Linux Operations and Architecture-saltstack Quick Start

I. Introduction of Saltstack

Saltstack is a centralized management platform for server infrastructure, Saltstack based on the Python language, and is based on the C/s architecture, combined with lightweight Message Queuing (ZeroMQ) and Python third-party modules (PYZMQ, Pycrypto, PYJINJIA2, Python-msgpack and Pyyaml, etc.),Saltstack integrates the functions of puppet and Chef, and is more suitable for large-scale batch management of servers and simple configuration.

Three main functions: remote execution, configuration management, cloud management

Operating mode: Local, master/minion, Salt SSH

Second, saltstack working principle

After the Salt-master service starts, two ports are turned on: 4505 and 4506,minion do not have ports, and security management is achieved through "bidirectional key Exchange" (which can be viewed through the TREE/ETC/SALT/PKI command). Salt-master each command is executed, all Minion are received.

[Email protected] haproxy]# Lsof-n-I:4505COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE Namesalt-mini28094Root24uIPv45133470t0 TCP172.16.1.61:46598-172.16.1.61:4505(established) Salt-mast28823Root12uIPv45078020t0 TCP *:4505(LISTEN) Salt-mast28823Root14uIPv45133240t0 TCP172.16.1.61:4505-172.16.1.7:44184(established) Salt-mast28823Root15uIPv45133480t0 TCP172.16.1.61:4505-172.16.1.61:46598(established) Salt-mast28823Root16uIPv48891300t0 TCP172.16.1.61:4505-172.16.1.3:49070(established) [[email protected] haproxy]# lsof-n-i:4506 #所有的minion都与master通信, while the master uses 4506 port when replyingCOMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE Namesalt-mini28094Root13uIPv45132180t0 TCP172.16.1.61:56702-172.16.1.61:4506(established) Salt-mast28848Root20uIPv45078350t0 TCP *:4506(LISTEN) Salt-mast28848Root27uIPv45132190t0 TCP172.16.1.61:4506-172.16.1.61:56702(established) Salt-mast28848Root28uIPv45132200t0 TCP172.16.1.61:4506-172.16.1.7:46876(established) Salt-mast28848Root29uIPv48891210t0 TCP172.16.1.61:4506-172.16.1.3:38832(established)

Iii. Saltstack Installation and deployment

1. Environment

[Email protected] ~]# cat/etc/redhat-release CentOS release 6.9 (Final) [[email protected] ~]# uname-r2.6.32-696.el6.x86 _64

2, master server-side installation

RPM-IVH http://mirrors.zju.edu.cn/epel/6/x86_64/epel-release-6-8.noarch.rpm#安装epel源 Yum Install salt-master salt-minion-'s/#master: salt/master:172.16.1.61/g' /etc /salt/Minion#修改minion配置文件指定master/etc/init.d/salt-master start/etc/init.d/salt- Minion Startchkconfig Salt-master onchkconfig Salt-minion on

3. Minion Client Installation Configuration

Yum Install salt-minion-'s/#master: salt/master:172.16.1.61/g' /etc/salt/  Minion#直接替换指定master地址 /etc/init.d/salt-minion startchkconfig Salt-minion on

4. Saltstack Common Command parameters

Common Command Parameters	Command description
Salt-key-l	View Minion List
Salt-key-a	Agree to take over all minion
Salt-key-a	Agreed to take over a designated minion
Salt-key-d	Remove all certified Minion
Salt-key-d	Deletes the specified minion
Salt-run Manage.up	View the surviving Minion
Salt-run Manage.down	Check out the dead minion.
Salt-run Manage.status	View Minion's related status
Salt-run manage.versions	View the version information for all of the Salt's master and minion
Salt-d	View Help documentation
Salt ' * ' Sys.doc	View Help documentation
Salt-d|grep Service	View service-related module commands
Salt ' * ' Service.get_all	Get all Minion Services
Salt ' * ' service.reload sshd	Reload sshd Service
Salt ' * ' pkg.list_pkgs	Show Package Version List
Salt ' * ' pkg.version python	Show Package version Information
Salt ' * ' Pkg.install httpd	Install packages
Salt ' * ' service.status MySQL	View MySQL Service status
Salt ' * ' Service.start MySQL	Start the MySQL service
Salt ' * ' sys.list_modules	Module List
SALT-CP ' * '/etc/hosts/etc/hosts	Distributing the Hosts file to all Minion ends
Salt ' * ' File.copy/tmp/zabbix.sls/tmp/sls	Copy the server-side files to the appropriate directory on the Minion side
Salt ' * ' Cp.get_dir salt://zabbix/tmp	Copy the corresponding directory of the server to the corresponding directory on the Minion side

5. Remote execution

①cmd.script Remote Execution Scripts

' * ' cmd.script Salt:///scripts/runme.sh'*' cmd.script Salt:   scripts/runme.sh ' arg1 arg2 "ARG 3" '

②cmd.shell Remote execution commands

' * ' " ls-l | awk '/foo/{print \$2} ' "  '*'"ls-l/tmp/{{grains.id}} | awk '/foo/{print \$2} '"

③ test-to-client connectivity

' * ' TEST.PINGM01:    TRUEHAPROXY01:    Trueweb02:    True

④ problems encountered

#问题
Salt-Minion dead but PID file exists#解决 -fr/etc/salt/pki/minion/minion_master.pub/ Etc/init.d/salt-minion restart

Linux Operations and Architecture-saltstack Quick Start