salt-syndic部署
环境
| 主机IP | 主机名 | 安装的应用 |
|---|---|---|
| 192.168.11.120 | Master | salt-master |
| 192.168.11.125 | Syndic | salt-master salt-syndic |
| 192.168.11.121 | Minion1 | salt-minion |
| 192.168.11.122 | Minion2 | salt-minion |
关闭防火墙
[root@master ~]# systemctl stop firewalld.service
[root@master ~]# setenforce 0
?
?
配置master
修改master的master配置文件
-
取消注释order_master
-
将order_master的值设为True
[root@master ~]# vim /etc/salt/master
# Set the order_masters setting to True if this master will command lower
# masters‘ syndic interfaces.
#order_masters: False ? #在下面加一行另写,或者取消注释改为True
order_masters: True
[root@master ~]# systemctl enable salt-master
[root@master ~]# systemctl restart salt-master
?
配置syndic
修改syndic所在主机的master配置文件
-
取消注释syndic_master
-
将syndic_master的值设为master的IP
[root@syndic ~]# yum -y install salt-master salt-syndic ?
[root@syndic ~]# vim /etc/salt/master
# If this master will be running a salt syndic daemon, syndic_master tells
# this master where to receive commands from.
#syndic_master: masterofmasters ?
syndic_master: 192.168.11.120
[root@syndic ~]# systemctl enable salt-master
[root@syndic ~]# systemctl enable salt-syndic
[root@syndic ~]# systemctl restart salt-master
[root@syndic ~]# systemctl restart salt-syndic
配置minion
配置minion,将master指向syndic所在主机
[root@minion1 ~]# vim /etc/salt/minion
# resolved, then the minion will fail to start.
#master: salt
master: 192.168.11.125
?
[root@minion2 ~]# vim /etc/salt/minion
# resolved, then the minion will fail to start.
#master: salt
master: 192.168.11.125
?
[root@minion1 ~]# systemctl start salt-minion.service
[root@minion1 ~]# systemctl enable salt-minion.service
?
[root@minion2 ~]# systemctl start salt-minion.service
[root@minion2 ~]# systemctl enable salt-minion.service
在syndic上接受minion主机的key
[root@syndic ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
minion1
minion2
Rejected Keys:
[root@syndic ~]# salt-key -yA
The following keys are going to be accepted:
Unaccepted Keys:
minion1
minion2
Key for minion minion1 accepted.
Key for minion minion2 accepted.
[root@syndic ~]# salt-key -L
Accepted Keys:
minion1
minion2
Denied Keys:
Unaccepted Keys:
Rejected Keys:
?
在master上接受syndic主机的key
[root@master ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
syndic
Rejected Keys:
[root@master ~]# salt-key -yA
The following keys are going to be accepted:
Unaccepted Keys:
syndic
Key for minion syndic accepted.
[root@master ~]# salt-key -L
Accepted Keys:
syndic
Denied Keys:
Unaccepted Keys:
Rejected Keys:
?
在master上执行模块或状态检验有几个minion应答
[root@master ~]# salt ‘*‘ test.ping
minion2:
? True
minion1:
? True
?
[root@master ~]# salt ‘*‘ cmd.run ‘date‘
minion2:
? Thu Jul 22 23:01:28 EDT 2021
minion1:
? Thu Jul 22 23:01:28 EDT 2021