Installation and deployment of enterprise level automatic operation and maintenance tool saltstack httpd php service##

1. Installation services:
[server1]

[root@server1 yum.repos.d]# yum install salt-master-*
[root@server1 salt]# ls
cloud           cloud.maps.d       master    minion.d  proxy.d
cloud.conf.d    cloud.profiles.d   master.d  pki       roster
cloud.deploy.d  cloud.providers.d  minion    proxy
[root@server1 salt]# /etc/init.d/salt-master  start
Starting salt-master daemon:                               [  OK  ]

[server2]

[root@server2 yum.repos.d]# yum install -y salt-minion
[root@server2 yum.repos.d]# cd /etc/salt/
[root@server2 salt]# ls
cloud           cloud.maps.d       master    minion.d  proxy.d
cloud.conf.d    cloud.profiles.d   master.d  pki       roster
cloud.deploy.d  cloud.providers.d  minion    proxy
[root@server2 salt]# vim minion                 ##Add master host
[root@server2 salt]# /etc/init.d/salt-minion start
Starting salt-minion:root:server2 daemon: OK

2. Send the key to establish a secret free connection:

[root@server1 salt]# salt-key -L    ##It can be seen that server2 is connecting to server1, but there is no secret free

[root@server1 salt]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
server2
Proceed? [n/Y] y
Key for minion server2 accepted.
[root@server1 salt]# salt-key -L    ##Security free has been added, server2 can connect normally

[test] try to execute ping command remotely

[root@server1 salt]# salt server2 test.ping
server2:
    True            ##Success

[test] try to view the server2 hostname remotely

[root@server1 salt]# salt server2 cmd.run hostname
server2:
    server2

[test] try to view the storage of server2 remotely

[root@server1 salt]# salt server2 cmd.run 'df -h'
server2:
    Filesystem                    Size  Used Avail Use% Mounted on
    /dev/mapper/VolGroup-lv_root   19G  972M   17G   6% /
    tmpfs                         499M   16K  499M   1% /dev/shm
    /dev/vda1                     485M   33M  427M   8% /boot

3. Check whether the md5 codes of the two hosts are the same:
[server1]

[root@server1 master]# pwd
/etc/salt/pki/master
[root@server1 master]# md5sum master.pub 
7ffc5c2240c6a4d4ff2c36917df1a606  master.pub

[server2]

[root@server2 minion]# pwd
/etc/salt/pki/minion
[root@server2 minion]# md5sum  minion_master.pub 
7ffc5c2240c6a4d4ff2c36917df1a606  minion_master.pub

4. View the minions host connected to server1:

[root@server1 minions]# pwd
/etc/salt/pki/master/minions
[root@server1 minions]# ls
server2
[root@server1 minions]# cd ..
[root@server1 master]# tree .
.
├── master.pem
├── master.pub
├── minions
│   └── server2
├── minions_autosign
├── minions_denied
├── minions_pre
└── minions_rejected

5 directories, 3 files

5. Check whether the service port is open:
[server1]

[root@server1 minions]# netstat -antlp
tcp        0      0 0.0.0.0:4505                0.0.0.0:*                   LISTEN      1128/python2.6      
tcp        0      0 0.0.0.0:4506                0.0.0.0:*                   LISTEN      1135/python2.6      
[root@server1 minions]# lsof -i :4505
COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
salt-mast 1128 root   16u  IPv4  14015      0t0  TCP *:4505 (LISTEN)
salt-mast 1128 root   18u  IPv4  19744      0t0  TCP server1:4505->server2:39131 (ESTABLISHED)
[root@server1 minions]# lsof -i :4506
COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
salt-mast 1135 root   24u  IPv4  14026      0t0  TCP *:4506 (LISTEN)

[server2]

[root@server2 salt]# netstat -antlp
tcp        0      0 172.25.39.2:39131           172.25.39.1:4505            ESTABLISHED 2183/python2.6                         ##server2 just made a connection

6. Install python environment:

[root@server1 minions]# yum install -y python-setproctitle.x86_64
[root@server1 minions]# /etc/init.d/salt-master  restart
Stopping salt-master daemon:                               [  OK  ]
Starting salt-master daemon:                               [  OK  ]

7.server1 remote connection server2 download installation service:
[1] Edit master Master profile

[root@server1 ~]# cd /etc/salt/
[root@server1 salt]# vim master

[root@server1 salt]# /etc/init.d/salt-master  restart
Stopping salt-master daemon:                               [  OK  ]
Starting salt-master daemon:                               [  OK  ]

[2] Edit the execution script when downloading the installation service:

[root@server1 salt]# mkdir /srv/salt
[root@server1 salt]# mkdir httpd
[root@server1 salt]# cd httpd/
[root@server1 httpd]# vim install.sls

Install httpd and php services

[root@server1 salt]# mv httpd/ /srv/salt/
[3] Execute the script on server1, connect server2 to download and install:

[root@server1 salt]# salt server2 state.sls httpd.install
server2:
          ID: apache-install
    Function: pkg.installed
      Result: True
     Comment: The following packages were installed/updated: httpd, php
     Started: 11:57:23.964641
    Duration: 10997.3 ms
     Changes:

Test:
Description installed automatically on server2

[root@server2 salt]# rpm -q httpd
httpd-2.2.15-29.el6_4.x86_64
[root@server2 salt]# rpm -q php
php-5.3.3-26.el6.x86_64

[4] Edit the script again to start the service automatically after installation:

[root@server1 httpd]# pwd
/srv/salt/httpd
[root@server1 httpd]# ls
install.sls
[root@server1 httpd]# vim install.sls

[root@server1 httpd]# salt server2 state.sls httpd.install           ##Execution script
//Test:
//View process:
3001 ?        S      0:00 /usr/sbin/httpd
 3002 ?        S      0:00 /usr/sbin/httpd
 3003 ?        S      0:00 /usr/sbin/httpd
 3010 pts/0    R+     0:00 ps ax

View port:

[root@server2 salt]# netstat -antlp
tcp        0      0 :::80                       :::*                        LISTEN      2987/httpd

[5] Directly deploy the power on Service:
Check in advance whether the httpd service of server 2 is open:

[root@server2 salt]# chkconfig --list httpd
httpd           0:off   1:off   2:off   3:off   4:off   5:off   6:off
[root@server1 httpd]# vim install.sls

[root@server1 httpd]# salt server2 state.sls httpd.install

Test: server2 view the power on auto start:

[root@server2 salt]# chkconfig --list httpd
httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off

[6] To automatically change the httpd service port:
[server1]

[root@server1 httpd]# vim install.sls

[root@server1 httpd]# pwd
/srv/salt/httpd
[root@server1 httpd]# ls
install.sls
[root@server1 httpd]# mkdir files
[root@server1 httpd]# cd files/

[server2]

[root@server2 salt]# ll /etc/httpd/conf/httpd.conf 
-rw-r--r-- 1 root root 34418 Aug  2  2013 /etc/httpd/conf/httpd.conf
[root@server2 salt]# scp /etc/httpd/conf/httpd.conf  server1:/srv/salt/httpd/files
ssh: connect to host server1 port 22: Network is unreachable
lost connection
[root@server2 salt]# scp /etc/httpd/conf/httpd.conf  172.25.39.1:/srv/salt/httpd/files
The authenticity of host '172.25.39.1 (172.25.39.1)' can't be established.
RSA key fingerprint is ce:b7:35:21:60:9f:f3:8d:f4:25:af:73:ad:ad:bc:ab.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.25.39.1' (RSA) to the list of known hosts.
root@172.25.39.1's password: 
httpd.conf                                   100%   34KB  33.6KB/s   00:00

[server1] change port

[root@server1 files]# ll
total 36
-rw-r--r-- 1 root root 34418 Aug 17 12:34 httpd.conf
[root@server1 files]# vim httpd.conf

[root@server1 files]# salt server2 state.sls httpd.install

Test: [server2] view httpd service port

[root@server2 salt]# netstat -antlp
tcp        0      0 :::8080                     :::*                        LISTEN      2987/httpd

Posted by Mark.P.W on Wed, 01 Jan 2020 17:04:35 -0800

Programmer Group

Installation and deployment of enterprise level automatic operation and maintenance tool saltstack httpd php service##

Hot Keywords