本文介绍如何使用SaltStack实现自动化部署流程,包括配置文件结构、安装salt-minion、配置minion节点及通过reactor实现自动接受密钥等关键步骤。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
[root@bogon salt]# cat master
file_roots: base:
- /srv/salt/base
prod:
- /srv/salt/prod
interface: 192.168.88.3
reactor: - 'salt/auth':
- /srv/reactor/Minion.sls
- 'salt/minion/*/start':
- /srv/reactor/auto.sls
[root@bogon salt]# cat roster
m10: host: 192.168.88.6
user: root
passwd: 123456
/srv/salt目录结构
conf install.sls yum.repos.d[root@bogon minions]# cat install.sls
minion_yum: file.recurse:
- name: /etc/yum.repos.d
- source: salt://minions/yum.repos.d
- user: root
- group: root
- file_mode: 644
- dir_mode: 755
- include_empty: True
minion_install: pkg.installed:
- pkgs:
- salt-minion
- require:
- file: minion_yum
- unless: rpm -qa | grep salt-minion
minion_conf: file.managed:
- name: /etc/salt/minion
- source: salt://minions/conf/minion
- user: root
- group: root
- mode: 640
- require:
- pkg: minion_install
minion_service: service.running:
- name: salt-minion
- enable: True
- require:
- file: minion_conf
[root@bogon minions]# cat conf/minion
master: 192.168.88.3
id: m10
这样可以完成自动验证[root@bogon salt]# cat master
file_roots: base:
- /srv/salt/base
prod:
- /srv/salt/prod
interface: 192.168.88.3
reactor: - 'salt/auth':
- /srv/reactor/Minion.sls
- 'salt/minion/*/start':
- /srv/reactor/auto.sls
[root@bogon salt]# cat /srv/reactor/Minion.sls
{% if 'act' in data and data['act'] == 'pend' %}
minion_add: wheel.key.accept:
- match: {{ data['id'] }}
{% endif %}
[root@bogon salt]# cat /srv/reactor/auto.sls
run_state: local.state.sls:
- tgt: {{ data['id'] }}
- arg:
- shencan
run_init: local.cmd.run:
- tgt: {{ data['id'] }}
- arg:
- echo initsok >>/tmp/cpis
|
salt-ssh -i '*' state.sls minions.install
总是研究一个东西,被很多东西诱惑,搞到最后目标都没了。靠。
参考 http://zkhylt.blog.51cto.com/3638719/1782990
salt升级
https://repo.saltstack.com/yum
yum install salt-minion python26-zmq -y
#yum install --downloadonly --downloaddir=/home salt-2016
先决条件,全部在master操作
vim /etc/hosts
172.1.1.2 id1
vim /etc/salt/roster
id1:
host: 172.1.1.2
user: root
passwd: xx
master 172.1.1.1
|
1
2
3
4
5
6
7
8
|
[root@nginx minions]# tree
.├── conf│ └── minion├── install.sls└── yum.repos.d ├── Centos-Base-6.repo
└── salt-latest.repo
|
[root@nginx minions]# cat /etc/salt/master
file_roots:
base:
- /srv/salt
prod:
- /srv/salt/prod
minion:
- /srv/salt/minions
interface: 172.1.1.1
nodegroups:
mysql: 'id1'
cd /srv/salt/minions
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
[root@nginx minions]# cat install.sls
minion_yum: file.recurse:
- name: /etc/yum.repos.d
- source: salt://minions/yum.repos.d
- user: root
- group: root
- file_mode: 644
- dir_mode: 755
- include_empty: True
minion_install: pkg.installed:
- pkgs:
- salt-minion
- require:
- file: minion_yum
- unless: rpm -qa | grep salt-minion
minion_conf: file.managed:
- name: /etc/salt/minion
- source: salt://minions/conf/minion
- user: root
- group: root
- mode: 640
- template: jinja
- defaults:
minion_id: {{ grains['fqdn_ip4'][0]}}
- require:
- pkg: minion_install
minion_service: service.running:
- name: salt-minion
- enable: True
- require:
- file: minion_conf
|
cat /srv/salt/minions/conf/minion
master: 172.1.1.1
id: id1
写完后,运行命令
任何目录 salt-ssh -i '*' state.sls minions.install
salt-ssh -ir '*' 'ps aux | grep salt' | grep salt | grep -v grep| wc -l ##查看安装minion端的salt-minion进程是否运行,一个客户端运行一个salt-minion服务
完毕。
扫一扫
18
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
