Saltstack批量部署apache

實驗環境：

192.168.18.128 master

192.168.18.148 web01

192.168.18.145 web02

第一步：分別給三臺服務器安裝epel源

Master：

[root@localhost ~]# hostnamectl set-hostname master.saltstack.com
[root@localhost ~]# su
[root@master ~]# hostname
master.saltstack.com
[root@master ~]# systemctl stop firewalld.service
[root@master ~]# setenforce 0
[root@master ~]# vim /etc/hosts
`按大寫字母G到末行，按小寫字母o轉下行插入如下內容`
192.168.18.128 master.saltstack.com
192.168.18.148 web01.saltstack.com
192.168.18.145 web02.saltstack.com
#修改完成後按Esc退出插入模式，輸入:wq保存退出
[root@master ~]# yum install -y epel-release

Web01：

[root@localhost ~]# hostnamectl set-hostname web01.saltstack.com
[root@localhost ~]# su
[root@web01 ~]# hostname
web01.saltstack.com
[root@web01 ~]# systemctl stop firewalld.service
[root@web01 ~]# setenforce 0
[root@web01 ~]# vim /etc/hosts
`按大寫字母G到末行，按小寫字母o轉下行插入如下內容`
192.168.18.128  master.saltstack.com
192.168.18.148  web01.saltstack.com
192.168.18.145  web02.saltstack.com
#修改完成後按Esc退出插入模式，輸入:wq保存退出
[root@web01 ~]#  yum install -y epel-release

Web02：

[root@localhost ~]# hostnamectl set-hostname web02.saltstack.com
[root@localhost ~]# su
[root@web02 ~]# hostname
web02.saltstack.com
[root@web02 ~]# systemctl stop firewalld.service
[root@web02 ~]# setenforce 0
[root@web02 ~]# vim /etc/hosts
`按大寫字母G到末行，按小寫字母o轉下行插入如下內容`
192.168.18.128  master.saltstack.com
192.168.18.148  web01.saltstack.com
192.168.18.145  web02.saltstack.com
#修改完成後按Esc退出插入模式，輸入:wq保存退出
[root@web02 ~]#  yum install -y epel-release

第二步：master服務器的操做

[root@master ~]# yum -y install salt-master
[root@master ~]# vim /etc/salt/master
15 interface: 192.168.18.128    #15行，刪除註釋，監聽本機地址
215 auto_accept: True           #215行，刪除註釋，證書認證開啓
416 file_roots:
417   base:
418     - /srv/salt             #416-418行，刪除註釋，saltstack文件根目錄位置，目錄須要建立
710 nodegroups:
711   group1: 'web01.saltstack.com'
712   group2: 'web02.saltstack.com'     #710-712行，刪除註釋，兩個節點組服務器的名稱
552 pillar_opts: True           #552行，刪除註釋，開啓pillar功能，同步文件功能
529 pillar_roots:
530   base:
531     - /srv/pillar           #529-531行，刪除註釋，pillar的主目錄，須要建立
#修改完成後按Esc退出插入模式，輸入:wq保存退出

`查看對主配置文件作的更改`
[root@master ~]# cat /etc/salt/master | grep -v ^$ | grep -v ^#
interface: 192.168.18.128
auto_accept: True
file_roots:
  base:
    - /srv/salt
pillar_roots:
  base:
    - /srv/pillar
pillar_opts: True
nodegroups:
  group1: 'web01.saltstack.com'
  group2: 'web02.saltstack.com'

`建立salt與pillar文件根目錄`
[root@master ~]# mkdir /srv/salt
[root@master ~]# mkdir /srv/pillar
[root@master ~]# ls /srv/
pillar  salt

[root@master ~]# systemctl start salt-master.service    #啓動服務
[root@master ~]# systemctl enable salt-master           #設置爲開機自啓
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.service to /usr/lib/systemd/system/salt-master.service.
[root@master ~]# netstat -anpt | egrep '4505|4506'      #查看端口開啓
tcp        0      0 192.168.18.128:4505     0.0.0.0:*             LISTEN      5178/python  tcp        0      0 192.168.18.128:4506     0.0.0.0:*             LISTEN      5202/python

第三步：節點服務器的操做

web01：

[root@web01 ~]# yum -y install salt-minion
`修改配置文件`
16 master: 192.168.18.128       #16行，刪除註釋，指定主控端IP
78 id: web01.saltstack.com      #78行，刪除註釋，指定被控端主機名
#修改完成後按Esc退出插入模式，輸入:wq保存退出
[root@web01 ~]# systemctl start salt-minion.service

web02：

[root@web02 ~]# yum -y install salt-minion
`修改配置文件`
[root@web02 ~]# vim /etc/salt/minion
16 master: 192.168.18.128       #16行，刪除註釋，指定主控端IP
78 id: web02.saltstack.com      #78行，刪除註釋，指定被控端主機名
#修改完成後按Esc退出插入模式，輸入:wq保存退出
[root@web02 ~]# systemctl start salt-minion.service

驗證：

`在主控端測試與被控端的通訊狀態`
[root@master ~]# salt '*' test.ping
web02.saltstack.com:
    True
web01.saltstack.com:
    True

`遠程執行命令查看兩個節點的掛載狀況`
[root@master ~]# salt '*' cmd.run 'df -h'
web01.saltstack.com:
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda2        20G  3.5G   17G  18% /
    devtmpfs        898M     0  898M   0% /dev
    tmpfs           912M   12K  912M   1% /dev/shm
    tmpfs           912M   18M  895M   2% /run
    tmpfs           912M     0  912M   0% /sys/fs/cgroup
    /dev/sda1       6.0G  174M  5.9G   3% /boot
    /dev/sda5        10G   54M   10G   1% /home
    tmpfs           183M  4.0K  183M   1% /run/user/42
    tmpfs           183M   24K  183M   1% /run/user/0
    /dev/sr0        4.3G  4.3G     0 100% /run/media/root/CentOS 7 x86_64
web02.saltstack.com:
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda2        20G  3.5G   17G  18% /
    devtmpfs        898M     0  898M   0% /dev
    tmpfs           912M   12K  912M   1% /dev/shm
    tmpfs           912M   18M  895M   2% /run
    tmpfs           912M     0  912M   0% /sys/fs/cgroup
    /dev/sda5        10G   54M   10G   1% /home
    /dev/sda1       6.0G  174M  5.9G   3% /boot
    tmpfs           183M  4.0K  183M   1% /run/user/42
    tmpfs           183M   24K  183M   1% /run/user/0
    /dev/sr0        4.3G  4.3G     0 100% /run/media/root/CentOS 7 x86_64

`若是單獨只看某一個節點的掛載狀況`
[root@master ~]# salt 'web02.saltstack.com' cmd.run 'df -h'
web02.saltstack.com:
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda2        20G  3.5G   17G  18% /
    devtmpfs        898M     0  898M   0% /dev
    tmpfs           912M   12K  912M   1% /dev/shm
    tmpfs           912M   18M  895M   2% /run
    tmpfs           912M     0  912M   0% /sys/fs/cgroup
    /dev/sda5        10G   54M   10G   1% /home
    /dev/sda1       6.0G  174M  5.9G   3% /boot
    tmpfs           183M  4.0K  183M   1% /run/user/42
    tmpfs           183M   24K  183M   1% /run/user/0
    /dev/sr0        4.3G  4.3G     0 100% /run/media/root/CentOS 7 x86_64

`顯示web01的詳細信息`
[root@master ~]# salt 'web01.saltstack.com' grains.items
web01.saltstack.com:
    ----------
    SSDs:
    biosreleasedate:
        07/29/2019
    biosversion:
        6.00
    cpu_flags:
        ......此處省略多行
    host:
        web01
    hwaddr_interfaces:
        ----------
        ens33:
            00:0c:29:79:45:8e
        lo:
            00:00:00:00:00:00
        virbr0:
            52:54:00:e7:ec:25
        virbr0-nic:
            52:54:00:e7:ec:25
    id:
        web01.saltstack.com
        ......此處省略多行
    ip_interfaces:
        ----------
        ens33:
            - 192.168.18.148
            - fe80::6a0c:e6a0:7978:3543     #網卡的mac地址
        lo:
            - 127.0.0.1
            - ::1
        virbr0:
            - 192.168.122.1
        virbr0-nic:
    ipv4:
        - 127.0.0.1
        - 192.168.122.1
        - 192.168.18.148
    ipv6:
        - ::1
        - fe80::6a0c:e6a0:7978:3543
    ......此處省略多行
    virtual:
        VMware
    zmqversion:
        4.1.4

`查看動態信息`
[root@master ~]# salt 'web01.saltstack.com' pillar.items

`查看在master上已經被接受過的客戶端`
[root@master ~]# salt-key
Accepted Keys:      #認證過的主機名
web01.saltstack.com
web02.saltstack.com
Denied Keys:        #拒絕 
Unaccepted Keys:    #未經過認證
Rejected Keys:

第四步：批量安裝apache

[root@master ~]# cd /srv/salt/
[root@master salt]# ls
[root@master salt]# vim top.sls
base:
  '*':
    - apache
#在全部的客戶端執行apache模塊

[root@master salt]# vim apache.sls
apache-service:
  pkg.installed:
    - names:
      - httpd
      - httpd-devel
  service.running:
    - name: httpd
    - enable: True
#修改完成後按Esc退出插入模式，輸入:wq保存退出

[root@master salt]# ls
apache.sls  top.sls

`重啓服務`
[root@master salt]# systemctl restart salt-master.service

`執行批量部署命令`
[root@master salt]# salt '*' state.highstate
[root@master ~]# salt '*' state.highstate
web01.saltstack.com:
----------
          ID: apache-service
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: The following packages were installed/updated: httpd
     Started: 15:04:51.323952
    Duration: 40217.299 ms
     Changes:
              ----------
              apr:
                  ----------
                  new:
                      1.4.8-5.el7
                  old:
              apr-util:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              httpd:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              httpd-tools:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              mailcap:
                  ----------
                  new:
                      2.1.41-2.el7
                  old:
----------
          ID: apache-service
    Function: pkg.installed
        Name: httpd-devel
      Result: True
     Comment: The following packages were installed/updated: httpd-devel
     Started: 15:05:31.545046
    Duration: 16876.92 ms
     Changes:
              ----------
              apr-devel:
                  ----------
                  new:
                      1.4.8-5.el7
                  old:
              apr-util-devel:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              cyrus-sasl:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-devel:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
              cyrus-sasl-gssapi:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-lib:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-md5:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-plain:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-scram:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              expat-devel:
                  ----------
                  new:
                      2.1.0-10.el7_3
                  old:
              httpd-devel:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              libdb:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
                      5.3.21-20.el7
              libdb-devel:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
              libdb-utils:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
                      5.3.21-20.el7
              openldap:
                  ----------
                  new:
                      2.4.44-21.el7_6
                  old:
                      2.4.44-5.el7
              openldap-devel:
                  ----------
                  new:
                      2.4.44-21.el7_6
                  old:
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd has been enabled, and is running
     Started: 15:05:48.459684
    Duration: 1822.995 ms
     Changes:
              ----------
              httpd:
                  True

Summary
------------
Succeeded: 3 (changed=3)
Failed:    0
------------
Total states run:     3
web02.saltstack.com:
----------
          ID: apache-service
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: The following packages were installed/updated: httpd
     Started: 15:04:51.468389
    Duration: 50746.816 ms
     Changes:
              ----------
              apr:
                  ----------
                  new:
                      1.4.8-5.el7
                  old:
              apr-util:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              httpd:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              httpd-tools:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              mailcap:
                  ----------
                  new:
                      2.1.41-2.el7
                  old:
----------
          ID: apache-service
    Function: pkg.installed
        Name: httpd-devel
      Result: True
     Comment: The following packages were installed/updated: httpd-devel
     Started: 15:05:42.221145
    Duration: 28643.51 ms
     Changes:
              ----------
              apr-devel:
                  ----------
                  new:
                      1.4.8-5.el7
                  old:
              apr-util-devel:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              cyrus-sasl:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-devel:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
              cyrus-sasl-gssapi:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-lib:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-md5:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-plain:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              cyrus-sasl-scram:
                  ----------
                  new:
                      2.1.26-23.el7
                  old:
                      2.1.26-21.el7
              expat-devel:
                  ----------
                  new:
                      2.1.0-10.el7_3
                  old:
              httpd-devel:
                  ----------
                  new:
                      2.4.6-90.el7.centos
                  old:
              libdb:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
                      5.3.21-20.el7
              libdb-devel:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
              libdb-utils:
                  ----------
                  new:
                      5.3.21-25.el7
                  old:
                      5.3.21-20.el7
              openldap:
                  ----------
                  new:
                      2.4.44-21.el7_6
                  old:
                      2.4.44-5.el7
              openldap-devel:
                  ----------
                  new:
                      2.4.44-21.el7_6
                  old:
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd has been enabled, and is running
     Started: 15:06:10.880454
    Duration: 1618.997 ms
     Changes:
              ----------
              httpd:
                  True

Summary
------------
Succeeded: 3 (changed=3)
Failed:    0
------------
Total states run:     3
#此時兩臺節點部署apache服務完成

驗證：兩臺web服務器上是否成功安裝了apache服務

web01：

[root@web01 ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64
[root@web01 ~]# netstat -ntap | grep 80
tcp6       0      0 :::80                   :::*                  LISTEN      6786/httpd

web02：

[root@web02 ~]# rpm -q httpd
httpd-2.4.6-90.el7.centos.x86_64
[root@web02 ~]# netstat -ntap | grep 80
tcp6       0      0 :::80                   :::*                  LISTEN      6759/httpd