saltstack常用模块
介绍一些常用的saltstack模块,更多模块参考官方网站
1、跟安装包相关的模块:salt.states.pkg
1 | salt.states.pkg.downloaded(name, version=None, pkgs=None, fromrepo=None, ignore_epoch=None, **kwargs) |
当同时使用了name,pkgs那么name将会被忽略
1 | salt.states.pkg.installed(name, version=None, refresh=None, fromrepo=None, skip_verify=False, skip_suggestions=False, pkgs=None, sources=None, allow_updates=False, pkg_verify=False, normalize=True, ignore_epoch=False, reinstall=False, update_holds=False, **kwargs) |
1 | salt.states.pkg.removed(name, version=None, pkgs=None, normalize=True, ignore_epoch=False, **kwargs)<br>removed卸载某包 |
2、远程执行命令的模块
1 | salt.states.cmd.run(name, onlyif=None, unless=None, creates=None, cwd=None, runas=None, shell=None, env=None, stateful=False, umask=None, output_loglevel='debug', quiet=False, timeout=None, ignore_timeout=False, use_vt=False, **kwargs) |
name:The command to execute, remember that the command will execute with the path and permissions of the salt-minion.
cwd:The current working directory to execute the command in, defaults to /root
unless:当执行的命令为false时,那么才执行name中的命令
require:执行name中命令的依赖关系:
pkg:必须安装了python包
file:该file文件路径下有这个py文件
3、文件管理操作方面的模块
1 | salt.states.file.managed(name, source=None, source_hash='`, source_hash_name=None, user=None, group=None, mode=None, template=None, makedirs=False, dir_mode=None, context=None, replace=True, defaults=None, backup='`, show_changes=True, create=True, contents=None, tmp_ext='`, contents_pillar=None, contents_grains=None, contents_newline=True, contents_delimiter=':', encoding=None, encoding_errors='strict', allow_empty=True, follow_symlinks=True, check_cmd=None, skip_verify=False, win_owner=None, win_perms=None, win_deny_perms=None, win_inheritance=True, **kwargs) |
file.managed:文件管理,多用于复制,如果没有就创建该文件
1 | salt.states.file.append(name, text=None, makedirs=False, source=None, source_hash=None, template='jinja', sources=None, source_hashes=None, defaults=None, context=None, ignore_whitespace=True) |
1 2 3 4 5 6 7 | append-memcache-php: file.append: - name: /usr/local/php/etc/php.ini - text: - extension=memcache.so cmd.run: - name: /etc/init.d/php-fpm restart |
file.append:向某文件中添加内容text=内容,name为需要添加的文件
1 | salt.states.file.directory(name, user=None, group=None, recurse=None, max_depth=None, dir_mode=None, file_mode=None, makedirs=False, clean=False, require=None, exclude_pat=None, follow_symlinks=False, force=False, backupname=None, allow_symlink=True, children_only=False, win_owner=None, win_perms=None, win_deny_perms=None, win_inheritance=True, **kwargs) |
file.directory:创建一个文件目录
1 2 3 4 5 | /etc/keepalived: file.directory: - user: root - group: root - mode: 755 |
4、跟系统服务相关:state.service
1 | salt.states.service.running(name, enable=None, sig=None, init_delay=None, no_block=False, unmask=False, unmask_runtime=False, **kwargs) |
service.running:开启系统某服务enable为添加到自启动,name表示该启动的服务名称
1 2 3 4 5 6 7 8 9 | service.running: - name: nginx - enable: True - reload: True - require: - file: /etc/init.d/nginx - cmd: nginx-init - watch: - file: /usr/local/nginx/conf/nginx.conf |
5、跟系统内核相关的设置:
1 | salt.states.sysctl.present(name, value, config=None) Ensurethatthenamedsysctlvalueissetinmemoryandpersistedtothenamedconfigurationfile. Thedefault sysctl configuration file is /etc/sysctl.conf name The name of the sysctl value to edit value The sysctl value to apply config Thelocationofthesysctlconfigurationfile. Ifnotspecified,theproperlocationwillbedetectedbased on platform. |
sysctl.present:修改系统内核参数
1 2 3 4 5 6 7 8 9 10 11 12 | [root@node1 init]# cat sysctl.sls vm.swappiness: sysctl.present: - value: 0net.ipv4.ip_local_port_range: sysctl.present: - value: 10000 61000fs.file-max: sysctl.present: - value: 186981 |
6、创建用户user和group用到的模块
1 2 3 4 5 6 7 8 9 10 11 | www-user-group: group.present: - name: www - gid: 1000 user.present: - name: www - fullname: www - shell: /sbin/nologin - uid: 1000 - gid: 1000 |
7、状态配置中require、unless详解:
1 2 3 4 5 6 7 8 9 10 | [root@node1 base]# cat if_unless.sls getshell: file.managed: - name: /tmp/echo.sh - source: salt://init/files/echo.sh cmd.run: - name: /bin/bash /tmp/echo.sh - unless: test -f /tmp/if_unless.sh - require: - file: /tmp/echo.sh |
详解:
require:require要求下面的file必须事先经过了file.managed进行了设置,才能使用作为依赖条件
unless:测试tmp下面是否有if_unless.sh这个文件,如果测试成功有那么不会再执行,如果测试命令返回的code不是0那么才会执行
unless:一行表示,如果该文件存在,就不需要再执行name中的命令了(包如果安装了就需要再安装)
8、使用template: jinja来定义变量
1 2 3 4 5 6 7 | zabbix-agent-service: file.managed: - name: /etc/zabbix/zabbix_agentd.conf - source: salt://init/files/zabbix_agentd.conf - template: jinja - defaults: Server: {{ pillar['zabbix-agent']['Zabbix_Server'] }} |
在该salt://init/files/zabbix_agentd.conf配置文件中将Server={{ Server }}引用上面定义的变量即可
或者使用grains和pillar使用变量:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | keepalived-service: file.managed: - name: /etc/keepalived/keepalived.conf - source: salt://cluster/files/haproxy-outside-keepalived.conf - user: root - group: root - mode: 644 - template: jinja {% if grains['fqdn'] == 'node1' %} - ROUTEID: haproxy_node1 - STATEID: MASTER - PRIORITYID: 150 {% elif grains['fqdn'] == 'node2' %} - ROUTEID: haproxy_node2 - STATEID: BACKUP - PRIORITYID: 100 {% endif %} |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· Docker 太简单,K8s 太复杂?w7panel 让容器管理更轻松!