Saltstack (1) Introduction

Basic principle:

The saltstack uses the C/s mode, and the server side is the master,client end of the salt, which communicates between Minion,minion and master through ZEROMQ Message Queuing. Minion on-line after the first contact with the master, their pub key sent past, then the master side through the SALT-KEY-L command will see Minion key, accept the Minion-key, that is, master and Minion have mutual trust. Master can send any instruction for Minion to execute, Salt has many executable modules, such as the CMD module, which is already self-contained when installing Minion, they are usually in your Python library, locate Salt | Grep/usr/can see all the related modules that the salt comes with. These modules are written in Python, there will be a lot of functions, such as Cmd.run, when we execute the salt ' * ' cmd.run ' uptime ', the master issued a task to match the Minion up, Minion execute the module function, and return the results. Master listens on 4505 and 4506 ports, 4505 corresponds to ZMQ's pub system, which is used to send messages, and 4506 corresponds to the rep system to accept messages.

The steps are as follows

1. The minion between the master and the Salt stack is ZEROMQ for message delivery, using the ZEROMQ publish-subscribe mode, which includes TCP,IPC

2. Salt command, publish the Cmd.run ls command from SALT.CLIENT.LOCALCLIENT.CMD_CLI to master, get a jodid, and follow the Jobid to get the results of the command execution.

3. After master receives the command, the command to be executed is sent to the client minion.

4. Minion receives the command to be processed from the message bus and gives it to minion._handle_aes for processing

5. Minion._handle_aes initiates a local thread calling Cmdmod to execute the LS command. After the thread executes the LS, the Minion._return_pub method is called, and the execution results are returned to the master via the message bus

6. Master receives the result returned by the client, calls the Master._handle_aes method, writes the result in the file

7. SALT.CLIENT.LOCALCLIENT.CMD_CLI get job execution results by polling and output the results to the terminal

Installing Saltstack

[Email protected] ~]# wget https://repo.saltstack.com/yum/amazon/salt-amzn-repo-2016.11-1.amzn1.noarch.rpm

[Email protected] ~]# RPM-IVH salt-amzn-repo-2016.11-1.amzn1.noarch.rpm

Preparing ... ################################# [100%]

Updating/installing ...

1:salt-amzn-repo-2016.11-1.amzn1 ################################# [100%]

[email protected] ~]# Yum install salt-master-y #服务端

[email protected] ~]# yum install salt-minion-y #客户端

[email protected] ~]# yum Install Salt-ssh

[email protected] ~]# yum Install Salt-syndic

[email protected] ~]# yum Install Salt-cloud

[Email protected] ~]# Vim/etc/salt/master

[Email protected] ~]# sed-n ' 15p '/etc/salt/master

interface:0.0.0.0

[[Email protected] ~]# service Salt-master start

Starting Salt-master daemon: [OK]

[Email protected] ~]# lsof-i:4505

COMMAND PID USER FD TYPE DEVICE size/off NODE NAME

Salt-mast 60444 root 12u IPv4 145608 0t0 TCP *:4505 (LISTEN)

[Email protected] ~]# lsof-i:4506

COMMAND PID USER FD TYPE DEVICE size/off NODE NAME

Salt-mast 60464 root 20u IPv4 145637 0t0 TCP *:4506 (LISTEN)

[Email protected] ~]#

[Email protected] ~]# vim/etc/salt/minion

[Email protected] ~]# sed-n ' 17p;79p '/etc/salt/minion

Master:redis01-jp

Id:redis02-jp

[[Email protected] ~]# service salt-minion start

Starting salt-minion daemon: [OK]

[Email protected] ~]#

[Email protected] ~]# salt-key-l

Accepted Keys:

Denied Keys:

unaccepted Keys:

Redis02-jp

Rejected Keys:

[[email protected] ~]# salt-key-a REDIS02-JP add key with the specified ID

The following keys is going to be accepted:

unaccepted Keys:

Redis02-jp

Proceed? [n/y] Y

Key for Minion REDIS02-JP accepted.

[Email protected] ~]# salt-key-l

Accepted Keys:

Redis02-jp

Denied Keys:

unaccepted Keys:

Rejected Keys:

[Email protected] ~]#

About the Master certification:

Basic commands for Salt-key:

Salt-key-l #检测当前server端所有minion端key的情况, three kinds: Receive, wait to receive and reject

Salt-key-a minion_id #指定接收某台minion的key

Salt-key-a #接收Unaccepted all the Minion under keys

salt-key-d minion_id #删除已经接收的机器中指定机器minion key (Accepted keys:)

Salt-key-d #删除已经接收的所有机器 (Accepted Keys:)

Salt-key-y

Automatic authentication

[Email protected]redis01-jp ~]# sed-n ' 215p '/etc/salt/master

Auto_accept:true

[Email protected]redis01-jp ~]# service salt-master restart

Stopping salt-master daemon: [OK]

Starting Salt-master daemon: [OK]

[Email protected]REDIS01-JP ~]#

Usage and help

Salt [options] ' <target> ' <function> [arguments]

-E can use regular expressions to match objects

-l Specifies the object as a list

-G executes the module according to the result of the default grain

-N matches the specified group

Salt ' Sys.doc #查看所有执行模块的doc

Salt ' sys.doc test #查看test模块的帮助

Salt ' * ' Sys.doc test.ping #查看test. Help for the ping function

Salt ' * ' sys.list_functions grains #列出模块的相关函数

This article is from the "11462293" blog, please be sure to keep this source http://11472293.blog.51cto.com/11462293/1884393

Saltstack (1) Introduction