- A+
所属分类:linux技术
目录
- 环境规格:
- 第一步:什么是SaltStack Master
- 第二步:更新SaltStack Master CentOS 8软件包
- 第三步:SaltStack Master上安装Python
- 第四步:CentOS 8上安装SaltStack官方Yum存储库
- 第五步:CentOS 8上安装SaltStack Master
- 第六步:CentOS 8上配置SaltStack Master
- 第七步:SaltStack Master配置CentOS 8防火墙
- 第八步:管理SaltStack公钥
- 第九步:什么是SaltStack Minion
- 第十步:更新SaltStack MinionCentOS 8软件包
- 第十一步:SaltStack Minion上安装Python
- 第十二步:CentOS 8上安装SaltStack官方Yum存储库
- 第十三步:CentOS 8上安装SaltStack Minion
- 第十四步:CentOS 8上配置SaltStack Minion
- 第十五步:SaltStack主服务器中添加SaltStack Minion
- 第十六步:SaltStack Minion上的命令的远程执行安装HTTP服务
在本文中,您将学习如何在CentOS 8上安装SaltStack Master和 SaltStack Minion。
环境规格:
SaltStack Master配置
-
CPU -3.4 GHz(2核)
-
内存-4 GB
-
储存空间-50 GB
-
作业系统-CentOS 8.2
-
主机名– saltstack-master.lianglab.cn
-
IP地址-192.168.6.175/24
SaltStack Minion配置
-
CPU -3.4 GHz(2核)
-
内存-4 GB
-
储存空间-50 GB
-
作业系统-CentOS 8.2
-
主机名– saltstack-minion.lianglab.cn
-
IP地址-192.168.6.190/24
SaltStack Master和Minion hostname修改
[root@Master yum.repos.d]# hostnamectl set-hostname saltstack-master.lianglab.cn [root@Minion yum.repos.d]# hostnamectl set-hostname saltstack-minion.lianglab.cnSaltStack Master和Minion hosts修改
[root@saltstack-master yum.repos.d]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.6.175 saltstack-master.lianglab.cn 192.168.6.190 saltstack-minion.lianglab.cn [root@saltstack-minion ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.6.175 saltstack-master.lianglab.cn 192.168.6.190 saltstack-minion.lianglab.cn
第一步:什么是SaltStack Master
SaltStack或Salt是基于Python的开源软件,用于基于事件的IT自动化,远程任务执行和配置管理。SaltStack支持“基础架构即代码”方法来进行数据中心系统和网络的部署和管理,配置自动化,SecOps编排,漏洞修复以及混合云控制。(由维基百科提供)
SaltStack Master是服务器节点,它是控制所有Salstack Minions的中央服务器。Saltstack Master拥有SaltStack奴才的清单和公钥,并对这些奴才执行远程执行。
第二步:更新SaltStack Master CentOS 8软件包
使用ssh工具以root用户身份与saltstack-master.lianglab.cn连接。
将所有现有软件包更新为最新的可用版本。
[root@saltstack-master ~]# dnf update -y ... Upgraded: NetworkManager-1:1.22.8-5.el8_2.x86_64 NetworkManager-libnm-1:1.22.8-5.el8_2.x86_64 NetworkManager-team-1:1.22.8-5.el8_2.x86_64 NetworkManager-tui-1:1.22.8-5.el8_2.x86_64 bind-export-libs-32:9.11.13-5.el8_2.x86_64 dbus-1:1.12.8-10.el8_2.x86_64 dbus-common-1:1.12.8-10.el8_2.noarch dbus-daemon-1:1.12.8-10.el8_2.x86_64 dbus-libs-1:1.12.8-10.el8_2.x86_64 dbus-tools-1:1.12.8-10.el8_2.x86_64 dnf-4.2.17-7.el8_2.noarch dnf-data-4.2.17-7.el8_2.noarch gnutls-3.6.8-11.el8_2.x86_64 grub2-common-1:2.02-87.el8_2.noarch grub2-pc-1:2.02-87.el8_2.x86_64 grub2-pc-modules-1:2.02-87.el8_2.noarch grub2-tools-1:2.02-87.el8_2.x86_64 grub2-tools-efi-1:2.02-87.el8_2.x86_64 grub2-tools-extra-1:2.02-87.el8_2.x86_64 grub2-tools-minimal-1:2.02-87.el8_2.x86_64 iptables-1.8.4-10.el8_2.1.x86_64 iptables-ebtables-1.8.4-10.el8_2.1.x86_64 iptables-libs-1.8.4-10.el8_2.1.x86_64 kernel-tools-4.18.0-193.14.2.el8_2.x86_64 kernel-tools-libs-4.18.0-193.14.2.el8_2.x86_64 libdnf-0.39.1-6.el8_2.x86_64 libnghttp2-1.33.0-3.el8_2.1.x86_64 microcode_ctl-4:20191115-4.20200609.1.el8_2.x86_64 open-vm-tools-11.0.5-3.el8.x86_64 python3-dnf-4.2.17-7.el8_2.noarch python3-hawkey-0.39.1-6.el8_2.x86_64 python3-libdnf-0.39.1-6.el8_2.x86_64 python3-perf-4.18.0-193.14.2.el8_2.x86_64 selinux-policy-3.14.3-41.el8_2.5.noarch selinux-policy-targeted-3.14.3-41.el8_2.5.noarch systemd-239-31.el8_2.2.x86_64 systemd-libs-239-31.el8_2.2.x86_64 systemd-pam-239-31.el8_2.2.x86_64 systemd-udev-239-31.el8_2.2.x86_64 yum-4.2.17-7.el8_2.noarch Installed: kernel-4.18.0-193.14.2.el8_2.x86_64 kernel-core-4.18.0-193.14.2.el8_2.x86_64 kernel-modules-4.18.0-193.14.2.el8_2.x86_64 Removed: kernel-4.18.0-147.5.1.el8_1.x86_64 kernel-core-4.18.0-147.5.1.el8_1.x86_64 kernel-modules-4.18.0-147.5.1.el8_1.x86_64 Complete! 我们的CentOS 8软件包已成功更新。
第三步:SaltStack Master上安装Python
SaltStack用Python编写,因此,它需要Python语言支持才能编译和执行SaltStack命令。
Python3在默认的CentOS AppStream中可用,因此,我们可以使用dnf命令安装它。
[root@saltstack-master src]# dnf install -y python3 Last metadata expiration check: 0:16:42 ago on Tue 11 Aug 2020 12:07:17 AM PKT. Dependencies resolved. ================================================================================ Package Arch Version Repo Size ================================================================================ Installing: python36 x86_64 3.6.8-2.module_el8.1.0+245+c39af44f AppStream 19 k Installing dependencies: python3-pip noarch 9.0.3-16.el8 AppStream 19 k python3-setuptools noarch 39.2.0-5.el8 BaseOS 162 k Enabling module streams: python36 3.6 Transaction Summary ================================================================================ Install 3 Packages Total download size: 201 k Installed size: 466 k Downloading Packages: (1/3): python3-setuptools-39.2.0-5.el8.noarch.r 658 kB/s | 162 kB 00:00 (2/3): python3-pip-9.0.3-16.el8.noarch.rpm 641 B/s | 19 kB 00:31 (3/3): python36-3.6.8-2.module_el8.1.0+245+c39a 627 B/s | 19 kB 00:31 -------------------------------------------------------------------------------- Total 6.2 kB/s | 201 kB 00:32 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : python3-setuptools-39.2.0-5.el8.noarch 1/3 Installing : python36-3.6.8-2.module_el8.1.0+245+c39af44f.x86_64 2/3 Running scriptlet: python36-3.6.8-2.module_el8.1.0+245+c39af44f.x86_64 2/3 Installing : python3-pip-9.0.3-16.el8.noarch 3/3 Running scriptlet: python3-pip-9.0.3-16.el8.noarch 3/3 Verifying : python3-pip-9.0.3-16.el8.noarch 1/3 Verifying : python36-3.6.8-2.module_el8.1.0+245+c39af44f.x86_64 2/3 Verifying : python3-setuptools-39.2.0-5.el8.noarch 3/3 Installed: python3-pip-9.0.3-16.el8.noarch python3-setuptools-39.2.0-5.el8.noarch python36-3.6.8-2.module_el8.1.0+245+c39af44f.x86_64 Complete! Python 3.6已安装在CentOS 8服务器上。
第四步:CentOS 8上安装SaltStack官方Yum存储库
尽管可以通过EPEL(企业Linux的额外软件包) yum存储库获得SaltStack软件包。但是,如果要安装最新版本,则应安装SaltStack的官方yum存储库。
使用以下命令在CentOS 8上安装SaltStack官方yum存储库。
[root@saltstack-master yum.repos.d]# wget https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el8.noarch.rpm [root@saltstack-master yum.repos.d]# dnf -y install salt-py3-repo-latest.el8.noarch.rpm Last metadata expiration check: 1 day, 1:25:58 ago on Tue 15 Dec 2020 08:46:52 PM CST. Dependencies resolved. ============================================================================================================================ Package Architecture Version Repository Size ============================================================================================================================ Installing: salt-py3-repo noarch latest-4.el8 @commandline 8.9 k Transaction Summary ============================================================================================================================ Install 1 Package Total size: 8.9 k Installed size: 2.0 k Downloading Packages: Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : salt-py3-repo-latest-4.el8.noarch 1/1 Verifying : salt-py3-repo-latest-4.el8.noarch 1/1 Installed products updated. Installed: salt-py3-repo-latest-4.el8.noarch Complete! [root@saltstack-master yum.repos.d]# 为新安装的yum存储库构建缓存。
[root@saltstack-master yum.repos.d]# dnf makecache CentOS-8 - Base - mirrors.tongdun.cn 2.1 MB/s | 3.9 kB 00:00 CentOS-8 - Extras - mirrors.tongdun.cn 1.1 MB/s | 1.5 kB 00:00 CentOS-8 - AppStream - mirrors.tongdun.cn 2.6 MB/s | 4.3 kB 00:00 Extra Packages for Enterprise Linux 8 - x86_64 3.0 MB/s | 4.7 kB 00:00 Extra Packages for Enterprise Linux 8 - x86_64 - Debug 1.6 MB/s | 3.0 kB 00:00 第五步:CentOS 8上安装SaltStack Master
我们添加了SaltStack yum存储库,现在我们可以使用dnf命令轻松安装SaltStack软件包的最新版本。
安装SaltStack主服务器所需的必要的SaltStack软件包。
[root@saltstack-master yum.repos.d]# dnf install -y salt-master salt-minion salt-ssh salt-syndic salt-cloud salt-api Last metadata expiration check: 0:00:58 ago on Wed 16 Dec 2020 10:22:18 PM CST. Dependencies resolved. ============================================================================================================================ Package Architecture Version Repository Size ============================================================================================================================ Installing: salt-api noarch 3002.2-1.el8 salt-py3-latest 24 k salt-cloud noarch 3002.2-1.el8 salt-py3-latest 27 k salt-master noarch 3002.2-1.el8 salt-py3-latest 3.1 M salt-minion noarch 3002.2-1.el8 salt-py3-latest 43 k salt-ssh noarch 3002.2-1.el8 salt-py3-latest 25 k salt-syndic noarch 3002.2-1.el8 salt-py3-latest 24 k Upgrading: dnf-plugins-core noarch 4.0.12-4.el8_2 base 64 k python3-dnf-plugins-core noarch 4.0.12-4.el8_2 base 204 k Installing dependencies: libsodium x86_64 1.0.18-2.el8 epel 162 k libunwind x86_64 1.3.1-3.el8 epel 75 k openpgm x86_64 5.2.122-21.el8 epel 180 k python3-babel noarch 2.5.1-5.el8 AppStream 4.8 M python3-cheroot noarch 8.2.1-1.el8 epel 145 k python3-cherrypy noarch 18.4.0-1.el8 epel 384 k python3-distro noarch 1.4.0-2.module_el8.1.0+245+c39af44f AppStream 37 k python3-jaraco noarch 6.2-6.el8 epel 11 k python3-jaraco-functools noarch 2.0-4.el8 epel 18 k python3-jinja2 noarch 2.10.1-2.el8_0 AppStream 538 k python3-libcloud noarch 2.4.0-1.el8 salt-py3-latest 1.4 M python3-m2crypto x86_64 0.35.2-5.el8 epel 303 k python3-markupsafe x86_64 0.23-19.el8 AppStream 39 k python3-more-itertools noarch 7.2.0-3.el8 epel 59 k python3-msgpack x86_64 0.6.2-1.el8 epel 92 k python3-portend noarch 2.6-1.el8 epel 16 k python3-psutil x86_64 5.6.3-5.el8 epel 396 k python3-tempora noarch 1.14.1-5.el8 epel 29 k python3-trustme noarch 0.6.0-4.el8 epel 27 k python3-zc-lockfile noarch 2.0-2.el8 epel 23 k python3-zmq x86_64 19.0.0-1.el8 epel 418 k salt noarch 3002.2-1.el8 salt-py3-latest 10 M yum-utils noarch 4.0.12-4.el8_2 base 66 k zeromq x86_64 4.3.3-1.el8 epel 478 k Transaction Summary ============================================================================================================================ Install 30 Packages Upgrade 2 Packages Total download size: 24 M Downloading Packages: (1/32): yum-utils-4.0.12-4.el8_2.noarch.rpm 3.5 MB/s | 66 kB 00:00 (2/32): python3-distro-1.4.0-2.module_el8.1.0+245+c39af44f.noarch.rpm 937 kB/s | 37 kB 00:00 (3/32): python3-jinja2-2.10.1-2.el8_0.noarch.rpm 14 MB/s | 538 kB 00:00 (4/32): python3-markupsafe-0.23-19.el8.x86_64.rpm 2.2 MB/s | 39 kB 00:00 (5/32): libunwind-1.3.1-3.el8.x86_64.rpm 5.0 MB/s | 75 kB 00:00 (6/32): libsodium-1.0.18-2.el8.x86_64.rpm 6.6 MB/s | 162 kB 00:00 (7/32): openpgm-5.2.122-21.el8.x86_64.rpm 7.6 MB/s | 180 kB 00:00 (8/32): python3-babel-2.5.1-5.el8.noarch.rpm 38 MB/s | 4.8 MB 00:00 (9/32): python3-cheroot-8.2.1-1.el8.noarch.rpm 2.9 MB/s | 145 kB 00:00 (10/32): python3-jaraco-6.2-6.el8.noarch.rpm 5.5 MB/s | 11 kB 00:00 (11/32): python3-jaraco-functools-2.0-4.el8.noarch.rpm 8.3 MB/s | 18 kB 00:00 (12/32): python3-cherrypy-18.4.0-1.el8.noarch.rpm 9.9 MB/s | 384 kB 00:00 (13/32): python3-msgpack-0.6.2-1.el8.x86_64.rpm 7.8 MB/s | 92 kB 00:00 (14/32): python3-portend-2.6-1.el8.noarch.rpm 4.6 MB/s | 16 kB 00:00 (15/32): python3-more-itertools-7.2.0-3.el8.noarch.rpm 2.9 MB/s | 59 kB 00:00 (16/32): python3-m2crypto-0.35.2-5.el8.x86_64.rpm 13 MB/s | 303 kB 00:00 (17/32): python3-tempora-1.14.1-5.el8.noarch.rpm 11 MB/s | 29 kB 00:00 (18/32): python3-zc-lockfile-2.0-2.el8.noarch.rpm 1.7 MB/s | 23 kB 00:00 (19/32): python3-trustme-0.6.0-4.el8.noarch.rpm 1.8 MB/s | 27 kB 00:00 (20/32): python3-psutil-5.6.3-5.el8.x86_64.rpm 16 MB/s | 396 kB 00:00 (21/32): python3-zmq-19.0.0-1.el8.x86_64.rpm 18 MB/s | 418 kB 00:00 (22/32): zeromq-4.3.3-1.el8.x86_64.rpm 13 MB/s | 478 kB 00:00 (23/32): salt-api-3002.2-1.el8.noarch.rpm 12 kB/s | 24 kB 00:01 (24/32): salt-cloud-3002.2-1.el8.noarch.rpm 22 kB/s | 27 kB 00:01 (25/32): python3-libcloud-2.4.0-1.el8.noarch.rpm 124 kB/s | 1.4 MB 00:11 (26/32): salt-minion-3002.2-1.el8.noarch.rpm 33 kB/s | 43 kB 00:01 (27/32): salt-master-3002.2-1.el8.noarch.rpm 322 kB/s | 3.1 MB 00:09 (28/32): salt-ssh-3002.2-1.el8.noarch.rpm 55 kB/s | 25 kB 00:00 (29/32): dnf-plugins-core-4.0.12-4.el8_2.noarch.rpm 21 MB/s | 64 kB 00:00 (30/32): python3-dnf-plugins-core-4.0.12-4.el8_2.noarch.rpm 38 MB/s | 204 kB 00:00 (31/32): salt-syndic-3002.2-1.el8.noarch.rpm 40 kB/s | 24 kB 00:00 (32/32): salt-3002.2-1.el8.noarch.rpm 373 kB/s | 10 MB 00:28 ------------------------------------------------------------------------------------------------------------------------------- Total 833 kB/s | 24 MB 00:29 warning: /var/cache/dnf/salt-py3-latest-ab32c742cbd8c211/packages/python3-libcloud-2.4.0-1.el8.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID de57bfbe: NOKEY SaltStack Latest Release Channel Python 3 for RHEL/Centos 8 1.7 MB/s | 1.7 kB 00:00 Importing GPG key 0xDE57BFBE: Userid : "SaltStack Packaging Team <packaging@saltstack.com>" Fingerprint: 754A 1A7A E731 F165 D5E6 D4BD 0E08 A149 DE57 BFBE From : /etc/pki/rpm-gpg/saltstack-signing-key Key imported successfully Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : python3-more-itertools-7.2.0-3.el8.noarch 1/34 Installing : python3-markupsafe-0.23-19.el8.x86_64 2/34 Upgrading : python3-dnf-plugins-core-4.0.12-4.el8_2.noarch 3/34 Upgrading : dnf-plugins-core-4.0.12-4.el8_2.noarch 4/34 Installing : yum-utils-4.0.12-4.el8_2.noarch 5/34 Installing : python3-libcloud-2.4.0-1.el8.noarch 6/34 Installing : python3-zc-lockfile-2.0-2.el8.noarch 7/34 Installing : python3-trustme-0.6.0-4.el8.noarch 8/34 Installing : python3-psutil-5.6.3-5.el8.x86_64 9/34 Installing : python3-msgpack-0.6.2-1.el8.x86_64 10/34 Installing : python3-m2crypto-0.35.2-5.el8.x86_64 11/34 Installing : python3-jaraco-6.2-6.el8.noarch 12/34 Installing : python3-jaraco-functools-2.0-4.el8.noarch 13/34 Installing : python3-cheroot-8.2.1-1.el8.noarch 14/34 Installing : python3-tempora-1.14.1-5.el8.noarch 15/34 Installing : python3-portend-2.6-1.el8.noarch 16/34 Installing : python3-cherrypy-18.4.0-1.el8.noarch 17/34 Installing : openpgm-5.2.122-21.el8.x86_64 18/34 Installing : libunwind-1.3.1-3.el8.x86_64 19/34 Installing : libsodium-1.0.18-2.el8.x86_64 20/34 Installing : zeromq-4.3.3-1.el8.x86_64 21/34 Installing : python3-zmq-19.0.0-1.el8.x86_64 22/34 Installing : python3-distro-1.4.0-2.module_el8.1.0+245+c39af44f.noarch 23/34 Installing : python3-babel-2.5.1-5.el8.noarch 24/34 Installing : python3-jinja2-2.10.1-2.el8_0.noarch 25/34 Installing : salt-3002.2-1.el8.noarch 26/34 Installing : salt-master-3002.2-1.el8.noarch 27/34 Running scriptlet: salt-master-3002.2-1.el8.noarch 27/34 Installing : salt-api-3002.2-1.el8.noarch 28/34 Running scriptlet: salt-api-3002.2-1.el8.noarch 28/34 Installing : salt-cloud-3002.2-1.el8.noarch 29/34 Installing : salt-syndic-3002.2-1.el8.noarch 30/34 Running scriptlet: salt-syndic-3002.2-1.el8.noarch 30/34 Installing : salt-minion-3002.2-1.el8.noarch 31/34 Running scriptlet: salt-minion-3002.2-1.el8.noarch 31/34 Installing : salt-ssh-3002.2-1.el8.noarch 32/34 Cleanup : dnf-plugins-core-4.0.12-3.el8.noarch 33/34 Cleanup : python3-dnf-plugins-core-4.0.12-3.el8.noarch 34/34 Running scriptlet: python3-dnf-plugins-core-4.0.12-3.el8.noarch 34/34 Verifying : yum-utils-4.0.12-4.el8_2.noarch 1/34 Verifying : python3-babel-2.5.1-5.el8.noarch 2/34 Verifying : python3-distro-1.4.0-2.module_el8.1.0+245+c39af44f.noarch 3/34 Verifying : python3-jinja2-2.10.1-2.el8_0.noarch 4/34 Verifying : python3-markupsafe-0.23-19.el8.x86_64 5/34 Verifying : libsodium-1.0.18-2.el8.x86_64 6/34 Verifying : libunwind-1.3.1-3.el8.x86_64 7/34 Verifying : openpgm-5.2.122-21.el8.x86_64 8/34 Verifying : python3-cheroot-8.2.1-1.el8.noarch 9/34 Verifying : python3-cherrypy-18.4.0-1.el8.noarch 10/34 Verifying : python3-jaraco-6.2-6.el8.noarch 11/34 Verifying : python3-jaraco-functools-2.0-4.el8.noarch 12/34 Verifying : python3-m2crypto-0.35.2-5.el8.x86_64 13/34 Verifying : python3-more-itertools-7.2.0-3.el8.noarch 14/34 Verifying : python3-msgpack-0.6.2-1.el8.x86_64 15/34 Verifying : python3-portend-2.6-1.el8.noarch 16/34 Verifying : python3-psutil-5.6.3-5.el8.x86_64 17/34 Verifying : python3-tempora-1.14.1-5.el8.noarch 18/34 Verifying : python3-trustme-0.6.0-4.el8.noarch 19/34 Verifying : python3-zc-lockfile-2.0-2.el8.noarch 20/34 Verifying : python3-zmq-19.0.0-1.el8.x86_64 21/34 Verifying : zeromq-4.3.3-1.el8.x86_64 22/34 Verifying : python3-libcloud-2.4.0-1.el8.noarch 23/34 Verifying : salt-3002.2-1.el8.noarch 24/34 Verifying : salt-api-3002.2-1.el8.noarch 25/34 Verifying : salt-cloud-3002.2-1.el8.noarch 26/34 Verifying : salt-master-3002.2-1.el8.noarch 27/34 Verifying : salt-minion-3002.2-1.el8.noarch 28/34 Verifying : salt-ssh-3002.2-1.el8.noarch 29/34 Verifying : salt-syndic-3002.2-1.el8.noarch 30/34 Verifying : dnf-plugins-core-4.0.12-4.el8_2.noarch 31/34 Verifying : dnf-plugins-core-4.0.12-3.el8.noarch 32/34 Verifying : python3-dnf-plugins-core-4.0.12-4.el8_2.noarch 33/34 Verifying : python3-dnf-plugins-core-4.0.12-3.el8.noarch 34/34 Installed products updated. Upgraded: dnf-plugins-core-4.0.12-4.el8_2.noarch python3-dnf-plugins-core-4.0.12-4.el8_2.noarch Installed: libsodium-1.0.18-2.el8.x86_64 libunwind-1.3.1-3.el8.x86_64 openpgm-5.2.122-21.el8.x86_64 python3-babel-2.5.1-5.el8.noarch python3-cheroot-8.2.1-1.el8.noarch python3-cherrypy-18.4.0-1.el8.noarch python3-distro-1.4.0-2.module_el8.1.0+245+c39af44f.noarch python3-jaraco-6.2-6.el8.noarch python3-jaraco-functools-2.0-4.el8.noarch python3-jinja2-2.10.1-2.el8_0.noarch python3-libcloud-2.4.0-1.el8.noarch python3-m2crypto-0.35.2-5.el8.x86_64 python3-markupsafe-0.23-19.el8.x86_64 python3-more-itertools-7.2.0-3.el8.noarch python3-msgpack-0.6.2-1.el8.x86_64 python3-portend-2.6-1.el8.noarch python3-psutil-5.6.3-5.el8.x86_64 python3-tempora-1.14.1-5.el8.noarch python3-trustme-0.6.0-4.el8.noarch python3-zc-lockfile-2.0-2.el8.noarch python3-zmq-19.0.0-1.el8.x86_64 salt-3002.2-1.el8.noarch salt-api-3002.2-1.el8.noarch salt-cloud-3002.2-1.el8.noarch salt-master-3002.2-1.el8.noarch salt-minion-3002.2-1.el8.noarch salt-ssh-3002.2-1.el8.noarch salt-syndic-3002.2-1.el8.noarch yum-utils-4.0.12-4.el8_2.noarch zeromq-4.3.3-1.el8.x86_64 Complete! [root@saltstack-master yum.repos.d]# 在这里,我们还将在SaltStack Master上安装salt- minion软件包,因为Minion会收集和发送SaltStack Master服务器的系统指标,即使在同一服务器上也是如此。请参考我们的下一篇文章,[如何在CentOS 8上安装SaltStack Minion]
第六步:CentOS 8上配置SaltStack Master
SaltStack的配置文件位于/etc/salt目录中。
默认配置足够安静,无法启动SaltStack Master服务器,但是我们需要在启动服务之前调整SaltStack Minion配置。
编辑SaltStack Minion配置文件。
[root@saltstack-master-01 ~]# vi /etc/salt/minion 在此文件中找到以下指令。
#master: salt 并用以下指令替换它。
master: saltstack-master.lianglab.cn master指令向SaltStack Minion告知正在使用的SaltStack Master服务器。SaltStack主主机名必须是可解析的。您可以通过使用本地DNS解析器(即/ etc / hosts文件)来执行此操作,也可以为网络配置权威的DNS服务器。
启用并启动SaltStack Master和Minion服务。
[root@saltstack-master yum.repos.d]# systemctl enable --now salt-master salt-minion Created symlink /etc/systemd/system/multi-user.target.wants/salt-master.service → /usr/lib/systemd/system/salt-master.service. Created symlink /etc/systemd/system/multi-user.target.wants/salt-minion.service → /usr/lib/systemd/system/salt-minion.service. [root@saltstack-master yum.repos.d]# [root@saltstack-master yum.repos.d]# systemctl status salt-master salt-minion ● salt-master.service - The Salt Master Server Loaded: loaded (/usr/lib/systemd/system/salt-master.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2020-12-16 22:37:51 CST; 11s ago Docs: man:salt-master(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltstack.com/en/latest/contents.html Main PID: 320436 (salt-master) Tasks: 32 (limit: 23840) Memory: 200.3M CGroup: /system.slice/salt-master.service ├─320436 /usr/bin/python3.6 /usr/bin/salt-master ├─320442 /usr/bin/python3.6 /usr/bin/salt-master ├─320474 /usr/bin/python3.6 /usr/bin/salt-master ├─320475 /usr/bin/python3.6 /usr/bin/salt-master ├─320478 /usr/bin/python3.6 /usr/bin/salt-master ├─320479 /usr/bin/python3.6 /usr/bin/salt-master ├─320480 /usr/bin/python3.6 /usr/bin/salt-master ├─320481 /usr/bin/python3.6 /usr/bin/salt-master ├─320482 /usr/bin/python3.6 /usr/bin/salt-master ├─320483 /usr/bin/python3.6 /usr/bin/salt-master ├─320484 /usr/bin/python3.6 /usr/bin/salt-master ├─320485 /usr/bin/python3.6 /usr/bin/salt-master └─320492 /usr/bin/python3.6 /usr/bin/salt-master Dec 16 22:37:50 saltstack-master.lianglab.cn systemd[1]: Starting The Salt Master Server... Dec 16 22:37:51 saltstack-master.lianglab.cn systemd[1]: Started The Salt Master Server. ● salt-minion.service - The Salt Minion Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2020-12-16 22:37:52 CST; 10s ago Docs: man:salt-minion(1) file:///usr/share/doc/salt/html/contents.html https://docs.saltstack.com/en/latest/contents.html Main PID: 320473 (salt-minion) Tasks: 8 (limit: 23840) Memory: 69.1M CGroup: /system.slice/salt-minion.service ├─320473 /usr/bin/python3.6 /usr/bin/salt-minion ├─320616 /usr/bin/python3.6 /usr/bin/salt-minion └─320677 /usr/bin/python3.6 /usr/bin/salt-minion Dec 16 22:37:51 saltstack-master.lianglab.cn systemd[1]: Starting The Salt Minion... Dec 16 22:37:52 saltstack-master.lianglab.cn systemd[1]: Started The Salt Minion [root@saltstack-master yum.repos.d]# netstat -anplt| grep 45 tcp 0 0 0.0.0.0:4505 0.0.0.0:* LISTEN 320474/python3.6 tcp 0 0 0.0.0.0:4506 0.0.0.0:* LISTEN 320480/python3.6 第七步:SaltStack Master配置CentOS 8防火墙
SaltStack master使用默认端口4505/tcp和4506/tcp。因此,我们需要允许传入流量进入CentOS 8防火墙中的这两个端口。
[root@saltstack-master yum.repos.d]# firewall-cmd --permanent --add-port={4505,4506}/tcp success [root@saltstack-master yum.repos.d]# firewall-cmd --reload success 第八步:管理SaltStack公钥
初始连接时,SaltStack奴才将其公共密钥发送给SaltStack主服务器。主人必须接受此公钥,以允许Minion与SaltStack主人进行通信。
列出所有SaltStack公共密钥。
[root@saltstack-master ~]# salt-key -L Accepted Keys: Denied Keys: Unaccepted Keys: saltstack-master.lianglab.cn Rejected Keys: [root@saltstack-master ~]# 当前,只有一个不接受的公共密钥。使用以下命令接受此公钥。
[root@saltstack-master ~]# salt-key -A The following keys are going to be accepted: Unaccepted Keys: saltstack-master.lianglab.cn Proceed? [n/Y] y Key for minion saltstack-master.lianglab.cn accepted. [root@saltstack-master ~]# 在所有SaltStack奴才上执行ping命令。
[root@saltstack-master ~]# salt '*' test.ping saltstack-master.lianglab.cn: True [root@saltstack-master ~]# 检查所有SaltStackd当前的版本。
[root@saltstack-master ~]# salt '*' test.version saltstack-master.lianglab.cn: 3002.2 
如何在CentOS 8上安装SaltStack minion。
第九步:什么是SaltStack Minion
SaltStack或Salt是基于Python的开源软件,用于基于事件的IT自动化,远程任务执行和配置管理。SaltStack支持“基础架构即代码”方法来进行数据中心系统和网络的部署和管理,配置自动化,SecOps编排,漏洞修复以及混合云控制。(礼貌:维基百科)
SaltStack minion是安装在受管节点上的代理软件,用于在该节点上执行命令并将其报告回SaltStack主服务器。
第十步:更新SaltStack MinionCentOS 8软件包
使用ssh工具以root用户身份与saltstack-minion.lianglab.cn连接。
最佳做法是在安装新组件之前更新CentOS 8上的软件包。因此,执行以下dnf命令来更新所有CentOS 8软件包。
[root@saltstack-minion ~]# dnf update -y ... Upgraded: NetworkManager-1:1.22.8-5.el8_2.x86_64 NetworkManager-libnm-1:1.22.8-5.el8_2.x86_64 NetworkManager-team-1:1.22.8-5.el8_2.x86_64 NetworkManager-tui-1:1.22.8-5.el8_2.x86_64 bind-export-libs-32:9.11.13-5.el8_2.x86_64 dbus-1:1.12.8-10.el8_2.x86_64 dbus-common-1:1.12.8-10.el8_2.noarch dbus-daemon-1:1.12.8-10.el8_2.x86_64 dbus-libs-1:1.12.8-10.el8_2.x86_64 dbus-tools-1:1.12.8-10.el8_2.x86_64 dnf-4.2.17-7.el8_2.noarch dnf-data-4.2.17-7.el8_2.noarch gnutls-3.6.8-11.el8_2.x86_64 grub2-common-1:2.02-87.el8_2.noarch grub2-pc-1:2.02-87.el8_2.x86_64 grub2-pc-modules-1:2.02-87.el8_2.noarch grub2-tools-1:2.02-87.el8_2.x86_64 grub2-tools-efi-1:2.02-87.el8_2.x86_64 grub2-tools-extra-1:2.02-87.el8_2.x86_64 grub2-tools-minimal-1:2.02-87.el8_2.x86_64 iptables-1.8.4-10.el8_2.1.x86_64 iptables-ebtables-1.8.4-10.el8_2.1.x86_64 iptables-libs-1.8.4-10.el8_2.1.x86_64 kernel-tools-4.18.0-193.14.2.el8_2.x86_64 kernel-tools-libs-4.18.0-193.14.2.el8_2.x86_64 libdnf-0.39.1-6.el8_2.x86_64 libnghttp2-1.33.0-3.el8_2.1.x86_64 microcode_ctl-4:20191115-4.20200609.1.el8_2.x86_64 open-vm-tools-11.0.5-3.el8.x86_64 python3-dnf-4.2.17-7.el8_2.noarch python3-hawkey-0.39.1-6.el8_2.x86_64 python3-libdnf-0.39.1-6.el8_2.x86_64 python3-perf-4.18.0-193.14.2.el8_2.x86_64 selinux-policy-3.14.3-41.el8_2.5.noarch selinux-policy-targeted-3.14.3-41.el8_2.5.noarch systemd-239-31.el8_2.2.x86_64 systemd-libs-239-31.el8_2.2.x86_64 systemd-pam-239-31.el8_2.2.x86_64 systemd-udev-239-31.el8_2.2.x86_64 yum-4.2.17-7.el8_2.noarch Installed: kernel-4.18.0-193.14.2.el8_2.x86_64 kernel-core-4.18.0-193.14.2.el8_2.x86_64 kernel-modules-4.18.0-193.14.2.el8_2.x86_64 Removed: kernel-4.18.0-147.5.1.el8_1.x86_64 kernel-core-4.18.0-147.5.1.el8_1.x86_64 kernel-modules-4.18.0-147.5.1.el8_1.x86_64 Complete! 第十一步:SaltStack Minion上安装Python
SaltStack是基于Python的软件,因此它需要Python语言支持才能编译和执行SaltStack命令。
Python 3.6在默认的CentOS 8 AppStream中可用,因此,我们可以使用dnf命令轻松安装它。
[root@saltstack-minion ~]# dnf install -y python3 Last metadata expiration check: 0:13:43 ago on Tue 11 Aug 2020 11:59:50 PM PKT. Dependencies resolved. ================================================================================ Package Arch Version Repo Size ================================================================================ Installing: python36 x86_64 3.6.8-2.module_el8.1.0+245+c39af44f AppStream 19 k Installing dependencies: python3-pip noarch 9.0.3-16.el8 AppStream 19 k python3-setuptools noarch 39.2.0-5.el8 BaseOS 162 k Enabling module streams: python36 3.6 Transaction Summary ================================================================================ Install 3 Packages Total download size: 201 k Installed size: 466 k Downloading Packages: (1/3): python3-setuptools-39.2.0-5.el8.noarch.r 553 kB/s | 162 kB 00:00 (2/3): python3-pip-9.0.3-16.el8.noarch.rpm 50 kB/s | 19 kB 00:00 (3/3): python36-3.6.8-2.module_el8.1.0+245+c39a 38 kB/s | 19 kB 00:00 -------------------------------------------------------------------------------- Total 121 kB/s | 201 kB 00:01 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : python3-setuptools-39.2.0-5.el8.noarch 1/3 Installing : python36-3.6.8-2.module_el8.1.0+245+c39af44f.x86_64 2/3 Running scriptlet: python36-3.6.8-2.module_el8.1.0+245+c39af44f.x86_64 2/3 Installing : python3-pip-9.0.3-16.el8.noarch 3/3 Running scriptlet: python3-pip-9.0.3-16.el8.noarch 3/3 Verifying : python3-pip-9.0.3-16.el8.noarch 1/3 Verifying : python36-3.6.8-2.module_el8.1.0+245+c39af44f.x86_64 2/3 Verifying : python3-setuptools-39.2.0-5.el8.noarch 3/3 Installed: python3-pip-9.0.3-16.el8.noarch python3-setuptools-39.2.0-5.el8.noarch python36-3.6.8-2.module_el8.1.0+245+c39af44f.x86_64 Complete! 第十二步:CentOS 8上安装SaltStack官方Yum存储库
尽管SaltStack软件包可通过EPEL(企业Linux的额外软件包) yum存储库获得。但是,如果您想安装最新版本的SaltStack软件包,则必须按照以下步骤安装SaltStack官方yum存储库。
[root@saltstack-minion ~]# wget https://repo.saltstack.com/py3/redhat/salt-py3-repo-latest.el8.noarch.rpm [root@saltstack-minion ~]# dnf -y install salt-py3-repo-latest.el8.noarch.rpm [root@saltstack-minion ~]# dnf -y install salt-py3-repo-latest.el8.noarch.rpm Last metadata expiration check: 0:26:49 ago on Wed 16 Dec 2020 10:19:04 PM CST. Dependencies resolved. =============================================================================================================================== Package Architecture Version Repository Size =============================================================================================================================== Installing: salt-py3-repo noarch latest-4.el8 @commandline 8.9 k Transaction Summary =============================================================================================================================== Install 1 Package Total size: 8.9 k Installed size: 2.0 k Downloading Packages: Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : salt-py3-repo-latest-4.el8.noarch 1/1 Verifying : salt-py3-repo-latest-4.el8.noarch 1/1 Installed products updated. Installed: salt-py3-repo-latest-4.el8.noarch Complete! 为新安装的yum存储库构建缓存。
[root@saltstack-minion ~]# dnf makecache CentOS-8 - Base - mirrors.tongdun.cn 1.6 MB/s | 3.9 kB 00:00 CentOS-8 - Extras - mirrors.tongdun.cn 865 kB/s | 1.5 kB 00:00 CentOS-8 - AppStream - mirrors.tongdun.cn 2.5 MB/s | 4.3 kB 00:00 Extra Packages for Enterprise Linux 8 - x86_64 2.5 MB/s | 4.7 kB 00:00 Extra Packages for Enterprise Linux 8 - x86_64 - Debug 1.6 MB/s | 3.0 kB 00:00 Extra Packages for Enterprise Linux 8 - x86_64 - Source 1.9 MB/s | 3.5 kB 00:00 SaltStack Latest Release Channel Python 3 for RHEL/Centos 8 26 kB/s | 224 kB 00:08 Metadata cache created. [root@saltstack-minion ~]# 第十三步:CentOS 8上安装SaltStack Minion
我们已经添加了SaltStack官方yum存储库,现在我们可以使用dnf命令安装SaltStack软件包。
[root@saltstack-minion ~]# dnf install -y salt-minion Last metadata expiration check: 0:00:22 ago on Wed 16 Dec 2020 10:46:31 PM CST. Dependencies resolved. =============================================================================================================================== Package Architecture Version Repository Size =============================================================================================================================== Installing: salt-minion noarch 3002.2-1.el8 salt-py3-latest 43 k Upgrading: dnf-plugins-core noarch 4.0.12-4.el8_2 base 64 k python3-dnf-plugins-core noarch 4.0.12-4.el8_2 base 204 k Installing dependencies: libsodium x86_64 1.0.18-2.el8 epel 162 k libunwind x86_64 1.3.1-3.el8 epel 75 k openpgm x86_64 5.2.122-21.el8 epel 180 k python3-babel noarch 2.5.1-5.el8 AppStream 4.8 M python3-distro noarch 1.4.0-2.module_el8.1.0+245+c39af44f AppStream 37 k python3-jinja2 noarch 2.10.1-2.el8_0 AppStream 538 k python3-m2crypto x86_64 0.35.2-5.el8 epel 303 k python3-markupsafe x86_64 0.23-19.el8 AppStream 39 k python3-msgpack x86_64 0.6.2-1.el8 epel 92 k python3-psutil x86_64 5.6.3-5.el8 epel 396 k python3-zmq x86_64 19.0.0-1.el8 epel 418 k salt noarch 3002.2-1.el8 salt-py3-latest 10 M yum-utils noarch 4.0.12-4.el8_2 base 66 k zeromq x86_64 4.3.3-1.el8 epel 478 k Transaction Summary =============================================================================================================================== Install 15 Packages Upgrade 2 Packages Total download size: 18 M Downloading Packages: (1/17): python3-distro-1.4.0-2.module_el8.1.0+245+c39af44f.noarch.rpm 13 MB/s | 37 kB 00:00 (2/17): yum-utils-4.0.12-4.el8_2.noarch.rpm 15 MB/s | 66 kB 00:00 (3/17): python3-markupsafe-0.23-19.el8.x86_64.rpm 18 MB/s | 39 kB 00:00 (4/17): libsodium-1.0.18-2.el8.x86_64.rpm 23 MB/s | 162 kB 00:00 (5/17): libunwind-1.3.1-3.el8.x86_64.rpm 18 MB/s | 75 kB 00:00 (6/17): python3-jinja2-2.10.1-2.el8_0.noarch.rpm 21 MB/s | 538 kB 00:00 (7/17): openpgm-5.2.122-21.el8.x86_64.rpm 16 MB/s | 180 kB 00:00 (8/17): python3-msgpack-0.6.2-1.el8.x86_64.rpm 11 MB/s | 92 kB 00:00 (9/17): python3-m2crypto-0.35.2-5.el8.x86_64.rpm 20 MB/s | 303 kB 00:00 (10/17): python3-psutil-5.6.3-5.el8.x86_64.rpm 18 MB/s | 396 kB 00:00 (11/17): python3-zmq-19.0.0-1.el8.x86_64.rpm 17 MB/s | 418 kB 00:00 (12/17): python3-babel-2.5.1-5.el8.noarch.rpm 45 MB/s | 4.8 MB 00:00 (13/17): zeromq-4.3.3-1.el8.x86_64.rpm 9.4 MB/s | 478 kB 00:00 (14/17): dnf-plugins-core-4.0.12-4.el8_2.noarch.rpm 28 MB/s | 64 kB 00:00 (15/17): python3-dnf-plugins-core-4.0.12-4.el8_2.noarch.rpm 54 MB/s | 204 kB 00:00 (16/17): salt-minion-3002.2-1.el8.noarch.rpm 6.2 kB/s | 43 kB 00:06 [MIRROR] salt-3002.2-1.el8.noarch.rpm: Curl error (28): Timeout was reached for https://repo.saltstack.com/py3/redhat/8/x86_64/latest/salt-3002.2-1.el8.noarch.rpm [Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds] [MIRROR] salt-3002.2-1.el8.noarch.rpm: Curl error (28): Timeout was reached for https://repo.saltstack.com/py3/redhat/8/x86_64/latest/salt-3002.2-1.el8.noarch.rpm [Operation too slow. Less than 1000 bytes/sec transferred the last 30 seconds] (17/17): salt-3002.2-1.el8.noarch.rpm 23 kB/s | 10 MB 07:54 ------------------------------------------------------------------------------------------------------------------------------- Total 40 kB/s | 18 MB 07:54 warning: /var/cache/dnf/salt-py3-latest-ab32c742cbd8c211/packages/salt-3002.2-1.el8.noarch.rpm: Header V4 RSA/SHA256 Signature, key ID de57bfbe: NOKEY SaltStack Latest Release Channel Python 3 for RHEL/Centos 8 1.7 MB/s | 1.7 kB 00:00 Importing GPG key 0xDE57BFBE: Userid : "SaltStack Packaging Team <packaging@saltstack.com>" Fingerprint: 754A 1A7A E731 F165 D5E6 D4BD 0E08 A149 DE57 BFBE From : /etc/pki/rpm-gpg/saltstack-signing-key Key imported successfully Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : python3-markupsafe-0.23-19.el8.x86_64 1/19 Upgrading : python3-dnf-plugins-core-4.0.12-4.el8_2.noarch 2/19 Upgrading : dnf-plugins-core-4.0.12-4.el8_2.noarch 3/19 Installing : yum-utils-4.0.12-4.el8_2.noarch 4/19 Installing : python3-psutil-5.6.3-5.el8.x86_64 5/19 Installing : python3-msgpack-0.6.2-1.el8.x86_64 6/19 Installing : python3-m2crypto-0.35.2-5.el8.x86_64 7/19 Installing : openpgm-5.2.122-21.el8.x86_64 8/19 Installing : libunwind-1.3.1-3.el8.x86_64 9/19 Installing : libsodium-1.0.18-2.el8.x86_64 10/19 Installing : zeromq-4.3.3-1.el8.x86_64 11/19 Installing : python3-zmq-19.0.0-1.el8.x86_64 12/19 Installing : python3-distro-1.4.0-2.module_el8.1.0+245+c39af44f.noarch 13/19 Installing : python3-babel-2.5.1-5.el8.noarch 14/19 Installing : python3-jinja2-2.10.1-2.el8_0.noarch 15/19 Installing : salt-3002.2-1.el8.noarch 16/19 Installing : salt-minion-3002.2-1.el8.noarch 17/19 Running scriptlet: salt-minion-3002.2-1.el8.noarch 17/19 Cleanup : dnf-plugins-core-4.0.12-3.el8.noarch 18/19 Cleanup : python3-dnf-plugins-core-4.0.12-3.el8.noarch 19/19 Running scriptlet: python3-dnf-plugins-core-4.0.12-3.el8.noarch 19/19 Verifying : yum-utils-4.0.12-4.el8_2.noarch 1/19 Verifying : python3-babel-2.5.1-5.el8.noarch 2/19 Verifying : python3-distro-1.4.0-2.module_el8.1.0+245+c39af44f.noarch 3/19 Verifying : python3-jinja2-2.10.1-2.el8_0.noarch 4/19 Verifying : python3-markupsafe-0.23-19.el8.x86_64 5/19 Verifying : libsodium-1.0.18-2.el8.x86_64 6/19 Verifying : libunwind-1.3.1-3.el8.x86_64 7/19 Verifying : openpgm-5.2.122-21.el8.x86_64 8/19 Verifying : python3-m2crypto-0.35.2-5.el8.x86_64 9/19 Verifying : python3-msgpack-0.6.2-1.el8.x86_64 10/19 Verifying : python3-psutil-5.6.3-5.el8.x86_64 11/19 Verifying : python3-zmq-19.0.0-1.el8.x86_64 12/19 Verifying : zeromq-4.3.3-1.el8.x86_64 13/19 Verifying : salt-3002.2-1.el8.noarch 14/19 Verifying : salt-minion-3002.2-1.el8.noarch 15/19 Verifying : dnf-plugins-core-4.0.12-4.el8_2.noarch 16/19 Verifying : dnf-plugins-core-4.0.12-3.el8.noarch 17/19 Verifying : python3-dnf-plugins-core-4.0.12-4.el8_2.noarch 18/19 Verifying : python3-dnf-plugins-core-4.0.12-3.el8.noarch 19/19 Installed products updated. Upgraded: dnf-plugins-core-4.0.12-4.el8_2.noarch python3-dnf-plugins-core-4.0.12-4.el8_2.noarch Installed: libsodium-1.0.18-2.el8.x86_64 libunwind-1.3.1-3.el8.x86_64 openpgm-5.2.122-21.el8.x86_64 python3-babel-2.5.1-5.el8.noarch python3-distro-1.4.0-2.module_el8.1.0+245+c39af44f.noarch python3-jinja2-2.10.1-2.el8_0.noarch python3-m2crypto-0.35.2-5.el8.x86_64 python3-markupsafe-0.23-19.el8.x86_64 python3-msgpack-0.6.2-1.el8.x86_64 python3-psutil-5.6.3-5.el8.x86_64 python3-zmq-19.0.0-1.el8.x86_64 salt-3002.2-1.el8.noarch salt-minion-3002.2-1.el8.noarch yum-utils-4.0.12-4.el8_2.noarch zeromq-4.3.3-1.el8.x86_64 Complete! [root@saltstack-minion ~]# 第十四步:CentOS 8上配置SaltStack Minion
SaltStack minion的默认配置可以正常工作,除了我们需要告诉Minion有关SaltStack Master服务器。
因此,使用vim编辑器编辑SaltStack minion配置文件。
[root@saltstack-minion ~]# vi /etc/salt/minion 在其中找到以下指令。
#master: salt 并将上述指令替换为以下指令。
master: saltstack-master.lianglab.cn 其中saltstack-master.lianglab.cn是我们前面中配置的SaltStack主服务器。
启用并启动salt-minion服务。
[root@saltstack-minion ~]# systemctl enable --now salt-minion Created symlink /etc/systemd/system/multi-user.target.wants/salt-minion.service → /usr/lib/systemd/system/salt-minion.service. [root@saltstack-minion ~]# 第十五步:SaltStack主服务器中添加SaltStack Minion
使用PuTTY以root用户身份与saltstack-master.lianglab.cn连接。
显示SaltStack主服务器已知的所有公共密钥的列表。
[root@saltstack-master ~]# salt-key -L Accepted Keys: saltstack-master.lianglab.cn Denied Keys: Unaccepted Keys: saltstack-minion.lianglab.cn Rejected Keys: [root@saltstack-master ~]# 您会看到,有一个不可接受的密钥,即saltstack-minion.lianglab.cn。这是我们的SaltStack的公钥。
使用以下命令接受此密钥。
[root@saltstack-master ~]# salt-key -A The following keys are going to be accepted: Unaccepted Keys: saltstack-minion.lianglab.cn Proceed? [n/Y] y Key for minion saltstack-minion.lianglab.cn accepted. [root@saltstack-master ~]# 
第十六步:SaltStack Minion上的命令的远程执行安装HTTP服务
我们已添加到SaltStack Master库存中。我们现在可以执行命令了。
【1】为了演示,我们正在saltstack-minion.lianglab.cn上远程安装Apache Web服务器。
[root@saltstack-master ~]# salt 'saltstack-minion.lianglab.cn' cmd.run 'dnf install -y httpd' saltstack-minion.lianglab.cn: Last metadata expiration check: 0:15:45 ago on Wed Dec 16 22:46:31 2020. Dependencies resolved. ================================================================================ Package Arch Version Repo Size ================================================================================ Installing: httpd x86_64 2.4.37-21.module_el8.2.0+494+1df74eae AppStream 1.7 M Installing dependencies: apr x86_64 1.6.3-9.el8 AppStream 125 k apr-util x86_64 1.6.1-6.el8 AppStream 105 k centos-logos-httpd noarch 80.5-2.el8 base 24 k httpd-filesystem noarch 2.4.37-21.module_el8.2.0+494+1df74eae AppStream 36 k httpd-tools x86_64 2.4.37-21.module_el8.2.0+494+1df74eae AppStream 103 k mod_http2 x86_64 1.11.3-3.module_el8.2.0+486+c01050f0.1 AppStream 156 k Installing weak dependencies: apr-util-bdb x86_64 1.6.1-6.el8 AppStream 25 k apr-util-openssl x86_64 1.6.1-6.el8 AppStream 27 k Enabling module streams: httpd 2.4 Transaction Summary ================================================================================ Install 9 Packages Total download size: 2.3 M Installed size: 6.0 M Downloading Packages: (1/9): centos-logos-httpd-80.5-2.el8.noarch.rpm 1.8 MB/s | 24 kB 00:00 (2/9): apr-util-bdb-1.6.1-6.el8.x86_64.rpm 5.6 MB/s | 25 kB 00:00 (3/9): apr-1.6.3-9.el8.x86_64.rpm 6.5 MB/s | 125 kB 00:00 (4/9): apr-util-1.6.1-6.el8.x86_64.rpm 4.9 MB/s | 105 kB 00:00 (5/9): apr-util-openssl-1.6.1-6.el8.x86_64.rpm 6.0 MB/s | 27 kB 00:00 (6/9): httpd-filesystem-2.4.37-21.module_el8.2. 3.4 MB/s | 36 kB 00:00 (7/9): httpd-tools-2.4.37-21.module_el8.2.0+494 5.6 MB/s | 103 kB 00:00 (8/9): mod_http2-1.11.3-3.module_el8.2.0+486+c0 11 MB/s | 156 kB 00:00 (9/9): httpd-2.4.37-21.module_el8.2.0+494+1df74 35 MB/s | 1.7 MB 00:00 -------------------------------------------------------------------------------- Total 33 MB/s | 2.3 MB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : apr-1.6.3-9.el8.x86_64 1/9 Running scriptlet: apr-1.6.3-9.el8.x86_64 1/9 Installing : apr-util-bdb-1.6.1-6.el8.x86_64 2/9 Installing : apr-util-openssl-1.6.1-6.el8.x86_64 3/9 Installing : apr-util-1.6.1-6.el8.x86_64 4/9 Running scriptlet: apr-util-1.6.1-6.el8.x86_64 4/9 Installing : httpd-tools-2.4.37-21.module_el8.2.0+494+1df74eae.x8 5/9 Running scriptlet: httpd-filesystem-2.4.37-21.module_el8.2.0+494+1df74e 6/9 Installing : httpd-filesystem-2.4.37-21.module_el8.2.0+494+1df74e 6/9 Installing : centos-logos-httpd-80.5-2.el8.noarch 7/9 Installing : mod_http2-1.11.3-3.module_el8.2.0+486+c01050f0.1.x86 8/9 Installing : httpd-2.4.37-21.module_el8.2.0+494+1df74eae.x86_64 9/9 Running scriptlet: httpd-2.4.37-21.module_el8.2.0+494+1df74eae.x86_64 9/9 Verifying : centos-logos-httpd-80.5-2.el8.noarch 1/9 Verifying : apr-1.6.3-9.el8.x86_64 2/9 Verifying : apr-util-1.6.1-6.el8.x86_64 3/9 Verifying : apr-util-bdb-1.6.1-6.el8.x86_64 4/9 Verifying : apr-util-openssl-1.6.1-6.el8.x86_64 5/9 Verifying : httpd-2.4.37-21.module_el8.2.0+494+1df74eae.x86_64 6/9 Verifying : httpd-filesystem-2.4.37-21.module_el8.2.0+494+1df74e 7/9 Verifying : httpd-tools-2.4.37-21.module_el8.2.0+494+1df74eae.x8 8/9 Verifying : mod_http2-1.11.3-3.module_el8.2.0+486+c01050f0.1.x86 9/9 Installed products updated. Installed: apr-1.6.3-9.el8.x86_64 apr-util-1.6.1-6.el8.x86_64 apr-util-bdb-1.6.1-6.el8.x86_64 apr-util-openssl-1.6.1-6.el8.x86_64 centos-logos-httpd-80.5-2.el8.noarch httpd-2.4.37-21.module_el8.2.0+494+1df74eae.x86_64 httpd-filesystem-2.4.37-21.module_el8.2.0+494+1df74eae.noarch httpd-tools-2.4.37-21.module_el8.2.0+494+1df74eae.x86_64 mod_http2-1.11.3-3.module_el8.2.0+486+c01050f0.1.x86_64 Complete! 【2】在saltstack-minion上启用并启动Apache服务。
[root@saltstack-master ~]# salt 'saltstack-minion.lianglab.cn' cmd.run 'systemctl enable --now httpd.service' saltstack-minion.lianglab.cn: Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service -> /usr/lib/systemd/system/httpd.service. [root@saltstack-master ~]# 【3】在saltstack-minion-01的Linux防火墙中允许http服务。
[root@saltstack-master ~]#salt 'saltstack-minion.lianglab.cn' cmd.run 'firewall-cmd --add-service=http' saltstack-minion.lianglab.cn: success 【4】使用curl命令访问新配置的Web服务器。
[root@saltstack-master ~]# curl -I http://saltstack-minion.lianglab.cn HTTP/1.1 403 Forbidden Date: Wed, 16 Dec 2020 15:07:32 GMT Server: Apache/2.4.37 (centos) Content-Location: index.html.zh-CN Vary: negotiate,accept-language TCN: choice Last-Modified: Fri, 14 Jun 2019 03:37:43 GMT ETag: "fa6-58b405e7d6fc0;5b696296e2c08" Accept-Ranges: bytes Content-Length: 4006 Content-Type: text/html; charset=UTF-8 Content-Language: zh-cn [root@saltstack-master ~]# curl -I http://192.168.6.190 HTTP/1.1 403 Forbidden Date: Wed, 16 Dec 2020 15:08:07 GMT Server: Apache/2.4.37 (centos) Content-Location: index.html.zh-CN Vary: negotiate,accept-language TCN: choice Last-Modified: Fri, 14 Jun 2019 03:37:43 GMT ETag: "fa6-58b405e7d6fc0;5b696296e2c08" Accept-Ranges: bytes Content-Length: 4006 Content-Type: text/html; charset=UTF-8 Content-Language: zh-cn 
Apache Web服务器已安装在我们的SaltStack minion上。
这是我们本文章的结尾。您已成功安装并SaltStack Master和Minion 配置了,如果在阅读中遇到问题请及时留言,如果感觉文章对您有帮助请与朋友分享文章。
