SaltStack入门【Salt-ssh】使用

salt-ssh 介绍
salt-ssh 是 0.17.0 新出现的一个功能,一听这名字就知道它是依赖 ssh 来进行远程命令执行的工具,好处就是你不需要在客户端安装 minion,也不需要安装 master(直接安装 salt-ssh 这个包即可),有点类似 paramiko、pssh、ansible 这类的工具,有些时候你还真的需要 salt-ssh(例如:条件不允许安装 minion、不用长期管理某台 minion) 最最重要的是 salt-ssh 并不只是单纯的 ssh 工具,它支持 salt 大部分的功能,如 grains、modules、state 等

备注

需要注意的是,salt-ssh 并没有继承原来的通讯架构 (ZeroMQ),也就是说它的执行速度啥的都会比较慢
sohu EPEL镜像源 http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm 【推荐国内使用】
EPEL源 http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm
salt-ssh 安装 同样使用epel源

yum install salt-ssh

salt-ssh 使用
salt-ssh 是通过调用 roster 配置文件来实现的,语法很简答,定义 ID、host、user、password 即可

1、定义 roster,让 salt-ssh 生效
默认是在 /etc/salt/roster

# vi /etc/salt/roster
server02:
  host: 192.168.0.2
  user: root
  passwd: abc123

设置完之后就可以进行测试了,语法跟 salt 的一样

# salt-ssh 'server02' test.ping
server02:
    True

2、salt-ssh 不但支持运行 shell 命令,同时它还支持 salt 本身的模块,甚至支持调用 state
执行 shell 命令

[root@server01 salt]# salt-ssh server02 -r 'df -h'
server02:
    ----------
    retcode:
        0
    stderr:
    stdout:
        root@server02's password: 
        Filesystem      Size  Used Avail Use% Mounted on
        /dev/xvda1       20G  9.6G  9.2G  52% /
        tmpfs           1.9G     0  1.9G   0% /dev/shm
        /dev/xvdb        50G  3.0G   44G   7% /opt

调用 salt 本身的模块

[root@server01 salt]# salt-ssh server02 disk.usage
server02:
    ----------
    /:
        ----------
        1K-blocks:
            20641404
        available:
            9577932
        capacity:
            52%
        filesystem:
            /dev/xvda1
        used:
            10014948
........

salt-ssh 实战
使用salt-ssh安装minion
1、编辑 /etc/hosts

vi /etc/hosts

192.168.0.1 server01
192.168.0.2 server02
192.168.0.3 server03
192.168.0.4 server04
192.168.0.5 server05
192.168.0.6 server06

2、编辑 /etc/salt/roster
host 可以使用IP和 主机名

vi /etc/salt/roster

# Sample salt-ssh config file
#web1:
#  host: 192.168.42.1 # The IP addr or DNS hostname
#  user: fred         # Remote executions will be executed as user fred
#  passwd: foobarbaz  # The password to use for login, if omitted, keys are used
#  sudo: True         # Whether to sudo to root, not enabled by default
#web2:
#  host: 192.168.42.2
server02:
 host: server02
 user: root
 passwd: test01
server03:
 host: server03
 user: root
 passwd: test01
server04:
 host: server04
 user: root
 passwd: test01
server05:
 host: server05
 user: root
 passwd: test01
server06:
 host: server06
 user: root
 passwd: test01

3、编辑salt_install.sls

[root@server01 salt]# cat salt_install.sls 
epel_install:
  file.managed:
    - name: /root/epel-release-6-8.noarch.rpm
    - source: salt://epel-release-6-8.noarch.rpm
    - user: root
    - group: root
  cmd.run:
    - name: rpm -ivh /root/epel-release-6-8.noarch.rpm
    - unless: test -f /etc/yum.repos.d/epel.repo
    - require:
      - file: epel_install

conf_epel:
  file.managed:
    - name: /etc/yum.repos.d/epel.repo
    - source: salt://minions/epel.repo
    - user: root
    - group: root
    - mode: 644
salt_install:
  pkg.installed:
    - name: salt-minion
  file.managed:
    - name: /etc/salt/minion
    - source: salt://minions/minion04
    - require:
      - pkg: salt-minion

4、这里可以创建一个shell脚本来完成minion端配置文件ID 的更改和启动服务

[root@server01 salt]# cat bushu.sh 
#!/bin/bash
export PATH=$PATH
cd /srv/salt/
salt-ssh '*' state.sls salt_install

for i in {02..06}
do ssh root@server$i "sed -i 's/^id.*/id: server$i/' /etc/salt/minion"; #更改每个minion的id
   ssh root@server$i service salt-minion restart;
done;
[root@server01 salt]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
server02
server03
server04
server05
server06

5、添加KEY

[root@server01 salt]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
server02
server03
server04
server05
server06
Proceed? [n/Y] y
Key for minion server02 accepted.
Key for minion server03 accepted.
Key for minion server04 accepted.
Key for minion server05 accepted.
Key for minion server06 accepted.

这样就完成了salt-minion的批量安装和部署。

发表评论