Salt Beginner's chapter (i)

Salt Introduction:

Salt, a new approach to infrastructure management, is easy to deploy, runs in minutes, scales well, and easily manages tens of thousands of servers, fast enough, and second-level communications between servers.

The salt bottom uses a dynamic connection bus that allows it to be used for orchestration, remote execution, configuration management, and so on.

Salt installation:

master:192.168.31.231 mongo1.example.com

minion:192.168.31.232 mongo2.example.com

minion:192.168.31.233 mongo3.example.com

Modify/etc/hosts

192.168.31.231 mongo1.example.com192.168.31.232 mongo2.example.com192.168.31.233 mongo3.example.com

System version:

[Email protected] salt]# uname-r2.6.32-431.el6.x86_64[[email protected] salt]# Uname-nmongo1.example.com[[email Protected] salt]# cat/etc/redhat-release CentOS release 6.5 (Final)

Install Master:

[Email protected] ~]# RPM-IVH http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpmRetrieving Http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpmwarning:/var/tmp/rpm-tmp. Mj9wja:header V3 rsa/sha256 Signature, key ID 0608b895:nokeypreparing ...                ########################################### [100%]   1:epel-release           ##################################### ###### [100%]
[email protected] ~]# Yum install-y salt-master

To modify the/etc/salt/master file:

Add to:

publish_port:4505    #监听salt的消息发布系统端口ret_port: 4506        #salt客户端与服务端通信的端口

Startup Master Service: Service Salt-master start

Install Minion:

[Email protected] ~]# RPM-IVH http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpmRetrieving Http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpmwarning:/var/tmp/rpm-tmp. Qckooe:header V3 rsa/sha256 Signature, key ID 0608b895:nokeypreparing ...                ########################################### [100%]   1:epel-release           ##################################### ###### [100%][[email protected] ~]# yum install-y salt-minion

To modify the/etc/salt/minion file:

Add to:

Master:mongo1.example.comid:mongo2

Start Minion Services: Service salt-minion start

View Certifications:

[Email protected] pki]# salt-key-laccepted keys:denied keys:unaccepted keys:mongo2mongo3rejected Keys:

Add Certification:

[Email protected] pki]# Salt-key-a mongo2the following keys is going to is accepted:unaccepted keys:mongo2proceed? [n/y] y   Key for minion Mongo2 accepted.[ [Email protected] pki]# Salt-key-laccepted keys:mongo2denied keys:unaccepted keys:mongo3rejected keys:[[email Protected] pki]# Salt-key-a mongo3the following keys is going to be accepted:unaccepted Keys:mongo3.example.comProce Ed? [n/Y] YKey for minion Mongo3 accepted.[ [Email protected] pki]# Salt-key-laccepted keys:mongo2mongo3denied keys:unaccepted keys:rejected Keys: /c6> 

Alternatively, you can configure automatic authentication, add Auto_accept:true in/etc/salt/master, and restart the master service.

Test validation:

[[email protected] minions]# Salt ' * ' test.pingMongo3:    Truemongo2:    True

[[email protected] salt]# Salt ' * ' cmd.run ' date 'mongo3:    Mon Sep  7 21:42:13 CSTmongo2:    Mon sep
     7 21:42:14 CST[[email protected] salt]# Salt ' * ' cmd.run ' uptime 'Mongo3:     21:42:18  up 1:44,  1 user,  load average:0.00, 0.00, 0.00Mongo2:     21:42:20  up 1:44,  1 user,  load average: 0.00, 0.00, 0.00    

To remove an unwanted certificate:

[[email protected] minions]# pwd/etc/salt/pki/master/minions[[email protected] minions]# lsmongo2  mongo2.example.com  Mongo3   

Simple test Script:

/srv/salt directory needs to be created manually

[Email protected] minions]# cd/srv/salt/[[email protected] salt]# lstest.sh[[email protected] salt]# cat Te st.sh #!/bin/bashecho "ni hao"[[email protected] salt]# Salt ' * ' Cmd.script salt://test.shMONGO3:------ ---- pid:2617 retcode:0 stderr:stdout:ni haomongo2:---------- pid:1733 retcode:0
                

Salt Beginner's chapter (i)