[root@vmware1~]#rpm-ivh[root@vmware1~]#yuminstall-ysalt-master[root@vmware1~]#/etc/init.d/salt-masterstart[root@vmware1~]#chkconfigsalt-masteron[root@vmware1~]#chkconfig–listsalt-mastersalt-master0:off1:off2:on3:on4:on5:on6:off[root@vmware1~]#vim/etc/salt/masterinterface:10.0.1.173#服务端master的IP地址publish_port:4505#监听salt的消息发布系统端口ret_port:4506#salt客户端与服务端通信的端口[root@vmware1~]#/etc/init.d/salt-masterrestart必须保证这2个端口可以正常通信,如果开启iptables防火墙,需要添加以下2条规则:-AINPUT-mstate–statenew-mtcp-ptcp–dport4505-jACCEPT-AINPUT-mstate–statenew-mtcp-ptcp–dport4506-jACCEPT[root@vmware2~]#yuminstall-ysalt-minion[root@vmware2~]#vim/etc/salt/minionmaster:10.0.1.173#填写master端的IP地址id:vmware2#minion客户端主机名(标识字符)master_port:4506#开启salt客户端与服务端通信的端口[root@vmware2~]#/etc/init.d/salt-minionrestart
4.
auto_accept: True,设置为自动接受。
[root@vmware1~]#vim/etc/salt/masterauto_accept:True重启下salt-master服务。[root@vmware1~]#/etc/init.d/salt-masterrestart[root@vmware1~]#salt-key-LAcceptedKeys:vmware1vmware2UnacceptedKeys:RejectedKeys:
2)运行测试下。
[root@vmware1~]#salt’*’test.pingvmware2:True[root@vmware1~]#salt’*’cmd.run’date’vmware2:FriAug2212:05:24CST2014[root@vmware1~]#catadd_user.sh#!/bin/bashPS=`awk-F”:”‘/taokey/{print$2}’/etc/shadow`ifidtaokey&>/dev/null2>&1thensed-i’/taokey/s#’$PS’#abcd#g’/etc/shadowelseuseraddtaokeysed-i’/taokey/s/!!/abcd/’g/etc/shadowfiif[-n`whichsudo`];thenecho’sudoexist’&>/dev/null2>&1else/usr/bin/yuminstall-ysudoecho”taokeyALL=(ALL)ALL”>>/etc/sudoersfiNum=`greptaokey/etc/sudoers|wc-l`if[“$Num”=”1″]thenecho”userisexist.”>/dev/nullelseecho”taokeyALL=(ALL)ALL”>>/etc/sudoersfi[root@vmware1~]#mkdir-p/srv/salt[root@vmware1~]#cpadd_user.sh/srv/salt/[root@vmware1~]#cd/srv/salt/[root@vmware1salt]#lsadd_user.sh[root@vmware1salt]#salt’*’cmd.scriptsalt://add_user.shvmware2:———-pid:4960retcode:0stderr:stdout:执行脚本之前的客户端:[root@vmware2~]#cat/etc/shadow|greptaokey[root@vmware2~]#执行之后的客户端:[root@vmware2~]#cat/etc/shadow|greptaokeytaokey:abcd:16304:0:99999:7:::[root@vmware2~]#whichsudo/usr/bin/sudo[root@vmware2~]#tail/etc/sudoers##cdromasroot#%usersALL=/sbin/mount/mnt/cdrom,/sbin/umount/mnt/cdrom##Allowsmembersoftheusersgrouptoshutdownthissystem#%userslocalhost=/sbin/shutdown-hnow##Readdrop-infilesfrom/etc/sudoers.d(the#heredoesnotmeanacomment)#includedir/etc/sudoers.dtaokeyALL=(ALL)ALL
4.在虚拟机上操作之后,,开始线上操作。
这时候,我就可以批量操作100多台服务器了。
本文出自 “岁月在流逝,光辉依然在” 博客,请务必保留此出处
感受最美的风景。你曾经说,
