salt-syndic部署

原创

he_tui 2021-07-22 22:10:32 ©著作权

文章标签 linux 文章分类 运维

©著作权归作者所有：来自51CTO博客作者he_tui的原创作品，请联系作者获取转载授权，否则将追究法律责任

salt-syndic部署

环境

主机IP	主机名	安装的应用
192.168.11.120	Master	salt-master
192.168.11.125	Syndic	salt-master salt-syndic
192.168.11.121	Minion1	salt-minion
192.168.11.122	Minion2	salt-minion

关闭防火墙

[root@master ~]# systemctl stop firewalld.service 
[root@master ~]# setenforce 0

配置master

修改master的master配置文件

取消注释order_master
将order_master的值设为True

[root@master ~]# vim /etc/salt/master
# Set the order_masters setting to True if this master will command lower
# masters' syndic interfaces.
#order_masters: False    #在下面加一行另写，或者取消注释改为True
order_masters: True
[root@master ~]# systemctl enable salt-master
[root@master ~]# systemctl restart salt-master

配置syndic

修改syndic所在主机的master配置文件

取消注释syndic_master
将syndic_master的值设为master的IP

[root@syndic ~]# yum -y install salt-master salt-syndic   
[root@syndic ~]# vim /etc/salt/master
# If this master will be running a salt syndic daemon, syndic_master tells
# this master where to receive commands from.
#syndic_master: masterofmasters  
syndic_master: 192.168.11.120
[root@syndic ~]# systemctl enable salt-master
[root@syndic ~]# systemctl enable salt-syndic
[root@syndic ~]# systemctl restart salt-master
[root@syndic ~]# systemctl restart salt-syndic

配置minion

配置minion，将master指向syndic所在主机

[root@minion1 ~]# vim /etc/salt/minion
# resolved, then the minion will fail to start.
#master: salt
master: 192.168.11.125

[root@minion2 ~]# vim /etc/salt/minion
# resolved, then the minion will fail to start.
#master: salt
master: 192.168.11.125

[root@minion1 ~]# systemctl start salt-minion.service 
[root@minion1 ~]# systemctl enable salt-minion.service 

[root@minion2 ~]# systemctl start salt-minion.service 
[root@minion2 ~]# systemctl enable salt-minion.service

在syndic上接受minion主机的key

[root@syndic ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
minion1
minion2
Rejected Keys:
[root@syndic ~]# salt-key -yA
The following keys are going to be accepted:
Unaccepted Keys:
minion1
minion2
Key for minion minion1 accepted.
Key for minion minion2 accepted.
[root@syndic ~]# salt-key -L
Accepted Keys:
minion1
minion2
Denied Keys:
Unaccepted Keys:
Rejected Keys:

在master上接受syndic主机的key

[root@master ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
syndic
Rejected Keys:
[root@master ~]# salt-key -yA
The following keys are going to be accepted:
Unaccepted Keys:
syndic
Key for minion syndic accepted.
[root@master ~]# salt-key -L
Accepted Keys:
syndic
Denied Keys:
Unaccepted Keys:
Rejected Keys:

在master上执行模块或状态检验有几个minion应答

[root@master ~]# salt '*' test.ping
minion2:
    True
minion1:
    True

[root@master ~]# salt '*' cmd.run 'date'
minion2:
    Thu Jul 22 23:01:28 EDT 2021
minion1:
    Thu Jul 22 23:01:28 EDT 2021