Saltstack是一個大型分布式的配置管理系統(安裝更新解除安裝軟體,檢測環境),也是一個遠端指令執行系統。通過c/s的模型實作。伺服器端對遠端客戶機的操作:
Saltstack部署:
部署要求:兩台機器網絡互通,最好關閉防火牆。關閉selinux.
1、修改/etc/hosts
[root@www salt]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.63.129 www.omsclient.com
192.168.63.163 www.oms.com
2、安裝服務端:
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install
yum install salt-master -y
啟動:
/etc/init.d/salt-master start
3、安裝用戶端:
yum install salt-minion -y
修改配置檔案指向伺服器:
[root@www salt]# vi /etc/salt/minion
[root@www salt]# /etc/init.d/salt-minion start
到此,安裝已經完成。伺服器端執行 .salt-key list就可以檢視到用戶端了,但是我實驗的時候遇到幾個問題這裡點出來一下:
一、[root@www ~]# salt-key list
Accepted Keys:
ip-50-63-202-30.ip.secureserver.net
Unaccepted Keys:
Rejected Keys:
這裡顯然沒有加載到,看日志檔案發現用戶端,有這樣一行報錯:
二、[root@www salt]# cat /var/log/salt/minion
[salt.crypt ][CRITICAL] The Salt Master has rejected this
minion's public key!
To repair this issue, delete the public key for this minion on the Salt Master and
restart this minion.
Or restart the Salt Master in open mode to clean out the keys. The Salt Minion will now
exit.
三、不知道什麼意思、debug檢視情況:
[root@www salt]# salt-minion -l debug
[INFO ] Setting up the Salt Minion "ip-50-63-202-30.ip.secureserver.net"
[DEBUG ] Created pidfile: /var/run/salt-minion.pid
[DEBUG ] Reading configuration from /etc/salt/minion_id:ip-50-63-202-30.ip.secureserver.net
#看到這裡應該明白為什麼我們主機名那裡不知道了,因為salt是從/etc/salt/mimion_id去讀取主機名:
四、修改主機名、情況緩存:
[root@www salt]# vi /etc/salt/minion_id
[root@www salt]# rm -rf minion.d
五、執行指令試試:還是報錯。原來是還沒有加載key導緻:
[root@www ~]# salt 'www.omsclient.com' test ping
No minions matched the target. No command was sent, no jid was assigned.
六、用戶端開啟debug、master加載key;
[root@www ~]# salt-key -A
The following keys are going to be accepted:
www.oms.com
www.omsclient.com
Proceed? [n/Y] y
Key for minion www.oms.com accepted.
Key for minion www.omsclient.com accepted.
七、完成,測試一下指令:
<a href="http://s3.51cto.com/wyfs02/M01/57/B0/wKioL1SidmKChlfhAADzj7y8Uao377.jpg" target="_blank"></a>
本文轉自 小羅ge11 51CTO部落格,原文連結:http://blog.51cto.com/xiaoluoge/1597889,如需轉載請自行聯系原作者