欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

基于Saltstack批量部署apache

程序员文章站 2022-07-06 15:46:17
...

什么是SaltStack

SaltStack管理工具允许管理员对多个操作系统创建一个一致的管理系统

实验环境准备

名称 角色 地址
centos7-min master 192.168.142.172
centos7-min2 client 192.168.142.110

实验步骤

一、主服务器——控制节点

安装epel源并安装控制端

yum install -y epel-release  //安装epel源

yum -y install salt-master   //安装控制端

修改控制端主配置文件

vi /etc/salt/master
//修改如下:
15interface: 192.168.142.172   //监听地址
215行 auto_accept: True        //避免要运行salt-key来确认证书认证
416行 file_roots:
          base:
          - /srv/salt           //saltstack文件根目录位置,目录需要手动进行创建
710行组分类:(这里实验环境只有一台客户端,仅设置一个即可)
nodegroups:
  group1: 'web01.saltstack.com'

552行 pillar_opts: True        //开启pillar功能,同步文件功能
529行 
pillar_roots:
          base:
          - /srv/pillar         //pillar的主目录,需要手动进行创建

建立salt&pillar目录

mkdir /srv/salt
mkdir /srv/pillar

启动服务并关闭核心防护功能

systemctl start salt-master
systemctl enable salt-master
//关闭核心功能
setenforce 0

检测服务启动状况

netstat -anpt | egrep '4505|4506'
//4505为salt的消息发布专用端口;
//4506为客户端与服务端通信的端口
tcp        0      0 192.168.142.172:4505    0.0.0.0:*               LISTEN      13692/python
tcp        0      0 192.168.142.172:4506    0.0.0.0:*               LISTEN      13704/python
tcp        0      0 192.168.142.172:4506    192.168.142.110:36688   ESTABLISHED 13704/python
tcp        0      0 192.168.142.172:4505    192.168.142.110:57042   ESTABLISHED 13692/python

二、从服务器——被控制节点

安装epel源并安装被控制端

yum install -y epel-release  //安装epel源

yum -y install salt-minion   //安装被控制端

修改被控端配置文件

vi /etc/salt/minion
//修改配置如下:
16行 master: 192.168.172.142     //指定主控端IP
78行 id: web01.saltstack.com     //指定被控端主机名

启动服务

//启动被控端服务
systemctl start salt-minion

在主控端进行检查

//在主控端测试与被控端的通信状态(*号代表所有被控主机)
salt '*' test.ping
web01.saltstack.com:
    True
    
//检查**情况
salt-key -L
Accepted Keys:
web01.saltstack.com
Denied Keys:
Unaccepted Keys:
web01.saltstack.com
Rejected Keys:

注意:

检查时出现以下情况:
Salt request timed out. The master is not responding. If this error persists after verifying the master is up, worker_threads may need to be increased.
请自行检查配置文件格式或者重启服务器。

三、批量部署Apache

以下所有操作均在master端进行

cd /srv/salt/
vim top.sls
//按下图进行添加
base:
  '*':
    - apache
//在所有的客户端执行apache模块

vim apache.sls
//按下图进行添加
apache-service:
  pkg.installed:
    - names:
      - httpd
      - httpd-devel
  service.running:
    - name: httpd
    - enable: True

//重启服务
systemctl restart salt-master.service

//执行批量部署命令
salt '*' state.highstate
//执行完成后出现以下信息即为成功
web01.saltstack.com:
----------
          ID: apache-service
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: The following packages were installed/updated: httpd
     Started: 15:04:51.323952
    Duration: 40217.299 ms
     Changes:
              ----------
              apr:
                  ----------
                  new:
                      1.4.8-5.el7
                  old:
              apr-util:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              httpd:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              httpd-tools:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              mailcap:
                  ----------
                  new:
                      2.1.41-2.el7
                  old:
----------
          ID: apache-service
    Function: pkg.installed
        Name: httpd-devel
      Result: True
     Comment: The following packages were installed/updated: httpd-devel
     Started: 15:05:31.545046
    Duration: 16876.92 ms
     Changes:
              ----------
              apr-devel:
                  ----------
                  new:
                      1.4.8-5.el7
                  old:
              apr-util-devel:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              cyrus-sasl:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-devel:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
              cyrus-sasl-gssapi:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-lib:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-md5:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-plain:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-scram:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              expat-devel:
                  ----------
                  new:
                      2.1.0-10.el7_3
                  old:
              httpd-devel:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              libdb:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
                      5.3.21-20.el7
              libdb-devel:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
              libdb-utils:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
                      5.3.21-20.el7
              openldap:
                  ----------
                  new:
                      2.4.44-21.el7_6
                  old:
                      2.4.44-5.el7
              openldap-devel:
                  ----------
                  new:
                      2.4.44-21.el7_6
                  old:
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd has been enabled, and is running
     Started: 15:05:48.459684
    Duration: 1822.995 ms
     Changes:
              ----------
              httpd:
                  True

Summary
------------
Succeeded: 3 (changed=3)
Failed:    0

四、检查试验结果

web01:

[root@web01 ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64
[root@web01 ~]# netstat -ntap | grep 80
tcp6       0      0 :::80                   :::*                  LISTEN      6

感谢阅读~~

相关标签: Centos 7