Commit 2e7dde1d authored by Martin Mai's avatar Martin Mai
Browse files

-

parents
Kommandos
=========
## salt-minion einrichten
```
#!/bin/bash
apt-get remove -y --purge salt-minion
##passendes repo
#wget -O - https://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest/#SALTSTACK-GPG-KEY.pub | sudo apt-key add -
#echo 'deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest trusty main' \
#> /etc/apt/sources.list.d/saltstack.list
rm -R /etc/salt/
apt-get update
apt-get install -y salt-minion && \
cat /etc/hostname > /etc/salt/minion_id && \
perl -pi.bak -e 's/#master: salt/master: 141.13.XXX.XXX/g' /etc/salt/minion && \
service salt-minion restart && \
sleep 10
service salt-minion restart
salt-minion status
```
## salt-minion entfernen
```
apt-get remove -y --purge salt-minion
rm -R /etc/salt/
```
## salt-minion aus repo installieren 14.04
```
wget -O - https://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -
echo 'deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest trusty main' \
> /etc/apt/sources.list.d/saltstack.list
```
## salt-minion aus repo installieren 12.04
```
## salt-minion aus repo installieren 14.04
wget -O - https://repo.saltstack.com/apt/ubuntu/12.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -
echo 'deb http://repo.saltstack.com/apt/ubuntu/12.04/amd64/latest precise main' \
> /etc/apt/sources.list.d/saltstack.list
```
## salt-minion aus repo installieren latest
```
## salt-minion aus repo installieren 14.04
wget -O - https://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -
echo 'deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest trusty main' \
> /etc/apt/sources.list.d/saltstack.list
```
```
apt-get update
apt-get install -y salt-minion
cat /etc/hostname > /etc/salt/minion_id && \
perl -pi.bak -e 's/#master: salt/master: 141.13.XXX.XXX/g' /etc/salt/minion && \
service salt-minion restart
service salt-minion status
```
### id-explizit setzen
```
label="test-ticketsystem-upgrade-1"
id=$(date "+%Y_%m_%d__%H_%M")
id=$label"-"$id
apt-get remove -y --purge salt-minion
rm -R /etc/salt/
apt-get install -y salt-minion && \
echo $id > /etc/salt/minion_id && \
perl -pi.bak -e 's/#master: salt/master: 141.13.XXX.XXX/g' /etc/salt/minion && \
service salt-minion restart && \
service salt-minion status
```
## salt-master
### state.apply
```
salt --hide-timeout -E '.*' state.apply
salt --hide-timeout -E --state-output=changes '.*' state.apply
--hide-timeout
-This option prints only the online minions which could be reached.
salt -G 'osrelease:14.04' state.apply
/etc/salt/master
state_verbose: False
state_verbose: True
salt -E 'cmdb-580' state.highstate \
--state-verbose=False \
--state-output=mixed \
--hide-timeout
salt -E '.*' state.highstate \
--state-verbose=False \
--state-output=mixed \
--hide-timeout
salt -E '.*' state.highstate \
--state-verbose=False \
--state-output=changes \
--hide-timeout
--state-output=changes
--state-output=mixed
'*' state.highstate --state-verbose=False
```
### test
```
#alle minions auflisten
salt -E ".*" test.ping
salt -E ".*ticketsystem.*" test.ping
salt -E ".*infos.*" test.ping
salt -E ".*" cmd.run "docker ps"
salt -E ".*" cmd.run "cat /root/.ssh/authorized_keys2"
```
### debug
salt '*' saltutil.kill_all_jobs
### Recherche-Interface
https://api.rz.uni-bamberg.de/html/rz/itfl-service/saltstack/limit-rz-ip/minions
### Suche nach ip
```
salt -G 'ipv4:141.13.241.3' grains.item fqdn_ip4
```
### Suche nach minion-id
```
salt -E '.*cmdb-4.*' grains.items
salt -E '.*2017_03_10__13_02.*' grains.item fqdn_ip4
salt -E '.*' grains.item fqdn_ip4
```
### salt-key
https://docs.saltstack.com/en/latest/ref/cli/salt-key.html
#### salt-key alle hinzufügen
```
salt-key --accept-all
watch "salt-key --include-denied --accept-all -y "
```
#### salt-key --delete cmdb-622
salt-key --delete test-ticketsystem-uni-bamberg
allgemeien Daten auflisten
salt '*' grains.items
README
======
#state_verbose: False
file_roots:
base:
- /srv/salt/prod
qa:
- /srv/salt/qa
- /srv/salt/prod
dev:
- /srv/salt/dev
- /srv/salt/qa
- /srv/salt/prod
pillar_roots:
base:
- /srv/pillar
info: some datfffa
\ No newline at end of file
#https://docs.saltstack.com/en/latest/topics/tutorials/pillar.html#pillar-walk-through
base:
'*':
- data
\ No newline at end of file
vim:
pkg.installed
#/etc/vimrc:
# file.managed:
# - source: salt://edit/vimrc
# - mode: 644
# - user: root
# - group: root
\ No newline at end of file
abgelaufene-pubkeys-entfernen:
ssh_auth.absent:
- user: root
- source: salt://ssh_keys/entfernen/pubkeys
- config: /root/.ssh/authorized_keys2
#https://docs.saltstack.com/en/latest/ref/states/all/salt.states.ssh_auth.html
\ No newline at end of file
max-mustermann-at-uni-xy-de:
ssh_auth.present:
- user: root
- source: salt://ssh_keys/max-mustermann-at-uni-xy-de
- config: /root/.ssh/authorized_keys2
#https://docs.saltstack.com/en/latest/ref/states/all/salt.states.ssh_auth.html
\ No newline at end of file
update-notifier-common: # ID declaration
pkg: # state declaration
- installed # function declaration
\ No newline at end of file
update-notifier-common: # ID declaration
pkg: # state declaration
- installed # function declaration
\ No newline at end of file
barzXXX:
ssh_auth.present:
- user: root
- source: salt://ssh_keys/XXX.id_rsa.pub
- config: /root/.ssh/authorized_keys2
- name: XXXX.id_rsa.pub
ba4sXXX:
ssh_auth.present:
- user: root
- source: salt://ssh_keys/ba4slXXX.id_rsa.pub
- config: /root/.ssh/authorized_keys2
test:
ssh_auth.absent:
- user: root
- source: salt://ssh_keys/test-ssh.pub
- config: /root/.ssh/authorized_keys2
#https://docs.saltstack.com/en/latest/ref/states/all/salt.states.ssh_auth.html
\ No newline at end of file
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjcsHTNc86PfUW/E5LDp1MP+xhDo2HR/TKjnsgbJJPsPWB87HlwhxZAgal1i+48mBvW6JbNcuOM0fhSQA9yO2WNxZqfO+aMcrBZvc092DqVfpW050xlrbebpG1ZML+8EekoqwjVjnicKfvxGIBKypUswIKut4/2532nr74azmu+pDr94nW9PBIkWWkoCjFyASZNy3SPuDiQgAHvX/uANLvPajM3aJeLv7/4I9vEf/up24rk2OeBkznPmZAeywnxP9IZmaUe+hoW64fF8+Hp4JHDlRdZ2iKNnb499eXDyskwsDutG+Jy1OHw0azP4WRLMjoKSjL/s8QGWxNym0hvtCz demo@demo
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjcsHTNx86PfUW/E5LDp1MP+xhDo2HR/TKjnsgbJJPsPWB87HlwhxZAgal1i+48mBvW6JbNcuOM0fhSQA9yO2WNxZqfO+aMcrBZvc092DqVfpW050xlrbebpG1ZML+8EekoqwjVjnicKfvxGIBKypUswIKut4/2532nr74azmu+pDr94nW9PBIkWWkoCjFyASZNy3SPuDiQgAHvX/uANLvPajM3aJeLv7/4I9vEf/up24rk2OeBkznPmZAeywnxP9IZmaUe+hoW64fF8+Hp4JHDlRdZ2iKNnb499eXDyskwsDutG+Jy1OHw0azP4WRLMjoKSjL/s8QGWxNym0hvtCz demo@demoX1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjcsHTN986PfUW/E5LDp1MP+xhDo2HR/TKjnsgbJJPsPWB87HlwhxZAgal1i+48mBvW6JbNcuOM0fhSQA9yO2WNxZqfO+aMcrBZvc092DqVfpW050xlrbebpG1ZML+8EekoqwjVjnicKfvxGIBKypUswIKut4/2532nr74azmu+pDr94nW9PBIkWWkoCjFyASZNy3SPuDiQgAHvX/uANLvPajM3aJeLv7/4I9vEf/up24rk2OeBkznPmZAeywnxP9IZmaUe+hoW64fF8+Hp4JHDlRdZ2iKNnb499eXDyskwsDutG+Jy1OHw0azP4WRLMjoKSjL/s8QGWxNym0hvtCz demo@demoX2
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqCrCT6sH0OUKzRZuP6ijpzpNbsLl8kzBRdq78TzrU6tWOc49wfuIIIICMQQm03FzJJeT3JkHePrva64cVDAaLv03QW+BA807SxUnw47deHgeAl1fu35NY2oZoPtLPuBbTnaoQnTUVYJzrmSvfVFXXmfM6KAkWya6wKczSpMhKOqYQptw1Ts6GaS9hY8wVwSpRYopO0sFe1Obf7x3fpbU+WoZUjVFYzeKZD0Js5q1AydwhyPS50cTTHmHhMDyWQJP6WyUXCZrUqwD8X0UUxWYigNj1e+yS4axSNbvlOVTrQsF5cwRq06ya0lLGjwnW5WwTq+TqAe0Iu1dIyd1T2Hs/ demo2@demo2
base:
#auf allen minions
'*':
#Einstellungen, die alle minions haben sollen aus itfl-service/patches.sls
- itfl-service.patches
# #auf allen ssh-servern persönliche pubkeys von itfl-service hinterlegen
# - itfl-service.ssh-keys-itfl-service
- entfernen/ssh/abgelaufene-pubkeys
#auf einem bestimten minion
#cmdb-1777-dspace-docker
'cmdb-1777-*':
- erlauben/ssh/max-mustermann-at-uni-xy-de
dev:
'webserver*':
- webserver
'db*':
- db
qa:
'webserver*':
- webserver
'db*':
- db
htop:
pkg.installed: htop
vim:
pkg.installed: []
/etc/vimrc1:
file.managed:
- source: salt://edit/vimrc1
- mode: 644
- user: root
- group: root
\ No newline at end of file
So 12. Mär 19:05:18 CET 2017
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment