Ansible and Saltstack simple to use

Source: Internet
Author: User
Tags saltstack

Summed up are some of their own use of relatively simple knowledge, about State.sls and playbooks and other knowledge is still learning ... 650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0059.gif "alt=" J_0059.gif "/>


Ansible

Lightweight, automated operations tools, SSH-based, no client-side

Installation and Configuration

1, the main control end loaded ansible (yum install-y ansible)

2. Import the main console's public key to the managed side

3, the host terminal/etc/ansible/hosts file written to the controlled side ip/domain name (plus-i parameter can specify the Hosts file)

4. Note that the port number and private key file path in the/etc/ansible/ansible.cfg configuration file are consistent with the actual environment, that is, remote_port= and private_key_file=

If the key is encrypted, it prompts: private keyfile is encrypted. Plus-K parameter

Error: Error reading SSH Protocol banner is the controlled side refused to connect. View iptables or/etc/hosts.allow files.

Ansible all-i ip.txt-m ping-k test connectivity

Ansible all-i ip.txt-m shell-a "W"-K execute command at the controlled end

Ansible all-i ip.txt-m copy-a "src=/tmp/test.sh dest=/tmp/test.sh"-Copy Local files to each node

Ansible all-i ip.txt-m service-a "name=vsftpd state=restarted" Restart a server on each node (example VSFTPD)


Saltstack

C/S architecture

Installation and Configuration

1, the main control end installed Salt-master, controlled end-loaded salt-minion

2, Minion end Modify/etc/salt/minion configuration file, write to master and ID

3, open Salt-master. Salt-key-l can view the current minion-side authentication of this master

4, on the master side Salt-key-a-y Accept all configured this master machine or salt-key-a IP accept a single

5, salt "*" test.ping test connectivity

Authentication is equivalent to exchanging public keys, because master and Minion verify identity by Rsakey, the master end multiplicity has salt-master or a controlled end multiplicity installed salt-minion, both sides cannot connect Minion did not Return and the Minion end of the salt-minion program seconds hang.

Workaround: (Reload Master) Delete the Minion end of the/etc/salt/pki/minion/minion_master.pub

(reload Minion) can cause Minion end to be added to master's minions_denied directory, delete/etc/salt/pki/master/minions and/etc/salt/pki/master/ This node IP in the minions_denied directory

/var/log/salt/minion logs to see the cause of the error

The-n parameter specifies a set of IPs, which need to be configured with the group name and the included ip:nodegroups in the/etc/salt/master file

Salt "*" Cmd.run "W" executes commands on the node

The Salt "*" Cmd.script salt://test.sh executes the test.sh script on the node. SALT://'s home directory is configured in the master configuration file, typically the/srv/salt/directory


Ansible and Saltstack simple to use

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.