梗概:在master端部署,远程推送到任意minion
向server6推送apache服务,向server7推送nginx服务
实验环境
1:salt-master server4 172.25.254.4(也可以做minion)
salt-minion server6 172.25.254.6
salt-minion server7 172.25.254.7
server6 .7 开启服务 更配置文件的master指向
[root@server6 ~]# cd /etc/salt/
[root@server6 salt]# vim minion
[root@server6 salt]# /etc/init.d/salt-minion start
Starting salt-minion:root:server6 daemon: OK
server4:直接开启无需修改配置文件
[root@server4 ~]# /etc/init.d/salt-master start
Starting salt-master daemon: [ OK ]
[root@server4 ~]# salt-key -L
[root@server4 ~]# salt-key -A
[root@server4 ~]# salt-key -L
小测一下
[root@server4 ~]# yum install lsof -y
[root@server4 ~]# lsof -i :4505
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
salt-mast 1303 root 16u IPv4 36126 0t0 TCP *:4505 (LISTEN)
salt-mast 1303 root 18u IPv4 38962 0t0 TCP server4:4505->server7:40374 (ESTABLISHED)
salt-mast 1303 root 19u IPv4 38977 0t0 TCP server4:4505->server6:39404 (ESTABLISHED)
[root@server4 ~]# yum install python-setproctitle
master与minion密钥比对:
[root@server4 cache]# cd /etc/salt/pki/
[root@server4 pki]# ls
master minion
[root@server4 pki]# cd master/
[root@server4 master]# ls
master.pem minions minions_denied minions_rejected
master.pub minions_autosign minions_pre
[root@server4 master]# md5sum master.pub
65b899b452ab4ddd380ea58f2461f356 master.pub
[root@server6 minion]# md5sum minion_master.pub
65b899b452ab4ddd380ea58f2461f356 minion_master.pub
[root@server7 minion]# md5sum minion_master.pub
65b899b452ab4ddd380ea58f2461f356 minion_master.pub树状节点查看:
[root@server4 master]# tree .
.
├── master.pem
├── master.pub
├── minions
│ ├── server6
│ └── server7
├── minions_autosign
├── minions_denied
├── minions_pre
└── minions_rejected
根据配置文件创建发布目录:
[root@server4 salt]# mkdir /srv/salt
[root@server4 etc]# cd /etc/salt/
[root@server4 salt]# vim master
file_roots:
base:
- /srv/salt/
[root@server4 salt]# /etc/init.d/salt-master restart
apache 服务建立与推送
[root@server4 salt]# cd /srv/salt/
[root@server4 salt]# mkdir apache
[root@server4 salt]# ls
apache
[root@server4 salt]# cd apache/
[root@server4 salt]# vim install.sls
[root@server4 salt]# cat install.sls
httpd:
pkg.installed
[root@server4 apache]# salt server6 state.sls apache.install
Summary for server6
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
Total run time: 11.112 s搭建的http服务:查看
server6 查看:
[root@server6 ~]# cd /var/cache/salt/
[root@server6 salt]# tree .
.
└── minion
├── accumulator
├── extmods
├── files
│ └── base
│ └── apache
│ └── install.sls
├── highstate.cache.p
├── proc
└── sls.pmater与minion之间密钥的查看
[root@server4 apache]# pwd
/srv/salt/apache
[root@server4 apache]# md5sum install.sls
fb86992808eaae5d6085e238d53c6e4e install.sls
[root@server6 apache]# pwd
/var/cache/salt/minion/files/base/apache
[root@server6 apache]# ls
install.sls
[root@server6 apache]# md5sum install.sls
fb86992808eaae5d6085e238d53c6e4e install.sls
开启server6的http 服务:(格式很严格)
[root@server4 apache]# vim install.sls
[root@server4 apache]# cat install.sls
httpd:
pkg.installed
apache:
service.running:
- name: httpd
- enable: True
[root@server4 apache]# salt server6 state.sls apache.install开启的http服务查看:
完善服务:比如要更改配置http文件
[root@server4 files]# pwd
/srv/salt/apache/files
[root@server4 apache]# mkdir files
[root@server4 files]# scp server6:/etc/httpd/conf/httpd.conf .
[root@server4 apache]# cat install.sls
apache-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-mysql
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
- mode: 644
- user: root
- group: root
service.running:
- name: httpd
- enable: True
- watch:
- file: apache-install
[root@server4 apache]# salt server6 state.sls apache.install
---------
ID: apache-install
Function: pkg.installed
Result: True
Comment: The following packages were installed/updated: php, php-mysql
The following packages were already installed: httpd
Started: 13:49:53.339754
Duration: 10878.438 ms
Changes:
----------
当改变master端/srv/salt/apache/files/httpd.conf的配置时,
比如改变监听端口由80到8080 ,当推送过去就会生效
[root@server4 files]# pwd
/srv/salt/apache/files
[root@server4 files]# vim httpd.conf
Listen 8080
[root@server4 files]# salt server6 state.sls apache.install
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 80 画重点 变化啦
+Listen 8080
#
# Dynamic Shared Object (DSO) Support
----------
部署nginx 源码安装及推送
推送的内容可以提前查看是否成功
[root@server4 salt]# mkdir nginx
[root@server4 salt]# ls
apache nginx
[root@server4 salt]# cd nginx/
[root@server4 nginx]# mkdir files
[root@server4 files]# scp root@172.25.254.154:/home/kiosk/Desktop/nginx-1.14.0.tar.gz .
[root@server4 files]# ls
nginx-1.14.0.tar.gz
[root@server4 salt]# cd nginx/
[root@server4 nginx]# vim install.sls
[root@server4 nginx]# cat install.sls
nginx-install:
file.managed:
- name: /mnt/nginx-1.14.0.tar.gz
- source: salt://nginx/files/nginx-1.14.0.tar.gz
[root@server4 nginx]# salt server7 state.sls nginx.install
[root@server4 salt]# mkdir pkgs 用于公共的安装(可用可不用)
[root@server4 salt]# cd pkgs/
[root@server4 pkgs]# vim make.install
[root@server4 pkgs]# cat make.install
gcc-make:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
[root@server4 salt]# cd nginx/
[root@server4 nginx]# vim install.sls
[root@server4 nginx]# cat install.sls
nginx-install:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
file.managed:
- name: /mnt/nginx-1.14.0.tar.gz
- source: salt://nginx/files/nginx-1.14.0.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 &&sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc &&./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-threads --with-file-aio --with-http_stub_status_module &>/dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/nginx
[root@server4 nginx]# salt server7 state.sls nginx.install
或者这幺写:利用公共的pkgs
server7端查看ok
高级推 :写个总结一起推
[root@server4 salt]# vim top.sls
[root@server4 salt]# cat top.sls
base:
"server6":
- apache.install
"server7":
- nginx.install成功:
成功
恩推haproxy 下继续
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
