很久之前,用過一段時間的Puppet,也就是簡單用了用,後來慢慢就丟了,然後就去搞mysql的一些東西了,或許,很多事情就是註定的,以爲再來不會用它了的時候,任務來了,說要繼續研究這玩意,後面遇到一個牛X的同事,說用SaltStack比較好,而且他已經用這個做了不少實際游泳的案例了,他說,Puppet注重於最終狀態,SaltStack注重於實時命令的運行,SaltStack=Puppet+Func,且SaltStack還是使用Python開發的,入手以及後續的功能自定義開發都是非常方便的。於是乎,就看看咯.
官網鏈接是:http://www.saltstack.com/
角色 操作系統 主機名 IP地址
Master【服務端】 RHEL6U3 X86_64 DemoServer 192.168.153.38
Minion【客戶端】 RHEL6U3 X86_64 oracle 192.168.153.137
1. 安裝SaltStack Master
[1] 配置本地YUM源
[root@DemoServer ~]# cat /etc/yum.repos.d/rhel-source.repo [rhel] name=rhel baseurl=http://192.168.150.3/rhel6.3core/ enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
額外下載包:python-jinja2-2.2.1-1.el6.x86_64.rpm
[2] 安裝EPEL源
[root@DemoServer ~]# rpm -Uvh http://ftp.linux.ncsu.edu/pub/epel/6/i386/epel-release-6-8.noarch.rpm
[3] 開啓YUM緩存,保存安裝包
[root@DemoServer ~]# cat /etc/yum.conf [main] cachedir=/var/cache/yum/$basearch/$releasever keepcache=0 修改爲 keepcache=1 debuglevel=2 logfile=/var/log/yum.log exactarch=1 obsoletes=1 gpgcheck=1 plugins=1 installonly_limit=3
[4] 安裝SaltStack Master 軟件包
[root@DemoServer ~]# yum install python-jinja2-2.2.1-1.el6.x86_64.rpm salt-master salt-minion -y //本節點即作爲Master,也作爲Minion使用
[5] 保存所有依賴包,用於離線安裝
[root@DemoServer packages]# ll /var/cache/yum/x86_64/6Server/epel/packages total 3356 -rw-r--r--. 1 root root 52880 May 19 2010 libyaml-0.1.3-1.el6.x86_64.rpm -rw-r--r--. 1 root root 169348 Dec 26 2012 openpgm-5.1.118-3.el6.x86_64.rpm -rw-r--r--. 1 root root 29556 Jun 2 2013 python-msgpack-0.1.13-3.el6.x86_64.rpm -rw-r--r--. 1 root root 433896 Dec 15 2012 python-zmq-2.2.0.1-1.el6.x86_64.rpm -rw-r--r--. 1 root root 161120 Apr 28 2012 PyYAML-3.10-3.el6.x86_64.rpm -rw-r--r--. 1 root root 2156412 Nov 20 22:46 salt-0.17.2-2.el6.noarch.rpm -rw-r--r--. 1 root root 32124 Nov 20 22:46 salt-master-0.17.2-2.el6.noarch.rpm -rw-r--r--. 1 root root 20956 Nov 20 22:46 salt-minion-0.17.2-2.el6.noarch.rpm -rw-r--r--. 1 root root 19292 Aug 31 2011 sshpass-1.05-1.el6.x86_64.rpm -rw-r--r--. 1 root root 341724 Sep 22 02:18 zeromq3-3.2.4-1.el6.x86_64.rpm
[root@DemoServer ~]# ll /var/cache/yum/x86_64/6Server/rhel/packages -rw-r--r--. 1 root root 1494848 Aug 17 2010 python-babel-0.9.4-5.1.el6.noarch.rpm
[root@DemoServer ~]# ll saltstack0.17.4 //共計如下軟件包 total 5288 -rw-r--r--. 1 root root 52880 Jan 2 16:35 libyaml-0.1.3-1.el6.x86_64.rpm -rw-r--r--. 1 root root 169348 Jan 2 16:35 openpgm-5.1.118-3.el6.x86_64.rpm -rw-r--r--. 1 root root 1494848 Jan 2 16:36 python-babel-0.9.4-5.1.el6.noarch.rpm -rwxr--r--. 1 root root 476200 Jan 2 16:36 python-jinja2-2.2.1-1.el6.x86_64.rpm -rw-r--r--. 1 root root 29556 Jan 2 16:35 python-msgpack-0.1.13-3.el6.x86_64.rpm -rw-r--r--. 1 root root 433896 Jan 2 16:35 python-zmq-2.2.0.1-1.el6.x86_64.rpm -rw-r--r--. 1 root root 161120 Jan 2 16:35 PyYAML-3.10-3.el6.x86_64.rpm drwxr-xr-x. 2 root root 4096 Jan 2 16:36 repodata -rw-r--r--. 1 root root 2156412 Jan 2 16:35 salt-0.17.2-2.el6.noarch.rpm -rw-r--r--. 1 root root 32124 Jan 2 16:35 salt-master-0.17.2-2.el6.noarch.rpm -rw-r--r--. 1 root root 20956 Jan 2 16:35 salt-minion-0.17.2-2.el6.noarch.rpm -rw-r--r--. 1 root root 19292 Jan 2 16:35 sshpass-1.05-1.el6.x86_64.rpm -rw-r--r--. 1 root root 341724 Jan 2 16:35 zeromq3-3.2.4-1.el6.x86_64.rpm
[6] 製作SaltStack安裝YUM源
[root@DemoServer ~]# mv saltstack0.17.4 /var/www/html/saltstack/ [root@DemoServer ~]# yum install createrepo -y [root@DemoServer ~]# createrepo -p -d -o /var/www/html/saltstack/ \ > /var/www/html/saltstack/ 12/12 - salt-minion-0.17.2-2.el6.noarch.rpm Saving Primary metadata Saving file lists metadata Saving other metadata Generating sqlite DBs Sqlite DBs complete
[7] 啓動httpd服務
[root@DemoServer ~]# service httpd start
[8] 安裝oracle節點的salt-minion
(1) 配置YUM源
[root@oracle ~]# cat /etc/yum.repos.d/rhel-source.repo [rhel] name=rhel baseurl=http://192.168.150.3/rhel6.3core/ enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta,file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release [saltstack] name=saltstack baseurl=http://192.168.153.38/saltstack enabled=1 gpgcheck=0
(2) 安裝salt-minion 軟件包
[root@oracle ~]# yum install salt-minion -y
2. 啓動服務
[root@DemoServer ~]# iptables -F ; service iptables save ; service iptables restart //清空所有IPTABLES規則,或者開放4505與4506端口 [root@DemoServer ~]# setenforce 0 //手動設置SELINUX狀態 [root@DemoServer ~]# sed -i 's/enforcing/disabled/g' /etc/sysconfig/selinux //修改SELINUX狀態爲disabled,重啓生效 [root@DemoServer ~]# grep 'SELINUX=' /etc/sysconfig/selinux # SELINUX= can take one of these three values: SELINUX=disabled [root@DemoServer ~]# service salt-master start //啓動salt-master [root@DemoServer ~]# chkconfig salt-master on //設置salt-master開機啓動 [root@DemoServer ~]# service salt-minion start //啓動salt-minion [root@DemoServer ~]# chkconfig salt-minion on //設置salt-minion開機啓動 [root@DemoServer ~]# netstat -nltup |grep python //查看端口是否被監聽 tcp 0 0 192.168.153.38:4505 0.0.0.0:* LISTEN 882/python tcp 0 0 192.168.153.38:4506 0.0.0.0:* LISTEN 874/python
oracle節點上面同樣啓動
[root@oracle ~]# service salt-minion start //啓動salt-minion服務 [root@oracle ~]# chkconfig salt-minion on //設爲開機啓動
3. 修改配置文件
Master: [root@DemoServer ~]# cat /etc/salt/master |grep -v '#' |grep interface interface: 192.168.153.38 //修改監聽IP [root@DemoServer ~]# service salt-master restart //重啓salt-master服務 兩個 Minion: [root@DemoServer ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.153.38DemoServer [root@DemoServer ~]# cat /etc/salt/minion |grep -v '#'|grep master master: DemoServer //指定master的可解析的主機名或者IP地址 [root@DemoServer ~]# service salt-minion restart //重啓 salt-minion 服務 [root@oracle ~]# cat /etc/salt/minion |grep -v '#' |grep master master: 192.168.153.38 [root@oracle ~]# service salt-minion restart //重啓 salt-minion 服務
4. 密鑰驗證
[root@DemoServer ~]# salt-key -L //列出所有請求key Accepted Keys: Unaccepted Keys: DemoServer == 本機 oracle ==新主機,主機名爲oracle IP爲192.168.153.37 Rejected Keys: 【 上面識別到的id 默認取客戶端的主機名的FQDN值,如果在客戶端的/etc/salt/minion_id中進行修改,則會顯示自定義的id值 】 [root@DemoServer ~]# salt-key -a DemoServer //批准DemoServer The following keys are going to be accepted: Unaccepted Keys: DemoServer Proceed? [n/Y] y Key for minion DemoServer accepted. [root@DemoServer ~]# salt-key -L Accepted Keys: DemoServer Unaccepted Keys: oracle Rejected Keys: [root@DemoServer ~]# salt-key -A //批准接受全部 The following keys are going to be accepted: Unaccepted Keys: oracle Proceed? [n/Y] y Key for minion oracle accepted. [root@DemoServer ~]# salt-key -L //再次查看,全部被接受 Accepted Keys: DemoServer oracle Unaccepted Keys: Rejected Keys:
5. 簡單命令嘗試
[root@DemoServer ~]# salt oracle test.ping oracle: True [root@DemoServer ~]# salt '*' test.ping DemoServer: True oracle: True 或者 [root@DemoServer ~]# salt -L 'oracle153_37,DemoServer' test.ping oracle153_37: True DemoServer: True Grains 類似於Puppet中的facter [root@DemoServer ~]# salt -G 'cpuarch:x86_64' grains.item num_cpus DemoServer: num_cpus: 4 oracle153_37: num_cpus: 4 [root@DemoServer ~]# salt '*' grains.ls //查看有哪些參數可以顯示 [root@DemoServer ~]# salt '*' grains.items //列出所有參數的條目,item複數 //列出具體的參數值,item單數 [root@DemoServer ~]# salt '*' grains.item os DemoServer: os: RedHat oracle153_37: os: RedHat
昨天對SaltStack的探討就這些,記錄下來,再深究。