Shulou(Shulou.com)06/03 Report--

The knowledge points of this article include: introduction of saltstack, working principle of saltstack, installation configuration of saltstack and use of saltstack. Read the complete article and believe that everyone has a certain understanding of saltstack tools.

saltstack Overview In a production environment, there are often more than one or two servers, typically thousands of servers. This is too difficult for O & M personnel to manage, and saltstack is a new basic platform management tool that can support the management of tens of thousands of servers and complete data transfer in a few seconds. It is one of the more automated O & M tools currently used. Salt is a basic platform management tool. SaltStack adopts C/S mode, server side is master of salt, client side is minion, minion and master communicate through ZeroMQ message queue. Master listens on ports 4505 and 4506, where 4505 is the master and minion authentication communication port, and 4506 is the master's command to send commands or receive minion command execution returns. Saltstack

1, based on Python language development

2. Lightweight management tools, batch execution of commands

3. Common templates

name meaning pkg package, there are additions and deletions update file for managing files, including synchronizing files, setting file permissions and belonging user groups, deleting files, etc. cmd executes commands or scripts on minion use management system account operation service management system service operation cron management crontab task

4. saltstack data system

Grains (static data)

pillar (dynamic data) saltstack three major functions

remote execution

configuration management

cloud management

How saltstack works SaltStack client (Minion) automatically generates a set of keys, including private key and public key, when started. The public key is then sent to the server, which verifies and accepts the public key to establish a reliable and encrypted communication connection. At the same time, a message publishing connection is established between the client and the server through the message queue ZeroMQ.

Minion is a client-side installation component that SaltStack needs to manage. It will actively connect to the Master side and obtain resource status information from the Master side to synchronize resource management information.

Master runs on the host server as a control center, responsible for Salt command operation and resource status management. Master executes a certain instruction and sends it to Minions for execution through queue, and returns the result.

ZeroMQ is an open source message queuing software used to establish a system communication bridge between the Minion and Master. saltstack advantages and disadvantages Fast speed, based on message queue + thread, run multiple devices, are millisecond level; very flexible, the source code is python, easy to understand and custom modules (because python relative to other perl, ruby, etc. is still very easy to understand) Simple command, powerful. Disadvantages Deployment minion end is more inconvenient. Grainsgrains, an important component of Saltstack, is some information collected when minion (client) is started, such as static information such as operating system type and network card ip. Grains information is not dynamic and does not change from time to time, it is only collected when minion starts. Pillarpillars are not the same as grains, they are defined on the master, and some information is defined for the minion. Like some of the more important data (password) can be stored in the pillar, you can also define variables and so on. statestate is the core function of saltstack. It manages the controlled host (including package, network configuration, system service, system user, etc.) through the pre-specified sls file. Saltstack common commands copy files to the client salt 'client2' cp.get_file salt:#apache. sls/tmp/cp.txt Copy directories to the client salt 'client2' cp.get_dir salt:#test /tmp Display the surviving clients salt-run manage.up command and execute server-side scripts #edit scripts vim /srv/salt/test/shell.sh#! /bin/shecho "salt server do run shell script on client" > /tmp/shell.txt#Execute script salt 'client2' cmd.script salt:#test/shell.shSaltstack Operation Example-Bulk Deployment of apache environment Deployment Prepare three machines, all with selinux turned off and firewall rules cleared. Server Role IP Address Host Name master192.168.142.123master.saltstack.comminion01192.168.142.124web01.saltstack.comminion02192.168.142.166web02.saltstack.com Install saltstack#Add epel source for three machines respectively, Local official source yum install -y epel-release #Install epel source #Server install yum -y install salt-master configure master host #Install complete modify master configuration file vim /etc/salt/master#Modify the following #15 line interface: 192.168.175.132 #Listening Address #215 auto_accept: True #Avoid running salt-key to confirm certificate authentication #416 line file_roots: base: - /srv/salt #saltstack file root directory location, directory needs to create #710 line group classification nodegroups: group1: 'web01.saltstack.com' group2: 'web02.saltstack.com'#552 line pillar_opts: True #Turn on pillar function, synchronize file function #529 column_roots: base: - /srv/pillar #pillar home directory, need to create cat /etc/salt/master| grep -v ^$ | grep -v ^# #View changes made to the master profile Start server #Start service systemctl start salt-master#Set service startup systemctl enable salt-master#View service port listening status netstat -anpt| egrep '4505| 4506'Create salt and pillar files root directory mkdir /srv/saltmkdir /srv/pillar managed end (minion) installation #Install yum -y install salt-minion on two servers separately Configure minino end #Modify/etc/salt/minino master configuration file vim /etc/salt/minion#Modify configuration as follows #16 line master: 192.168.175.132 #Specify host IP #78 line id: web01.saltstack.com #Specify the host name of the controlled end Start the controlled end service systemctl start salt-minion Test the communication status between the controlled end and the master end #View the communication status salt '*' test.ping#View all the mount status of the managed end salt '*' cmd.run 'df -h'#View all the values of grains accepted on the master end (every time minion starts it will obtain the client information)#Static data salt 'web01.saltstack.com' grains.items#Dynamic data salt ' web01.saltstack.com' pillar.items Configuration management installation Apache, the following demonstration is remote installation Apache through yum, the steps are as follows: #Modify the master configuration file vim /etc/salt/master file_roots: base: - /srv/salt/#Note: Environment: base, dev(development environment), test (test environment), prod (production environment).# Create working directory mkdir /srv/saltvim /srv/salt/top.slsbase: '*': - apache#Note: '*' means that the apache module is executed on all clients. vim /srv/salt/apache.slsapache-service: pkg.installed: - names: #If there is only one service, it can be written as-name: httpd without changing a line - httpd - httpd-devel service.running: - name: httpd - enable: True#Note: apache-service is a custom id name. pkg.installed is the package installation function. Here is the name of the package to install. service.running is also a function to ensure that the specified service starts, enable means boot.# Restart the service systemctl restart salt-master#Execute refresh state configuration command salt '*' state.highstate Verify that httpd service is installed successfully on both minos #View service port listening status netstst -ntap| grep 80#View generated configuration file rpm -qc httpd

The above is the detailed content of saltstack. Is there any harvest after reading it? If you want to know more about it, welcome to pay attention to industry information!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.