt-master

yum install –y salt-master

systemctl start salt-master

systemctl enable salt-master

 

salt-minion安装salt-minion

yum install –y salt-minion

salt-minion指定master的IP地址

vim /etc/salt/minion

16 master: 192.168.200.105

启动:

systemctl start salt-minion

systemctl enable salt-minion

salt-master和salt-minion首次启动会生成一个公钥和私钥/etc/salt/pki/master/master.pem、master.pub         /etc/salt/pki/minion/minion.pub、minion.pem

并且会把公钥发送给salt-master。审核通过后salt-minion会收到salt-master的公钥

 

salt-master默认监听4505和4506端口,4505提供远程执行命令发送功能;4506支持认证、文件服务、结果收集等功能

ss -ntlu | egrep ‘(4505|4506)‘
tcp LISTEN 0 128 *:4505 *:*
tcp LISTEN 0 128 *:4506 *:*

 

 

查看minion发送的秘钥

salt-key

Accepted Keys:

Denied Keys:

Unaccepted Keys:

a4.a.com
a6.a.com

Rejected Keys:

 

接受秘钥:

salt-key -a *.a.com
The following keys are going to be accepted:
Unaccepted Keys:

a4.a.com
a6.a.com
Proceed? [n/Y] Y
Key for minion a4.a.com accepted.
Key for minion a6.a.com accepted.

 

salt远程执行命令:

探测远程主机是否存活

salt ‘*‘ test.ping

a4.a.com:
  True
a6.a.com:
  True

‘*‘ 通配符代表所有minion主机(?代表任意一个字符),test为模块,ping为模块的方法

 

salt ‘*‘ cmd.run ‘w‘

a6.a.com:
13:27:18 up 7 min, 1 user, load average: 0.11, 0.35, 0.22
USER TTY FROM [email protected] IDLE JCPU PCPU WHAT
root pts/0 192.168.200.1 13:21 2:14 0.07s 0.07s -bash
a4.a.com:
13:27:18 up 7 min, 1 user, load average: 0.05, 0.27, 0.18
USER TTY FROM [email protected] IDLE JCPU PCPU WHAT
root pts/0 192.168.200.1 13:21 2:22 0.06s 0.06s -bash

 

安装程序包

salt-master取消611-613行的注释

vim /etc/salt/master

611 file_roots:
612   base:
613     - /srv/salt

 

mkdir -p /srv/salt

systemctl restart salt-master

vim /srv/salt/apache.sls    (格式要求严格,不要用TAB键)

apache-install:
  pkg.installed:
    - names:
      - httpd
      - httpd-devel

apache-service:
  service.running:
    - name: httpd
    - enable: True
    - reload: True

执行:

salt ‘*‘ state.sls apache

技术分享图片
a6.a.com:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: The following packages were installed/updated: httpd
     Started: 13:30:06.243921
    Duration: 81453.566 ms
     Changes:   
              ----------
              apr:
                  ----------
                  new:
                      1.4.8-3.el7_4.1
                  old:
              apr-util:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              httpd:
                  ----------
                  new:
                      2.4.6-67.el7.centos.6
                  old:
              httpd-tools:
                  ----------
                  new:
                      2.4.6-67.el7.centos.6
                  old:
              mailcap:
                  ----------
                  new:
                      2.1.41-2.el7
                  old:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd-devel
      Result: True
     Comment: The following packages were installed/updated: httpd-devel
     Started: 13:31:27.736835
    Duration: 24587.565 ms
     Changes:   
              ----------
              apr-devel:
                  ----------
                  new:
                      1.4.8-3.el7_4.1
                  old:
              apr-util-devel:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              cyrus-sasl:
                  ----------
                  new:
                      2.1.26-21.el7
                  old:
              cyrus-sasl-devel:
                  ----------
                  new:
                      2.1.26-21.el7
                  old:
              cyrus-sasl-lib:
                  ----------
                  new:
                      2.1.26-21.el7
                  old:
                      2.1.26-20.el7_2
              cyrus-sasl-plain:
                  ----------
                  new:
                      2.1.26-21.el7
                  old:
                      2.1.26-20.el7_2
              expat:
                  ----------
                  new:
                      2.1.0-10.el7_3
                  old:
                      2.1.0-8.el7
              expat-devel:
                  ----------
                  new:
                      2.1.0-10.el7_3
                  old:
              httpd-devel:
                  ----------
                  new:
                      2.4.6-67.el7.centos.6
                  old:
              libdb:
                  ----------
                  new:
                      5.3.21-21.el7_4
                  old:
                      5.3.21-19.el7
              libdb-devel:
                  ----------
                  new:
                      5.3.21-21.el7_4
                  old:
              libdb-utils:
                  ----------
                  new:
                      5.3.21-21.el7_4
                  old:
                      5.3.21-19.el7
              openldap:
                  ----------
                  new:
                      2.4.44-5.el7
                  old:
                      2.4.40-13.el7
              openldap-devel:
                  ----------
                  new:
                      2.4.44-5.el7
                  old:
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd has been enabled, and is running
     Started: 13:31:54.055923
    Duration: 8215.715 ms
     Changes:   
              ----------
              httpd:
                  True

Summary for a6.a.com
------------
Succeeded: 3 (changed=3)
Failed:    0
------------
Total states run:     3
Total run time: 114.257 s
a4.a.com:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: The following packages were installed/updated: httpd
     Started: 13:30:06.206829
    Duration: 97351.205 ms
     Changes:   
              ----------
              apr:
                  ----------
                  new:
                      1.4.8-3.el7_4.1
                  old:
              apr-util:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              httpd:
                  ----------
                  new:
                      2.4.6-67.el7.centos.6
                  old:
              httpd-tools:
                  ----------
                  new:
                      2.4.6-67.el7.centos.6
                  old:
              mailcap:
                  ----------
                  new:
                      2.1.41-2.el7
                  old:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd-devel
      Result: True
     Comment: The following packages were installed/updated: httpd-devel
     Started: 13:31:43.609145
    Duration: 25883.118 ms
     Changes:   
              ----------
              apr-devel:
                  ----------
                  new:
                      1.4.8-3.el7_4.1
                  old:
              apr-util-devel:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              cyrus-sasl:
                  ----------
                  new:
                      2.1.26-21.el7
                  old:
              cyrus-sasl-devel:
                  ----------
                  new:
                      2.1.26-21.el7
                  old:
              cyrus-sasl-lib:
                  ----------
                  new:
                      2.1.26-21.el7
                  old:
                      2.1.26-20.el7_2
              cyrus-sasl-plain:
                  ----------
                  new:
                      2.1.26-21.el7
                  old:
                      2.1.26-20.el7_2
              expat:
                  ----------
                  new:
                      2.1.0-10.el7_3
                  old:
                      2.1.0-8.el7
              expat-devel:
                  ----------
                  new:
                      2.1.0-10.el7_3
                  old:
              httpd-devel:
                  ----------
                  new:
                      2.4.6-67.el7.centos.6
                  old:
              libdb:
                  ----------
                  new:
                      5.3.21-21.el7_4
                  old:
                      5.3.21-19.el7
              libdb-devel:
                  ----------
                  new:
                      5.3.21-21.el7_4
                  old:
              libdb-utils:
                  ----------
                  new:
                      5.3.21-21.el7_4
                  old:
                      5.3.21-19.el7
              openldap:
                  ----------
                  new:
                      2.4.44-5.el7
                  old:
                      2.4.40-13.el7
              openldap-devel:
                  ----------
                  new:
                      2.4.44-5.el7
                  old:
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd has been enabled, and is running
     Started: 13:32:11.081391
    Duration: 6256.779 ms
     Changes:   
              ----------
              httpd:
                  True

Summary for a4.a.com
------------
Succeeded: 3 (changed=3)
Failed:    0
------------
Total states run:     3
Total run time: 129.491 s
View Code
查看已安装软件包信息

 salt ‘a4.a.com‘ pkg.version ‘httpd‘

a4.a.com:
  2.4.6-67.el7.centos.6

 

删除已安装的软件包

salt ‘a4.a.com‘ pkg.remove ‘httpd‘
a4.a.com:
  ----------
  httpd:
    ----------
    new:
    old:
      2.4.6-67.el7.centos.6
  httpd-devel:
    ----------
    new:
    old:
      2.4.6-67.el7.centos.6

 

saltstack状态管理:

vim /srv/salt/top.sls

base:
  *:
    - apache

执行:

salt ‘*‘ state.highstate

技术分享图片
a4.a.com:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: All specified packages are already installed
     Started: 13:34:53.326319
    Duration: 1044.654 ms
     Changes:   
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd-devel
      Result: True
     Comment: All specified packages are already installed
     Started: 13:34:54.371290
    Duration: 0.772 ms
     Changes:   
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: The service httpd is already running
     Started: 13:34:54.373002
    Duration: 41.928 ms
     Changes:   

Summary for a4.a.com
------------
Succeeded: 3
Failed:    0
------------
Total states run:     3
Total run time:   1.087 s
a6.a.com:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: All specified packages are already installed
     Started: 13:34:53.335898
    Duration: 1028.702 ms
     Changes:   
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd-devel
      Result: True
     Comment: All specified packages are already installed
     Started: 13:34:54.364850
    Duration: 0.754 ms
     Changes:   
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: The service httpd is already running
     Started: 13:34:54.366478
    Duration: 64.824 ms
     Changes:   

Summary for a6.a.com
------------
Succeeded: 3
Failed:    0
------------
Total states run:     3
Total run time:   1.094 s
View Code

 



































以上是关于自动化运维工具saltstack的主要内容,如果未能解决你的问题,请参考以下文章

自动化运维工具SaltStack详细部署

自动化运维工具SaltStack详细部署

自动化运维工具SaltStack详细部署

自动化运维工具之SaltStack-1SaltStack介绍及安装

自动化运维工具之Saltstack

自动运维工具 -saltstack安装使用(实例演示!!!)