Shulou(Shulou.com)06/01 Report--

This article will explain in detail the practice of the automated operation and maintenance tool SaltStack in the cloud computing environment. The content of the article is of high quality, so the editor will share it with you for reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

With the rapid popularization and development of cloud computing technology, more and more enterprises begin to learn and build their own cloud platform to replace the traditional IT delivery model, and the IT environment of enterprises is becoming more and more complex. Conventional operation and maintenance methods and technologies have been unable to meet the current cloud environment system configuration and changes. Based on the development of cloud computing, big data, cognitive technology and container technology have also been more and more applied in enterprises. A large number of server management operations and configuration changes are frequently implemented and deployed to cope with changing business needs. According to the conventional way, the operation and maintenance personnel need to adjust the configuration one by one, manually manage a large amount of system information, there will inevitably be a variety of problems and accidents. In order to avoid such risks, in the example in this article, the author will describe in detail how to use the open source software SaltStack automated operation and maintenance tool to remotely execute commands and configure the servers in the cloud environment, so as to ensure the security and efficiency of operations and reduce the operational risks of administrators.

The architecture described below is mainly for centralized deployment and testing on CentOS6.5. The architecture mainly involves three open source software, namely Python software set, SaltStack software set and ZeroMQ message queuing software.

Simple deployment and easy management

Supports most operating systems, such as Unix/Linux/Windows environments

The architecture uses Cramp S management mode, which is easy to expand.

Simple configuration and wide functional coverage

The main control terminal (Master) and the controlled terminal (Minion) are based on certificate authentication to ensure safe and reliable communication.

Support API and custom Python modules for easy functional expansion

How SaltStack works

SaltStack adopts Cpact S structure to manage the operation and configuration of the server in Yunhuan. In order to better understand its working mode and management model, this chapter will explain its principle graphically.

When the SaltStack client (Minion) starts, it automatically generates a set of keys, including private and public keys. Then the public key is sent to the server, which verifies and accepts the public key to establish a reliable and encrypted communication connection. At the same time, a message publishing connection is established between the client and the server through the message queue ZeroMQ. The specific communication schematic is shown in figure 1, and the command execution is shown in figure 2:

Figure 1.SaltStack communication schematic diagram

Minion is a client installation component that needs to be managed by SaltStack. It will actively connect to the Master side, get resource status information from the Master side, and synchronize resource management information.

As a control center, Master runs on the host server and is responsible for the operation of Salt commands and the management of resource status.

ZeroMQ is an open source message queuing software, which is used to build a system communication bridge between Minion and Master.

Daemon is a daemon running in each member, which undertakes the function of issuing messages and listening on communication ports.

Figure 2.SaltStack operation execution schematic diagram

Minion is a client installation component that needs to be managed by SaltStack. It will actively connect to the Master side, get resource status information from the Master side, and synchronize resource management information.

As a control center, Master runs on the host server and is responsible for the operation of Salt commands and the management of resource status.

Execute an instruction on Master and send it to each Minions through the queue to execute and return the result.

The following let you know what SaltStack is and its communication and implementation principle.

Architecture Design of SaltStack

In order to better understand the advantages of SaltStack in the centralized management of cloud platform, the deployment architecture diagram is drawn according to the actual situation of the project, and the architecture diagram is described in detail in this paper. As shown in figure 3:

Figure 3.SaltStack deployment architecture diagram

All managed client nodes of SaltStack (DB and Web shown in figure 3) communicate encrypted through a key, using port 4506. The content transmission between the client and the server is done through the message queue, using port 4505. Master can send any instructions for Minion to execute. Salt has many executable modules, such as CMD modules, which come with it when you install minion. They are usually located in your python library. Locate salt | grep / usr/ can see everything that comes with salt.

To better understand the architectural intent, the main command release process is shown below:

Software name function Python 2.6 package Python main installation file PyYAML package SaltStack configuration parsing definition syntax Msgpack-pythonSaltStack message exchange library Jinjia2SaltStack states configuration template MarkupSafepython Unicode conversion library Apache-libcloudSaltStack to cloud architecture orchestration library ZeroMQSaltStack message system PyzmZeroMQ python library PyCrytoPython password library M2CrytoOpenssl Python packaging library RequestsHTTP Python library

In order to facilitate the installation of dependency packages, this chapter will use YUM for installation.

First download and install the epel source and execute the following instructions to store the epel.repo in the / etc/yum.repos.d directory.

Wget-o / etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

And use the Yum list command to verify that the installation source is valid, as shown in figure 4, indicating that the Yum source is already in effect.

Figure 4.SaltStack installation Source

After the installation is complete, type chkconfig salt-master on to add the master service to the boot entry, so that each time the system starts, the master service is automatically loaded. Enter service salt-master start to start the master service. The service status is then queried through netstat-antp, and the result is shown in figure 6.

Figure 6.SaltStack master service query

After the installation is complete, type chkconfig salt-minion on to add the minion service to the boot startup item, so that each time the system starts, the minion service is automatically loaded. Enter service salt-minion start to start the minion service. The service status is then queried through netstat-antp, and the result is shown in figure 8.

Figure 8.SaltStack Minion service query

So far, the installation of SaltStack has been completed, the Master and Minion host services have been turned on correctly, and the port service is normal. The next chapter will focus on how to configure SaltStack so that it can provide various functions normally.

Configuration of SaltStack

The configuration of SaltStack is mainly concentrated on the host side of Master, and the configuration of client is less. This chapter will be described in detail through the following two parts.

Minion side configuration

SaltStack-Minion is the agent installed on the client side of SaltStack, which is responsible for receiving and executing the instructions issued by the server, and is also responsible for the status monitoring of the client side. To be managed by master, the client needs to modify its configuration file to point the server to the address of the Master. Its configuration file is located in the / etc/salt/ directory, named minion, and is modified by the vi tool, as shown in figure 9.

Figure 9.SaltStack Minion configuration

After the configuration is complete, save and restart the minion service with the service salt-minon restart command. This test case does not require a demonstration of other advanced features, so for a more multi-functional configuration at the end of this configuration, please refer to the SaltStack official manual.

Master side configuration

SaltStack-Master is the core service of SaltStack component, which is responsible for the distribution and management of instructions and configuration files, as well as the management function of the client. If Master wants to provide services normally, it needs to accept the certificate authentication request from the client. As we have explained before, SaltStack communicates through SSL certificate authentication. As shown in figure 10, enter salt-key-l to query the client certificate status, and as shown in figure 11, enter salt-key-A to accept client authentication.

Figure 10.SaltStack Certificate query

From the figure, you can see that the client is discovered, but it is not accepted, and the administrator is required to execute the instructions shown in figure 11 to accept.

Figure 11.SaltStack accepts the certificate

At this point, we have completed all the configuration of SaltStack.

SaltStack test

Through the two test cases in this chapter, you can verify whether the SaltStack is running properly and whether it can complete the predetermined functions. We can use salt'* 'test.ping to test whether the client is online and managed by master, as shown in figure 12. If True is returned, the client has been managed by master and is online.

Figure 12.SaltStack accepts the certificate

Next, we will test some of the functions of SaltStack through batch execution of commands and bulk installation of software.

Batch execution of commands

In daily operation and maintenance, it is a very common requirement to operate multiple servers at the same time. For example, batch execution of ping operations to verify whether the server is online, batch execution of query commands, depending on the load and utilization of the server. The instruction shown in figure 13 is to bulk query the version of the server operating system.

Figure 13.SaltStack query server IP information

* it represents to operate on all managed clients. Cmd.run is the command calling module, and ifconfig is the specific execution command.

Batch installation of software

Batch installation of software is also a common occurrence in daily operation and maintenance. We can install related software in batches on the managed servers through the software push function of SaltStack. The instruction shown in figure 14 is to bulk install the software lrzsz in the client server.

Figure 14.SaltStack installation lrzsz

As shown in the figure above, the lrzsz software is successfully installed to the client server. Through the above two tests, it can be verified that SaltStack can normally provide centralized management and configuration functions for the cloud platform.

This is the end of the practice of automated operation and maintenance tool SaltStack in the cloud computing environment. I hope the above content can be helpful to you and learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.