Basic principle:
The saltstack uses the C/s mode, and the server side is the master,client end of the salt, which communicates between Minion,minion and master through ZEROMQ Message Queuing. Minion on-line after the first contact with the master, their pub key sent past, then the master side through the SALT-KEY-L command will see Minion key, accept the Minion-key, that is, master and Minion have mutual trust. Master can send any instruction for Minion to execute, Salt has many executable modules, such as the CMD module, which is already self-contained when installing Minion, they are usually in your Python library, locate Salt | Grep/usr/can see all the related modules that the salt comes with. These modules are written in Python, there will be a lot of functions, such as Cmd.run, when we execute the salt ' * ' cmd.run ' uptime ', the master issued a task to match the Minion up, Minion execute the module function, and return the results. Master listens on 4505 and 4506 ports, 4505 corresponds to ZMQ's pub system, which is used to send messages, and 4506 corresponds to the rep system to accept messages.
The steps are as follows
1. The minion between the master and the Salt stack is ZEROMQ for message delivery, using the ZEROMQ publish-subscribe mode, which includes TCP,IPC
2. Salt command, publish the Cmd.run ls command from SALT.CLIENT.LOCALCLIENT.CMD_CLI to master, get a jodid, and follow the Jobid to get the results of the command execution.
3. After master receives the command, the command to be executed is sent to the client minion.
4. Minion receives the command to be processed from the message bus and gives it to minion._handle_aes for processing
5. Minion._handle_aes initiates a local thread calling Cmdmod to execute the LS command. After the thread executes the LS, the Minion._return_pub method is called, and the execution results are returned to the master via the message bus
6. Master receives the result returned by the client, calls the Master._handle_aes method, writes the result in the file
7. SALT.CLIENT.LOCALCLIENT.CMD_CLI get job execution results by polling and output the results to the terminal
Installing Saltstack
[Email protected] ~]# wget https://repo.saltstack.com/yum/amazon/salt-amzn-repo-2016.11-1.amzn1.noarch.rpm
[Email protected] ~]# RPM-IVH salt-amzn-repo-2016.11-1.amzn1.noarch.rpm
Preparing ... ################################# [100%]
Updating/installing ...
1:salt-amzn-repo-2016.11-1.amzn1 ################################# [100%]
[email protected] ~]# Yum install salt-master-y #服务端
[email protected] ~]# yum install salt-minion-y #客户端
[email protected] ~]# yum Install Salt-ssh
[email protected] ~]# yum Install Salt-syndic
[email protected] ~]# yum Install Salt-cloud
[Email protected] ~]# Vim/etc/salt/master
[Email protected] ~]# sed-n ' 15p '/etc/salt/master
interface:0.0.0.0
[[Email protected] ~]# service Salt-master start
Starting Salt-master daemon: [OK]
[Email protected] ~]# lsof-i:4505
COMMAND PID USER FD TYPE DEVICE size/off NODE NAME
Salt-mast 60444 root 12u IPv4 145608 0t0 TCP *:4505 (LISTEN)
[Email protected] ~]# lsof-i:4506
COMMAND PID USER FD TYPE DEVICE size/off NODE NAME
Salt-mast 60464 root 20u IPv4 145637 0t0 TCP *:4506 (LISTEN)
[Email protected] ~]#
[Email protected] ~]# vim/etc/salt/minion
[Email protected] ~]# sed-n ' 17p;79p '/etc/salt/minion
Master:redis01-jp
Id:redis02-jp
[[Email protected] ~]# service salt-minion start
Starting salt-minion daemon: [OK]
[Email protected] ~]#
[Email protected] ~]# salt-key-l
Accepted Keys:
Denied Keys:
unaccepted Keys:
Redis02-jp
Rejected Keys:
[[email protected] ~]# salt-key-a REDIS02-JP add key with the specified ID
The following keys is going to be accepted:
unaccepted Keys:
Redis02-jp
Proceed? [n/y] Y
Key for Minion REDIS02-JP accepted.
[Email protected] ~]# salt-key-l
Accepted Keys:
Redis02-jp
Denied Keys:
unaccepted Keys:
Rejected Keys:
[Email protected] ~]#
About the Master certification:
Basic commands for Salt-key:
Salt-key-l #检测当前server端所有minion端key的情况, three kinds: Receive, wait to receive and reject
Salt-key-a minion_id #指定接收某台minion的key
Salt-key-a #接收Unaccepted all the Minion under keys
salt-key-d minion_id #删除已经接收的机器中指定机器minion key (Accepted keys:)
Salt-key-d #删除已经接收的所有机器 (Accepted Keys:)
Salt-key-y
Automatic authentication
[Email protected]redis01-jp ~]# sed-n ' 215p '/etc/salt/master
Auto_accept:true
[Email protected]redis01-jp ~]# service salt-master restart
Stopping salt-master daemon: [OK]
Starting Salt-master daemon: [OK]
[Email protected]REDIS01-JP ~]#
Usage and help
Salt [options] ' <target> ' <function> [arguments]
-E can use regular expressions to match objects
-l Specifies the object as a list
-G executes the module according to the result of the default grain
-N matches the specified group
Salt ' Sys.doc #查看所有执行模块的doc
Salt ' sys.doc test #查看test模块的帮助
Salt ' * ' Sys.doc test.ping #查看test. Help for the ping function
Salt ' * ' sys.list_functions grains #列出模块的相关函数
This article is from the "11462293" blog, please be sure to keep this source http://11472293.blog.51cto.com/11462293/1884393
Saltstack (1) Introduction