Saltstack是一个大型分布式的配置管理系统(安装升级卸载软件,检测环境),也是一个远程命令执行系统。通过c/s的模型实现。服务器端对远程客户机的操作:
Saltstack部署:
部署要求:两台机器网络互通,最好关闭防火墙。关闭selinux.
1、修改/etc/hosts
[root@www salt]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.63.129 www.omsclient.com
192.168.63.163 www.oms.com
2、安装服务端:
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install
yum install salt-master -y
启动:
/etc/init.d/salt-master start
3、安装客户端:
yum install salt-minion -y
修改配置文件指向服务器:
[root@www salt]# vi /etc/salt/minion
[root@www salt]# /etc/init.d/salt-minion start
到此,安装已经完成。服务器端执行 .salt-key list就可以查看到客户端了,但是我实验的时候遇到几个问题这里点出来一下:
一、[root@www ~]# salt-key list
Accepted Keys:
ip-50-63-202-30.ip.secureserver.net
Unaccepted Keys:
Rejected Keys:
这里显然没有加载到,看日志文件发现客户端,有这样一行报错:
二、[root@www salt]# cat /var/log/salt/minion
[salt.crypt ][CRITICAL] The Salt Master has rejected this
minion's public key!
To repair this issue, delete the public key for this minion on the Salt Master and
restart this minion.
Or restart the Salt Master in open mode to clean out the keys. The Salt Minion will now
exit.
三、不知道什么意思、debug查看情况:
[root@www salt]# salt-minion -l debug
[INFO ] Setting up the Salt Minion "ip-50-63-202-30.ip.secureserver.net"
[DEBUG ] Created pidfile: /var/run/salt-minion.pid
[DEBUG ] Reading configuration from /etc/salt/minion_id:ip-50-63-202-30.ip.secureserver.net
#看到这里应该明白为什么我们主机名那里不知道了,因为salt是从/etc/salt/mimion_id去读取主机名:
四、修改主机名、情况缓存:
[root@www salt]# vi /etc/salt/minion_id
[root@www salt]# rm -rf minion.d
五、执行命令试试:还是报错。原来是还没有加载key导致:
[root@www ~]# salt 'www.omsclient.com' test ping
No minions matched the target. No command was sent, no jid was assigned.
六、客户端开启debug、master加载key;
[root@www ~]# salt-key -A
The following keys are going to be accepted:
www.oms.com
www.omsclient.com
Proceed? [n/Y] y
Key for minion www.oms.com accepted.
Key for minion www.omsclient.com accepted.
七、完成,测试一下命令:
<a href="http://s3.51cto.com/wyfs02/M01/57/B0/wKioL1SidmKChlfhAADzj7y8Uao377.jpg" target="_blank"></a>
本文转自 小罗ge11 51CTO博客,原文链接:http://blog.51cto.com/xiaoluoge/1597889,如需转载请自行联系原作者
![BurpSuite2021系列(七)Repeater详解[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)