saltstack-8 pillar、grains、state综合应用
1、mastr配置文件配置分组:
编辑配置文件:/etc/salt/
配置分组,供后续pillar判断参数使用
nodegroups: web1groups: 'L@db_01' web2groups: 'L@db_02'
2、配置pillar
/srv/pillar/top.sls
base: web1groups: - match: nodegroup - web1server web2groups: - match: nodegroup - web2server
master配置的分组web1groups和web2groups参数,分别对应配置下的文件名(web1server.sls和web2server.sls)
/srv/pillar/web1server.sls
nginx:
root: /wwww
/srv/pillar/web2server.sls
nginx:
root: /data
3、配置grains的max_open_file
/srv/salt/_grains/NginxGrins.py
import os, sys, commands def NginxGrains(): re = {} max_open_file = 65536 try: getulimit = commands.getstatusoutput('source /etc/profile; ulimit -n') except Exception , e: pass if getulimit[0] == 0: max_open_file = getulimit[1] re['max_open_file'] = max_open_file return re NginxGrains()
配置过程中,出现问题,可以参考:saltstack-5 grainx组件
4、state配置
/srv/salt/top.sls
base: '*': - nginx
/srv/salt/nginx.sls
nginx: pkg: - installed file.managed: - source: salt://nginx//nginx.conf - name: /etc/nginx/nginx.conf - user: root - group: root - mode: 644 - template: jinja service.running: # - enable: True - reload: True - watch: - file: /etc/nginx/nginx.conf - pkg: nginx
5、执行结果:
db_01: ---------- ID: nginx Function: pkg.installed Result: True Comment: The following packages were installed/updated: nginx Started: 21:01:35.392168 Duration: 78651.537 ms Changes: ---------- nginx: ---------- new: 1.10.3-1.el6 old: nginx-all-modules: ---------- new: 1.10.3-1.el6 old: nginx-mod-http-geoip: ---------- new: 1.10.3-1.el6 old: nginx-mod-http-image-filter: ---------- new: 1.10.3-1.el6 old: nginx-mod-http-perl: ---------- new: 1.10.3-1.el6 old: nginx-mod-http-xslt-filter: ---------- new: 1.10.3-1.el6 old: nginx-mod-mail: ---------- new: 1.10.3-1.el6 old: nginx-mod-stream: ---------- new: 1.10.3-1.el6 old: ---------- ID: nginx Function: file.managed Name: /etc/nginx/nginx.conf Result: True Comment: File /etc/nginx/nginx.conf updated Started: 21:02:54.046159 Duration: 346.353 ms Changes: ---------- diff: --- +++ @@ -1,14 +1,21 @@ +#version 1.1.4 # For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ -user nginx; -worker_processes auto; -error_log /var/log/nginx/error.log; -pid /var/run/nginx.pid; +user nginx; +worker_processes 1; -# Load dynamic modules. See /usr/share/nginx/README.dynamic. -include /usr/share/nginx/modules/*.conf; +worker_cpu_affinity 1000 0100 0010 0001; + +worker_rlimit_nofile 1024; + +error_log /var/log/nginx/error.log; +#error_log /var/log/nginx/error.log notice; +#error_log /var/log/nginx/error.log info; + +pid /var/run/nginx.pid; + events { worker_connections 1024; @@ -16,23 +23,51 @@ http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; + sendfile on; + #tcp_nopush on; - include /etc/nginx/mime.types; - default_type application/octet-stream; + #keepalive_timeout 0; + keepalive_timeout 75; - # Load modular configuration files from the /etc/nginx/conf.d directory. - # See http://nginx.org/en/docs/ngx_core_module.html#include - # for more information. - include /etc/nginx/conf.d/*.conf; + #gzip on; + + # Load config files from the /etc/nginx/conf.d directory + # The default server is in conf.d/default.conf + #include /etc/nginx/conf.d/*.conf; + server { + listen 80 default_server; + server_name _; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root /wwww; + index index.html index.htm; + } + + error_page 404 /404.html; + location = /404.html { + root /usr/share/nginx/html; + } + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + } + } ---------- ID: nginx Function: service.running Result: True Comment: Started Service nginx Started: 21:02:54.395601 Duration: 202.246 ms Changes: ---------- nginx: True Summary for db_01 ------------ Succeeded: 3 (changed=3) Failed: 0 ------------ Total states run: 3 Total run time: 79.200 s
6、配置文件模板
/srv/salt/nginx/nginx.conf
配置文件中:
1、使用{{ grains['num_cpus'] }}获取cpu的数量;
2、{{ grains['max_open_file'] }}获取最大的打开文件数;
3、{{ pillar['nginx']['root'] }}获取url路径,pillar又使用分组来判断获取参数;
#version 1.1.4 # For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes {{ grains['num_cpus'] }}; {% if grains['num_cpus'] == 2 %} worker_cpu_affinity 01 10; {% elif grains['num_cpus'] == 4 %} worker_cpu_affinity 1000 0100 0010 0001; {% elif grains['num_cpus'] >= 8 %} worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000; {% else %} worker_cpu_affinity 1000 0100 0010 0001; {% endif %} worker_rlimit_nofile {{ grains['max_open_file'] }}; error_log /var/log/nginx/error.log; #error_log /var/log/nginx/error.log notice; #error_log /var/log/nginx/error.log info; pid /var/run/nginx.pid; events { worker_connections {{ grains['max_open_file'] }}; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 75; #gzip on; # Load config files from the /etc/nginx/conf.d directory # The default server is in conf.d/default.conf #include /etc/nginx/conf.d/*.conf; server { listen 80 default_server; server_name _; #charset koi8-r; #access_log logs/host.access.log main; location / { root {{ pillar['nginx']['root'] }}; index index.html index.htm; } error_page 404 /404.html; location = /404.html { root /usr/share/nginx/html; } # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } } }