Saltstack安装部署及实践
2024-05-09 09:48:56
Saltstack
Salt,,一种全新的基础设施管理方式,部署轻松,在几分钟内可运行起来,扩展性好,很容易管理上万台服务器,速度够快,服务器之间秒级通讯。Salt底层采用动态的连接总线, 使其可以用于编配, 远程执行, 配置管理等等.
安装
环境:
server1:172.25.24.1
server2:172.25.24.2
物理机:172.25.24.250
server1
vim /etc/yum.repos.d/rhel-source.repo
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.24.250/rhel6.5
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release[saltstack]
name=saltstack
baseurl=http://172.25.24.250/saltstack/rhel6
gpgcheck=0yum install -y salt-master
/etc/init.d/salt-master start
server2
vim /etc/yum.repos.d/rhel-source.repo
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.24.250/rhel6.5
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release[saltstack]
name=saltstack
baseurl=http://172.25.24.250/saltstack/rhel6
gpgcheck=0
yum install -y salt-minion
vim /etc/salt/minion
/etc/init.d/salt-minion start #启动minion
server1
salt-key -L
salt-key -A # 添加全部节点 -a指定添加节点
salt server2 test.ping #这里用的是python模块
salt server2 cmd.run hostname
Salt 自动安装httpd
yum install -y python-setproctitle.x86_64
vim /etc/salt/master
mkdir /srv/salt
/etc/init.d/salt-master restart #重启master
vim /srv/salt/apache/install.sls #sls文件有严格语法要求,书写时需注意,可参考官方文档:http://docs.saltstack.cn/topics/yaml/index.html
apache-install:pkg.installed:- pkgs:- httpd- php- php-mysql
salt server2 state.sls apache.install
在server2查看
server1
mkdir /srv/salt/apache/files
vim /srv/salt/apache/install.sls
apache-install:
pkg.installed:- pkgs:- httpd- php- php-mysqlfile.managed:- name: /etc/httpd/conf/httpd.conf- source: salt://apache/files/httpd.conf- mode: 644- user: root- group: root
service.running:
- name: httpd
- enable: True
- watch:
- file: apache-install
server2
scp /etc/httpd/conf/httpd.conf server1:/srv/salt/apache/files
server1
vim /srv/salt/apache/files/httpd.conf # 修改端口为8080
salt server2 state.sls apache.install
server2
netstat -antlp | grep httpd
Nginx源码编译并启动
cd /srv/salt
mkdir pkgs
mkdir nginx/files -p #需在/srv/salt/nginx/files/ 中放入nginx源码包,配置文件和启动脚本
vim pkgs/make.sls #为避免重复,可将依赖包的安装编写在一个文件中
make:
pkg.installed:- pkgs:- gcc- pcre-devel- openssl-devel
vim nginx/install.sls
include:- pkgs.makenginx-install:file.managed:- name: /mnt/nginx-1.14.0.tar.gz- source: salt://nginx/files/nginx-1.14.0.tar.gzcmd.run:- name: cd /mnt && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module &> /dev/null && make &> /dev/null && make install &> /dev/null && cd .. && rm -fr nginx-1.14.0- creates: /usr/local/nginx
vim nginx/service.sls
include:- nginx.install/usr/local/nginx/conf/nginx.conf:file.managed:- source: salt://nginx/files/nginx.conf/etc/init.d/nginx:file.managed:- source: salt://nginx/files/nginx- mode: 755nginx:service.running:- reload: True- watch:- file: /usr/local/nginx/conf/nginx.confvim top.sls
base:"server2":- apache.install"server3":- nginx.service
[root@server1 salt]# salt '*' state.highstate
#由于输出结果太长,截图不方便,所以就复制输出结果了,只要全部成功即可
server2:
ID: apache-install
Function: pkg.installedResult: TrueComment: All specified packages are already installedStarted: 10:04:34.366456
Duration: 393.858 msChanges: ID: apache-install
Function: file.managedName: /etc/httpd/conf/httpd.confResult: TrueComment: File /etc/httpd/conf/httpd.conf is in the correct stateStarted: 10:04:34.762244
Duration: 48.336 msChanges: ID: apache-install
Function: service.runningName: httpdResult: TrueComment: The service httpd is already runningStarted: 10:04:34.811405
Duration: 25.76 msChanges: Summary for server2Succeeded: 3
Failed: 0Total states run: 3
Total run time: 467.954 ms
server3:
ID: make
Function: pkg.installedResult: TrueComment: All specified packages are already installedStarted: 10:04:34.472311
Duration: 419.621 msChanges: ID: nginx-install
Function: file.managedName: /mnt/nginx-1.14.0.tar.gzResult: TrueComment: File /mnt/nginx-1.14.0.tar.gz is in the correct stateStarted: 10:04:34.893663
Duration: 80.859 msChanges: ID: nginx-install
Function: cmd.runName: cd /mnt && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module &> /dev/null && make &> /dev/null && make install &> /dev/null && cd .. && rm -fr nginx-1.14.0Result: TrueComment: /usr/local/nginx existsStarted: 10:04:34.975302
Duration: 0.391 msChanges: ID: /usr/local/nginx/conf/nginx.conf
Function: file.managedResult: TrueComment: File /usr/local/nginx/conf/nginx.conf is in the correct stateStarted: 10:04:34.975791
Duration: 36.894 msChanges: ID: /etc/init.d/nginx
Function: file.managedResult: TrueComment: File /etc/init.d/nginx is in the correct stateStarted: 10:04:35.012823
Duration: 36.426 msChanges: ID: nginx
Function: service.runningResult: TrueComment: The service nginx is already runningStarted: 10:04:35.050192
Duration: 35.975 msChanges: Summary for server3
------------
Succeeded: 6
Failed: 0
------------
Total states run: 6
Total run time: 610.166 ms
部署haproxy实现负载均衡
vim haproxy/install.sls
include:- pkgs.make- users.haproxyhaproxy-install:file.managed:- name: /mnt/haproxy-1.6.11.tar.gz- source: salt://haproxy/files/haproxy-1.6.11.tar.gzcmd.run:- name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy &> /dev/null && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install &> /dev/null && cd .. && rm -fr haproxy-1.6.11- creates: /usr/local/haproxy/etc/haproxy:file.directory:- mode: 755/usr/sbin/haproxy:file.symlink:- target: /usr/local/haproxy/sbin/haproxyvim haproxy/service.sls
include:- haproxy.install/etc/haproxy/haproxy.cfg:file.managed:- source: salt://haproxy/files/haproxy.cfghaproxy-service:file.managed:- name: /etc/init.d/haproxy- source: salt://haproxy/files/haproxy.init- mode: 755service.running:- name: haproxy- reload: True- watch:- file: /etc/haproxy/haproxy.cfg解压haproxy源码包,在haproxy-1.6.11/examples中将配置文件content-sw-sample.cfg和启动脚本拷到server1的 /srv/salt/haproxy/files中
tar zxf haproxy-1.6.11.tar.gz
cd haproxy-1.6.11/examples/
scp content-sw-sample.cfg server1:/srv/slat/haproxy/files
scp haproxy.init server1:/srv/salt/haproxy/filescd /srv/salt/haproxy/files
mv content-sw-sample.cfg haproxy.cfg
vim haproxy/files/haproxy.cfg
globalmaxconn 10000stats socket /var/run/haproxy.stat mode 600 level adminlog 127.0.0.1 local0uid 200gid 200chroot /var/emptydaemondefaultsmode httplog globaloption httplogoption dontlognullmonitor-uri /monitorurimaxconn 8000timeout client 30sretries 2option redispatchtimeout connect 5stimeout server 30stimeout queue 30sstats uri /admin/statsfrontend publicbind *:80 name cleardefault_backend dynamicbackend dynamicbalance roundrobinserver dynsrv1 172.25.24.2:80 check inter 1000server dynsrv2 172.25.24.3:80 check inter 1000vim top.sls
base:"server1":- haproxy.service"server2":- apache.install"server3":- nginx.servicesalt '*' state.highstate
在server2与server3默认发布页面编辑一个页面
实现负载均衡
{% %} #变量赋值
{{ }} #引用变量
grains
可参考官方文档: http://docs.saltstack.cn/topics/grains/index.html
salt server2 grains.items #查看所有信息
salt server2 grains.item os #查看指定信息
salt -G 'os:redhat' cmd.run hostname #所有操作系统为redhat的节点执行hostname命令 -G 匹配
Server2
vim /etc/salt/minion
/etc/init.d/salt-minion restart
Server1
salt server2 grains.item roles
上述方法每次都需要修改主配置文件,不太好,所以可以在minion端编写/etc/salt/grains文件
Server3
vim /etc/salt/grains
roles: nginx
Server1
salt server3 saltutil.sync_grains #需要刷新server3 的grains信息才能匹配到
salt server3 grains.item roles
vim /srv/salt/top.sls #使用grains可以不用指定主机
base:"server1":- haproxy.service"roles:apache":- match: grain- apache.install"roles:nginx":- match: grain- nginx.servicesalt '*' state.highstate # 没有报错
mkdir /srv/salt/_grains
vim /srv/salt/_grains/grains.py
#!/usr/local/env pythondef grains():grains = {}grains['salt'] = 'stack'return grainssalt server3 saltutil.sync_grains
salt server3 grains.item salt
在Pillar中存储静态数据
可参考官方文档:http://docs.saltstack.cn/topics/pillar/index.html
vim /etc/salt/master
/etc/init.d/salt-master restart
mkdir /srv/pillar
cd /srv/pillar
mkdir web
vim web/webserver.sls
{% if grains['fqdn'] == 'server2' %}
webserver: httpd
{% elif grains['fqdn'] == 'server3' %}
webserver: nginx
{% endif %}vim top.sls
base:'*':- web.webserver
salt '*' saltutil.refresh_pillar #需要刷新pillar
salt server2 pillar.item webserver
salt -I 'webserver:nginx' test.ping #匹配webserver为nginx的节点执行ping ,-I 匹配
salt -S 172.25.24.0/24 test.ping #匹配所有在网段172.25.24.0/24中的节点执行ping
Jinja
可参考官方文档:
http://docs.saltstack.cn/ref/renderers/all/salt.renderers.jinja.html#module-salt.renderers.jinja
vim /srv/salt/apache/files/httpd.conf
vim /srv/salt/apache/install.sls
apache-install:pkg.installed:- pkgs:- httpd- php- php-mysqlfile.managed:- name: /etc/httpd/conf/httpd.conf- source: salt://apache/files/httpd.conf- mode: 644- user: root- group: root- template: jinja- context:port: 8080bind: {{ grains['ipv4'][-1] }}service.running:- name: httpd- enable: True- watch:- file: apache-installsalt server2 state.sls apache.install
netstat -antlp |grep httpd #server2查看
Jinja在普通文件内使用
- vim apache/lib.sls
{% set port = 80 %}
{% set bind = ‘172.25.24.2’ %}
vim apache/files/httpd.conf
在文件开头添加
{% from ‘apache/lib.sls’ import bind with context %}
{% from ‘apache/lib.sls’ import port with context %}
之前在/srv/salt/apache/install.sls文件中也配置了监听地址和端口我们试一下是那个文件生效
salt server2 state.sls apache.install #没有报错
在server2查看发现是lib.sls文件中定义的变量生效,这是因为install.sls 文件先生效,lib.sls文件后生效覆盖了之前install.sls文件中已生效的变量
2)结合pillar
vim /srv/pillar/apache.sls
{% if grains['fqdn'] == 'server2' %}
port: 80
bind: 172.25.254.2
{% endif %}vim /srv/pillar/top.sls
base:'server2':
- apache
vim apache/install.sls
vim apache/files/httpd.conf #删除之前在开头添加那两行参数
salt server2 state.sls apache.install #没有报错
在server2上查看,配置成功
vim /etc/httpd/conf/httpd.conf
将job返回结果存入数据库中
可参考官方文档:http://docs.saltstack.cn/topics/jobs/external_cache.html
关于配置文件修改及salt数据库导入可参考官方文档:
http://docs.saltstack.cn/ref/returners/all/salt.returners.mysql.html#module-salt.returners.mysql
将job返回结果存入数据库中有两种方式
1.minion发送两个jib返回结果,一个返回master,一个存入数据库
图解:
Server2
vim /etc/salt/minion
mysql.host: ‘172.25.24.1’
mysql.user: ‘salt’
mysql.pass: ‘redhat’
mysql.db: ‘salt’
mysql.port: 3306
yum install -y MySQL-python
/etc/init.d/salt-minion restart
Server1
yum install -y mysql-server
/etc/init.d/mysqld start
vim add.sql #由于数据库版本较低所以注释第17行,
CREATE DATABASE `salt`DEFAULT CHARACTER SET utf8DEFAULT COLLATE utf8_general_ci;USE `salt`;--
-- Table structure for table `jids`
--DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (`jid` varchar(255) NOT NULL,`load` mediumtext NOT NULL,UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
#CREATE INDEX jid ON jids(jid) USING BTREE;--
-- Table structure for table `salt_returns`
--DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (`fun` varchar(50) NOT NULL,`jid` varchar(255) NOT NULL,`return` mediumtext NOT NULL,`id` varchar(255) NOT NULL,`success` varchar(10) NOT NULL,`full_ret` mediumtext NOT NULL,`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,KEY `id` (`id`),KEY `jid` (`jid`),KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;--
-- Table structure for table `salt_events`
--DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;mysql < add.sql
mysql
grant all on salt.* to salt@'%' identified by 'redhat';
salt server2 test.ping --return mysql
mysql
use salt
select * from salt_returns;
2.Minion将job返回结果发给master,然后由master来存入数据库
图解:
vim /etc/salt/master
master_job_cache: mysql
mysql.host: 'localhost'
mysql.user: 'salt'
mysql.pass: 'redhat'
mysql.db: 'salt'
mysql.port: 3306
yum install -y MySQL-python
mysql
grant all on salt.* to salt@'localhost' identified by 'redhat';
/etc/init.d/salt-master restart
salt server3 cmd.run df #因为我们对minion端server3 没有进行配置,所以用server3来测试
mysql
use salt
select * from salt_returns;
Saltstack安装部署及实践相关推荐
- 自动化运维saltstack 安装部署以及一键部署实现负载均衡
saltstack介绍 SaltStack是一个服务器基础架构集中化管理平台,SaltStack基于Python语言实现,也是基于C/S架构,结合轻量级消息队列(ZeroMQ)与Python第三方模块 ...
- smokeping安装部署最佳实践
1.1安装smokeping [root@linux-node2 ~]# cat /etc/redhat-release #查看服务器信息 CentOS release 6. ...
- piwik mysql_piwik安装部署最佳实践
1.piwik介绍 Piwik是一个PHP和MySQL的开放源代码的Web统计软件,它给你一些关于你的网站的实用统计报告,比如网页浏览人数,访问最多的页面,搜索引擎关键词等等. Piwik拥有众多不同 ...
- 企业运维实战--自动化运维Saltstack(上)之saltstack的安装部署、远程执行、grains和pillar详解以及Jinja模板的使用
企业运维实战--自动化运维Saltstack(上) 前言 一.Saltstack安装部署 二.sls文件远程执行 saltstack安装httpd并启动 saltstack源码编译安装nginx 启动 ...
- 开始构建你的DBaaS:使用zCloud自动化安装部署Oracle和MySQL数据库
更多精彩,请点击上方蓝字关注我们! 云和恩墨自研的zCloud是目前业内对商业数据库(Oracle)及开源数据库(MySQL.Redis.PostgreSQL)支持都十分完善的数据库云管平台,可以应对 ...
- centos 安装mysql5.7_Zabbix 4.2.5 安装部署实践详解
[导读]云计算背景下,无论是大数据.物联网还是边缘计算,规模化后大量的设备需要保证正常运行,在人员一定的情况下,就需要提高运行维护效率.同时随着智能化被应用在人们生活的方方面面,关联性也越来越紧密,即 ...
- 时空大数据实践之GeoWave安装部署实践
2019独角兽企业重金招聘Python工程师标准>>> 时空大数据实践之GeoWave安装部署实践 GeoWave是由国家地理空间情报局(NGA)与RadiantBlue和Booz ...
- Asp.NetCore程序发布到CentOs(含安装部署netcore)--最佳实践(二)
原文:Asp.NetCore程序发布到CentOs(含安装部署netcore)--最佳实践(二) Asp.NetCore程序发布到CentOs(含安装部署netcore)--最佳实践(一) 接上一篇 ...
- Zabbix 4.2.5 安装部署实践详解
一.安装 1.安装CentOS操作系统,并配置网络 2.安装Zabbix官方源 rpm -ivh http://repo.zabbix.com/zabbix/4.2/rhel/7/x86_64/zab ...
最新文章
- Oracle快速克隆安装
- java求平均值Scanner_Scanner的一些问题
- 2019计算机开机号003期,2019年011期福彩中心开机号(附汇总)
- 安装JDK 9与使用jshell
- 并发编程(二)线程并发工具类
- 趣文:如果像招聘程序员那样招聘木匠
- stdmove 跟 左键引用 区别_C++ auto和decltype的区别
- 台电tbook10s官方固件_台电Tbook10S线刷包_台电Tbook10S刷机包_台电Tbook10S固件包_台电Tbook10S救砖包 - 线刷宝ROM中心...
- 阿里云怎么启动mysql_阿里云启动mysql
- centos安装udp,tcp的测试工具
- SU插件|实时联动Lumion LiveSync for SketchUp免费下载(渲染器与草图大师模型同步更新)
- java中长整形怎么定义_java中长整型定义
- 关于微擎人人商城互动直播通信服务安装和启动教程记录
- 完善保密加密机制(Perfectly-secret Encryption)——无条件安全加密算法
- 用纯CSS写一个左右滑动的开关按钮
- 解决mac终端放大字体重启又变小了
- python爬iptv直播源_GitHub - linnoreading/iptv-m3u: python 爬的直播源数据
- 五分钟学会python函数_Python——带你五分钟了解函数式编程与闭包
- C++迭代器之'反向迭代器'
- R语言操作pdf文档