Saltstack一般认为是puppet的简化版和func的加强版
安装:
部署环境:
角色 hostname ip 操作系统 python版本 master master 192.168.224.141 CentOS release 6.4 (Final) Python 2.6.6 minion001 minion001 192.168.224.142 CentOS release 6.4 (Final) Python 2.6.6 minion002 minion002 192.168.224.143 CentOS release 6.4 (Final) Python 2.6.6
2.安装EPEL
rpm -Uvh yum upgrade ca-certificates --disablerepo=epel -y
3.主控端(master)安装
yum install salt-master -y chckconfig salt-master on /etc/init.d/salt-master start
4.被控端安装(minion001,minion002)
yum install salt-minion -y chckconfig salt-minion on /etc/init.d/salt-minion start
5.主控端(master)防火墙配置:
iptables -I INPUT -m state --state new -m tcp -p tcp --dport 4505 -j ACCEPT iptables -I INPUT -m state --state new -m tcp -p tcp --dport 4506 -j ACCEPT
6.主控端(master)配置文件/etc/salt/master(只保留以下内容):
/etc/salt/master:
interface: 192.168.224.141 auto_accept: True file_roots: base: - /srv/salt
注意,每行开始前有两个空格,冒号后有一个空格
重启:
/etc/init.d/salt-master restart
7.被控端(minion001,minion002)配置文件:/etc/salt/minion(只保留以下内容):
注意,开始处的两个空格,冒号后一个空格
1)minion001
/etc/salt/minion:
master: 192.168.224.141 id: minion001
重启
/etc/init.d/salt-minion restart
2)minion002
/etc/salt/minion:
master: 192.168.224.141 id: minion002
重启
/etc/init.d/salt-minion restart
8.在主控端(master)测试安装是否成功:
salt '*' test.ping ###返回True表示安装成功
9.补充
如果,在master的/etc/salt/master 配置文件中没有配置:auto_accept: True,则需要通过以下命令手动操作:
salt-key -L ##列出所有认证和未认证的id
salt-key -D ##删除所有认证id
salt-key-d id ##删除指定的id
salt-key -A ##授权所有证书请求
salt-key-a id ##授权指定id证书请求
yum安装时遇到以下错误:
Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again
解决:
yum upgrade ca-certificates --disablerepo=epel -y
