saltstack----自動化(1)
官方文檔
官方網站:https://www.saltstack.com/php
官方文檔 https://docs.saltstack.cn/contents.htmlhtml
GitHub: https://github.com/saltstackjava
中國saltstack用戶組:https://www.saltstack.cn/node
master和minion之間用祕鑰雙向加密python
[root@node1 /]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repomysql
root@node1 /]# yum -y install salt-mastergit
/etc/init.d/salt-master startgithub
[root@node1 /]#vim /etc/hosts web
10.240.17.100 node1sql
10.240.17.103 node2
[root@node2]# vim /etc/salt/minion
16 master 211.103.138.122
systemctl start salt-minion
tree /etc/salt/minion/ ####若是主機名變了須要刪除/etc/salt/minion_id文件 至關於緩存
[root@node1/]# tree /etc/salt/master ###若是主機名改了須要刪除 minions_pre下對應的minion客戶端名字
[root@node1/]#salt-key -A ###添加全部主機
[root@node1/]#salt '*' test.ping #全部的主機執行模塊ping操做
###master和minion經過zeromq消息隊列來通訊,全部的minion都連到master的4505端口上,當master發送指令的時候經過4506給minion發送消息
[root@node1/]#salt '*' cmd.run 'w' ###遠程執行命令
[root@node1/]# vim /etc/salt/master
416
file_roots:
base:
- /srv/salt/base
dev:
- /srv/salt/dev
test:
- /srv/salt/test
prod:
- /srv/salt/prod
[root@node1/]# mkdir -p /srv/salt/{base,dev,test,prod}
[root@node1/]#/etc/init.d/salt-master restart
[root@node1/]# cd /srv/salt/base
vim apache.sls
apache-install: ###ID狀態惟一標示
pkg.installed: ###pkg是個狀態模塊,installed是狀態模塊的方法
- name: httpd ### name是個方法參數 httpd是這臺機子應該有個httpd,若是有就上面都不作,若是沒有就安裝。
apache-service: ###
service.running: ###service狀態模塊,runing狀態模塊方法
- name: httpd ###name方法參數
- enable: True ###enable方法參數 true是保證httpd應該處於啓動,若是啓動了什麼都不作,若是沒有就啓動
[root@node1 base]# salt 'node2' state.sls apache #########執行apache.sls方法命令
[root@node1 base]# mkdir web && mv apache.sls web
[root@node1 base]# salt 'node2' state.sls web.apache ####以.來區別層次關係,而不是用/
[root@node1 base]# vim /etc/salt/master
329 state_top: top.sls
[root@node1 base]# vim top.sls
base:
'node1' :
- web.apache
'node2' :
- web.apache
[root@node1 base]# salt '*' state.highstate ###高級狀態,去查top.sls,而後根據編排來執行各自的任務
https://www.unixhot.com/docs/saltstack/
[root@node1 base]# cd web
[root@node1 web]# vim lamp.sls
lamp-install: ###之後要安裝什麼包能夠先從其餘先裝一次而後把包名在放到pkgs下
pkg.installed: ###一個ID下只能一個狀態只能出現一次
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://web/httpd.conf ##//表示當前環境/srv/salt/base/
- user: root
- group: root
- mode: 644
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://web/php.ini
- user: root
- group: root
- mode: 644
[root@node2 ]# sz /etc/httpd/conf/httpd.conf
[root@node2 ]#sz /etc/php.ini
把下載出來的2個文件 上傳到 node1服務器/srv/salt/base/web/下
[root@node1 web]# salt '*' state.sls web.lamp
[root@node1 web]#mkdir files
[root@node1 web]#mv httpd.conf php.ini files/
vim lamp.sls
lamp-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://web/files/httpd.conf
- user: root
- group: root
- mode: 644
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://web/files/php.ini
- user: root
- group: root
- mode: 644
lamp-service:
service.running:
- name: httpd
- enable: True
[root@node1 base]#vim top.sls
base :
'node1' :
- web.lamp
'node2' :
- web.lamp
[root@node1 base]# salt '*' state.highstate
[root@node1 web]# vim lamp.sls
apache-conf:
file.recurse:
- name: /etc/httpd/conf.d
- source: salt://web/files/apache-conf.d
[root@node1 web] # mkdir /srv/salt/base/web/files/apache-conf.d
[root@node1 web] # cd /srv/salt/base/web/files/apache-conf.d
[root@node1 web] #scp 10.240.17.103:/etc/httpd/conf.d/* ./
[root@node1 web] # salt 'node2' state.highstate test=True
[root@node1 web] # salt '*' file.append /etc/profile '#hha' ######給minion端 /etc/profile文件裏 追加#hha
[root@node1 web] # vim lamp.sls
lamp-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache-config: ###針對文件
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://web/files/httpd.conf
- user: root
- group: root
- mode: 644
- require:
- pkg: lamp-install #####當lamp-install安裝完的時候才執行文件配置,若是沒執行完則不會執行下面的
apache-conf: ####針對目錄改變
file.recurse:
- name: /etc/httpd/conf.d
- source: salt://web/files/apache-conf.d
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://web/files/php.ini
- user: root
- group: root
- mode: 644
lamp-service:
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: apache-conf ### 要監控apache-conf這個目錄,有變動就重啓
- file: apache-config ### 監控apache-config這個目錄,有變動 就重啓
[root@node1 web] #salt '*' state.highstate
[root@node1 web] #mkdir /var/www/html/admin/ && cd /var/www/html/admin/
[root@node1 web] # vim info.php
<?php
phpinfo();
[root@node2 web] #mkdir /var/www/html/admin/ && cd /var/www/html/admin/
[root@node2 web] # vim info.php
<?php
phpinfo();
<Directory "/var/www/html/admin">
AllowOverride All
Order allow,deny
Allow from All
AuthUserFile /etc/httpd/conf/htpasswd_file
AuthName "hehe"
AuthType Basic
Require user admin
</Directory>
[root@node1 web] #whereis htpasswd
[root@node1 web] #rpm -qf /usr/bin/htpasswd
[root@node1 web] # vim /srv/salt/base/web/lamp.sls
lamp-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache-config: ###針對文件
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://web/files/httpd.conf
- user: root
- group: root
- mode: 644
- require:
- pkg: lamp-install #####當lamp-install安裝完的時候才執行文件配置,若是沒執行完則不會執行下面的
apache-auth:
pkg.installed:
- name: httpd-tools
- require_in:
- cmd: apache-auth
cmd.run:
- name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- unless: test -f /etc/httpd/conf/htpasswd_file ##unless 若是條件爲真,就不執行
apache-conf: ####針對目錄改變
file.recurse:
- name: /etc/httpd/conf.d
- source: salt://web/files/apache-conf.d
- watch_in:
- service: lamp-service ###若是目錄裏東西改變就去執行service模塊
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://web/files/php.ini
- user: root
- group: root
- mode: 644
lamp-service:
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: apache-conf ### 要監控apache-conf這個目錄,有變動就重啓
- file: apache-config ### 監控apache-config這個目錄,有變動 就重啓
[root@node1 web] #salt '*' state.highstate
[root@node1 web] # vim tomcat.sls
jdk-install:
pkg.installed:
- name: java-1.8.0-openjdk
tomcat-install:
file.managed:
- name: /usr/local/src/apache-tomcat-8.0.46.tar.gz
- source: salt://web/files/apache-tomcat-8.0.46.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar xvf apache-tomcat-8.0.46.tar.gz && mv apache-tomcat-8.0.46 /usr/local/ && ln -s /usr/local/apache-tomcat-8.0.46 /usr/local/tomcat
- unless: test -L /usr/local/tomcat && test -d /usr/local/apache-tomcat-8.0.46
[root@node1 web] # salt '*' state.sls tomcat
#################################################################
[root@node1 web] # salt 'node2' grains.items ######grains 數據收集
[root@node1 web] # salt 'node2' grains.item fqdn_ip4
[root@node1 web] #salt -G 'os:CentOS' cmd.run 'uptime'
##################################################################
[root@node1 web] # vim lamp.sls
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://web/files/httpd.conf
- user: root
- group: root
- mode: 644
- require:
- pkg: lamp-install
- template: jinja ###變成jinja模板文件
- defaults:
PORT: 80 ###添加變量名 以及端口號
IPADDR: {{ grains['fqdn_ip4'][0] }} ###添加變量IP地址名,調用grains來獲取主機名,[0]表明python列表裏取第一個
[root@node1 web] vim /srv/salt/base/web/files/httpd.conf
Listen {{ IPADDR }}:{{ PORT }} ######配置文件裏使用lamp.sls裏定義的變量名
1.中止salt-minion 2.salt-key 刪除老的ID 3 刪除/etc/salt/minion_id 4.刪除minion端/etc/salt/pki 5.修改ID 6 啓動 7 從新salt-key 加入
/var/log/salt/cache/ 緩存文件位置
zabbix-agent
zabbix-install: pkg.installed: - name: zabbix-agent agent-config: file.managed: - name: /etc/zabbix/zabbix_agentd.conf - source: salt://web/files/zabbix_agentd.conf - user: root - group: root - require: - pkg: zabbix-install cmd.run: - name: chmod 755 /var/log/zabbix/ /var/run/zabbix/ && useradd zabbix && chown zabbix.zabbix /var/log/zabbix/ -R && chown zabbix.zabbix /var/run/zabbix/ -R - unless: test -d /home/zabbix/ - template: jinjia - defaults: Server: {{ 'haha' }} agent-service: service.running: - name: zabbix-agent - enable: True - reload: True - watch: - file: agent-config
- 1. saltstack-自動化(2)
- 2. SaltStack 自動化工具
- 3. 自動化運維(一)——Saltstack
- 4. 自動化運維—saltstack
- 5. 自動化部署之SaltStack
- 6. 自動化運維之saltstack
- 7. Saltstack自動化運維
- 8. 【0723】自動化運維——saltstack
- 9. 自動化運維之Saltstack
- 10. saltstack 自動化運維
- 更多相關文章...
- • Maven 自動化部署 - Maven教程
- • Spring自動裝配Bean - Spring教程
- • SpringBoot中properties文件不能自動提示解決方法
- • IntelliJ IDEA中SpringBoot properties文件不能自動提示問題解決
-
每一个你不满意的现在,都有一个你没有努力的曾经。