salt 简单整理
2019-02-18 本文已影响0人
开始懂了90
yum -y install epel-release
yum clean all
yum makecache
yum install salt-master -y
yum install salt-minion -y
编辑客户端配置文件
[root@salt-minion ~]# cat /etc/salt/minion|egrep -v "#|^$"
master: salt-master
id: salt-minion
启动
/usr/bin/salt-master -d
/usr/bin/salt-minion -d
master 认证(Unaccepted Keys)
## 列出需要认证的key
[root@salt-master ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
salt-minion
Rejected Keys:
## 接受客户端的请求
[root@salt-master ~]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
salt-minion
Proceed? [n/Y] y
Key for minion salt-minion accepted.
## 验证结果
[root@salt-master ~]# salt-key -L
Accepted Keys:
salt-minion
Denied Keys:
Unaccepted Keys:
Rejected Keys:
测试连通性
[root@salt-master ~]# salt "*" test.ping
salt-minion:
True
执行命令
[root@salt-master ~]# salt 'salt-minion' cmd.run 'uptime'
salt-minion:
10:10:34 up 2 days, 18:44, 1 user, load average: 0.00, 0.01, 0.05
分组
## 配置分组
[root@salt-master ~]# cat /etc/salt/master |grep -A 4 nodegr
nodegroups:
# group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com and bl*.domain.com'
# group2: 'G@os:Debian and foo.domain.com'
it: 'L@salt-minion,salt-minion17'
## 重启salt-master
killall salt-master
salt-master -d
## 验证
[root@salt-master ~]# salt -N it test.ping
salt-minion:
True
salt-minion17:
True
查看可使用的模块
[root@salt-master ~]# salt 'salt-minion' sys.list_modules
salt-minion:
- acl
- aliases
- alternatives
## 查看模块有哪些方法
[root@salt-master ~]# salt 'salt-minion' sys.list_functions cp
salt-minion:
- cp.cache_dir
- cp.cache_file
- cp.cache_files
- cp.cache_local_file
- cp.cache_master
- cp.get_dir
## 帮助文档
salt 'salt-minion' sys.doc cp
cp 模块
## 查看master默认文件存放位置
[root@salt-master tmp]# cat /etc/salt/master |grep -A 4 file_roots
# file_roots:
# base:
# - /srv/salt/
## copy
salt '*' cp.get_file salt://bian.txt /tmp/bian.txt
### file
salt '*' file.remove /tmp/bian.txt
grains
## 所有
salt '*' grains.ls
salt '*' grains.items
## 具体:
salt '*' grains.item os
[root@salt-master tmp]# salt '*' grains.item os
salt-minion17:
----------
os:
CentOS
## 使用
[root@salt-master tmp]# salt -G 'os:CentOS' cmd.run 'free -m'
salt-minion17:
total used free shared buff/cache available
Mem: 1838 97 1263 16 477 1558
Swap: 2047 0 2047
pillar
# 开启pillar 功能
vi /etc/salt/master
pillar_opts: True
## salt '*' pillar data
自定义pillar
# 创建目录
mkdir /srv/pillar
# 配置
[root@salt-master pillar]# cat top.sls
base:
'*':
- data
[root@salt-master pillar]# cat data.sls
it: funengqun
# 下发
salt '*' saltutil.refresh_pillar
# 验证
[root@salt-master pillar]# salt '*' pillar.data it
salt-minion:
----------
it:
funengqun
安装nginx
[root@salt-master salt]# pwd
/srv/salt
[root@salt-master salt]# ll
total 12
drwxr-xr-x 2 root root 4096 Feb 18 15:15 nginx
-rw-r--r-- 1 root root 317 Feb 18 15:19 nginx.sls
-rw-r--r-- 1 root root 25 Feb 18 14:45 top.sls
[root@salt-master salt]# cat nginx.sls
nginx:
pkg:
- installed
file.managed:
- source: salt://nginx/nginx.conf
- name: /etc/nginx/nginx.conf
- user: root
- group: root
- mode: 644
- template: jinja
service.running:
- enable: True
- reload: True
- watch:
- file: /etc/nginx/nginx.conf
- pkg: nginx
[root@salt-master salt]# cat nginx/nginx.conf
user nginx;
worker_processes {{ grains['num_cpus'] }};
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 51200;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_body_buffer_size 8m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 0;
client_max_body_size 50m;
include /etc/nginx/conf.d/*.conf;
}
### 执行
salt '*' state.sls nginx
