特点： 1）不需要安装salt-minion，也不要master 2）salt-ssh支持salt的大部分功能 3）salt-ssh是串行执行 4）salt-ssh和salt-minion可以共存，salt-minion不依赖于ssh服务 一、安装salt-ssh [admin@master ~ ]$ sudo yum -y install salt-ssh 修改roster文件，配置要管理的机器 2）配置roster,定义哪些主机 [admin@master ~ ]$ sudo vim /etc/salt/roster # Sample salt-ssh config file #web1: # host: 192.168.42.1 # The IP addr or DNS hostname # user: fred # Remote executions will be executed as user fred # passwd: foobarbaz # The password to use for login, if omitted, keys are used # sudo: True # Whether to sudo to root, not enabled by default #web2: # host: 192.168.42.2 node2.51yuki.cn: host: 10.2.11.228 user: admin port: 22 node3.51yuki.cn: host: 10.2.11.226 user: admin port: 22 3）DEPLOY SSH KEY FOR SALT-SSH [root@master ~ ]# cd /etc/salt/pki/master/ssh/ [root@master /etc/salt/pki/master/ssh ]# ll total 8 -rw-------. 1 root root 1675 Jan 20 20:06 salt-ssh.rsa -rw-r--r--. 1 root root 403 Jan 20 20:06 salt-ssh.rsa.pub #!/bin/bash if [ -z $1 ]; then echo $0 user@host.com exit 0 fi ssh-copy-id -i /etc/salt/pki/master/ssh/salt-ssh.rsa.pub $1 二）测试 第一次执行，会让你输入密码： [admin@master ~ ]$ sudo salt-ssh '*' test.ping -i Permission denied for host node2.51yuki.cn, do you want to deploy the salt-ssh key? (password required): [Y/n] y Password for admin@node2.51yuki.cn: [admin@master ~ ]$ sudo salt-ssh '*' cmd.run 'df -h' node2.51yuki.cn: Filesystem Size Used Avail Use% Mounted on /dev/mapper/cl-root 13G 1.7G 11G 13% / devtmpfs 486M 0 486M 0% /dev tmpfs 497M 12K 497M 1% /dev/shm tmpfs 497M 32M 466M 7% /run tmpfs 497M 0 497M 0% /sys/fs/cgroup /dev/vda1 1014M 121M 894M 12% /boot tmpfs 100M 0 100M 0% /run/user/1000 tmpfs 100M 0 100M 0% /run/user/0 node3.51yuki.cn: Filesystem Size Used Avail Use% Mounted on /dev/mapper/cl-root 13G 1.6G 11G 13% / devtmpfs 486M 0 486M 0% /dev tmpfs 497M 12K 497M 1% /dev/shm tmpfs 497M 15M 483M 3% /run tmpfs 497M 0 497M 0% /sys/fs/cgroup /dev/vda1 1014M 121M 894M 12% /boot tmpfs 100M 0 100M 0% /run/user/0 tmpfs 100M 0 100M 0% /run/user/1000