master 与 minion 网络不通或通信有延迟,即网络不稳定
想在 minion 端直接执行状态
传统的 SaltStack 是需要通过 master 来执行状态控制 minion 从而实现状态的管理,但是当网络不稳定的时候,当想在minion本地执行状态的时候,当在只有一台主机的时候,想执行状态该怎么办呢?这就需要用到 masterless 了。
有了masterless,即使你只有一台主机,也能玩saltstack,而不需要你有N台主机架构。
配置yum源
[root@node3 ~]# rpm --import https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub [root@node3 ~]# curl -fsSL https://repo.saltproject.io/py3/redhat/8/x86_64/latest.repo | tee /etc/yum.repos.d/salt.repo
检测yum源
root@node3~]# dnf list all | grep salt salt-minion.noarch //只要搜到salt-minion即代表成功 3004-1.el8 salt-latest-repo salt-ssh.noarch 3004-1.el8 sal
下载salt-minion
[root@master ~]# yum -y install salt-minion
1.修改配置文件minion
- 注释master行
- 取消注释file_client并设其值为local
- 设置file_roots
- 设置pillar_roots
[root@node3 ~]# vim /etc/salt/minion
....此处省略N行
# resolved, then the minion will fail to start.
# master: salt //注释此行
....此处省略N行
file_client: local //取消此行注释并将值设为local
....此处省略N行
file_roots: //设置file_roots的路径和环境,可有多套环境
base:
- /srv/salt/base
关闭salt-minion服务(开启状态时)
使用 masterless 模式时是不需要启动任何服务的,包括salt-master和salt-minion。
[root@node3 ~]# systemctl stop salt-minion [root@node3 ~]# systemctl disable salt-minion Removed symlink /etc/systemd/system/multi-user.target.wants/salt-minion.service.salt-call
masterless模式执行模块或状态时需要使用salt-call命令,而不再是salt或者salt-ssh。需要注意的是要使用salt-call的–local选项。
执行模块
[root@node3 ~]# salt-call --local cmd.run 'df -h'
local:
Filesystem Size Used Avail Use% Mounted on
devtmpfs 883M 0 883M 0% /dev
tmpfs 901M 0 901M 0% /dev/shm
tmpfs 901M 8.8M 892M 1% /run
tmpfs 901M 0 901M 0% /sys/fs/cgroup
/dev/mapper/rhel-root 47G 2.2G 45G 5% /
/dev/nvme0n1p1 1014M 181M 834M 18% /boot
tmpfs 181M 0 181M 0% /run/user/0
执行installs.sls状态文件
[root@node3 test]# salt-call --local state.sls test.install
local:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 16:40:36.916767
Duration: 18829.838 ms
Changes:
----------
apr:
----------
new:
1.6.3-12.el8
old:
apr-util:
----------
new:
1.6.1-6.el8
old:
apr-util-bdb:
----------
new:
1.6.1-6.el8
old:
apr-util-openssl:
----------
new:
1.6.1-6.el8
old:
centos-logos-httpd:
----------
new:
85.8-2.el8
old:
httpd:
----------
new:
2.4.37-43.module_el8.5.0+1022+b541f3b1
old:
httpd-filesystem:
----------
new:
2.4.37-43.module_el8.5.0+1022+b541f3b1
old:
httpd-tools:
----------
new:
2.4.37-43.module_el8.5.0+1022+b541f3b1
old:
mod_http2:
----------
new:
1.15.7-3.module_el8.4.0+778+c970deab
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 16:40:55.854173
Duration: 670.565 ms
Changes:
----------
httpd:
True
Summary for local
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 19.500 s
//查看端口号
[root@node3 test]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
salt-master高可用
涉及到高可用时,数据的同步是个永恒的话题,我们必须保证高可用的2个master间使用的数据是一致的,包括:
-
/etc/salt/master配置文件
-
/etc/salt/pki目录下的所有key
-
/srv/下的salt和pillar目录下的所有文件
-
nfs挂载
-
rsync同步
-
使用gitlab进行版本控制
安全相关:
为保证数据的同步与防止丢失,可将状态文件通过gitlab
进行版本控制管理。
环境说明:
| 主机名 | ip | 职责 |
|---|---|---|
| master | 192.168.58.20 | 主master |
| masters | 192.168.58.30 | 备master |
| minion | 192.168.58.121 | minion |
环境准备
master上安装salt-master
配置yum源 [root@master ~]# rpm --import https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub [root@master ~]# curl -fsSL https://repo.saltproject.io/py3/redhat/8/x86_64/latest.repo | tee /etc/yum.repos.d/salt.repo 检测yum源 root@master ~]# dnf list all | grep salt salt-master.noarch //只要搜到salt-master即代表成功 3004-1.el8 salt-latest-repo salt-ssh.noarch 3004-1.el8 sal 下载salt-master [root@master ~]# yum -y install salt-master
在masters上安装salt-master
配置yum源 [root@masters ~]# rpm --import https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub [root@masters ~]# curl -fsSL https://repo.saltproject.io/py3/redhat/8/x86_64/latest.repo | tee /etc/yum.repos.d/salt.repo 检测yum源 root@masters ~]# dnf list all | grep salt salt-master.noarch //只要搜到salt-master即代表成功 3004-1.el8 salt-latest-repo salt-ssh.noarch 3004-1.el8 sal 下载salt-master [root@masters ~]# yum -y install salt-master
在minion上安装salt-minion
配置yum源 [root@minion ~]# rpm --import https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub [root@minion ~]# curl -fsSL https://repo.saltproject.io/py3/redhat/8/x86_64/latest.repo | tee /etc/yum.repos.d/salt.repo 检测yum源 root@minion ~]# dnf list all | grep salt salt-minion.noarch //只要搜到salt-minion即代表成功 3004-1.el8 salt-latest-repo salt-ssh.noarch 3004-1.el8 sal 下载salt-minion [root@minion ~]# yum -y install salt-minion
下载完成后先修改minion端的配置文件内容如下
[root@minion ~]# vim /etc/salt/minion ...... # Set the location of the salt master server. If the master server cannot be # resolved, then the minion will fail to start. #master: salt master: 192.168.58.20 //指定主master # Set http proxy information for the minion when doing requests ......
再开启master主机上的salt-master和minion主机上的salt-minion
[root@master master]# ss -anlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:4505 0.0.0.0:* LISTEN 0 128 0.0.0.0:4506 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* [root@minion minion]# systemctl start salt-minion [root@minion minion]# ss -anlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:*
等待证书生成后,授权证书,进行test.ping检测(注意防火墙)
[root@master master]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
192.168.58.121
Rejected Keys:
[root@master master]# salt-key -ya192.168.58.121
The following keys are going to be accepted:
Unaccepted Keys:
192.168.58.121
Key for minion 192.168.58.121 accepted.
[root@master master]# salt-key -L
Accepted Keys:
192.168.58.121
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@master master]# salt '192.168.58.121' test.ping
192.168.58.121:
True
当主master与minion端ping通后,再将master主机上的/etc/salt/pki/master目录中的公钥与私钥传(master.pem master.pub)输到备(masters主机)的/etc/salt/pki/master目录中。
[root@master salt]# cd /etc/salt/pki/master/ [root@master master]# ls master.pem master.pub minions minions_autosign minions_denied minions_pre minions_rejected [root@master master]# scp /etc/salt/pki/master/master.pem 192.168.58.30:/etc/salt/pki/master The authenticity of host '192.168.58.30 (192.168.58.30)' can't be established. ECDSA key fingerprint is SHA256:kOc1Vj8pQpOrLFUMLq6npGm2S2vDFHig632FEFqm3zQ. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.58.30' (ECDSA) to the list of known hosts. root@192.168.58.30's password: master.pem 100% 1679 600.0KB/s 00:00 [root@master master]# scp /etc/salt/pki/master/master.pub 192.168.58.30:/etc/salt/pki/master root@192.168.58.30's password: master.pub 100% 451 117.7KB/s 00:00
传输完成后,再去修改minion的配置文件内容如下:
[root@minion ~]# vim /etc/salt/minion ..... # Set the location of the salt master server. If the master server cannot be # resolved, then the minion will fail to start. #master: salt master: 192.168.58.30 //指定备masters # Set http proxy information for the minion when doing requests ......
修改完成后重启salt-minion
[root@minion minion]# systemctl restart salt-minion
等待证书生成后,授权证书,进行test.ping检测(注意防火墙)
[root@masters master]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
192.168.58.121
Rejected Keys:
[root@masters master]# salt-key -ya192.168.58.121
The following keys are going to be accepted:
Unaccepted Keys:
192.168.58.121
Key for minion 192.168.58.121 accepted.
[root@masters master]# salt-key -L
Accepted Keys:
192.168.58.121
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@masters master]# salt '192.168.58.121' test.ping
192.168.58.121:
True
当两台master都能ping通之后,最后再进行高可用设置,如下:
minion端
[root@minion ~]# vim /etc/salt/minion ..... # Set the location of the salt master server. If the master server cannot be # resolved, then the minion will fail to start. #master: salt master: - 192.168.58.20 //指定主master - 192.168.58.30 //指定备masters # Set http proxy information for the minion when doing requests ......
配置故障转移
[root@minion ~]# vim /etc/salt/minion # beacons) without a master connection master_type: failover //高可用(故障转移) ---------- # connection events. # master_alive_interval: 10 //主机等待的时间间隔
配置完成后重启salt-minion
[root@minion minion]# systemctl restart salt-minion
此时两台salt-master都为开启状态
[root@master ]# ss -anlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:4505 0.0.0.0:* LISTEN 0 128 0.0.0.0:4506 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* [root@masters ]# ss -anlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:4505 0.0.0.0:* LISTEN 0 128 0.0.0.0:4506 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:*
在主(master)上test.ping测试
[root@master master]# salt '192.168.58.121' test.ping
192.168.58.121:
True
在主(masters)上test.ping测试
[root@masters master]# salt '192.168.58.121' test.ping
192.168.58.121:
Minion did not return. [No response]
The minions may not have all finished running and any remaining minions will return upon completion. To look up the return data for this job later, run the following command:
salt-run jobs.lookup_jid 20211129105915662209
ERROR: Minions returned with non-zero exit code
(当两台主机都在运行状态时,minion只能连接到主master上)
此时的状态文件为
[root@minion ~]# systemctl status salt-minion
● salt-minion.service - The Salt Minion
Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2021-11-29 18:13:27 CST; 46min ago
Docs: man:salt-minion(1)
file:///usr/share/doc/salt/html/contents.html
https://docs.saltproject.io/en/latest/contents.html
Main PID: 181440 (salt-minion)
Tasks: 6 (limit: 11300)
Memory: 91.7M
CGroup: /system.slice/salt-minion.service
├─181440 /usr/bin/python3.6 /usr/bin/salt-minion
├─181482 /usr/bin/python3.6 /usr/bin/salt-minion
└─181484 /usr/bin/python3.6 /usr/bin/salt-minion
11月 29 18:13:26 minion systemd[1]: Starting The Salt Minion...
11月 29 18:13:27 minion systemd[1]: Started The Salt Minion.
11月 29 18:13:59 minion salt-minion[181440]: [CRITICAL] 'master_type' set to 'failover' but 'retry_dns' is
模拟主master挂彩
[root@master master]# systemctl stop salt-master [root@master master]# ss -anlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:*
再备masters主机上进行test.ping检测
[root@masters master]# salt '192.168.58.121' test.ping
192.168.58.121:
True
此时的状态文件是
[root@minion minion]# vi /etc/salt/minion
● salt-minion.service - The Salt Minion
Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2021-11-29 18:13:27 CST; 53min ago
Docs: man:salt-minion(1)
file:///usr/share/doc/salt/html/contents.html
https://docs.saltproject.io/en/latest/contents.html
Main PID: 181440 (salt-minion)
Tasks: 6 (limit: 11300)
Memory: 92.7M
CGroup: /system.slice/salt-minion.service
├─181440 /usr/bin/python3.6 /usr/bin/salt-minion
├─181482 /usr/bin/python3.6 /usr/bin/salt-minion
└─181484 /usr/bin/python3.6 /usr/bin/salt-minion
11月 29 18:13:26 minion systemd[1]: Starting The Salt Minion...
11月 29 18:13:27 minion systemd[1]: Started The Salt Minion.
11月 29 18:13:59 minion salt-minion[181440]: [CRITICAL] 'master_type' set to 'failover' but 'retry_dns' is >
11月 29 19:02:22 minion salt-minion[181440]: [WARNING ] Master ip address changed from 192.168.58.20 to 192.168.58.30>
11月 29 19:02:22 minion salt-minion[181440]: [WARNING ] Master ip address changed from 192.168.58.20 to 192.168.58.30>
[警告] 主 IP 地址从 192.168.58.20 更改为 192.168.58.30>
最后为保证备服务器的业务正常,将主服务器上的/srv/目录copy到备服务上
[root@master ~]# scp -r /srv/ 192.168.58.121:/srv/salt-master HA配置步骤总结
1.创建备服务器 2.将主服务器上密钥复制到备服务器中 3.启动备服务器 4.配置 minions 以连接到备 master 5.重启minions 6.接受备上的密钥salt-syndic部署
环境说明
| 主机IP | 角色 | 安装的应用 |
|---|---|---|
| master | 192.168.58.20 | Master salt-master |
| syndic | 192.168.58.30 | Syndic salt-master、salt-syndic |
| node1 | 192.168.58.120 | Minion salt-minion |
| node2 | 192.168.58.40 | Minion salt-minion |
在所有主机上配置yum源
https://repo.saltproject.io/py3/redhat/8/x86_64/latest/SALTSTACK-GPG-KEY.pub curl -fsSL https://repo.saltproject.io/py3/redhat/8/x86_64/latest.repo | tee /etc/yum.repos.d/salt.repo
在master(192.168.58.20)安装salt-master
[root@master ~]# dnf -y install salt-master
修改master(192.168.58.20)/etc/salt/master配置文件:
[root@master ~]# vim /etc/salt/master
.....此处省略N行
# masters' syndic interfaces.
order_masters: True
······
file_roots:
base:
- /srv/salt/base
······
[root@master ~]# systemctl enable salt-master
[root@master ~]# systemctl restart salt-master
在syndic主机上安装salt-master、salt-syndic
[root@syndic ~]# dnf -y install salt-syndic salt-master
配置syndic主机,修改该主机上的/etc/salt/master配文件:
[root@syndic ~]# vim /etc/salt/master
.....此处省略N行
syndic_master: 192.168.58.20 //指向master主机
......
file_roots:
base:
- /srv/salt/base
[root@syndic ~]# systemctl enable salt-master
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.service to /usr/lib/systemd/system/salt-master.service.
[root@syndic ~]# systemctl enable salt-syndic
Created symlink from /etc/systemd/system/multi-user.target.wants/salt-syndic.service to /usr/lib/systemd/system/salt-syndic.service.
[root@syndic ~]# systemctl restart salt-master
[root@syndic ~]# systemctl restart salt-syndic
在node1以及node2上安装salt-minion
[root@node2 ~]# dnf -y install salt-minion [root@node3~]# dnf -y install salt-minion
配置minion,将master指向syndic所在主机
[root@node2 ~]# vim /etc/salt/minion .....此处省略N行 master: 192.168.58.30 [root@node2 ~]# systemctl restart salt-minion [root@node2 ~]# systemctl enable salt-minion Created symlink from /etc/systemd/system/multi-user.target.wants/salt-minion.service to /usr/lib/systemd/system/salt-minion.service. [root@node3 ~]# vim /etc/salt/minion .....此处省略N行 master: 192.168.58.30 [root@node3 ~]# systemctl restart salt-minion [root@node3 ~]# systemctl enable salt-minion Created symlink from /etc/systemd/system/multi-user.target.wants/salt-minion.service to /usr/lib/systemd/system/salt-minion.service.
在syndic上接受minion主机的key
[root@syndic ]# salt-key -L Accepted Keys: Denied Keys: Unaccepted Keys: node2 node1 Rejected Keys: [root@syndic ]# salt-key -yA Accepted Keys: node2 node1 Denied Keys: Unaccepted Keys: Rejected Keys:
在master上接受syndic主机的key
[root@master master]# salt-key -L Accepted Keys: Denied Keys: Unaccepted Keys: syndic Rejected Keys: [root@master master]# salt-key -yA The following keys are going to be accepted: Unaccepted Keys: syndic Key for minion syndic accepted. [root@master master]# salt-key -L Accepted Keys: syndic Denied Keys: Unaccepted Keys: Rejected Keys:
master上执行模块或状态检验有几个minion应答
[root@master master]# salt '*' test.ping
node2:
True
node1:
True
执行状态文件
//先将master上的状态文件传输到syndic主机中
[root@master ~]# scp /srv/salt/base/install.sls 192.168.58.30:/srv/salt/base
The authenticity of host '192.168.58.30 (192.168.58.30)' can't be established.
ECDSA key fingerprint is SHA256:kOc1Vj8pQpOrLFUMLq6npGm2S2vDFHig632FEFqm3zQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.58.30' (ECDSA) to the list of known hosts.
root@192.168.58.30's password:
Permission denied, please try again.
root@192.168.58.30's password:
install.sls 100% 122 12.1KB/s 00:00
//再到master主机执行状态文件
[root@master ~]# salt '*' state.sls install
node1:
----------
ID: nginx-install
Function: pkg.installed
Name: nginx
Result: True
Comment: The following packages were installed/updated: nginx
Started: 17:27:33.531666
Duration: 48602.557 ms
Changes:
----------
dejavu-fonts-common:
----------
new:
2.35-7.el8
old:
dejavu-sans-fonts:
----------
new:
2.35-7.el8
old:
fontconfig:
----------
new:
2.13.1-4.el8
old:
fontpackages-filesystem:
----------
new:
1.44-22.el8
old:
gd:
----------
new:
2.2.5-7.el8
old:
jbigkit-libs:
----------
new:
2.1-14.el8
old:
libX11:
----------
new:
1.6.8-5.el8
old:
libX11-common:
----------
new:
1.6.8-5.el8
old:
libXau:
......此处省略n行
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: Service nginx has been enabled, and is running
Started: 17:28:22.170355
Duration: 815.267 ms
Changes:
----------
nginx:
True
Summary for node1
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 49.418 s
192.168.58.40:
----------
ID: nginx-install
Function: pkg.installed
Name: nginx
Result: True
Comment: The following packages were installed/updated: nginx
Started: 17:27:33.485166
Duration: 95017.427 ms
Changes:
----------
gd:
----------
new:
2.2.5-7.el8
old:
jbigkit-libs:
----------
new:
2.1-14.el8
old:
libXpm:
----------
new:
3.5.12-8.el8
old:
libjpeg-turbo:
----------
new:
1.5.3-12.el8
old:
libtiff:
----------
new:
4.0.9-20.el8
old:
libwebp:
----------
new:
1.0.0-5.el8
old:
nginx:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-all-modules:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-filesystem:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-http-image-filter:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-http-perl:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-http-xslt-filter:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-mail:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-stream:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
perl-Carp:
----------
new:
1.42-396.el8
old:
perl-Data-Dumper:
----------
new:
2.167-399.el8
old:
perl-Digest:
----------
new:
1.17-395.el8
old:
perl-Digest-MD5:
----------
new:
2.55-396.el8
old:
perl-Encode:
----------
new:
4:2.97-3.el8
old:
perl-Errno:
----------
new:
1.28-420.el8
old:
perl-Exporter:
----------
new:
5.72-396.el8
old:
perl-File-Path:
----------
new:
2.15-2.el8
old:
perl-File-Temp:
----------
new:
0.230.600-1.el8
old:
perl-Getopt-Long:
----------
new:
1:2.50-4.el8
old:
perl-HTTP-Tiny:
----------
new:
0.074-1.el8
old:
perl-IO:
----------
new:
1.38-420.el8
old:
perl-IO-Socket-IP:
----------
new:
0.39-5.el8
old:
perl-IO-Socket-SSL:
----------
new:
2.066-4.module_el8.3.0+410+ff426aa3
old:
perl-MIME-base64:
----------
new:
3.15-396.el8
old:
perl-Mozilla-CA:
----------
new:
20160104-7.module_el8.3.0+416+dee7bcef
old:
perl-Net-SSLeay:
----------
new:
1.88-1.module_el8.3.0+410+ff426aa3
old:
perl-PathTools:
----------
new:
3.74-1.el8
old:
perl-Pod-Escapes:
----------
new:
1:1.07-395.el8
old:
perl-Pod-Perldoc:
----------
new:
......此处省略n行
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: Service nginx has been enabled, and is running
Started: 17:29:08.639377
Duration: 987.118 ms
Changes:
----------
nginx:
True
Summary for 192.168.58.40
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 96.005 s
到node1和node2主机上查看
[root@node1 ~]# ss -anlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:80 [::]:* LISTEN 0 128 [::]:22 [::]:* [root@node2 ]# ss -anlt State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 128 [::]:80 [::]:*
