Saltstack安装和基础配置官方文档
来源:互联网 发布:网络编辑招聘要求 编辑:程序博客网 时间:2024/05/17 02:12
2.2.7. RHEL / CentOS / Scientific Linux / Amazon Linux / Oracle Linux¶
2.2.7.1. Installation Using pip¶
Since Salt is on PyPI, it can be installed using pip, though most users prefer to install using RPMs (which can be installed fromEPEL). Installation from pip is easy:
pip install salt
Warning
If installing from pip (or from source using setup.py install), be advised that theyum-utils package is needed for Salt to manage packages. Also, if the Python dependencies are not already installed, then you will need additional libraries/tools installed to build some of them. More information on this can be found here.
2.2.7.2. Installation from EPEL¶
Beginning with version 0.9.4, Salt has been available in EPEL. It is installable using yum. Salt should work properly with all mainstream derivatives of RHEL, including CentOS, Scientific Linux, Oracle Linux and Amazon Linux. Report any bugs or issues on theissue tracker.
On RHEL6, the proper Jinja package 'python-jinja2' was moved from EPEL to the "RHEL Server Optional Channel". Verify this repository is enabled before installing salt on RHEL6.
2.2.7.2.1. Enabling EPEL on RHEL¶
If EPEL is not enabled on your system, you can use the following commands to enable it.
For RHEL 5:
rpm -Uvh http://mirror.pnl.gov/epel/5/i386/epel-release-5-4.noarch.rpm
For RHEL 6:
rpm -Uvh http://ftp.linux.ncsu.edu/pub/epel/6/i386/epel-release-6-8.noarch.rpm
2.2.7.2.2. Installing Stable Release¶
Salt is packaged separately for the minion and the master. It is necessary only to install the appropriate package for the role the machine will play. Typically, there will be one master and multiple minions.
On the salt-master, run this:
yum install salt-master
On each salt-minion, run this:
yum install salt-minion
2.2.7.2.3. Installing from epel-testing¶
When a new Salt release is packaged, it is first admitted into the epel-testing repository, before being moved to the stable repo.
To install from epel-testing, use theenablerepo argument for yum:
yum --enablerepo=epel-testing install salt-minion
2.2.7.3. ZeroMQ 4¶
We recommend using ZeroMQ 4 where available. SaltStack provides ZeroMQ 4.0.4 and pyzmq 14.3.1 in aCOPR repository. Instructions for adding this repository (as well as for upgrading ZeroMQ and pyzmq on existing minions) can be foundhere.
If this repo is added before Salt is installed, then installing eithersalt-master or salt-minion will automatically pull in ZeroMQ 4.0.4, and additional states to upgrade ZeroMQ and pyzmq are unnecessary.
2.2.7.4. Package Management¶
Salt's interface to yum makes heavy use of therepoquery utility, from the yum-utils package. This package will be installed as a dependency if salt is installed via EPEL. However, if salt has been installed using pip, or a host is being managed using salt-ssh, then as of version 2014.7.0yum-utils will be installed automatically to satisfy this dependency.
2.2.7.5. Post-installation tasks¶
Master
To have the Master start automatically at boot time:
chkconfig salt-master on
To start the Master:
service salt-master start
Minion
To have the Minion start automatically at boot time:
chkconfig salt-minion on
To start the Minion:
service salt-minion start
Now go to the Configuring Salt page.
22.7. Configuring Salt¶
Salt configuration is very simple. The default configuration for the master will work for most installations and the only requirement for setting up aminion is to set the location of the master in the minion configuration file.
The configuration files will be installed to /etc/salt and are named after the respective components,/etc/salt/master and/etc/salt/minion.
22.7.1. Master Configuration¶
By default the Salt master listens on ports 4505 and 4506 on all interfaces (0.0.0.0). To bind Salt to a specific IP, redefine the "interface" directive in the master configuration file, typically/etc/salt/master, as follows:
- #interface: 0.0.0.0+ interface: 10.0.0.1
After updating the configuration file, restart the Salt master. See the master configuration reference for more details about other configurable options.
22.7.2. Minion Configuration¶
Although there are many Salt Minion configuration options, configuring a Salt Minion is very simple. By default a Salt Minion will try to connect to the DNS name "salt"; if the Minion is able to resolve that name correctly, no configuration is needed.
If the DNS name "salt" does not resolve to point to the correct location of the Master, redefine the "master" directive in the minion configuration file, typically/etc/salt/minion, as follows:
- #master: salt+ master: 10.0.0.1
After updating the configuration file, restart the Salt minion. See the minion configuration reference for more details about other configurable options.
22.7.3. Running Salt¶
Start the master in the foreground (to daemonize the process, pass the-d flag):
salt-master
Start the minion in the foreground (to daemonize the process, pass the-d flag):
salt-minion
Having trouble?
The simplest way to troubleshoot Salt is to run the master and minion in the foreground withlog level set to debug:
salt-master --log-level=debug
For information on salt's logging system please see the logging document.
Run as an unprivileged (non-root) user
To run Salt as another user, set the user parameter in the master config file.
Additionally, ownership and permissions need to be set such that the desired user can read from and write to the following directories (and their subdirectories, where applicable):
- /etc/salt
- /var/cache/salt
- /var/log/salt
- /var/run/salt
More information about running salt as a non-privileged user can be foundhere.
There is also a full troubleshooting guide available.
22.7.4. Key Management¶
Salt uses AES encryption for all communication between the Master and the Minion. This ensures that the commands sent to the Minions cannot be tampered with, and that communication between Master and Minion is authenticated through trusted, accepted keys.
Before commands can be sent to a Minion, its key must be accepted on the Master. Run thesalt-key command to list the keys known to the Salt Master:
[root@master ~]# salt-key -LUnaccepted Keys:alphabravocharliedeltaAccepted Keys:
This example shows that the Salt Master is aware of four Minions, but none of the keys has been accepted. To accept the keys and allow the Minions to be controlled by the Master, again use thesalt-key command:
[root@master ~]# salt-key -A[root@master ~]# salt-key -LUnaccepted Keys:Accepted Keys:alphabravocharliedelta
The salt-key command allows for signing keys individually or in bulk. The example above, using-A bulk-accepts all pending keys. To accept keys individually use the lowercase of the same option,-a keyname.
See also
salt-key manpage
22.7.5. Sending Commands¶
Communication between the Master and a Minion may be verified by running the test.ping command:
[root@master ~]# salt alpha test.pingalpha: True
Communication between the Master and all Minions may be tested in a similar way:
[root@master ~]# salt '*' test.pingalpha: Truebravo: Truecharlie: Truedelta: True
Each of the Minions should send a True response as shown above.
22.7.6. What's Next?¶
Understanding targeting is important. From there, depending on the way you wish to use Salt, you should also proceed to learn aboutStates and Execution Modules.
- Saltstack安装和基础配置官方文档
- 安装和配置saltstack
- 一、SaltStack安装与基础配置
- saltstack 基础入门文档
- Saltstack基础文档
- 关于saltstack简介,安装和基本配置
- saltstack配置安装和windowns应用
- saltstack的简单安装和配置
- saltstack的安装配置
- saltstack安装配置笔记
- saltstack安装配置
- SaltStack安装及配置
- Saltstack 安装配置详解
- Saltstack 安装配置详解
- saltstack官方文档——State Enforcement
- saltstack官方文档——Salt Syndic
- saltstack安装配置(面向零基础的,求大神不吐槽)
- Saltstack安装和使用
- do...while(0)的用处
- android 命名规范
- 1030 完美数列
- 优先队列的使用(模板)
- Android Jni知识点
- Saltstack安装和基础配置官方文档
- 快捷启动、停止、重启、杀死指定端口MySQL进程的脚本
- [AHK]火狐一键激活与隐藏
- android和iOS平台的崩溃捕获和收集
- VIM 常用技巧 命令
- 指针数组与数组指针
- 关于PHP页面显示乱码问题的解决
- 通过smali注入的方式插入自定义代码来监控app的行为数据
- Linux常用命令(八) - touch