1. 主机规划
salt 版本
[root@salt100 ~]# salt --version
salt 2018.3. (Oxygen)
[root@salt100 ~]# salt-minion --version
salt-minion 2018.3. (Oxygen)
salt 无master文档
standalone_minion
https://docs.saltstack.com/en/latest/topics/tutorials/standalone_minion.html
salt-call
https://docs.saltstack.com/en/latest/ref/cli/salt-call.html
注意★★★★★
当salt处于无master【masterless】模式时,不要运行salt-minion守护进程。否则salt-minion将尝试去连接master并失败。salt-call命令独立存在,不需要salt-minion守护进程。
2. 无master操作步骤
备注:此次是在salt01上操作
1、关闭salt-minion、关闭开机自启动
systemctl stop salt-minion.service
systemctl disable salt-minion.service
2、minion端配置修改
[root@salt01 ~]# vim /etc/salt/minion
………………
# Set the file client. The client defaults to looking on the master server for
# files, but can be directed to look at the local file directory setting
# defined below by setting it to "local". Setting a local file_client runs the
# minion in masterless mode.
#file_client: remote
file_client: local # 从默认的 remote改为local
………………
备注:salt-call 会读取该配置文件,因此该配置文件必须改。
3、file_roots和pillar_roots设置
使用默认的即可,不需要设置
4、External pillars设置
无master模式支持External pillars
3. 无master模式测试
3.1. 常规信息
[root@salt01 ~]# salt-call test.ping
local:
True
[root@salt01 ~]# salt-call grains.items # 查看所有grains信息
3.2. grains设置
[root@salt01 ~]# vim /etc/salt/minion
………………
# Custom static grains for this minion can be specified here and used in SLS
# files just like all other grains. This example sets custom grains, with
# the 'roles' grain having two values that can be matched against.
grains:
roles:
- webserver03
- memcache03
os: redhat03
tree: tree001
………………
[root@salt01 ~]# salt-call saltutil.sync_grains # 刷新 grains【实际可以不进行此操作,因为是本地读取】
local:
##### 查看grains结果
[root@salt01 ~]# salt-call grains.item tree
local:
----------
tree:
tree001
[root@salt01 ~]# salt-call grains.item roles
local:
----------
roles:
- webserver03
- memcache03
[root@salt01 ~]# salt-call grains.item roles: # 读取列表中的下标为1的数据
local:
----------
roles::
memcache03
3.3. pillar设置
[root@salt01 pillar]# pwd
/srv/pillar
[root@salt01 pillar]# cat top.sls
base:
'*':
- web_pillar.user
[root@salt01 pillar]# cat web_pillar/user.sls
tree:
tree01:
- name01: zhang01
- name02: zhang02
tree02:
- my_user1: salt0-
- my_user2: salt0-
[root@salt01 ~]# salt-call saltutil.sync_pillar # 刷新【实际可以不进行此操作,因为是本地读取】
local:
###### pillar数据查询
[root@salt01 ~]# salt-call pillar.items
local:
----------
tree:
----------
tree01:
|_
----------
name01:
zhang01
|_
----------
name02:
zhang02
tree02:
|_
----------
my_user1:
salt0-
|_
----------
my_user2:
salt0-
[root@salt01 ~]# salt-call pillar.item tree:tree01
local:
----------
tree:tree01:
|_
----------
name01:
zhang01
|_
----------
name02:
zhang02
[root@salt01 ~]# salt-call pillar.item tree:tree01:name01
local:
----------
tree:tree01:name01:
zhang01
注意这几个的区别【取列表信息】
[root@salt01 pillar]# salt-call pillar.item tree:tree01
local:
----------
tree:tree01:
|_
----------
name01:
zhang01
|_
----------
name02:
zhang02
[root@salt01 pillar]# salt-call pillar.item tree:tree01:
local:
----------
tree:tree01::
----------
name01:
zhang01
[root@salt01 pillar]# salt-call pillar.item tree:tree01:name01
local:
----------
tree:tree01:name01:
zhang01
[root@salt01 pillar]# salt-call pillar.item tree:tree01::name01
local:
----------
tree:tree01::name01:
zhang01
———————————————END———————————————