009(1)-saltstack之salt-ssh的使用及配置管理LAMP状态的实现

1 salt-ssh的使用


1. 安装salt-ssh
[root@slave1 .ssh]# yum install -y salt-ssh

2. 配置salt-ssh

# Sample salt-ssh config file
#web1:
# host: 192.168.42.1 # The IP addr or DNS hostname
# user: fred # Remote executions will be executed as user fred
# passwd: foobarbaz # The password to use for login, if omitted, keys are used
# sudo: True # Whether to sudo to root, not enabled by default
#web2:
# host: 192.168.42.2
slave1:
host: 10.0.0.211
user: root
passwd: shang185434
slave2:
host: 10.0.0.212
user: root
passwd: shang185434

3.使用salt-ssh远程执行
#第一次远程执行需要交互,加上”-i“ 参数可以免交互
[root@slave1 ~]# salt-ssh '*' test.ping
slave2:
----------
retcode:
stderr:
stdout:
The host key needs to be accepted, to auto accept run salt-ssh with the -i flag:
The authenticity of host '10.0.0.212 (10.0.0.212)' can't be established.
ECDSA key fingerprint is SHA256:jggaAYjerBQyxtVOBnR/GoC+9TlCBy5Y6giz9nBPydQ.
ECDSA key fingerprint is MD5:d5:a1:8f:c9:64:8d:e2:62:c2:d7:06:9a:d3:fc:0d:dd.
Are you sure you want to continue connecting (yes/no)?
slave1:
----------
retcode:
stderr:
stdout:
The host key needs to be accepted, to auto accept run salt-ssh with the -i flag:
The authenticity of host '10.0.0.211 (10.0.0.211)' can't be established.
ECDSA key fingerprint is SHA256:jggaAYjerBQyxtVOBnR/GoC+9TlCBy5Y6giz9nBPydQ.
ECDSA key fingerprint is MD5:d5:a1:8f:c9:64:8d:e2:62:c2:d7:06:9a:d3:fc:0d:dd.
Are you sure you want to continue connecting (yes/no)?
[root@slave1 ~]# salt-ssh '*' test.ping -i
slave1:
True
slave2:
True
4. “-r” 远程执行命令参数
[root@slave1 ~]# salt-ssh '*' -r 'uptime'
slave1:
----------
retcode:
stderr:
stdout:
root@10.0.0.211's password:
03:26:49 up 3:38, 2 users, load average: 0.01, 0.08, 0.13
slave2:
----------
retcode:
stderr:
stdout:
root@10.0.0.212's password:
03:26:49 up 10:02, 1 user, load average: 0.00, 0.01, 0.05

复制代码
1. 安装salt-ssh
[root@slave1 .ssh]# yum install -y salt-ssh

2. 配置salt-ssh

# Sample salt-ssh config file
#web1:
#  host: 192.168.42.1 # The IP addr or DNS hostname
#  user: fred         # Remote executions will be executed as user fred
#  passwd: foobarbaz  # The password to use for login, if omitted, keys are used
#  sudo: True         # Whether to sudo to root, not enabled by default
#web2:
#  host: 192.168.42.2
slave1:
  host: 10.0.0.211
  user: root
  passwd: shang185434
slave2:
  host: 10.0.0.212
  user: root
  passwd: shang185434

3.使用salt-ssh远程执行
#第一次远程执行需要交互,加上”-i“ 参数可以免交互
[root@slave1 ~]# salt-ssh '*' test.ping
slave2:
    ----------
    retcode:
        254
    stderr:
    stdout:
        The host key needs to be accepted, to auto accept run salt-ssh with the -i flag:
        The authenticity of host '10.0.0.212 (10.0.0.212)' can't be established.
        ECDSA key fingerprint is SHA256:jggaAYjerBQyxtVOBnR/GoC+9TlCBy5Y6giz9nBPydQ.
        ECDSA key fingerprint is MD5:d5:a1:8f:c9:64:8d:e2:62:c2:d7:06:9a:d3:fc:0d:dd.
        Are you sure you want to continue connecting (yes/no)? 
slave1:
    ----------
    retcode:
        254
    stderr:
    stdout:
        The host key needs to be accepted, to auto accept run salt-ssh with the -i flag:
        The authenticity of host '10.0.0.211 (10.0.0.211)' can't be established.
        ECDSA key fingerprint is SHA256:jggaAYjerBQyxtVOBnR/GoC+9TlCBy5Y6giz9nBPydQ.
        ECDSA key fingerprint is MD5:d5:a1:8f:c9:64:8d:e2:62:c2:d7:06:9a:d3:fc:0d:dd.
        Are you sure you want to continue connecting (yes/no)? 
[root@slave1 ~]# salt-ssh '*' test.ping -i
slave1:
    True
slave2:
    True
4. “-r” 远程执行命令参数
[root@slave1 ~]# salt-ssh '*' -r 'uptime'
slave1:
    ----------
    retcode:
        0
    stderr:
    stdout:
        root@10.0.0.211's password: 
         03:26:49 up  3:38,  2 users,  load average: 0.01, 0.08, 0.13
slave2:
    ----------
    retcode:
        0
    stderr:
    stdout:
        root@10.0.0.212's password: 
         03:26:49 up 10:02,  1 user,  load average: 0.00, 0.01, 0.05
复制代码

 

2 常用模块和jinja模板

参考:https://www.unixhot.com/docs/saltstack/ref/states/highstate.html

 

2.1 状态模块特点:

1)状态是不可以回滚的。

2)写好的状态模块要支持多次执行。

2.2 pkg 模块

pkg模块是虚拟的,根据操作系统的不同,调用相关的工具安装操作系统。

参考:https://www.unixhot.com/docs/saltstack/ref/states/all/salt.states.pkg.html#module-salt.states.pkg

pkg模块常用方法:

pkg.installed 安装
pkg.latest 确保最新版本
pkg.remove 卸载
pkg.purge 卸载并且删除配置文件

使用pkg模块安装多个软件:

 
lamp-pkg:
  pkg-installed:
    - pkgs:
      - httpd
      - php
      - mysql
      - maridb-server
      - php-mysql
      - php-cli
      - php-mbstring
 

 

2.3 file模块

参考:https://www.unixhot.com/docs/saltstack/ref/states/all/salt.states.file.html#module-salt.states.file

使用样例:

 
apache-config:
  file.managed:
    - name: /etc/httpd/conf/httpd.conf 
    - source: salt://files/httpd.conf
    - user: root
    - group: root
    - mode: 644
 

 

 

2.3 service模块

参考文档:https://www.unixhot.com/docs/saltstack/ref/states/all/salt.states.service.html#module-salt.states.service

样例:

apache-services:
  service.running:
    - name: httpd
    - enable: True # 允许开机启动
    - reload: True # 允许重载

 

2.4 状态间关系

  • 1我依赖谁? require
  • 2我被谁依赖? require_in
  • 3我监控谁? watch (包含require)
  • 4我被谁监控?watch_in
  • 5我引用谁?include
  • 6我扩展谁?用到再说。 

使用举例:

 
#我依赖谁? require

apache-services:
  service.running:
    - name: httpd
    - enable: True
    - reload: True
    - require:  # 他们都正常执行了,我才执行。
      - pkg: lamp-pkg
      - file: apapche-config

#我被谁依赖?(谁依赖我?)
mysql-config:
  file.managed:
    - name: /etc/my.conf
    - source: salt://lamp/files/my.cnf
    - user: root
    - gropu: root
    - mode: 644
    - require_in: # 和 require
      - service: mysql-service

#我监控谁?
#如果配置文件修改了,就重启服务。
apache-services:
  service.running:
    - name: httpd
    - enable: True
    - reload: True
    - require:
      - pkg: lamp-pkg
      - file: apapche-config
    - watch:
      - file: apache-config

1.如果监控到apache-config的状态发生改变(就是配置文件改变了),就重载服务。
2.这里需要注意,如果加上了relaod : True 就是重载,如果没有就是重启。
 

 

 

2.5 jinja模板

参考文档:http://docs.jinkan.org/docs/jinja2/

使用背景:

有100台机器,有一个配置文件需要更改为本机的ip地址。最佳实践就是通过jinja模版来做。

二种分割符:

{{...}} 表示变量的引用。
{%...%} 表示表达式

jinja模版使用方法:

1)相当于在jinja模版里,定义了一个变量,模版配置文件里面再去调用。

2)可以在模版文件里,也可以写在sls文件里,然后模版文件直接调用。

 - template: jinja   #告诉File模块,你要使用jinja模版

 - defaults:         #列出参数列表
    PORT: 80   

   {{ PORT }}    #模版文件里面进行引用

例子:

 
[root@slave1 ~]# vim /srv/salt/prod/redis/init.sls 
redis-install:
  pkg.installed:
    - name: redis

redis-config:
  file.managed:
    - name: /etc/redis.conf
    - source: salt://redis/files/redis.conf
    - user: root
    - group: root
    - mode: 644
    - template: jinja    #告诉模板使用jinja
      defaults:
      PORT: 6379   #定义的参数
      IPADDR: {{ grains['fqdn_ip4'][0] }}     #获取主机ip

redis-service:
  service.running:
    - name: redis
    - enable: True
    - reload: True
 

在模板文件中定义jinja模板

[root@slave1 ~]# vim /srv/salt/prod/redis/files/redis.conf

port {{ PORT }}    #要传递端口 
bind {{ IPADDR }}    #传递要获取的主机ip

 

 

3 配置管理

3.1 状态的含义

States是Saltstack中的配置语言,在日常进行配置管理时需要编写大量的States文件。比如我们需要安装一个包,然后管理一个配置文件,最后保证某个服务正常运行。

这里就需要我们编写一些states sls文件(描述状态配置的文件)去描述和实现我们的功能。编写的states sls文件都是YAML语法,

states sls文件也支持使用Python语言编写。 
所谓的状态就是希望系统运行某些命令之后的结果。描述状态使用YAML格式的文件。SLS:salt state

例如安装Apache,如下:

 
[root@slave1 apache]# vim /srv/salt/base/apache/apache.sls 
apache:             
  pkg.installed:
    - name: httpd
  service.running:
    - name: httpd
  file.managed:
    - name: /etc/httpd/conf/httpd.conf
    - source: salt://apache/files/httpd.conf
    - user: root
    - group: root
    - mode: 644

解释说明:
apache:id声明,在所有环境(base、prod)下全局唯一
pkg:状态模块
.:引用关系
installed:模块中的方法
::代表层级关系
name:可以理解为参数,后面跟的是参数值
file.managed:文件管理模块,必须要有source指定文件的来源路径
source:文件的来源路径,salt://代表着环境的根路径,这的根路径为:/srv/salt/base/
user、group、mode:分别指定文件的所属者,所属组和权限

以上的文件还可以使用分id的写法:
apache-install:
  pkg.installed:
    - name: httpd

apache-service:
  service.running:
    - name: httpd

apache-config:
  file.managed:
    - name: /etc/httpd/conf/httpd.conf
    - source: salt://apache/files/httpd.conf
    - user: root
    - group: root
    - mode: 644

存在指定多个配置文件,还可以使用一下写法:(不适用name作为参数传递时,id就是name)
/etc/httpd/conf/httpd.conf:
  file.managed:
    - source: salt://apache/files/httpd.conf
    - user: root
    - group: root
    - mode: 644
/etc/httpd/conf/php.conf:
  file.managed:
    - source: salt://apache/files/php.conf
    - user: root
    - group: root
    - mode: 644
    
 

3.2 LAMP的状态设计与实现

3.2.1 设计分析

名称                  软件包                                  配置文件                 服务
使用模块                pkg                                    file                 service
LAMP    httpd、php、mariadb、mariadb-server、php-mysql、php-pdo、php-cli    /etc/httpd/conf/httpd.conf、/etc/php.ini    httpd、mysqld

3.2.2 LAMP状态模块编写及部署实现

提示:master:提前装好httpd,php,mysql用于配置文件的生成。

          否则会因为服务配置文件没有内容造成服务无法正常启动。

[root@slave1 ~]# cd /srv/salt/prod/
[root@slave1 prod]# mkdri apache php mysql
[root@slave1 prod]# tree
.
├── apache
├── mysql
└── php
directories, 0 files

#编写Apache的状态模块
[root@slave1 prod]# cd apache/
[root@slave1 apache]# vim init.sls
apache-install:
pkg.installed:
- name: httpd

apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
- group: root
- mode: 644

apache-service:
service.running:
- name: httpd
- enable: True

[root@slave1 apache]# mkdir files
[root@slave1 files]# cp /etc/httpd/conf/httpd.conf .
[root@slave1 apache]# tree
.
├── files
│ └── httpd.conf
└── init.sls
directory, 2 files

#编写php的状态模块
[root@slave1 prod]# cd php/
[root@slave1 php]# vim init.sls
php-install:
pkg.installed:
- pkgs:
- php
- php-pdo
- php-mysql

php-config:
file.managed:
- name: /etc/php.ini
- source: salt://php/files/php.ini
- user: root
- group: root
- mode: 644

[root@slave1 php]# mkdir files
[root@slave1 php]# cd files/
[root@slave1 files]# cp /etc/php.ini .
[root@slave1 php]# tree
.
├── files
│ └── php.ini
└── init.sls

#编写mysql的状态模块
[root@slave1 prod]# cd mysql/
[root@slave1 mysql]# vim init.sls
mysql-install:
pkg.installed:
- pkgs:
- mariadb
- mariadb-server

mysql-config:
file.managed:
- name: /etc/my.cnf
- source: salt://mysql/files/my.cnf
- user: root
- gourp: root
- mode: 644

mysql-service:
service.running:
- name: mariadb-server
- enable: True

[root@slave1 mysql]# mkdir files
[root@slave1 mysql]# cd files/
[root@slave1 files]# cp /etc/my.cnf .
[root@slave1 mysql]# tree
.
├── files
│ └── my.cnf
└── init.sls


#模块测试:
[root@slave1 base]# salt 'slave2' state.sls apache.init saltenv=prod
slave2:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 00:19:32.302589
Duration: 1674.126 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 00:19:33.981041
Duration: 4.449 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 00:19:33.986049
Duration: 465.027 ms
Changes:

Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3


复制代码
[root@slave1 ~]# cd /srv/salt/prod/
[root@slave1 prod]# mkdri apache php mysql
[root@slave1 prod]# tree
.
├── apache
├── mysql
└── php

3 directories, 0 files

#编写Apache的状态模块
[root@slave1 prod]# cd apache/
[root@slave1 apache]# vim init.sls 
apache-install:
  pkg.installed:
    - name: httpd

apache-config:
  file.managed:
    - name: /etc/httpd/conf/httpd.conf
    - source: salt://apache/files/httpd.conf    
    - group: root
    - mode: 644

apache-service:
  service.running:
    - name: httpd
    - enable: True

[root@slave1 apache]# mkdir files
[root@slave1 files]# cp /etc/httpd/conf/httpd.conf .
[root@slave1 apache]# tree
.
├── files
│   └── httpd.conf
└── init.sls

1 directory, 2 files

#编写php的状态模块
[root@slave1 prod]# cd php/
[root@slave1 php]# vim init.sls
php-install:
  pkg.installed:
    - pkgs:
      - php
      - php-pdo
      - php-mysql

php-config:
  file.managed:
    - name: /etc/php.ini
    - source: salt://php/files/php.ini
    - user: root
    - group: root
    - mode: 644

[root@slave1 php]# mkdir files
[root@slave1 php]# cd files/
[root@slave1 files]# cp /etc/php.ini .
[root@slave1 php]# tree
.
├── files
│   └── php.ini
└── init.sls

#编写mysql的状态模块    
[root@slave1 prod]# cd mysql/
[root@slave1 mysql]# vim init.sls
mysql-install:
  pkg.installed:
    - pkgs:
      - mariadb
      - mariadb-server

mysql-config:
  file.managed:
    - name: /etc/my.cnf
    - source: salt://mysql/files/my.cnf
    - user: root
    - gourp: root
    - mode: 644

mysql-service:
  service.running:
    - name: mariadb-server
    - enable: True

[root@slave1 mysql]# mkdir files
[root@slave1 mysql]# cd files/
[root@slave1 files]# cp /etc/my.cnf .
[root@slave1 mysql]# tree
.
├── files
│   └── my.cnf
└── init.sls


#模块测试:
[root@slave1 base]# salt 'slave2' state.sls apache.init saltenv=prod
slave2:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: Package httpd is already installed.
     Started: 00:19:32.302589
    Duration: 1674.126 ms
     Changes:   
----------
          ID: apache-config
    Function: file.managed
        Name: /etc/httpd/conf/httpd.conf
      Result: True
     Comment: File /etc/httpd/conf/httpd.conf is in the correct state
     Started: 00:19:33.981041
    Duration: 4.449 ms
     Changes:   
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd is already enabled, and is in the desired state
     Started: 00:19:33.986049
    Duration: 465.027 ms
     Changes:   

Summary
------------
Succeeded: 3
Failed:    0
------------
Total states run:     3
复制代码

3.2.3 整合到top file文件中,来执行高级状态

[root@slave1 base]# pwd
/srv/salt/base
[root@slave1 base]# vim top.sls
prod:
'slave*':
- apache.init
- php.init
- mysql.init

测试:
[root@slave1 base]# salt 'slave2' state.highstate
slave2:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 00:10:45.457884
Duration: 14741.991 ms
Changes:
----------
httpd:
----------
new:
2.4.6-80.el7.centos.1
old:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 00:11:00.203269
Duration: 16.774 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 00:11:00.257424
Duration: 1183.295 ms
Changes:
----------
httpd:
True
----------
ID: php-install
Function: pkg.installed
Result: True
Comment: 3 targeted packages were installed/updated.
Started: 00:11:01.443259
Duration: 7833.45 ms
Changes:
----------
php:
----------
new:
5.4.16-45.el7
old:
php-mysql:
----------
new:
5.4.16-45.el7
old:
php-pdo:
----------
new:
5.4.16-45.el7
old:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini updated
Started: 00:11:09.279224
Duration: 72.452 ms
Changes:
----------
diff:
New file
mode:
----------
ID: mysql-install
Function: pkg.installed
Result: True
Comment: 2 targeted packages were installed/updated.
Started: 00:11:09.353923
Duration: 16336.395 ms
Changes:
----------
mariadb:
----------
new:
1:5.5.60-1.el7_5
old:
mariadb-server:
----------
new:
1:5.5.60-1.el7_5
old:
----------
ID: mysql-config
Function: file.managed
Name: /etc/my.cnf
Result: True
Comment: File /etc/my.cnf updated
Started: 00:11:25.692557
Duration: 60.167 ms
Changes:
----------
diff:
New file
mode:
----------
ID: mysql-service
Function: service.running
Name: mariadb
Result: True
Comment: Service mariadb has been enabled, and is running
Started: 00:11:25.784130
Duration: 3374.439 ms
Changes:
----------
mariadb:
True

Summary
------------
Succeeded: 8 (changed=7)
Failed: 0
------------
Total states run: 8


复制代码
[root@slave1 base]# pwd
/srv/salt/base
[root@slave1 base]# vim top.sls 
prod:
  'slave*':
  - apache.init
  - php.init
  - mysql.init

 测试:
[root@slave1 base]# salt 'slave2' state.highstate
slave2:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: The following packages were installed/updated: httpd
     Started: 00:10:45.457884
    Duration: 14741.991 ms
     Changes:   
              ----------
              httpd:
                  ----------
                  new:
                      2.4.6-80.el7.centos.1
                  old:
----------
          ID: apache-config
    Function: file.managed
        Name: /etc/httpd/conf/httpd.conf
      Result: True
     Comment: File /etc/httpd/conf/httpd.conf is in the correct state
     Started: 00:11:00.203269
    Duration: 16.774 ms
     Changes:   
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd has been enabled, and is running
     Started: 00:11:00.257424
    Duration: 1183.295 ms
     Changes:   
              ----------
              httpd:
                  True
----------
          ID: php-install
    Function: pkg.installed
      Result: True
     Comment: 3 targeted packages were installed/updated.
     Started: 00:11:01.443259
    Duration: 7833.45 ms
     Changes:   
              ----------
              php:
                  ----------
                  new:
                      5.4.16-45.el7
                  old:
              php-mysql:
                  ----------
                  new:
                      5.4.16-45.el7
                  old:
              php-pdo:
                  ----------
                  new:
                      5.4.16-45.el7
                  old:
----------
          ID: php-config
    Function: file.managed
        Name: /etc/php.ini
      Result: True
     Comment: File /etc/php.ini updated
     Started: 00:11:09.279224
    Duration: 72.452 ms
     Changes:   
              ----------
              diff:
                  New file
              mode:
                  0644
----------
          ID: mysql-install
    Function: pkg.installed
      Result: True
     Comment: 2 targeted packages were installed/updated.
     Started: 00:11:09.353923
    Duration: 16336.395 ms
     Changes:   
              ----------
              mariadb:
                  ----------
                  new:
                      1:5.5.60-1.el7_5
                  old:
              mariadb-server:
                  ----------
                  new:
                      1:5.5.60-1.el7_5
                  old:
----------
          ID: mysql-config
    Function: file.managed
        Name: /etc/my.cnf
      Result: True
     Comment: File /etc/my.cnf updated
     Started: 00:11:25.692557
    Duration: 60.167 ms
     Changes:   
              ----------
              diff:
                  New file
              mode:
                  0644
----------
          ID: mysql-service
    Function: service.running
        Name: mariadb
      Result: True
     Comment: Service mariadb has been enabled, and is running
     Started: 00:11:25.784130
    Duration: 3374.439 ms
     Changes:   
              ----------
              mariadb:
                  True

Summary
------------
Succeeded: 8 (changed=7)
Failed:    0
------------
Total states run:     8
复制代码

 3.2.4 Include的使用

Include的使用

[root@slave1 prod]# pwd
[root@slave1 prod]# vim lamp.sls
/srv/salt/prod
include:
- apache.init
- php.init
- mysql.init

[root@slave1 prod]# vim ../base/top.sls
prod:
'slave*':
- lamp

测试:
[root@slave1 prod]# salt 'slave2' state.highstate
slave2:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 00:37:18.185204
Duration: 1515.12 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 00:37:19.702850
Duration: 3.363 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 00:37:19.706721
Duration: 432.859 ms
Changes:
----------
ID: php-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started: 00:37:20.139849
Duration: 0.75 ms
Changes:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 00:37:20.140688
Duration: 5.864 ms
Changes:
----------
ID: mysql-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started: 00:37:20.146671
Duration: 0.664 ms
Changes:
----------
ID: mysql-config
Function: file.managed
Name: /etc/my.cnf
Result: True
Comment: File /etc/my.cnf is in the correct state
Started: 00:37:20.147454
Duration: 22.186 ms
Changes:
----------
ID: mysql-service
Function: service.running
Name: mariadb
Result: True
Comment: Service mariadb is already enabled, and is in the desired state
Started: 00:37:20.169863
Duration: 441.656 ms
Changes:

Summary
------------
Succeeded: 8
Failed: 0
------------
Total states run: 8


复制代码
Include的使用

[root@slave1 prod]# pwd
[root@slave1 prod]# vim lamp.sls
/srv/salt/prod
include:
  - apache.init
  - php.init
  - mysql.init

[root@slave1 prod]# vim ../base/top.sls 
prod:
  'slave*':
  - lamp

测试:
[root@slave1 prod]# salt 'slave2' state.highstate
slave2:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: Package httpd is already installed.
     Started: 00:37:18.185204
    Duration: 1515.12 ms
     Changes:   
----------
          ID: apache-config
    Function: file.managed
        Name: /etc/httpd/conf/httpd.conf
      Result: True
     Comment: File /etc/httpd/conf/httpd.conf is in the correct state
     Started: 00:37:19.702850
    Duration: 3.363 ms
     Changes:   
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd is already enabled, and is in the desired state
     Started: 00:37:19.706721
    Duration: 432.859 ms
     Changes:   
----------
          ID: php-install
    Function: pkg.installed
      Result: True
     Comment: All specified packages are already installed.
     Started: 00:37:20.139849
    Duration: 0.75 ms
     Changes:   
----------
          ID: php-config
    Function: file.managed
        Name: /etc/php.ini
      Result: True
     Comment: File /etc/php.ini is in the correct state
     Started: 00:37:20.140688
    Duration: 5.864 ms
     Changes:   
----------
          ID: mysql-install
    Function: pkg.installed
      Result: True
     Comment: All specified packages are already installed.
     Started: 00:37:20.146671
    Duration: 0.664 ms
     Changes:   
----------
          ID: mysql-config
    Function: file.managed
        Name: /etc/my.cnf
      Result: True
     Comment: File /etc/my.cnf is in the correct state
     Started: 00:37:20.147454
    Duration: 22.186 ms
     Changes:   
----------
          ID: mysql-service
    Function: service.running
        Name: mariadb
      Result: True
     Comment: Service mariadb is already enabled, and is in the desired state
     Started: 00:37:20.169863
    Duration: 441.656 ms
     Changes:   

Summary
------------
Succeeded: 8
Failed:    0
------------
Total states run:     8
复制代码

 3.2.5 require的使用

参考:https://docs.saltstack.com/en/latest/topics/tutorials/states_pt2.html

[root@slave1 ~]# vim /srv/salt/prod/apache/init.sls
pkg.installed:
- name: httpd

apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd1.conf #故意写错配置
- user: root
- group: root
- mode: 644

apache-service:
service.running:
- name: httpd
- enable: True
- require: #依赖apache-config的配置
- file: apache-config

#测试
root@slave1 ~]# salt 'slave1' state.sls apache.init saltenv=prod
slave1:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 01:13:47.407217
Duration: 2063.3 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: False
Comment: Source file salt://apache/files/httpd1.conf not found
Started: 01:13:49.472921
Duration: 18.354 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: False
Comment: One or more requisite failed: apache.init.apache-config
Started:
Duration:
Changes:

Summary
------------
Succeeded: 1
Failed: 2
------------
Total states run: 3
[root@slave1 ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: inactive (dead) since 一 2018-11-19 01:13:42 CST; 10s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 11014 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Process: 10820 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=0/SUCCESS)
Main PID: 10820 (code=exited, status=0/SUCCESS)
Status: "Total requests: 0; Current requests/sec: 0; Current traffi


复制代码
 [root@slave1 ~]# vim /srv/salt/prod/apache/init.sls 
  pkg.installed:
    - name: httpd

apache-config:
  file.managed:
    - name: /etc/httpd/conf/httpd.conf
    - source: salt://apache/files/httpd1.conf   #故意写错配置
    - user: root
    - group: root
    - mode: 644

apache-service:
  service.running:
    - name: httpd
    - enable: True
    - require:               #依赖apache-config的配置
      - file: apache-config

#测试
root@slave1 ~]# salt 'slave1' state.sls apache.init saltenv=prod
slave1:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: Package httpd is already installed.
     Started: 01:13:47.407217
    Duration: 2063.3 ms
     Changes:   
----------
          ID: apache-config
    Function: file.managed
        Name: /etc/httpd/conf/httpd.conf
      Result: False
     Comment: Source file salt://apache/files/httpd1.conf not found
     Started: 01:13:49.472921
    Duration: 18.354 ms
     Changes:   
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: False
     Comment: One or more requisite failed: apache.init.apache-config
     Started: 
    Duration: 
     Changes:   

Summary
------------
Succeeded: 1
Failed:    2
------------
Total states run:     3
[root@slave1 ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: inactive (dead) since 一 2018-11-19 01:13:42 CST; 10s ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 11014 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
  Process: 10820 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=0/SUCCESS)
 Main PID: 10820 (code=exited, status=0/SUCCESS)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffi
复制代码

 

参考文档:http://blog.51cto.com/damaicha/2116648

posted @ 2019-09-26 16:06  xuefy  阅读(267)  评论(0编辑  收藏  举报