實驗環境:
192.168.18.128 master
192.168.18.148 web01
192.168.18.145 web02
第一步:分別給三臺服務器安裝epel源
Master:
[root@localhost ~]# hostnamectl set-hostname master.saltstack.com
[root@localhost ~]# su
[root@master ~]# hostname
master.saltstack.com
[root@master ~]# systemctl stop firewalld.service
[root@master ~]# setenforce 0
[root@master ~]# vim /etc/hosts
`按大寫字母G到末行,按小寫字母o轉下行插入以下內容`
192.168.18.128 master.saltstack.com
192.168.18.148 web01.saltstack.com
192.168.18.145 web02.saltstack.com
#修改完成後按Esc退出插入模式,輸入:wq保存退出
[root@master ~]# yum install -y epel-release
Web01:
[root@localhost ~]# hostnamectl set-hostname web01.saltstack.com
[root@localhost ~]# su
[root@web01 ~]# hostname
web01.saltstack.com
[root@web01 ~]# systemctl stop firewalld.service
[root@web01 ~]# setenforce 0
[root@web01 ~]# vim /etc/hosts
`按大寫字母G到末行,按小寫字母o轉下行插入以下內容`
192.168.18.128 master.saltstack.com
192.168.18.148 web01.saltstack.com
192.168.18.145 web02.saltstack.com
#修改完成後按Esc退出插入模式,輸入:wq保存退出
[root@web01 ~]# yum install -y epel-release
Web02:
[root@localhost ~]# hostnamectl set-hostname web02.saltstack.com
[root@localhost ~]# su
[root@web02 ~]# hostname
web02.saltstack.com
[root@web02 ~]# systemctl stop firewalld.service
[root@web02 ~]# setenforce 0
[root@web02 ~]# vim /etc/hosts
`按大寫字母G到末行,按小寫字母o轉下行插入以下內容`
192.168.18.128 master.saltstack.com
192.168.18.148 web01.saltstack.com
192.168.18.145 web02.saltstack.com
#修改完成後按Esc退出插入模式,輸入:wq保存退出
[root@web02 ~]# yum install -y epel-release
第二步:master服務器的操作
[root@master ~]# yum -y install salt-master
[root@master ~]# vim /etc/salt/master
15 interface: 192.168.18.128 #15行,刪除註釋,監聽本機地址
215 auto_accept: True #215行,刪除註釋,證書認證開啓
416 file_roots:
417 base:
418 - /srv/salt #416-418行,刪除註釋,saltstack文件根目錄位置,目錄需要創建
710 nodegroups:
711 group1: 'web01.saltstack.com'
712 group2: 'web02.saltstack.com' #710-712行,刪除註釋,兩個節點組服務器的名稱
552 pillar_opts: True #552行,刪除註釋,開啓pillar功能,同步文件功能
529 pillar_roots:
530 base:
531 - /srv/pillar #529-531行,刪除註釋,pillar的主目錄,需要創建
#修改完成後按Esc退出插入模式,輸入:wq保存退出
`查看對主配置文件做的更改`
[root@master ~]# cat /etc/salt/master | grep -v ^$ | grep -v ^#
interface: 192.168.18.128
auto_accept: True
file_roots:
base:
- /srv/salt
pillar_roots:
base:
- /srv/pillar
pillar_opts: True
nodegroups:
group1: 'web01.saltstack.com'
group2: 'web02.saltstack.com'
`創建salt與pillar文件根目錄`
[root@master ~]# mkdir /srv/salt
[root@master ~]# mkdir /srv/pillar
[root@master ~]# ls /srv/
pillar salt
[root@master ~]# systemctl start salt-master.service #啓動服務
[root@master ~]# systemctl enable salt-master #設置爲開機自啓
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.service to /usr/lib/systemd/system/salt-master.service.
[root@master ~]# netstat -anpt | egrep '4505|4506' #查看端口開啓
tcp 0 0 192.168.18.128:4505 0.0.0.0:* LISTEN 5178/python tcp 0 0 192.168.18.128:4506 0.0.0.0:* LISTEN 5202/python
第三步:節點服務器的操作
web01:
[root@web01 ~]# yum -y install salt-minion
`修改配置文件`
16 master: 192.168.18.128 #16行,刪除註釋,指定主控端IP
78 id: web01.saltstack.com #78行,刪除註釋,指定被控端主機名
#修改完成後按Esc退出插入模式,輸入:wq保存退出
[root@web01 ~]# systemctl start salt-minion.service
web02:
[root@web02 ~]# yum -y install salt-minion
`修改配置文件`
[root@web02 ~]# vim /etc/salt/minion
16 master: 192.168.18.128 #16行,刪除註釋,指定主控端IP
78 id: web02.saltstack.com #78行,刪除註釋,指定被控端主機名
#修改完成後按Esc退出插入模式,輸入:wq保存退出
[root@web02 ~]# systemctl start salt-minion.service
驗證:
`在主控端測試與被控端的通信狀態`
[root@master ~]# salt '*' test.ping
web02.saltstack.com:
True
web01.saltstack.com:
True
`遠程執行命令查看兩個節點的掛載情況`
[root@master ~]# salt '*' cmd.run 'df -h'
web01.saltstack.com:
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 20G 3.5G 17G 18% /
devtmpfs 898M 0 898M 0% /dev
tmpfs 912M 12K 912M 1% /dev/shm
tmpfs 912M 18M 895M 2% /run
tmpfs 912M 0 912M 0% /sys/fs/cgroup
/dev/sda1 6.0G 174M 5.9G 3% /boot
/dev/sda5 10G 54M 10G 1% /home
tmpfs 183M 4.0K 183M 1% /run/user/42
tmpfs 183M 24K 183M 1% /run/user/0
/dev/sr0 4.3G 4.3G 0 100% /run/media/root/CentOS 7 x86_64
web02.saltstack.com:
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 20G 3.5G 17G 18% /
devtmpfs 898M 0 898M 0% /dev
tmpfs 912M 12K 912M 1% /dev/shm
tmpfs 912M 18M 895M 2% /run
tmpfs 912M 0 912M 0% /sys/fs/cgroup
/dev/sda5 10G 54M 10G 1% /home
/dev/sda1 6.0G 174M 5.9G 3% /boot
tmpfs 183M 4.0K 183M 1% /run/user/42
tmpfs 183M 24K 183M 1% /run/user/0
/dev/sr0 4.3G 4.3G 0 100% /run/media/root/CentOS 7 x86_64
`如果單獨只看某一個節點的掛載情況`
[root@master ~]# salt 'web02.saltstack.com' cmd.run 'df -h'
web02.saltstack.com:
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 20G 3.5G 17G 18% /
devtmpfs 898M 0 898M 0% /dev
tmpfs 912M 12K 912M 1% /dev/shm
tmpfs 912M 18M 895M 2% /run
tmpfs 912M 0 912M 0% /sys/fs/cgroup
/dev/sda5 10G 54M 10G 1% /home
/dev/sda1 6.0G 174M 5.9G 3% /boot
tmpfs 183M 4.0K 183M 1% /run/user/42
tmpfs 183M 24K 183M 1% /run/user/0
/dev/sr0 4.3G 4.3G 0 100% /run/media/root/CentOS 7 x86_64
`顯示web01的詳細信息`
[root@master ~]# salt 'web01.saltstack.com' grains.items
web01.saltstack.com:
----------
SSDs:
biosreleasedate:
07/29/2019
biosversion:
6.00
cpu_flags:
......此處省略多行
host:
web01
hwaddr_interfaces:
----------
ens33:
00:0c:29:79:45:8e
lo:
00:00:00:00:00:00
virbr0:
52:54:00:e7:ec:25
virbr0-nic:
52:54:00:e7:ec:25
id:
web01.saltstack.com
......此處省略多行
ip_interfaces:
----------
ens33:
- 192.168.18.148
- fe80::6a0c:e6a0:7978:3543 #網卡的mac地址
lo:
- 127.0.0.1
- ::1
virbr0:
- 192.168.122.1
virbr0-nic:
ipv4:
- 127.0.0.1
- 192.168.122.1
- 192.168.18.148
ipv6:
- ::1
- fe80::6a0c:e6a0:7978:3543
......此處省略多行
virtual:
VMware
zmqversion:
4.1.4
`查看動態信息`
[root@master ~]# salt 'web01.saltstack.com' pillar.items
`查看在master上已經被接受過的客戶端`
[root@master ~]# salt-key
Accepted Keys: #認證過的主機名
web01.saltstack.com
web02.saltstack.com
Denied Keys: #拒絕
Unaccepted Keys: #未通過認證
Rejected Keys:
第四步:批量安裝apache
[root@master ~]# cd /srv/salt/
[root@master salt]# ls
[root@master salt]# vim top.sls
base:
'*':
- apache
#在所有的客戶端執行apache模塊
[root@master salt]# vim apache.sls
apache-service:
pkg.installed:
- names:
- httpd
- httpd-devel
service.running:
- name: httpd
- enable: True
#修改完成後按Esc退出插入模式,輸入:wq保存退出
[root@master salt]# ls
apache.sls top.sls
`重啓服務`
[root@master salt]# systemctl restart salt-master.service
`執行批量部署命令`
[root@master salt]# salt '*' state.highstate
[root@master ~]# salt '*' state.highstate
web01.saltstack.com:
----------
ID: apache-service
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 15:04:51.323952
Duration: 40217.299 ms
Changes:
----------
apr:
----------
new:
1.4.8-5.el7
old:
apr-util:
----------
new:
1.5.2-6.el7
old:
httpd:
----------
new:
2.4.6-90.el7.centos
old:
httpd-tools:
----------
new:
2.4.6-90.el7.centos
old:
mailcap:
----------
new:
2.1.41-2.el7
old:
----------
ID: apache-service
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: The following packages were installed/updated: httpd-devel
Started: 15:05:31.545046
Duration: 16876.92 ms
Changes:
----------
apr-devel:
----------
new:
1.4.8-5.el7
old:
apr-util-devel:
----------
new:
1.5.2-6.el7
old:
cyrus-sasl:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-devel:
----------
new:
2.1.26-23.el7
old:
cyrus-sasl-gssapi:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-lib:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-md5:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-plain:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-scram:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
expat-devel:
----------
new:
2.1.0-10.el7_3
old:
httpd-devel:
----------
new:
2.4.6-90.el7.centos
old:
libdb:
----------
new:
5.3.21-25.el7
old:
5.3.21-20.el7
libdb-devel:
----------
new:
5.3.21-25.el7
old:
libdb-utils:
----------
new:
5.3.21-25.el7
old:
5.3.21-20.el7
openldap:
----------
new:
2.4.44-21.el7_6
old:
2.4.44-5.el7
openldap-devel:
----------
new:
2.4.44-21.el7_6
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 15:05:48.459684
Duration: 1822.995 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=3)
Failed: 0
------------
Total states run: 3
web02.saltstack.com:
----------
ID: apache-service
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 15:04:51.468389
Duration: 50746.816 ms
Changes:
----------
apr:
----------
new:
1.4.8-5.el7
old:
apr-util:
----------
new:
1.5.2-6.el7
old:
httpd:
----------
new:
2.4.6-90.el7.centos
old:
httpd-tools:
----------
new:
2.4.6-90.el7.centos
old:
mailcap:
----------
new:
2.1.41-2.el7
old:
----------
ID: apache-service
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: The following packages were installed/updated: httpd-devel
Started: 15:05:42.221145
Duration: 28643.51 ms
Changes:
----------
apr-devel:
----------
new:
1.4.8-5.el7
old:
apr-util-devel:
----------
new:
1.5.2-6.el7
old:
cyrus-sasl:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-devel:
----------
new:
2.1.26-23.el7
old:
cyrus-sasl-gssapi:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-lib:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-md5:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-plain:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-scram:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
expat-devel:
----------
new:
2.1.0-10.el7_3
old:
httpd-devel:
----------
new:
2.4.6-90.el7.centos
old:
libdb:
----------
new:
5.3.21-25.el7
old:
5.3.21-20.el7
libdb-devel:
----------
new:
5.3.21-25.el7
old:
libdb-utils:
----------
new:
5.3.21-25.el7
old:
5.3.21-20.el7
openldap:
----------
new:
2.4.44-21.el7_6
old:
2.4.44-5.el7
openldap-devel:
----------
new:
2.4.44-21.el7_6
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 15:06:10.880454
Duration: 1618.997 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=3)
Failed: 0
------------
Total states run: 3
#此時兩臺節點部署apache服務完成
驗證:兩臺web服務器上是否成功安裝了apache服務
web01:
[root@web01 ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64
[root@web01 ~]# netstat -ntap | grep 80
tcp6 0 0 :::80 :::* LISTEN 6786/httpd
web02:
[root@web02 ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64
[root@web02 ~]# netstat -ntap | grep 80
tcp6 0 0 :::80 :::* LISTEN 6759/httpd