参考文档
http://docs.saltstack.cn/contents.html
快速安装
初始配置
控制端master配置
# vim /etc/salt/master
interface: 192.168.100.132 注:192.168.1.229 是本机服务端的IP地址 默认监听所有接口
# auto_accept: True
注:修改auto_accept为True,自动接受客户端的KEY,当然也可以这里不设置,手动接受就行,接受方式:salt-key -a keyname
控制端默认监听tcp 4505 4506 注意防火墙配置 客户端minion配置
# vim /etc/salt/minion
master: 192.168.100.132
id: 192.168.100.138 注:192.168.100.132 是服务端的IP地址
id :客户端的标识,用服务端连接时,就是用此标识来连接客户端,建议为主机域名 配置服务
# systemctl enable salt-master.service
# systemctl start salt-master.service
# systemctl enable salt-minion.service
# systemctl start salt-minion.service ## 测试被控主机的连通性
# salt '*' test.ping ## 根据被控主机的grains信息进行匹配过滤
# salt -G 'os:Centos' test.ping ## 显示被控主机的操作系统类型
# salt '*' grains.item os ## 远程代码执行测试
# salt '*' cmd.exec_code python 'import sys; print sys.version'
常用命令
# salt-key -L 查看key列表
# salt-key -a KYENAME #允许一个key
# salt-key -A #允许所有
# salt-key -d KEYNAME #删除一个key
# salt-key -D #删除所有key ##使用ip地址或子网匹配
# salt -S 192.168.100.138 test.ping
# salt -S 192.168.100.0/24 test.ping ##使用正则表达式:
# salt -E 'virtmach[0-9]' test.ping ##指定列表
# salt -L 'foo,bar,baz,quo' test.ping ##拷贝文件
# salt-cp '*' file.py /root ##超级命令(生产中不建议使用)
# salt '*' cmd.run 'yum install net-tool' ##查看客户端状态
# salt-run manage.status
# salt-run manage.versions
##工具箱
# salt '192.168.100.138' saltutil.running \\查看正在执行的任务
# salt '192.168.100.138' saltutil.kill_job 20170310143800082264 \\删除正在运行的任务
模块使用
包安装模块
##命令输出
192.168.100.138:
----------
ID: pkg.init
Function: pkg.installed
Name: mtr
Result: True
Comment: The following packages were installed/updated: mtr
Started: 12:17:31.424942
Duration: 15219.658 ms
Changes:
----------
mtr:
----------
new:
2:0.85-7.el7
old:
----------
ID: pkg.init
Function: pkg.installed
Name: nmap
Result: True
Comment: The following packages were installed/updated: nmap
Started: 12:17:46.667926
Duration: 5258.072 ms
Changes:
----------
nmap:
----------
new:
2:6.40-7.el7
old:
nmap-ncat:
----------
new:
2:6.40-7.el7
old:
----------
ID: pkg.init
Function: pkg.installed
Name: lrzsz
Result: True
Comment: The following packages were installed/updated: lrzsz
Started: 12:17:51.969501
Duration: 2646.444 ms
Changes:
----------
lrzsz:
----------
new:
0.12.20-36.el7
old: Summary for 192.168.100.138
------------
Succeeded: 3 (changed=3)
Failed: 0
------------
Total states run: 3
Total run time: 23.124 s
文件维护模块
##使用file.managed 维护文件 # vim top.sls
base:
'192.168.100.138':
- init.pkg
- init.limit
# cd init/
# vim limit.sls
limit-conf-config:
file.managed:
- name: /etc/security/limits.conf #minion端 文件路径
- source: salt://init/files/limits.conf #master端 文件路径
- user: root
- group: root
- mode: 644 # mkdir files
# cd files
# cp /etc/security/limits.conf .
##随意修改 limits.conf文件内容 验证是某同步
# salt '*' state.highstate
192.168.100.138:
----------
ID: pkg.init
Function: pkg.installed
Name: mtr
Result: True
Comment: Package mtr is already installed
Started: 13:09:50.532559
Duration: 672.412 ms
Changes:
----------
ID: pkg.init
Function: pkg.installed
Name: nmap
Result: True
Comment: Package nmap is already installed
Started: 13:09:51.205178
Duration: 0.426 ms
Changes:
----------
ID: pkg.init
Function: pkg.installed
Name: lrzsz
Result: True
Comment: Package lrzsz is already installed
Started: 13:09:51.205686
Duration: 0.315 ms
Changes:
----------
ID: limit-conf-config
Function: file.managed
Name: /etc/security/limits.conf
Result: True
Comment: File /etc/security/limits.conf updated
Started: 13:09:51.208228
Duration: 56.86 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,4 @@
-#this is test
+#this is test!!
# /etc/security/limits.conf
#
#This file sets the resource limits for the users logged in via PAM. Summary for 192.168.100.138
------------
Succeeded: 4 (changed=1)
Failed: 0
------------
Total states run: 4
Total run time: 730.013 ms
把数据返回到mysql服务器
# vim /etc/salt/master
mysql.host: '192.168.100.138'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
master_job_cache: mysql //master端直接写入mysql,如果不配置此行默认是minion端写入
# vim /etc/salt/minion
mysql.host: '192.168.100.138'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306 # salt '*' test.ping --return mysql