Centos7.2部署saltstack
# CentOS7.2默认自带firewall,无iptable;#
移除系统自带firewall的开机启动,安装iptable,设置iptable开机启动
# systemctl stop firewalld.service
# systemctl disable firewalld.service
# yum install iptables-services –y
# systemctl enable iptables.service
# systemctl restart iptables.service
# tcp4505是salt-master发送命令信息的端口,tcp4506是salt-minion返回信息的端口;
# Salt-minion可不做防火墙处理,默认iptable规则即可
# vim /etc/sysconfig/iptables
-A INPUT -p tcp -m state --state NEW -m tcp --dport 4505 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 4506 -j ACCEPT
页:
[1]