4.slatstack文件系統與grains,pillar

時間 2019-11-12

標籤 4.slatstack slatstack 文件系統 grains pillar 简体版

原文原文鏈接

1.修改配置文件
取消如下注釋
file_roots:
base:
- /srv/salthtml

2.建立目錄
[root@salt-master ~]# mkdir /srv/salt -p
[root@salt-master salt]# mkdir config_file
[root@salt-master config_file]# mkdir script
[root@salt-master script]# tree -L 3 /srv/salt/
/srv/salt/
└── config_file
└── script
└── test.shnode

2 directories, 1 fil
[root@salt-master script]# salt 'salt-minion' cmd.script salt://config_file/script/test.sh
執行這個命令就能夠在minion端執行這個腳本python

3.寫sls文件
top.sls
base:
'salt-minion':
- vsftpd
~ linux

vsftpd.sls
/opt/vsftpd:
file.managed:
- source: salt://config_file/vsftpd.conf
- user: root
- group: root
- mode: 600nginx

執行結果
[root@salt-master salt]# salt 'salt-minion' state.highstate#會採用top.sls的方式
salt-minion:
----------
ID: /opt/vsftpd
Function: file.managed
Result: True
Comment: File /opt/vsftpd updated
Started: 15:41:03.898742
Duration: 13.612 ms
Changes:
----------
diff:
New fileweb

Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@salt-master salt]# vim config_file/
script/ vsftpd.conf
[root@salt-master salt]# vim config_file/vsftpd.conf
[root@salt-master salt]#
[root@salt-master salt]# salt 'salt-minion' state.sls vsftpd#執行sls文件可在
salt-minion:
----------
ID: /opt/vsftpd
Function: file.managed
Result: True
Comment: File /opt/vsftpd updated
Started: 15:41:49.520423
Duration: 11.542 ms
Changes:
----------
diff:
---
+++
@@ -1,1 +1,2 @@
hello
+yysshell

Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1vim

若是sls文件沒有在salt路徑的根目錄執行sls也要相應添加路徑
[root@salt-master salt]# salt 'salt-minion' state.sls sls_file.vsftpd
salt-minion:
----------
ID: /opt/vsftpd
Function: file.managed
Result: True
Comment: File /opt/vsftpd updated
Started: 15:46:29.673069
Duration: 11.47 ms
Changes:
----------
diff:
---
+++
@@ -1,2 +1,3 @@
hello
yys
+linuxcentos

Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1api

grains:
跟puppet的facter功能同樣,主要負責採集客戶端一些基本信息,也可自定義,能夠在客戶端自定義,而後自動彙報上來,也能夠從服務端定義而後推下去,採集完成在彙報上來pillar跟grains比較的話靈活性更強

查看全部的grains項
[root@salt-master salt]# salt 'salt-minion' grains.ls
salt-minion:
- SSDs
- cpu_flags
- cpu_model
- cpuarch
- domain
- fqdn
- fqdn_ip4
- fqdn_ip6
- gpus
- host
- hwaddr_interfaces
- id
- init
- ip4_interfaces
- ip6_interfaces
- ip_interfaces
- ipv4
- ipv6
- kernel
- kernelrelease
- locale_info
- localhost
- lsb_distrib_codename
- lsb_distrib_id
- lsb_distrib_release
- master
- mdadm
- mem_total
- nodename
- num_cpus
- num_gpus
- os
- os_family
- osarch
- oscodename
- osfinger
- osfullname
- osmajorrelease
- osrelease
- osrelease_info
- path
- ps
- pythonexecutable
- pythonpath
- pythonversion
- saltpath
- saltversion
- saltversioninfo
- selinux
- server_id
- shell
- virtual
- zmqversion
列出全部grains的項和項的值
[root@salt-master salt]# salt 'salt-minion' grains.items
salt-minion:
----------
SSDs:
cpu_flags:
- fpu
- vme
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- dts
- mmx
- fxsr
- sse
- sse2
- ss
- syscall
- nx
- pdpe1gb
- rdtscp
- lm
- constant_tsc
- up
- arch_perfmon
- pebs
- bts
- xtopology
- tsc_reliable
- nonstop_tsc
- aperfmperf
- unfair_spinlock
- pni
- pclmulqdq
- ssse3
- fma
- cx16
- pcid
- sse4_1
- sse4_2
- x2apic
- movbe
- popcnt
- tsc_deadline_timer
- aes
- xsave
- avx
- f16c
- rdrand
- hypervisor
- lahf_lm
- abm
- 3dnowprefetch
- ida
- arat
- xsaveopt
- pln
- pts
- dtherm
- hwp
- hwp_noitfy
- hwp_act_window
- hwp_epp
- fsgsbase
- bmi1
- avx2
- smep
- bmi2
- invpcid
- rdseed
- adx
cpu_model:
Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
cpuarch:
x86_64
domain:
fqdn:
salt-minion
fqdn_ip4:
- 192.168.1.201
fqdn_ip6:
gpus:
|_
----------
model:
SVGA II Adapter
vendor:
unknown
host:
salt-minion
hwaddr_interfaces:
----------
eth1:
00:0c:29:38:1e:f7
lo:
00:00:00:00:00:00
id:
salt-minion
init:
upstart
ip4_interfaces:
----------
eth1:
- 192.168.1.201
lo:
- 127.0.0.1
ip6_interfaces:
----------
eth1:
- fe80::20c:29ff:fe38:1ef7
lo:
- ::1
ip_interfaces:
----------
eth1:
- 192.168.1.201
- fe80::20c:29ff:fe38:1ef7
lo:
- 127.0.0.1
- ::1
ipv4:
- 127.0.0.1
- 192.168.1.201
ipv6:
- ::1
- fe80::20c:29ff:fe38:1ef7
kernel:
Linux
kernelrelease:
2.6.32-642.el6.x86_64
locale_info:
----------
defaultencoding:
UTF8
defaultlanguage:
en_US
detectedencoding:
UTF-8
localhost:
salt-minion
lsb_distrib_codename:
Final
lsb_distrib_id:
CentOS
lsb_distrib_release:
6.8
master:
salt-master
mdadm:
mem_total:
474
nodename:
salt-minion
num_cpus:
1
num_gpus:
1
os:
CentOS
os_family:
RedHat
osarch:
x86_64
oscodename:
Final
osfinger:
CentOS-6
osfullname:
CentOS
osmajorrelease:
6
osrelease:
6.8
osrelease_info:
- 6
- 8
path:
/sbin:/usr/sbin:/bin:/usr/bin
ps:
ps -efH
pythonexecutable:
/usr/bin/python2.6
pythonpath:
- /usr/bin
- /usr/lib64/python26.zip
- /usr/lib64/python2.6
- /usr/lib64/python2.6/plat-linux2
- /usr/lib64/python2.6/lib-tk
- /usr/lib64/python2.6/lib-old
- /usr/lib64/python2.6/lib-dynload
- /usr/lib64/python2.6/site-packages
- /usr/lib/python2.6/site-packages
pythonversion:
- 2
- 6
- 6
- final
- 0
saltpath:
/usr/lib/python2.6/site-packages/salt
saltversion:
2015.5.10
saltversioninfo:
- 2015
- 5
- 10
- 0
selinux:
----------
enabled:
True
enforced:
Permissive
server_id:
1259242440
shell:
/bin/sh
virtual:
VMware
zmqversion:
3.2.5
查看grains單個項的詳細狀況
[root@salt-master salt]# salt 'salt-minion' grains.item os
salt-minion:
----------
os:
CentOS
[root@salt-master salt]# salt 'salt-minion' grains.item shell
salt-minion:
----------
shell:
/bin/sh
[root@salt-master salt]# salt 'salt-minion' grains.item pythonpath
salt-minion:
----------
pythonpath:
- /usr/bin
- /usr/lib64/python26.zip
- /usr/lib64/python2.6
- /usr/lib64/python2.6/plat-linux2
- /usr/lib64/python2.6/lib-tk
- /usr/lib64/python2.6/lib-old
- /usr/lib64/python2.6/lib-dynload
- /usr/lib64/python2.6/site-packages
- /usr/lib/python2.6/site-packages

grains靈活應用:
對全部是centos系統進行test.ping
[root@salt-master salt]# salt -G 'os:CentOS' test.ping
salt-minion:
True
查詢對全部系統cpu是64位的個數
[root@salt-master salt]# salt -G 'cpuarch:x86_64' grains.item num_cpus
salt-minion:
----------
num_cpus:
1
自定義grains:
在minion端的配置文件中加入
grains:
roles:
- webserver
- minion
deployment: datacenter4
cabinet: 12
cab_u: 14-15

在master上就能夠收集到相應信息
[root@salt-master salt]# salt 'salt-minion' grains.item roles deployment cabinet cab_u
salt-minion:
----------
cab_u:
14-15
cabinet:
12
deployment:
datacenter4
roles:
- webserver
- minion

states:
salt狀態系統的核心是sls,sls表示系統將會是什麼樣的一種狀態,並且是以一種很簡單的格式來包含數據,也被叫作配置管理
sls文件實際上只是一些:字典,列表,字符串,數字

yaml:
   縮進:salt須要對每一個縮進級別是兩個空格,但不能使用tabs
   鍵值對採用冒號進行配對,用一個空格隔開key: value
   想要表示列表項,使用一個-+空格 - webserver
   http://docs.saltstack.com/cn/topics/yaml/index.html
state模塊列表
   http://docs.saltstack.com/en/latest/ref/states/all/index.html

pillar:
   pillar是salt的一個組件,他用於特定的minion定義任何你須要的數據,這些數據能夠被salt其它組件使用,pillar解析完成是一個嵌套的dict結構.pillar數據是與特定minion關聯的,也就是每個minion都只能看到本身的數據,因此pillar能夠用來傳遞敏感數據
.
用途:
   敏感數據
   變量使用jinja模版,可在文件中使用{{ 變量}} 傳遞
   targetting
定時執行
schedule:
highstate:
funtion: state.highstate
minute: 1

schedule:
sls:
funtion: state.sls
minute: 1

首先打開pillar
pillar_roots:
base:
- /srv/pillar
建立相應目錄
mkdir /srv/pillar/nginx

編寫top.sls
cd /srv/pillar
必需要有top.sls
[root@salt-master pillar]# vim top.sls

base:
'salt-minion':
- nginx.nginx

編寫nginx.sls
[root@salt-master pillar]# vim nginx/nginx.sls

schedule:
nginx:
function: state.sls
minutes: 1
args:
- 'nginx'

[root@salt-master pillar]# salt 'salt-minion' pillar.data
salt-minion:
----------
schedule:
----------
nginx:
----------
args:
- nginx
function:
state.sls
minutes:
1

修改配置文件
[root@salt-master pillar]# vim ../salt/config_file/nginx/conf.d/default.conf
[root@salt-master pillar]# salt 'salt-minion' saltutil.refresh_pillar
salt-minion:
True
[root@salt-master pillar]# salt 'salt-minion' cmd.run 'netstat -anutlp|grep nginx'
salt-minion:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6535/nginx
tcp 0 0 0.0.0.0:8088 0.0.0.0:* LISTEN 6535/nginx
等待一分鐘
以上須要注意的是具體應用的sls須要和實際命令一致
例如:
salt 'salt-minion' state.sls sls_file.nginx
schedule:
nginx:
function: state.sls
minutes: 1
args:
- 'nginx'
就應該爲如下內容
schedule:
nginx:
function: state.sls
minutes: 1
args:
- 'sls_file.nginx'
top.sls爲一個路由文件
base:
'salt-minion':
- nginx.nginx
補充:
例如:
nginx:
pkg:
- installed
service:
- running
- enable: True
- reload: True
- watch:
- pkg: nginx
- file: /etc/nginx/nginx.conf
- file: /etc/nginx/conf.d/default.conf
/etc/nginx/nginx.conf:
file.managed:
- source: salt://config_file/nginx/nginx.conf
- user: root
- group: root
- mode: 644

/etc/nginx/conf.d/default.conf:
file.managed:
- source: salt://config_file/nginx/conf.d/default.conf
- user: root
- group: root
- mode: 644
- template:jinja
- defaults:# - context:
port: 8080
在salt://config_file/nginx/conf.d/default.conf這個文件中
Listen {{ port }}
這樣就能夠在模版以變量的方式傳遞進去
也能夠用控制
- context:
   {% if grains['id'] == 'salt-minion-01' %}
port: 8080
{% elif grains['id'] == 'salt-minion-02' %}
port 8081
{% else %}
port: 8082
{% endif %}
另外還能夠採用這種方式
pillar
nginx:
{% if grains['id'] == 'salt-minion-01' %}
port: 8080
{% elif grains['id'] == 'salt-minion-02' %}
port 8081
{% else %}
port: 8082
{% endif %}

salt '*' saltutil.refresh.pillar salt '*' pillar.get nginx:port - context: port: {{ salt['pillar.get']('nginx:port', 80)}} #port: pillar['nginx']['port']

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。