{"id":34991,"date":"2024-09-20T14:23:24","date_gmt":"2024-09-20T07:23:24","guid":{"rendered":"http:\/\/jupitek.maudemo.vip\/index.php\/2024\/09\/20\/use-salt-states-to-create-lamp-stack-and-fail2ban-across-salt-minions\/"},"modified":"2024-09-20T14:23:24","modified_gmt":"2024-09-20T07:23:24","slug":"use-salt-states-to-create-lamp-stack-and-fail2ban-across-salt-minions","status":"publish","type":"post","link":"https:\/\/jupitek.maudemo.vip\/index.php\/2024\/09\/20\/use-salt-states-to-create-lamp-stack-and-fail2ban-across-salt-minions\/","title":{"rendered":"S\u1eed d\u1ee5ng Salt States \u0111\u1ec3 t\u1ea1o LAMP Stack v\u00e0 Fail2ban tr\u00ean Salt Minions"},"content":{"rendered":"<h2 id=\"configure-the-salt-master\">C\u1ea5u h\u00ecnh Salt Master<a href=\"https:\/\/www.linode.com\/docs\/guides\/use-salt-states-to-create-lamp-stack-and-fail2ban-across-salt-minions\/#configure-the-salt-master\"><\/a><\/h2>\n<p>Tr\u01b0\u1edbc khi c\u1ea5u h\u00ecnh, h\u00e3y c\u00e0i \u0111\u1eb7t Salt Master v\u00e0 Salt Minions v\u1edbi h\u01b0\u1edbng d\u1eabn Linode&nbsp;<a href=\"https:\/\/www.linode.com\/docs\/guides\/getting-started-with-salt-basic-installation-and-setup\/\">Install Salt<\/a>&nbsp;. H\u01b0\u1edbng d\u1eabn n\u00e0y \u0111\u01b0\u1ee3c vi\u1ebft cho Debian 8, nh\u01b0ng c\u00f3 th\u1ec3 d\u1ec5 d\u00e0ng \u0111i\u1ec1u ch\u1ec9nh cho c\u00e1c b\u1ea3n ph\u00e2n ph\u1ed1i Linux kh\u00e1c.<\/p>\n<p>1.M\u1edf&nbsp;<code>\/etc\/salt\/master<\/code>t\u1ec7p. Sau \u0111\u00f3 t\u00ecm ki\u1ebfm&nbsp;<strong>file_roots<\/strong>&nbsp;, t\u00f9y ch\u1ecdn \u0111\u1ecdc ph\u1ea7n \u201cC\u00e0i \u0111\u1eb7t m\u00e1y ch\u1ee7 t\u1ec7p\u201d xung quanh v\u00e0 ch\u1ec9nh s\u1eeda n\u1ed9i dung sau:<\/p>\n<pre class=\"wp-block-code\"><code># Example:\n  file_roots:\n    base:\n      - \/etc\/salt\/base<\/code><\/pre>\n<p class=\"has-background\" style=\"background-color:#74f78c33\">Ghi ch\u00fa: Sao ch\u00e9p ch\u00ednh x\u00e1c v\u0103n b\u1ea3n tr\u00ean \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o l\u1ed3ng nhau hai kho\u1ea3ng tr\u1eafng \u0111\u00fang c\u00e1ch c\u1ee7a \u0111\u1ecbnh d\u1ea1ng YAML. Ngo\u00e0i ra, h\u00e3y l\u01b0u \u00fd c\u00e1c tr\u1ea1ng th\u00e1i Minion c\u00f3 th\u1ec3 kh\u00e1c \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea trong t\u1ec7p g\u1ed1c c\u01a1 s\u1edf v\u00ed d\u1ee5.<\/p>\n<p>2.T\u1ea1o th\u01b0 m\u1ee5c g\u1ed1c c\u1ee7a t\u1ec7p m\u1edbi \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea:<\/p>\n<pre class=\"wp-block-code\"><code>mkdir \/etc\/salt\/base\n<\/code><\/pre>\n<p>T\u1ec7p c\u1ea5u h\u00ecnh c\u1ee7a Salt Master hi\u1ec7n \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111i\u1ec1u ch\u1ec9nh cho m\u1ed9t th\u01b0 m\u1ee5c c\u01a1 s\u1edf m\u1edbi. Th\u01b0 m\u1ee5c c\u01a1 s\u1edf th\u01b0\u1eddng ch\u1ee9a c\u00e1c t\u1ec7p SLS t\u1ea1o ra m\u1ed9t t\u1ed5 ch\u1ee9c gi\u1ed1ng nh\u01b0 c\u00e2y cho c\u00e1c Tr\u1ea1ng th\u00e1i Salt li\u00ean quan \u0111\u1ebfn th\u01b0 m\u1ee5c \u0111\u00f3. C\u00e1c th\u01b0 m\u1ee5c b\u1ed5 sung, t\u01b0\u01a1ng t\u1ef1 nh\u01b0 th\u01b0 m\u1ee5c c\u01a1 s\u1edf, c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c t\u1ea1o b\u1eb1ng c\u00e1c t\u1ec7p SLS b\u1ed5 sung cho c\u00e1c danh m\u1ee5c Tr\u1ea1ng th\u00e1i Salt kh\u00e1c nhau.<\/p>\n<h2 id=\"create-the-top-and-additional-sls-files\">T\u1ea1o c\u00e1c t\u1ec7p SLS h\u00e0ng \u0111\u1ea7u v\u00e0 b\u1ed5 sung<a href=\"https:\/\/www.linode.com\/docs\/guides\/use-salt-states-to-create-lamp-stack-and-fail2ban-across-salt-minions\/#create-the-top-and-additional-sls-files\"><\/a><\/h2>\n<p>T\u1ec7p&nbsp;<a href=\"https:\/\/docs.saltproject.io\/en\/latest\/ref\/states\/top.html\" target=\"_blank\" rel=\"noreferrer noopener\">tr\u00ean c\u00f9ng<\/a>&nbsp;t\u1ea1o ra t\u1ed5 ch\u1ee9c c\u1ea5p cao nh\u1ea5t cho Salt States v\u00e0 Minions trong th\u01b0 m\u1ee5c. C\u00e1c t\u1ec7p SLS kh\u00e1c th\u01b0\u1eddng t\u01b0\u01a1ng \u1ee9ng v\u1edbi danh s\u00e1ch t\u1ec7p tr\u00ean c\u00f9ng.<\/p>\n<p>Nh\u01b0 \u0111\u00e3 \u0111\u1ec1 c\u1eadp trong l\u01b0u \u00fd \u1edf tr\u00ean, m\u1ed7i t\u1ec7p c\u1ea5u h\u00ecnh n\u00e0y y\u00eau c\u1ea7u kho\u1ea3ng c\u00e1ch c\u1ee5 th\u1ec3. \u0110\u1ec3 \u0111\u1ea3m b\u1ea3o t\u00ednh nh\u1ea5t qu\u00e1n, h\u00e3y sao ch\u00e9p c\u00e1c v\u00ed d\u1ee5 b\u00ean d\u01b0\u1edbi, bao g\u1ed3m<\/p>\n<p>1.T\u1ea1o&nbsp;<code>\/etc\/salt\/base\/top.sls<\/code>t\u1ec7p v\u00e0 th\u00eam n\u1ed9i dung sau. M\u1ed9t l\u1ea7n n\u1eefa, \u0111\u1ea3m b\u1ea3o \u0111\u1ecbnh d\u1ea1ng ch\u00ednh x\u00e1c cho YAML l\u1ed3ng hai kho\u1ea3ng tr\u1eafng.<\/p>\n<pre class=\"wp-block-code\"><code>base:\n  '*':\n     - lamp\n     - extras<\/code><\/pre>\n<p>2.T\u1ea1o&nbsp;<code>\/etc\/salt\/base\/lamp.sls<\/code>t\u1ec7p \u0111\u01b0\u1ee3c \u0111\u1ec1 c\u1eadp \u1edf B\u01b0\u1edbc 1 v\u00e0 th\u00eam n\u1ed9i dung sau:<\/p>\n<pre class=\"wp-block-code\"><code>lamp-stack:\n  pkg.installed:\n    - pkgs:\n      - mysql-server\n      - php5\n      - php-pear\n      - php5-mysql<\/code><\/pre>\n<p>T\u1ec7p n\u00e0y \u0111\u1ecbnh ngh\u0129a m\u1ed9t Salt State \u0111\u01a1n gi\u1ea3n b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng&nbsp;<a href=\"http:\/\/docs.saltproject.io\/en\/latest\/ref\/states\/all\/salt.states.pkg.html\" target=\"_blank\" rel=\"noreferrer noopener\">pkg State Module<\/a>&nbsp;. Salt State n\u00e0y \u0111\u1ea3m b\u1ea3o r\u1eb1ng m\u1ed9t ng\u0103n x\u1ebfp LAMP \u0111\u01b0\u1ee3c c\u00e0i \u0111\u1eb7t tr\u00ean Minions.<\/p>\n<p>3.D\u1ea5u \u0111\u1ea7u d\u00f2ng th\u1ee9 hai \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea trong&nbsp;<code>top.sls<\/code>khai b\u00e1o m\u1ed9t&nbsp;<code>extras<\/code>t\u1ec7p s\u1ebd li\u1ec7t k\u00ea v\u00e0 c\u00e0i \u0111\u1eb7t ph\u1ea7n m\u1ec1m b\u1ed5 sung. T\u1ea1o m\u1ed9t&nbsp;<code>\/etc\/salt\/base\/extras.sls<\/code>t\u1ec7p v\u00e0 th\u00eam n\u1ed9i dung sau:<\/p>\n<pre class=\"wp-block-code\"><code>fail2ban:\n  pkg.installed<\/code><\/pre>\n<p>4.Kh\u1edfi \u0111\u1ed9ng l\u1ea1i Salt Master:<\/p>\n<pre class=\"wp-block-code\"><code>systemctl restart salt-master\n<\/code><\/pre>\n<h2 id=\"create-the-salt-state-on-the-minions\">T\u1ea1o tr\u1ea1ng th\u00e1i Salt tr\u00ean Minions<a href=\"https:\/\/www.linode.com\/docs\/guides\/use-salt-states-to-create-lamp-stack-and-fail2ban-across-salt-minions\/#create-the-salt-state-on-the-minions\"><\/a><\/h2>\n<p>1.\u0110\u1ec3 c\u00e0i \u0111\u1eb7t c\u00e1c g\u00f3i \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea \u1edf tr\u00ean v\u00e0 t\u1ea1o Salt State, h\u00e3y ch\u1ea1y:<\/p>\n<pre class=\"wp-block-code\"><code>salt '*' state.highstate<\/code><\/pre>\n<p>Qu\u00e1 tr\u00ecnh n\u00e0y s\u1ebd m\u1ea5t v\u00e0i ph\u00fat. N\u1ebfu th\u00e0nh c\u00f4ng, b\u00e1o c\u00e1o s\u1ebd \u0111\u01b0\u1ee3c hi\u1ec3n th\u1ecb v\u1edbi ph\u1ea7n t\u00f3m t\u1eaft t\u01b0\u01a1ng t\u1ef1 nh\u01b0 sau:<\/p>\n<pre class=\"wp-block-code\"><code>Summary\n------------\nSucceeded: 2 (changed=2)\nFailed:    0\n------------\nTotal states run:     2<\/code><\/pre>\n<p>2.\u0110\u1ec3 x\u00e1c minh th\u00eam r\u1eb1ng c\u00e1c d\u1ecbch v\u1ee5 \u0111ang ho\u1ea1t \u0111\u1ed9ng tr\u00ean minion, h\u00e3y ch\u1ea1y:<\/p>\n<pre class=\"wp-block-code\"><code>salt '*' cmd.run \"service --status-all | grep 'apache2\\|mysql\\|fail2ban'\"\n\n<\/code><\/pre>\n<p>M\u1ed9t LAMP stack v\u00e0 Fail2ban Salt State \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o tr\u00ean t\u1ea5t c\u1ea3 c\u00e1c Salt Minion \u0111\u01b0\u1ee3c li\u1ec7t k\u00ea. \u0110\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 c\u00e1ch c\u1ea5u h\u00ecnh LAMP Stack, h\u00e3y tham kh\u1ea3o h\u01b0\u1edbng d\u1eabn&nbsp;<a href=\"https:\/\/www.linode.com\/docs\/applications\/salt\/salt-states-configuration-apache-mysql-php\/\">Salt States for Configuration of Apache, MySQL, and PHP (LAMP)<\/a>&nbsp;.<\/p>\n<p>Ngu\u1ed3n: https:\/\/www.linode.com\/docs\/guides\/use-salt-states-to-create-lamp-stack-and-fail2ban-across-salt-minions\/<\/p>\n","protected":false},"excerpt":{"rendered":"<p>C\u1ea5u h\u00ecnh Salt Master Tr\u01b0\u1edbc khi c\u1ea5u h\u00ecnh, h\u00e3y c\u00e0i \u0111\u1eb7t Salt Master v\u00e0 Salt Minions v\u1edbi h\u01b0\u1edbng d\u1eabn Linode&nbsp;Install Salt&nbsp;. H\u01b0\u1edbng d\u1eabn n\u00e0y \u0111\u01b0\u1ee3c vi\u1ebft cho Debian 8, nh\u01b0ng c\u00f3 th\u1ec3 d\u1ec5 d\u00e0ng \u0111i\u1ec1u ch\u1ec9nh cho c\u00e1c b\u1ea3n ph\u00e2n ph\u1ed1i Linux kh\u00e1c. 1.M\u1edf&nbsp;\/etc\/salt\/mastert\u1ec7p. Sau \u0111\u00f3 t\u00ecm ki\u1ebfm&nbsp;file_roots&nbsp;, t\u00f9y ch\u1ecdn \u0111\u1ecdc ph\u1ea7n \u201cC\u00e0i \u0111\u1eb7t m\u00e1y<\/p>\n","protected":false},"author":1,"featured_media":36046,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[124],"tags":[],"class_list":["post-34991","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-salt"],"_links":{"self":[{"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/posts\/34991","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/comments?post=34991"}],"version-history":[{"count":0,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/posts\/34991\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/media\/36046"}],"wp:attachment":[{"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/media?parent=34991"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/categories?post=34991"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jupitek.maudemo.vip\/index.php\/wp-json\/wp\/v2\/tags?post=34991"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}