saltstack數據系統及其相關應用
grains
grains是靜態的,只有minion啓動才加載
[root@salt-master ~]# salt '*' grains.itemsnginx
[root@salt-master ~]# salt '*' grains.get hwaddr_interfaces
salt-minion:
----------
eth1:
00:0c:29:38:1e:f7
lo:
00:00:00:00:00:00
[root@salt-master ~]# salt '*' grains.get hwaddr_interfaces:eth1
salt-minion:
00:0c:29:38:1e:f7web
[root@salt-master ~]# salt '*' grains.get ip_interfaces
salt-minion:
----------
eth1:
- 192.168.1.201
- fe80::20c:29ff:fe38:1ef7
lo:
- 127.0.0.1
- ::1apache
[root@salt-master ~]# salt '*' grains.get ip_interfaces:eth1
salt-minion:
- 192.168.1.201
- fe80::20c:29ff:fe38:1ef7vim
pillar
存儲在master端,存放須要提供給minion的信息
敏感信息
變量
其它任何數據
target和state使用centos
打開pillar
pillar_roots:
base:
- /srv/pillartcp
{% if grains['os'] == 'CentOS' %}
apache: httpd
yum: yum
yys: yys
{% elif grains['os'] == 'Debian' %}
apache: apache2
yum: apt-get
{% endif %}優化
[root@salt-master pillar]# salt '*' pillar.get apache
salt-minion:
httpd
[root@salt-master pillar]# salt '*' pillar.get yys
salt-minion:
yys
[root@salt-master pillar]# salt 'salt-minion' pillar.get yum
salt-minion:
yumui
grains VS pillar
用途不通:grains用於存儲客戶端的minion的基本數據信息,pillar用於存儲master分配給minion的數據信息
存儲區域不一樣:grains存儲在minion端,pillar存儲在master端
更新方式不一樣:grains在minion啓動時進行更新也能夠經過saltutil.sync_grains進行刷新,pillar存儲在master端,使用saltutil.refresh_pillar進行刷新效率更高也更爲靈活rest
1.選擇角色
這個是使用grains
[root@salt-master pillar]# salt -G 'os:CentOS' test.ping
salt-minion:
Trueip
pillar應用
[root@salt-master pillar]# vim roles.sls
roles: web
[root@salt-master pillar]# vim top.sls
base:
'salt-minion':
- nginx.nginx
- packages
- roles
[root@salt-master pillar]# salt '*' saltutil.refresh_pillar
[root@salt-master pillar]# salt 'salt-minion' pillar.get roles
salt-minion:
web
[root@salt-master pillar]# salt -I 'roles:web' test.ping
salt-minion:
True
[root@salt-master pillar]# salt '*' -b 10 test.ping 每次執行10臺
require:
require:本state執行須要先執行那些state
require_in:與require相反
watch:除了require外,也會檢測state狀態
watch_in:與watch相反
1.安裝httpd
[root@salt-master salt]# vim sls_file/apache.sls
apache:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
service.running:
- enable: True
- name: httpd
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 23:12:47.966648
Duration: 18553.182 ms
Changes:
----------
apr:
----------
new:
1.3.9-5.el6_2
old:
apr-util:
----------
new:
1.3.9-3.el6_0.1
old:
apr-util-ldap:
----------
new:
1.3.9-3.el6_0.1
old:
httpd:
----------
new:
2.2.15-53.el6.centos
old:
httpd-tools:
----------
new:
2.2.15-53.el6.centos
old:
mailcap:
----------
new:
2.1.31-2.el6
old:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:13:06.522558
Duration: 7.874 ms
Changes:
----------
ID: apache
Function: service.running
Name: httpd
Result: False
Comment: Service httpd has been enabled, and is dead
Started: 23:13:06.531651
Duration: 138.213 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 2 (changed=2)
Failed: 1
------------
Total states run: 3
[root@salt-master salt]# vim /etc/^C
[root@salt-master salt]# vim config_file/
httpd.conf nginx/ script/ vsftpd.conf
[root@salt-master salt]# vim config_file/httpd.conf
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:13:43.435408
Duration: 222.893 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:13:43.660646
Duration: 12.437 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 80
+Listen 9999
#
# Dynamic Shared Object (DSO) Support
----------
ID: apache
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started: 23:13:43.673420
Duration: 69.659 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
上面有一個報錯由於我自己啓動了nginx佔用了80因此須要改一下httpd配置文件便可完成
調式:
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache test=True
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:16:26.512596
Duration: 217.712 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: The file /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:16:26.732353
Duration: 2.549 ms
Changes:
----------
ID: apache
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 23:16:26.735312
Duration: 26.744 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache test=True
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:16:54.945258
Duration: 224.859 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: The file /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:16:55.172223
Duration: 2.861 ms
Changes:
----------
ID: apache
Function: service.running
Name: httpd
Result: None
Comment: Service httpd is set to start
Started: 23:16:55.175418
Duration: 18.232 ms
Changes:
Summary
------------
Succeeded: 3 (unchanged=1)
Failed: 0
------------
Total states run: 3
不會真實執行調式完畢以後再執行
2.增長requisites
[root@salt-master salt]# vim sls_file/apache.sls
apache:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: apache#就是我取的這個id配置文件管理以前保證軟件安裝
service.running:
- enable: True
- name: httpd
- watch:#檢測狀態改變執行重啓
- pkg: apache#檢測apache軟件是否會有變化,有則執行重啓
- file: apache#配置文件是否有變化,有則重啓
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx#就是我取的這個id
service.running:
- enable: True
- name: httpd
- watch:#檢測狀態改變執行重啓
- pkg: nginx#檢測apache是否會有變化,有則執行重啓
- file: nginx#配置文件是否有變化,有則重啓
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:30:25.526678
Duration: 213.372 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:30:25.742436
Duration: 3.268 ms
Changes:
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 23:30:25.746117
Duration: 25.382 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
能夠看到apache只是一個id或者理解爲名稱
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:26:30.382684
Duration: 216.614 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:26:30.601524
Duration: 2.687 ms
Changes:
----------
ID: apache
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 23:26:30.604611
Duration: 26.028 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# vim config_file/httpd.conf
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:26:52.667503
Duration: 219.51 ms
Changes:
----------
ID: apache
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:26:52.889209
Duration: 12.14 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9999
+Listen 9998
#
# Dynamic Shared Object (DSO) Support
----------
ID: apache
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:26:52.928307
Duration: 215.437 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
能夠看到改變2個操做
重啓和配置文件改變
3.變量使用
[root@salt-master salt]# vim sls_file/apache.sls
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:#defaults
port: 9997
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
[root@salt-master salt]# vim config_file/httpd.conf
Listen {{ port }}
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:34:02.107754
Duration: 219.02 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:34:02.328933
Duration: 21.308 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9998
+Listen 9997
#
# Dynamic Shared Object (DSO) Support
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:34:02.375926
Duration: 214.444 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9997 :::* LISTEN 4429/httpd
能夠看到修改生效
4.每一個主機端口不同
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
{% if grains['id'] == 'salt-minion'%}
port: 9997
{% elif grains['id'] == 'salt-minion02'%}
port: 9998
{% else %}
port: 9999
{% endif %}
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:39:51.984573
Duration: 217.182 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 23:39:52.203991
Duration: 14.981 ms
Changes:
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 23:39:52.219407
Duration: 25.886 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9997 :::* LISTEN 4429/httpd
能夠看到和原來同樣
咱們如今改一下端口
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
{% if grains['id'] == 'salt-minion'%}
port: 9998
{% elif grains['id'] == 'salt-minion02'%}
port: 9997
{% else %}
port: 9999
{% endif %}
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
salt-minion爲9998
salt-minion02爲9997
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:41:45.652814
Duration: 218.351 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:41:45.873363
Duration: 17.753 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9997
+Listen 9998
#
# Dynamic Shared Object (DSO) Support
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:41:45.917686
Duration: 209.181 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9998 :::* LISTEN 4853/http
能夠看到端口變爲9998生效
如今咱們驗證一下沒有匹配到的狀況
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
{% if grains['id'] == 'salt-minion01'%}
port: 9998
{% elif grains['id'] == 'salt-minion02'%}
port: 9997
{% else %}
port: 9999
{% endif %}
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
如今主機包含在其它的狀況中
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:43:14.444092
Duration: 215.958 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:43:14.662291
Duration: 17.061 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9998
+Listen 9999
#
# Dynamic Shared Object (DSO) Support
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:43:14.706464
Duration: 203.308 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
[root@salt-master salt]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9999 :::* LISTEN 5017/httpd
如今變爲9999也是生效的
這樣就能夠實現不通的minion id配置不一樣的端口
優化:
sls描述處理邏輯,業務數據不該該在sls上
用pillar來作
apache:
{% if grains['id'] == 'salt-minion'%}
port: 9999
{% elif grains['id'] == 'salt-minion02'%}
port: 9997
{% else %}
port: 9998
{% endif %}
[root@salt-master apache]# salt '*' pillar.get apache
salt-minion:
----------
port:
9999
修改sls
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
port: {{ salt['pillar.get']('apache:port',9995)}}#使用pillar獲取的值,什麼都沒有的話會默認爲9995
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
[root@salt-master apache]# salt '*' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9998 :::* LISTEN 5311/httpd
[root@salt-master apache]# salt 'salt-minion' state.sls sls_file.apache
salt-minion:
----------
ID: nginx
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 23:54:51.542798
Duration: 216.563 ms
Changes:
----------
ID: nginx
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 23:54:51.761655
Duration: 17.513 ms
Changes:
----------
diff:
---
+++
@@ -133,7 +133,7 @@
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
-Listen 9998
+Listen 9999
#
# Dynamic Shared Object (DSO) Support
----------
ID: nginx
Function: service.running
Name: httpd
Result: True
Comment: Service restarted
Started: 23:54:51.806378
Duration: 199.891 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
[root@salt-master apache]# salt '*' cmd.run 'netstat -anutlp|grep httpd'
salt-minion:
tcp 0 0 :::9999 :::* LISTEN 5692/httpd
這裏就有一個技巧:
把數據放到pillar中這樣我就只須要修改pillar就完成配置數據的管理,而配置管理的邏輯或者功能則用sls來來具體執行
例如:
[root@salt-master ~]# vim /srv/pillar/top.sls
base:
'salt-minion':
- nginx.nginx
- packages
- roles
- apache
'*':
- system
對salt-minion進行nginx和apache的安裝及配置管理
對全部主機進行系統設置
apache:
{% if grains['id'] == 'salt-minion'%}
port: 9999
{% elif grains['id'] == 'salt-minion02'%}
port: 9997
{% else %}
port: 9998
{% endif %}
nofile: 102400
下面是sls文件
nofile_soft:
cmd.run:
- name: echo '* soft nofile {{ salt['pillar.get']('nofile',10240) }}' >> /etc/security/limits.conf
nofile_hard:
cmd.run:
- name: echo '* hard nofile {{ salt['pillar.get']('nofile',10240) }}' >> /etc/security/limits.conf
nginx:
pkg.installed:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://config_file/httpd.conf
- require:
- pkg: nginx
- template: jinja
- context:
port: {{ salt['pillar.get']('apache:port',9995)}}
service.running:
- enable: True
- name: httpd
- watch:
- pkg: nginx
- file: nginx
這樣功能就實現安裝apache系統設置就完成nofile的修改
可是數據只改pillar就能夠實現了,不用在sls中進行數據修改,只需在sls中進行邏輯功能編寫便可
週期執行sls文件
pillar中top.sls
base:
'salt-minion':
- nginx.nginx
- packages
- roles
- apache
'*':
- system
[root@salt-master pillar]# vim nginx/nginx.sls
schedule:
nginx:
function: state.sls
minutes: 1#seconds秒級
args:
- 'sls_file.nginx'
等價於:
salt 'salt-minion' state.sls sls_file.nginx
[root@salt-master pillar]# vim /srv/salt/sls_file/nginx.sls
nginx: pkg: - installed service: - running - enable: True - reload: True - watch: - pkg: nginx - file: /etc/nginx/nginx.conf - file: /etc/nginx/conf.d/default.conf /etc/nginx/nginx.conf: file.managed: - source: salt://config_file/nginx/nginx.conf - user: root - group: root - mode: 644 /etc/nginx/conf.d/default.conf: file.managed: - source: salt://config_file/nginx/conf.d/default.conf - user: root - group: root - mode: 644 注意:不寫name就默認把取名的id做爲name - name :/etc/nginx/conf.d/default.conf 以上至關於每分鐘執行一次 salt 'salt-minion' state.sls sls_file.nginx
- 1. 堆及其相關應用
- 2. Saltstack數據系統
- 3. SaltStack--數據系統
- 4. STM32最小系統設計原理及其相關應用
- 5. 06_系統及其餘相關命令
- 6. SaltStack的數據系統Pillar
- 7. 二、Saltstack的數據系統
- 8. Saltstack相關使用
- 9. OpenSSH服務及其相關應用
- 10. Pearson 相關係數--最佳理解及相關應用
- 更多相關文章...
- • XML 相關技術 - XML 教程
- • 互聯網系統應用架構基礎分析 - 紅包項目實戰
- • Flink 數據傳輸及反壓詳解
- • NewSQL-TiDB相關
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. 堆及其相關應用
- 2. Saltstack數據系統
- 3. SaltStack--數據系統
- 4. STM32最小系統設計原理及其相關應用
- 5. 06_系統及其餘相關命令
- 6. SaltStack的數據系統Pillar
- 7. 二、Saltstack的數據系統
- 8. Saltstack相關使用
- 9. OpenSSH服務及其相關應用
- 10. Pearson 相關係數--最佳理解及相關應用