http://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html
curl -L <https://bootstrap.saltstack.com> -o install_salt.sh
sudo sh install_salt.sh
sudo salt-call —local state.highstate로 실행salt ‘*’ test.pingsalt -G ‘os:CentOS’ test.ping # grain 조건에 따라salt -E ’10.77.\\w+’ test.ping # RE matchingsalt ‘*’ grains.itemssalt ‘*’ grains get idsalt ‘*’ cmd.run ‘ls -l’salt ‘*’ disk.usagesalt ‘*’ pkg.install vimsalt ‘*’ network.interfacessalt ‘*’ cmd.exec_code python ‘import sys; print sys.version’]salt ‘*’ pip.install salt timeout=5 upgrade=Truemaster의 /srv/salt 디렉토리에 emacs.sls 파일을 생성하고
salt ‘*’ sate.sls emacs
emacs:
pkg.installed
/root/.emacs:
file.managed:
- source: <salt://emacs> (/srv/salt 디렉토리)
- mode: 644
- user: root
- group: root
salt ‘*’ state.sls emacs (설정파일까지 설치해줌)
apache:
pkg.installed: \[\]
service.running:
- require:
- pkg: apache
yaml_jinja를 통해 php처럼 SSI 로직을 담을 수 있음
apache:
pkg.installed:
{% if grains['os'] == 'RedHat'%}
- name: httpd
{% endif %}
service.running:
{% if grains['os'] == 'RedHat'%}
- name: httpd
{% endif %}
- watch:
- pkg: apache
- file: /etc/httpd/conf/httpd.conf
- user: apache
user.present:
- uid: 87
- gid: 87
- home: /var/www/html
- shell: /bin/nologin
- require:
- group: apache
group.present:
- gid: 87
- require:
- pkg: apache
/etc/httpd/conf/httpd.conf:
file.managed:
- source: salt://apache/httpd.conf
- user: root
- group: root
- mode: 644
pip install cherrypy
http://docs.saltstack.com/en/latest/ref/netapi/all/salt.netapi.rest_cherrypy.html
salt-call —local tls.create_self_signed_cert 실행해서 인증서와 key 파일 생성sudo salt-mastersudo salt-apicurl -sSk <https://localhost:8000/login> -H ‘Accept: application/x-yaml’ -d username=saltdev -d password=saltdev -d eauth=auto 로 API 토큰 발급curl -sSk <https://localhost:8000/login> -c ~/cookies.txt -H 'Accept: application/x-yaml' -d username=saltdev -d password=saltdev -d eauth=auto
curl -sSk <https://localhost:8000> -b ~/cookies.txt -H 'Accept: application/x-yaml' -d client=local -d tgt='*' -d fun=test.ping
salt-api에 환경변수 PYTHONPATH가 하드코드되어 있음
key가 cache되어 있으므로 salt-key -D를 실행하여 키를 삭제해주면 됨
salt-key -a <IP주소 or 호스트이름>