Saltstack
类似于puppet
salt的核心功能
使用命令 发送到远程系统是并行的而不是串行的
使用安全加密的协议
使用最小最快的网络载荷
提供简单的编程接口
Python编写,相当轻量级
通讯层采用zeromq
安装:
master:
[root@yz6205 ~]# yum -y install epel-release
[root@yz6205 ~]# rpm -q epel-release
epel-release-6-8.noarch
[root@yz6205 ~]# yum -y install salt-master
[root@yz6245 ~]# salt '*' test.ping
minion-yz6205:
True
[root@yz6245 ~]# salt 'minio?-yz6205' test.ping
minion-yz6205:
True
正则表达式
[root@yz6245 ~]# salt -E '(minion|minion)-yz6205' test.ping
minion-yz6205:
True
客户端只有一台,所以只出现一条
[root@yz6245 ~]# cat /etc/salt/states/top.sls
base:
'minion.yz205':
- match: pcre #支持正则表达式来匹配
- init.pkg
问题:
[root@yz6245 ~]# salt '*' state.highstate
minion-yz6205:
----------
ID: states
Function: no.None
Result: False
Comment: No Top file or external nodes data matches found
Started:
Duration:
Changes:
Summary
------------
Succeeded: 0
Failed: 1
------------
Total states run: 1
解决:
[root@yz6245 ~]# salt '*' saltutil.is_running state.highstate
minion-yz6205:
[root@yz6245 ~]# salt '*' cmd.exec_code python 'import sys; print sys.version'
minion-yz6205:
2.7.8 (default, Jun 19 2016, 09:11:46)
[GCC 4.4.6 20110731 (Red Hat 4.4.6-3)]
文件系统
1,修改配置文件
2,创建目录
3,写sls文件
远程执行
配置管理
云管理
[root@yz6245 conf]# salt '*' cmd.run 'uptime'
[root@yz6245 init]# salt 'yz3139.hadoop.data.sina.com.cn' state.sls init.pkg
yz3139.hadoop.data.sina.com.cn:
----------
ID: pkg.init
Function: pkg.installed
Name: mtr
Result: True
Comment: Package mtr is already installed
Started: 15:58:43.623924
Duration: 2464.369 ms
Changes:
----------
ID: pkg.init
Function: pkg.installed
Name: nmap
Result: True
Comment: The following packages were installed/updated: nmap
Started: 15:58:46.088615
Duration: 10325.329 ms
Changes:
----------
nmap:
----------
new:
2:5.51-3.el6
old:
----------
ID: pkg.init
Function: pkg.installed
Name: lrzsz
Result: True
Comment: Package lrzsz is already installed
Started: 15:58:56.430125
Duration: 1.079 ms
Changes:
Summary
------------
Succeeded: 3 (changed=1)
Failed: 0
------------
Total states run: 3
10.39.3.145
文件管理:
limit-conf-config:
file.managed:
- name: /etc/security/limits.conf
- source: salt://init/files/limits.conf
- user: root
- group: root
- mode: 644
[root@yz6245 MySQL-python-1.2.3]# salt 'yz3145.hadoop.data.sina.com.cn' grains.items
[root@yz6245 MySQL-python-1.2.3]# salt 'yz3145.hadoop.data.sina.com.cn' grains.items os
[root@yz6245 MySQL-python-1.2.3]# salt 'yz3145.hadoop.data.sina.com.cn' grains.ls
[root@yz6245 MySQL-python-1.2.3]# salt 'yz3145.hadoop.data.sina.com.cn' grains.get os
yz3145.hadoop.data.sina.com.cn:
CentOS
[root@yz6245 MySQL-python-1.2.3]# salt -G 'os:Centos' test.ping
yz3139.hadoop.data.sina.com.cn:
True
yz3145.hadoop.data.sina.com.cn:
True
yz6205.hadoop.data.sina.com.cn:
[root@yz6245 MySQL-python-1.2.3]# salt -G 'os:Suse' test.ping
No minions matched the target. No command was sent, no jid was assigned.
grains:
roles:nginx
env:prod
[root@yz6245 MySQL-python-1.2.3]# salt -G 'env:prod' test.ping
yz3145.hadoop.data.sina.com.cn:
True
[root@yz6245 MySQL-python-1.2.3]# salt '*' saltutil.sync_grains #刷新客户端配置
yz3139.hadoop.data.sina.com.cn:
yz3145.hadoop.data.sina.com.cn:
yz6205.hadoop.data.sina.com.cn:
[root@yz6245 MySQL-python-1.2.3]# salt -G 'cloud:openstack' test.ping
yz3145.hadoop.data.sina.com.cn:
True
[root@yz6245 states]# cat top.sls
base:
'(yz3139|yz3145).hadoop.data.sina.com.cn':
- match: pcre #支持正则表达式来匹配
- init.pkg
- init.limit
'roles:nginx':
- match: grain
- init.pkg
[root@yz6245 states]# salt 'yz3145.hadoop.data.sina.com.cn' pillar.items
yz3145.hadoop.data.sina.com.cn:
----------
master:
----------
__role:
master
alternative.mysql.db:
salt
pillar:
468 pillar_roots:
469 base:
470 - /etc/salt/pillar
mkdir /etc/salt/pillar
pillar/top.sls
base:
'*':
- init.rsyslog
/etc/salt/pillar/init
[root@yz6245 states]# salt '*' pillar.item syslog
yz3145.hadoop.data.sina.com.cn:
----------
syslog:
rsyslog
yz3139.hadoop.data.sina.com.cn:
----------
syslog:
rsyslog
yz6205.hadoop.data.sina.com.cn:
----------
syslog:
rsyslog
[root@yz6245 states]# salt -I 'syslog:rsyslog' test.ping
yz3145.hadoop.data.sina.com.cn:
True
yz3139.hadoop.data.sina.com.cn:
True
yz6205.hadoop.data.sina.com.cn:
True
[root@yz6245 files]# salt '*' state.highstate test=True
[root@yz6245 files]# salt 'yz3145.hadoop.data.sina.com.cn' state.highstate