Saltstack配置管理(State状态模块)
1. Saltstack的配置管理---State状态模块
Salt通过State模块来进行文件的管理;通过YAML语法来描述,后缀是.sls的文件 。
|
1
2
3
|
remove vim: pkg.removed: - name: vim |
注意:
- 带有ID和每个函数调用的行都以冒号(:)结束。
- 每个函数调用在ID下面缩进两个空格。
- 参数作为列表传递给每个函数。
- 每行包含函数参数的行都以两个空格缩进开头,然后是连字符,然后是一个额外的空格。
- 如果参数采用单个值,则名称和值位于由冒号和空格分隔的同一行中。
- 如果一个参数需要一个列表,则列表从下一行开始,并缩进两个空格
1.2 配置salt,定义环境 告诉salt去哪里找配置状态文件
- 首先定义环境目录,file_roots;
- 其次创建上面定义的目录;
- 最后重启服务
[root@master ~]# vi /etc/salt/master
以上为默认file_roots信息,创建如下内容(其中base目录是必须的):
[root@master ~]# vi /etc/salt/master 657 file_roots: 658 base: 659 - /srv/salt/base 660 dev: 661 - /srv/salt/dev 662 test: 663 - /srv/salt/test 664 prod: 665 - /srv/salt/prod
#创建目录
[root@master ~]# mkdir -p /srv/salt/{base,dev,test,prod}
[root@master ~]# ls /srv/salt/ -l 总用量 0 drwxr-xr-x 2 root root 6 4月 27 22:05 base drwxr-xr-x 2 root root 6 4月 27 22:05 dev drwxr-xr-x 2 root root 6 4月 27 22:05 prod drwxr-xr-x 2 root root 6 4月 27 22:05 test
[root@master ~]# tree /srv/salt/ /srv/salt/ ├── base ├── dev ├── prod └── test 4 directories, 0 files
重启服务
[root@master ~]# systemctl restart salt-master
务必做测试。
[root@master ~]# salt '*' test.ping node01: True master: True
1.3 编写sls文件(salt state的缩写),配置在对应的目录
1.3.1 在base环境下编写一个安装apache的sls文件
运维需要统一标准,建议此处命名开头采用小写字母。(主机名建议采用-,而不是_,为的就是后期主机名做DNS解析就麻烦了。)
[root@master ~]# cd /srv/salt/base/ [root@master base]# vi apache.sls apache-install: pkg.installed: - name: httpd apache-service: service.running: - name: httpd - enable: True
apache-install: #定义apache的ID声明(全局唯一状态标识),检查设备有没有http,若存在就忽略,没有才安装 pkg.installed: #pkg是状态模块,installed是pkg状态模块的方法 - name: httpd #-name是installed的方法参数 apache-service: #定义apache的ID声明(全局唯一状态标识),保障httpd处于运行状态,检查是否运行,运行就忽略,没运行就安装 service.running: #service是状态模块,running是service状态模块的方法 - name: httpd #-name是installed的方法参数 - enable: True #-enable是installed的方法参数
1.4 使用salt命令的state状态模块让minion应用配置
[root@master base]# salt '*' state.sls apache
# 让所有的minion都安装apache(由于salt默认的环境就是base,所以可以直接在后面指定调用的apache.sls文件,不要后缀sls) salt '*' state.sls apache # 让所有的minion都安装vsftpd(saltenv指定环境) salt '*' state.sls vsftpd saltenv=dev # 让其中一台minion(node01)安装apache salt 'node01' state.sls apache
[root@master base]# salt 'master' state.sls apache master: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: The following packages were installed/updated: httpd Started: 22:33:17.442390 Duration: 621937.685 ms Changes: ---------- httpd: ---------- new: 2.4.6-93.el7.centos old: httpd-tools: ---------- new: 2.4.6-93.el7.centos old: mailcap: ---------- new: 2.1.41-2.el7 old: ---------- ID: apache-service Function: service.running Name: httpd Result: True Comment: Service httpd has been enabled, and is running Started: 22:43:39.701947 Duration: 1903.76 ms Changes: ---------- httpd: True Summary for master ------------ Succeeded: 2 (changed=2) Failed: 0 ------------ Total states run: 2 Total run time: 623.841 s
上述为安装完成后,master返回结果:
5. 使用salt命令执行高级状态。建议将同一类的放置在一个目录下,以“.”的方式进行调用
[root@master ~]# cd /srv/salt/base/ [root@master base]# mkdir web [root@master base]# mv apache.sls web/ [root@master base]# tree . └── web └── apache.sls 1 directory, 1 file [root@master base]# salt 'node01' state.sls web.apache node01: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: All specified packages are already installed Started: 19:50:29.707837 Duration: 4231.376 ms Changes: ---------- ID: apache-service Function: service.running Name: httpd Result: True Comment: The service httpd is already running Started: 19:50:33.989112 Duration: 110.192 ms Changes: Summary for node01 ------------ Succeeded: 2 Failed: 0 ------------ Total states run: 2 Total run time: 4.342 s
6、使用salt的高级状态使不同主机应用不同的配置
查看一下salt如何定义的高级状态
[root@master base]# cat /etc/salt/master ##### State System settings ##### ########################################## # The state system uses a "top" file to tell the minions what environment to # use and what modules to use. The state_top file is defined relative to the # root of the base environment as defined in "File Server settings" below. #state_top: top.sls # The master_tops option replaces the external_nodes option by creating # a plugable system for the generation of external top data. The external_nodes # option is deprecated by the master_tops option. # # To gain the capabilities of the classic external_nodes system, use the # following configuration: # master_tops: # ext_nodes: <Shell command which returns yaml> # #master_tops: {}
以上可知状态系统可以使用一个“top”file入口文件,放置在base环境目录下,命名为top.sls,默认不建议更改其内容。
[root@master base]# cd /srv/salt/base/ [root@master base]# ll 总用量 0 drwxr-xr-x 2 root root 24 4月 28 19:46 web [root@master base]# vi top.sls base: 'master': - web.apache 'node01': - web.apache ~
[root@master base]# cat top.sls base: 'master': - web.apache 'node01': - web.apache
salt '*' state.highstate # 启用高级状态,去topfile里面读取(只是去通知主机干什么,而至于执行或不执行,执行什么,由topfile决定。
[root@master base]# salt '*' state.highstate node01: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: All specified packages are already installed Started: 20:06:55.701750 Duration: 1898.6 ms Changes: ---------- ID: apache-service Function: service.running Name: httpd Result: True Comment: The service httpd is already running Started: 20:06:57.602003 Duration: 79.57 ms Changes: Summary for node01 ------------ Succeeded: 2 Failed: 0 ------------ Total states run: 2 Total run time: 1.978 s master: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: All specified packages are already installed Started: 20:06:42.459802 Duration: 1752.85 ms Changes: ---------- ID: apache-service Function: service.running Name: httpd Result: True Comment: The service httpd is already running Started: 20:06:44.309049 Duration: 244.625 ms Changes: Summary for master ------------ Succeeded: 2 Failed: 0 ------------ Total states run: 2 Total run time: 1.997 s
salt '*' state.highstate # 启用高级状态,去topfile里面读取(只是去通知主机干什么,而至于执行或不执行,执行什么,由topfile决定。
