实验环境:
192.168.18.128 master
192.168.18.148 web01
192.168.18.145 web02
第一步:分别给三台服务器安装epel源
Master:
[root@localhost ~]# hostnamectl set-hostname master.saltstack.com
[root@localhost ~]# su
[root@master ~]# hostname
master.saltstack.com
[root@master ~]# systemctl stop firewalld.service
[root@master ~]# setenforce 0
[root@master ~]# vim /etc/hosts
`按大写字母G到末行,按小写字母o转下行插入以下内容`
192.168.18.128 master.saltstack.com
192.168.18.148 web01.saltstack.com
192.168.18.145 web02.saltstack.com
#修改完成后按Esc退出插入模式,输入:wq保存退出
[root@master ~]# yum install -y epel-release
Web01:
[root@localhost ~]# hostnamectl set-hostname web01.saltstack.com
[root@localhost ~]# su
[root@web01 ~]# hostname
web01.saltstack.com
[root@web01 ~]# systemctl stop firewalld.service
[root@web01 ~]# setenforce 0
[root@web01 ~]# vim /etc/hosts
`按大写字母G到末行,按小写字母o转下行插入以下内容`
192.168.18.128 master.saltstack.com
192.168.18.148 web01.saltstack.com
192.168.18.145 web02.saltstack.com
#修改完成后按Esc退出插入模式,输入:wq保存退出
[root@web01 ~]# yum install -y epel-release
Web02:
[root@localhost ~]# hostnamectl set-hostname web02.saltstack.com
[root@localhost ~]# su
[root@web02 ~]# hostname
web02.saltstack.com
[root@web02 ~]# systemctl stop firewalld.service
[root@web02 ~]# setenforce 0
[root@web02 ~]# vim /etc/hosts
`按大写字母G到末行,按小写字母o转下行插入以下内容`
192.168.18.128 master.saltstack.com
192.168.18.148 web01.saltstack.com
192.168.18.145 web02.saltstack.com
#修改完成后按Esc退出插入模式,输入:wq保存退出
[root@web02 ~]# yum install -y epel-release
第二步:master服务器的操作
[root@master ~]# yum -y install salt-master
[root@master ~]# vim /etc/salt/master
15 interface: 192.168.18.128 #15行,删除注释,监听本机地址
215 auto_accept: True #215行,删除注释,证书认证开启
416 file_roots:
417 base:
418 - /srv/salt #416-418行,删除注释,saltstack文件根目录位置,目录需要创建
710 nodegroups:
711 group1: 'web01.saltstack.com'
712 group2: 'web02.saltstack.com' #710-712行,删除注释,两个节点组服务器的名称
552 pillar_opts: True #552行,删除注释,开启pillar功能,同步文件功能
529 pillar_roots:
530 base:
531 - /srv/pillar #529-531行,删除注释,pillar的主目录,需要创建
#修改完成后按Esc退出插入模式,输入:wq保存退出
`查看对主配置文件做的更改`
[root@master ~]# cat /etc/salt/master | grep -v ^$ | grep -v ^#
interface: 192.168.18.128
auto_accept: True
file_roots:
base:
- /srv/salt
pillar_roots:
base:
- /srv/pillar
pillar_opts: True
nodegroups:
group1: 'web01.saltstack.com'
group2: 'web02.saltstack.com'
`创建salt与pillar文件根目录`
[root@master ~]# mkdir /srv/salt
[root@master ~]# mkdir /srv/pillar
[root@master ~]# ls /srv/
pillar salt
[root@master ~]# systemctl start salt-master.service #启动服务
[root@master ~]# systemctl enable salt-master #设置为开机自启
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.service to /usr/lib/systemd/system/salt-master.service.
[root@master ~]# netstat -anpt | egrep '4505|4506' #查看端口开启
tcp 0 0 192.168.18.128:4505 0.0.0.0:* LISTEN 5178/python tcp 0 0 192.168.18.128:4506 0.0.0.0:* LISTEN 5202/python
第三步:节点服务器的操作
web01:
[root@web01 ~]# yum -y install salt-minion
`修改配置文件`
16 master: 192.168.18.128 #16行,删除注释,指定主控端IP
78 id: web01.saltstack.com #78行,删除注释,指定被控端主机名
#修改完成后按Esc退出插入模式,输入:wq保存退出
[root@web01 ~]# systemctl start salt-minion.service
web02:
[root@web02 ~]# yum -y install salt-minion
`修改配置文件`
[root@web02 ~]# vim /etc/salt/minion
16 master: 192.168.18.128 #16行,删除注释,指定主控端IP
78 id: web02.saltstack.com #78行,删除注释,指定被控端主机名
#修改完成后按Esc退出插入模式,输入:wq保存退出
[root@web02 ~]# systemctl start salt-minion.service
验证:
`在主控端测试与被控端的通信状态`
[root@master ~]# salt '*' test.ping
web02.saltstack.com:
True
web01.saltstack.com:
True
`远程执行命令查看两个节点的挂载情况`
[root@master ~]# salt '*' cmd.run 'df -h'
web01.saltstack.com:
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 20G 3.5G 17G 18% /
devtmpfs 898M 0 898M 0% /dev
tmpfs 912M 12K 912M 1% /dev/shm
tmpfs 912M 18M 895M 2% /run
tmpfs 912M 0 912M 0% /sys/fs/cgroup
/dev/sda1 6.0G 174M 5.9G 3% /boot
/dev/sda5 10G 54M 10G 1% /home
tmpfs 183M 4.0K 183M 1% /run/user/42
tmpfs 183M 24K 183M 1% /run/user/0
/dev/sr0 4.3G 4.3G 0 100% /run/media/root/CentOS 7 x86_64
web02.saltstack.com:
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 20G 3.5G 17G 18% /
devtmpfs 898M 0 898M 0% /dev
tmpfs 912M 12K 912M 1% /dev/shm
tmpfs 912M 18M 895M 2% /run
tmpfs 912M 0 912M 0% /sys/fs/cgroup
/dev/sda5 10G 54M 10G 1% /home
/dev/sda1 6.0G 174M 5.9G 3% /boot
tmpfs 183M 4.0K 183M 1% /run/user/42
tmpfs 183M 24K 183M 1% /run/user/0
/dev/sr0 4.3G 4.3G 0 100% /run/media/root/CentOS 7 x86_64
`如果单独只看某一个节点的挂载情况`
[root@master ~]# salt 'web02.saltstack.com' cmd.run 'df -h'
web02.saltstack.com:
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 20G 3.5G 17G 18% /
devtmpfs 898M 0 898M 0% /dev
tmpfs 912M 12K 912M 1% /dev/shm
tmpfs 912M 18M 895M 2% /run
tmpfs 912M 0 912M 0% /sys/fs/cgroup
/dev/sda5 10G 54M 10G 1% /home
/dev/sda1 6.0G 174M 5.9G 3% /boot
tmpfs 183M 4.0K 183M 1% /run/user/42
tmpfs 183M 24K 183M 1% /run/user/0
/dev/sr0 4.3G 4.3G 0 100% /run/media/root/CentOS 7 x86_64
`显示web01的详细信息`
[root@master ~]# salt 'web01.saltstack.com' grains.items
web01.saltstack.com:
----------
SSDs:
biosreleasedate:
07/29/2019
biosversion:
6.00
cpu_flags:
......此处省略多行
host:
web01
hwaddr_interfaces:
----------
ens33:
00:0c:29:79:45:8e
lo:
00:00:00:00:00:00
virbr0:
52:54:00:e7:ec:25
virbr0-nic:
52:54:00:e7:ec:25
id:
web01.saltstack.com
......此处省略多行
ip_interfaces:
----------
ens33:
- 192.168.18.148
- fe80::6a0c:e6a0:7978:3543 #网卡的mac地址
lo:
- 127.0.0.1
- ::1
virbr0:
- 192.168.122.1
virbr0-nic:
ipv4:
- 127.0.0.1
- 192.168.122.1
- 192.168.18.148
ipv6:
- ::1
- fe80::6a0c:e6a0:7978:3543
......此处省略多行
virtual:
VMware
zmqversion:
4.1.4
`查看动态信息`
[root@master ~]# salt 'web01.saltstack.com' pillar.items
`查看在master上已经被接受过的客户端`
[root@master ~]# salt-key
Accepted Keys: #认证过的主机名
web01.saltstack.com
web02.saltstack.com
Denied Keys: #拒绝
Unaccepted Keys: #未通过认证
Rejected Keys:
第四步:批量安装apache
[root@master ~]# cd /srv/salt/
[root@master salt]# ls
[root@master salt]# vim top.sls
base:
'*':
- apache
#在所有的客户端执行apache模块
[root@master salt]# vim apache.sls
apache-service:
pkg.installed:
- names:
- httpd
- httpd-devel
service.running:
- name: httpd
- enable: True
#修改完成后按Esc退出插入模式,输入:wq保存退出
[root@master salt]# ls
apache.sls top.sls
`重启服务`
[root@master salt]# systemctl restart salt-master.service
`执行批量部署命令`
[root@master salt]# salt '*' state.highstate
[root@master ~]# salt '*' state.highstate
web01.saltstack.com:
----------
ID: apache-service
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 15:04:51.323952
Duration: 40217.299 ms
Changes:
----------
apr:
----------
new:
1.4.8-5.el7
old:
apr-util:
----------
new:
1.5.2-6.el7
old:
httpd:
----------
new:
2.4.6-90.el7.centos
old:
httpd-tools:
----------
new:
2.4.6-90.el7.centos
old:
mailcap:
----------
new:
2.1.41-2.el7
old:
----------
ID: apache-service
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: The following packages were installed/updated: httpd-devel
Started: 15:05:31.545046
Duration: 16876.92 ms
Changes:
----------
apr-devel:
----------
new:
1.4.8-5.el7
old:
apr-util-devel:
----------
new:
1.5.2-6.el7
old:
cyrus-sasl:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-devel:
----------
new:
2.1.26-23.el7
old:
cyrus-sasl-gssapi:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-lib:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-md5:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-plain:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-scram:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
expat-devel:
----------
new:
2.1.0-10.el7_3
old:
httpd-devel:
----------
new:
2.4.6-90.el7.centos
old:
libdb:
----------
new:
5.3.21-25.el7
old:
5.3.21-20.el7
libdb-devel:
----------
new:
5.3.21-25.el7
old:
libdb-utils:
----------
new:
5.3.21-25.el7
old:
5.3.21-20.el7
openldap:
----------
new:
2.4.44-21.el7_6
old:
2.4.44-5.el7
openldap-devel:
----------
new:
2.4.44-21.el7_6
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 15:05:48.459684
Duration: 1822.995 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=3)
Failed: 0
------------
Total states run: 3
web02.saltstack.com:
----------
ID: apache-service
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 15:04:51.468389
Duration: 50746.816 ms
Changes:
----------
apr:
----------
new:
1.4.8-5.el7
old:
apr-util:
----------
new:
1.5.2-6.el7
old:
httpd:
----------
new:
2.4.6-90.el7.centos
old:
httpd-tools:
----------
new:
2.4.6-90.el7.centos
old:
mailcap:
----------
new:
2.1.41-2.el7
old:
----------
ID: apache-service
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: The following packages were installed/updated: httpd-devel
Started: 15:05:42.221145
Duration: 28643.51 ms
Changes:
----------
apr-devel:
----------
new:
1.4.8-5.el7
old:
apr-util-devel:
----------
new:
1.5.2-6.el7
old:
cyrus-sasl:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-devel:
----------
new:
2.1.26-23.el7
old:
cyrus-sasl-gssapi:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-lib:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-md5:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-plain:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
cyrus-sasl-scram:
----------
new:
2.1.26-23.el7
old:
2.1.26-21.el7
expat-devel:
----------
new:
2.1.0-10.el7_3
old:
httpd-devel:
----------
new:
2.4.6-90.el7.centos
old:
libdb:
----------
new:
5.3.21-25.el7
old:
5.3.21-20.el7
libdb-devel:
----------
new:
5.3.21-25.el7
old:
libdb-utils:
----------
new:
5.3.21-25.el7
old:
5.3.21-20.el7
openldap:
----------
new:
2.4.44-21.el7_6
old:
2.4.44-5.el7
openldap-devel:
----------
new:
2.4.44-21.el7_6
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 15:06:10.880454
Duration: 1618.997 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=3)
Failed: 0
------------
Total states run: 3
#此时两台节点部署apache服务完成
验证:两台web服务器上是否成功安装了apache服务
web01:
[root@web01 ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64
[root@web01 ~]# netstat -ntap | grep 80
tcp6 0 0 :::80 :::* LISTEN 6786/httpd
web02:
[root@web02 ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64
[root@web02 ~]# netstat -ntap | grep 80
tcp6 0 0 :::80 :::* LISTEN 6759/httpd
来源:51CTO
作者:JarryZ
链接:https://blog.51cto.com/14464303/2468687