saltstack数据系统及其相关应用
grains
grains是静态的,只有minion启动才加载
[root@salt-master ~]# salt '*' grains.itemsnginx
[root@salt-master ~]# salt '*' grains.get hwaddr_interfaces
salt-minion:
----------
eth1:
00:0c:29:38:1e:f7
lo:
00:00:00:00:00:00
[root@salt-master ~]# salt '*' grains.get hwaddr_interfaces:eth1
salt-minion:
00:0c:29:38:1e:f7web
[root@salt-master ~]# salt '*' grains.get ip_interfaces
salt-minion:
----------
eth1:
- 192.168.1.201
- fe80::20c:29ff:fe38:1ef7
lo:
- 127.0.0.1
- ::1apache
[root@salt-master ~]# salt '*' grains.get ip_interfaces:eth1
salt-minion:
- 192.168.1.201
- fe80::20c:29ff:fe38:1ef7vim
pillar
存储在master端,存放须要提供给minion的信息
敏感信息
变量
其它任何数据
target和state使用centos
打开pillar
pillar_roots:
base:
- /srv/pillartcp
{% if grains['os'] == 'CentOS' %}
apache: httpd
yum: yum
yys: yys
{% elif grains['os'] == 'Debian' %}
apache: apache2
yum: apt-get
{% endif %}优化
[root@salt-master pillar]# salt '*' pillar.get apache
salt-minion:
httpd
[root@salt-master pillar]# salt '*' pillar.get yys
salt-minion:
yys
[root@salt-master pillar]# salt 'salt-minion' pillar.get yum
salt-minion:
yumui
grains VS pillar
用途不通:grains用于存储客户端的minion的基本数据信息,pillar用于存储master分配给minion的数据信息
存储区域不一样:grains存储在minion端,pillar存储在master端
更新方式不一样:grains在minion启动时进行更新也能够经过saltutil.sync_grains进行刷新,pillar存储在master端,使用saltutil.refresh_pillar进行刷新效率更高也更为灵活rest
1.选择角色
这个是使用grains
[root@salt-master pillar]# salt -G 'os:CentOS' test.ping
salt-minion:
Trueip
pillar应用
[root@salt-master pillar]# vim roles.sls
roles: web
[root@salt-master pillar]# vim top.sls
base:
'salt-minion':
- nginx.nginx
- packages
- roles
[root@salt-master pillar]# salt '*' saltutil.refresh_pillar
[root@salt-master pillar]# salt 'salt-minion' pillar.get roles
salt-minion:
web
[root@salt-master pillar]# salt -I 'roles:web' test.ping
salt-minion:
True
[root@salt-master pillar]# salt '*' -b 10 test.ping 每次执行10台
require:
require:本state执行须要先执行那些state
require_in:与require相反
watch:除了require外,也会检测state状态
watch_in:与watch相反
1.安装httpd
[root@salt-master salt]# vim sls_file/apache.sls
apache:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
service.running:
- enable: True
- name: httpd
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 23:12:47.966648
Duration: 18553.182 ms
Changes:
----------
apr:
----------
new:
1.3.9-5.el6_2
old:
apr-util:
----------
new:
1.3.9-3.el6_0.1
old:
apr-util-ldap:
----------
new:
1.3.9-3.el6_0.1
old:
httpd:
----------
new:
2.2.15-53.el6.centos
old:
httpd-tools:
----------
new:
2.2.15-53.el6.centos
old:
mailcap:
----------
new:
2.1.31-2.el6
old:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:13:06.522558
Duration: 7.874 ms
Changes:
----------
ID: apache
Function: service.running
Name: httpd
Result: False
Comment: Service httpd has been enabled, and is dead
Started: 23:13:06.531651
Duration: 138.213 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 2 (changed=2)
Failed: 1
------------
Total states run: 3
[root@salt-master salt]# vim /etc/^C
[root@salt-master salt]# vim config_file/
httpd.conf nginx/ script/ vsftpd.conf
[root@salt-master salt]# vim config_file/httpd.conf
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:13:43.435408
Duration: 222.893 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:13:43.660646
Duration: 12.437 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 80
+Listen 9999
#
# Dynamic Shared Object (DSO) Support
----------
ID: apache
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started: 23:13:43.673420
Duration: 69.659 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
上面有一个报错由于我自己启动了nginx占用了80因此须要改一下httpd配置文件便可完成
调式:
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache test=True
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:16:26.512596
Duration: 217.712 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: The file /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:16:26.732353
Duration: 2.549 ms
Changes:
----------
ID: apache
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 23:16:26.735312
Duration: 26.744 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache test=True
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:16:54.945258
Duration: 224.859 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: The file /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:16:55.172223
Duration: 2.861 ms
Changes:
----------
ID: apache
Function: service.running
Name: httpd
Result: None
Comment: Service httpd is set to start
Started: 23:16:55.175418
Duration: 18.232 ms
Changes:
Summary
------------
Succeeded: 3 (unchanged=1)
Failed: 0
------------
Total states run: 3
不会真实执行调式完毕以后再执行
2.增长requisites
[root@salt-master salt]# vim sls_file/apache.sls
apache:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: apache#就是我取的这个id配置文件管理以前保证软件安装
service.running:
- enable: True
- name: httpd
- watch:#检测状态改变执行重启
- pkg: apache#检测apache软件是否会有变化,有则执行重启
- file: apache#配置文件是否有变化,有则重启
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx#就是我取的这个id
service.running:
- enable: True
- name: httpd
- watch:#检测状态改变执行重启
- pkg: nginx#检测apache是否会有变化,有则执行重启
- file: nginx#配置文件是否有变化,有则重启
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:30:25.526678
Duration: 213.372 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:30:25.742436
Duration: 3.268 ms
Changes:
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 23:30:25.746117
Duration: 25.382 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
能够看到apache只是一个id或者理解为名称
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:26:30.382684
Duration: 216.614 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:26:30.601524
Duration: 2.687 ms
Changes:
----------
ID: apache
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 23:26:30.604611
Duration: 26.028 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# vim config_file/httpd.conf
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:26:52.667503
Duration: 219.51 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:26:52.889209
Duration: 12.14 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9999
+Listen 9998
#
# Dynamic Shared Object (DSO) Support
----------
ID: apache
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:26:52.928307
Duration: 215.437 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
能够看到改变2个操做
重启和配置文件改变
3.变量使用
[root@salt-master salt]# vim sls_file/apache.sls
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:#defaults
port: 9997
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
[root@salt-master salt]# vim config_file/httpd.conf
Listen {{ port }}
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:34:02.107754
Duration: 219.02 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:34:02.328933
Duration: 21.308 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9998
+Listen 9997
#
# Dynamic Shared Object (DSO) Support
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:34:02.375926
Duration: 214.444 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9997 :::* LISTEN 4429/httpd
能够看到修改生效
4.每一个主机端口不同
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
{% if grains['id'] == 'salt-minion'%}
port: 9997
{% elif grains['id'] == 'salt-minion02'%}
port: 9998
{% else %}
port: 9999
{% endif %}
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:39:51.984573
Duration: 217.182 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:39:52.203991
Duration: 14.981 ms
Changes:
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 23:39:52.219407
Duration: 25.886 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9997 :::* LISTEN 4429/httpd
能够看到和原来同样
咱们如今改一下端口
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
{% if grains['id'] == 'salt-minion'%}
port: 9998
{% elif grains['id'] == 'salt-minion02'%}
port: 9997
{% else %}
port: 9999
{% endif %}
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
salt-minion为9998
salt-minion02为9997
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:41:45.652814
Duration: 218.351 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:41:45.873363
Duration: 17.753 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9997
+Listen 9998
#
# Dynamic Shared Object (DSO) Support
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:41:45.917686
Duration: 209.181 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9998 :::* LISTEN 4853/http
能够看到端口变为9998生效
如今咱们验证一下没有匹配到的状况
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
{% if grains['id'] == 'salt-minion01'%}
port: 9998
{% elif grains['id'] == 'salt-minion02'%}
port: 9997
{% else %}
port: 9999
{% endif %}
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
如今主机包含在其它的状况中
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:43:14.444092
Duration: 215.958 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:43:14.662291
Duration: 17.061 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9998
+Listen 9999
#
# Dynamic Shared Object (DSO) Support
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:43:14.706464
Duration: 203.308 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9999 :::* LISTEN 5017/httpd
如今变为9999也是生效的
这样就能够实现不通的minion id配置不一样的端口
优化:
sls描述处理逻辑,业务数据不该该在sls上
用pillar来作
apache:
{% if grains['id'] == 'salt-minion'%}
port: 9999
{% elif grains['id'] == 'salt-minion02'%}
port: 9997
{% else %}
port: 9998
{% endif %}
[root@salt-master apache]# salt '*' pillar.get apache
salt-minion:
----------
port:
9999
修改sls
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
port: {{ salt['pillar.get']('apache:port',9995)}}#使用pillar获取的值,什么都没有的话会默认为9995
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
[root@salt-master apache]# salt '*' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9998 :::* LISTEN 5311/httpd
[root@salt-master apache]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:54:51.542798
Duration: 216.563 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:54:51.761655
Duration: 17.513 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9998
+Listen 9999
#
# Dynamic Shared Object (DSO) Support
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:54:51.806378
Duration: 199.891 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
[root@salt-master apache]# salt '*' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9999 :::* LISTEN 5692/httpd
这里就有一个技巧:
把数据放到pillar中这样我就只须要修改pillar就完成配置数据的管理,而配置管理的逻辑或者功能则用sls来来具体执行
例如:
[root@salt-master ~]# vim /srv/pillar/top.sls
base:
'salt-minion':
- nginx.nginx
- packages
- roles
- apache
'*':
- system
对salt-minion进行nginx和apache的安装及配置管理
对全部主机进行系统设置
apache:
{% if grains['id'] == 'salt-minion'%}
port: 9999
{% elif grains['id'] == 'salt-minion02'%}
port: 9997
{% else %}
port: 9998
{% endif %}
nofile: 102400
下面是sls文件
nofile_soft:
cmd.run:
- name: echo '* soft nofile {{ salt['pillar.get']('nofile',10240) }}' >> /etc/security/limits.conf
nofile_hard:
cmd.run:
- name: echo '* hard nofile {{ salt['pillar.get']('nofile',10240) }}' >> /etc/security/limits.conf
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
port: {{ salt['pillar.get']('apache:port',9995)}}
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
这样功能就实现安装apache系统设置就完成nofile的修改
可是数据只改pillar就能够实现了,不用在sls中进行数据修改,只需在sls中进行逻辑功能编写便可
周期执行sls文件
pillar中top.sls
base:
'salt-minion':
- nginx.nginx
- packages
- roles
- apache
'*':
- system
[root@salt-master pillar]# vim nginx/nginx.sls
schedule:
nginx:
function: state.sls
minutes: 1#seconds秒级
args:
- 'sls_file.nginx'
等价于:
salt 'salt-minion' state.sls sls_file.nginx
[root@salt-master pillar]# vim /srv/salt/sls_file/nginx.sls
nginx: pkg: - installed service: - running - enable: True - reload: True - watch: - pkg: nginx - file: /etc/nginx/nginx.conf - file: /etc/nginx/conf.d/default.conf /etc/nginx/nginx.conf: file.managed: - source: salt://config_file/nginx/nginx.conf - user: root - group: root - mode: 644 /etc/nginx/conf.d/default.conf: file.managed: - source: salt://config_file/nginx/conf.d/default.conf - user: root - group: root - mode: 644 注意:不写name就默认把取名的id做为name - name :/etc/nginx/conf.d/default.conf 以上至关于每分钟执行一次 salt 'salt-minion' state.sls sls_file.nginx
- 1. 堆及其相关应用
- 2. Saltstack数据系统
- 3. SaltStack--数据系统
- 4. STM32最小系统设计原理及其相关应用
- 5. 06_系统及其余相关命令
- 6. SaltStack的数据系统Pillar
- 7. 二、Saltstack的数据系统
- 8. Saltstack相关使用
- 9. OpenSSH服务及其相关应用
- 10. Pearson 相关系数--最佳理解及相关应用
- 更多相关文章...
- • XML 相关技术 - XML 教程
- • 互联网系统应用架构基础分析 - 红包项目实战
- • Flink 数据传输及反压详解
- • NewSQL-TiDB相关
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. 堆及其相关应用
- 2. Saltstack数据系统
- 3. SaltStack--数据系统
- 4. STM32最小系统设计原理及其相关应用
- 5. 06_系统及其余相关命令
- 6. SaltStack的数据系统Pillar
- 7. 二、Saltstack的数据系统
- 8. Saltstack相关使用
- 9. OpenSSH服务及其相关应用
- 10. Pearson 相关系数--最佳理解及相关应用