saltstack-8 pillar、grains、state综合应用

 1、mastr配置文件配置分组:

编辑配置文件:/etc/salt/

 配置分组,供后续pillar判断参数使用

nodegroups:
  web1groups: 'L@db_01'
  web2groups: 'L@db_02'

 

2、配置pillar

/srv/pillar/top.sls

base:
  web1groups:
    - match: nodegroup
    - web1server
  web2groups:
    - match: nodegroup
    - web2server

master配置的分组web1groups和web2groups参数,分别对应配置下的文件名(web1server.sls和web2server.sls)

/srv/pillar/web1server.sls

nginx:
  root: /wwww

/srv/pillar/web2server.sls

nginx:
  root: /data

 

 3、配置grains的max_open_file

/srv/salt/_grains/NginxGrins.py

import os, sys, commands

def NginxGrains():
    re = {}
    max_open_file = 65536
    try:
        getulimit = commands.getstatusoutput('source /etc/profile; ulimit -n')
    except Exception , e:
        pass
    if getulimit[0] == 0:
        max_open_file = getulimit[1]
    
    re['max_open_file'] = max_open_file
    
    return re
NginxGrains()

配置过程中,出现问题,可以参考:saltstack-5 grainx组件

 

4、state配置

/srv/salt/top.sls

base:
  '*':
    - nginx

/srv/salt/nginx.sls

nginx:
  pkg:
    - installed
  file.managed:
    - source: salt://nginx//nginx.conf
    - name: /etc/nginx/nginx.conf
    - user: root
    - group: root
    - mode: 644
    - template: jinja

  service.running:
#    - enable: True
    - reload: True
    - watch:
      - file: /etc/nginx/nginx.conf
      - pkg: nginx

 

 

 5、执行结果:

db_01:
----------
          ID: nginx
    Function: pkg.installed
      Result: True
     Comment: The following packages were installed/updated: nginx
     Started: 21:01:35.392168
    Duration: 78651.537 ms
     Changes:   
              ----------
              nginx:
                  ----------
                  new:
                      1.10.3-1.el6
                  old:
              nginx-all-modules:
                  ----------
                  new:
                      1.10.3-1.el6
                  old:
              nginx-mod-http-geoip:
                  ----------
                  new:
                      1.10.3-1.el6
                  old:
              nginx-mod-http-image-filter:
                  ----------
                  new:
                      1.10.3-1.el6
                  old:
              nginx-mod-http-perl:
                  ----------
                  new:
                      1.10.3-1.el6
                  old:
              nginx-mod-http-xslt-filter:
                  ----------
                  new:
                      1.10.3-1.el6
                  old:
              nginx-mod-mail:
                  ----------
                  new:
                      1.10.3-1.el6
                  old:
              nginx-mod-stream:
                  ----------
                  new:
                      1.10.3-1.el6
                  old:
----------
          ID: nginx
    Function: file.managed
        Name: /etc/nginx/nginx.conf
      Result: True
     Comment: File /etc/nginx/nginx.conf updated
     Started: 21:02:54.046159
    Duration: 346.353 ms
     Changes:   
              ----------
              diff:
                  ---  
                  +++  
                  @@ -1,14 +1,21 @@
                  +#version 1.1.4
                   # For more information on configuration, see:
                   #   * Official English Documentation: http://nginx.org/en/docs/
                   #   * Official Russian Documentation: http://nginx.org/ru/docs/
                   
                  -user nginx;
                  -worker_processes auto;
                  -error_log /var/log/nginx/error.log;
                  -pid /var/run/nginx.pid;
                  +user              nginx;
                  +worker_processes  1;
                   
                  -# Load dynamic modules. See /usr/share/nginx/README.dynamic.
                  -include /usr/share/nginx/modules/*.conf;
                  +worker_cpu_affinity 1000 0100 0010 0001;
                  +
                  +worker_rlimit_nofile 1024;
                  +
                  +error_log  /var/log/nginx/error.log;
                  +#error_log  /var/log/nginx/error.log  notice;
                  +#error_log  /var/log/nginx/error.log  info;
                  +
                  +pid        /var/run/nginx.pid;
                  +
                   
                   events {
                       worker_connections  1024;
                  @@ -16,23 +23,51 @@
                   
                   
                   http {
                  +    include       /etc/nginx/mime.types;
                  +    default_type  application/octet-stream;
                  +
                       log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                                         '$status $body_bytes_sent "$http_referer" '
                                         '"$http_user_agent" "$http_x_forwarded_for"';
                   
                       access_log  /var/log/nginx/access.log  main;
                   
                  -    sendfile            on;
                  -    tcp_nopush          on;
                  -    tcp_nodelay         on;
                  -    keepalive_timeout   65;
                  -    types_hash_max_size 2048;
                  +    sendfile        on;
                  +    #tcp_nopush     on;
                   
                  -    include             /etc/nginx/mime.types;
                  -    default_type        application/octet-stream;
                  +    #keepalive_timeout  0;
                  +    keepalive_timeout  75;
                   
                  -    # Load modular configuration files from the /etc/nginx/conf.d directory.
                  -    # See http://nginx.org/en/docs/ngx_core_module.html#include
                  -    # for more information.
                  -    include /etc/nginx/conf.d/*.conf;
                  +    #gzip  on;
                  +    
                  +    # Load config files from the /etc/nginx/conf.d directory
                  +    # The default server is in conf.d/default.conf
                  +    #include /etc/nginx/conf.d/*.conf;
                  +    server {
                  +        listen       80 default_server;
                  +        server_name  _;
                  +
                  +        #charset koi8-r;
                  +
                  +        #access_log  logs/host.access.log  main;
                  +
                  +        location / {
                  +            root   /wwww;
                  +            index  index.html index.htm;
                  +        }
                  +
                  +        error_page  404              /404.html;
                  +        location = /404.html {
                  +            root   /usr/share/nginx/html;
                  +        }
                  +
                  +        # redirect server error pages to the static page /50x.html
                  +        #
                  +        error_page   500 502 503 504  /50x.html;
                  +        location = /50x.html {
                  +            root   /usr/share/nginx/html;
                  +        }
                  +
                  +    }
                  +
                   }
----------
          ID: nginx
    Function: service.running
      Result: True
     Comment: Started Service nginx
     Started: 21:02:54.395601
    Duration: 202.246 ms
     Changes:   
              ----------
              nginx:
                  True

Summary for db_01
------------
Succeeded: 3 (changed=3)
Failed:    0
------------
Total states run:     3
Total run time:  79.200 s

 

 

6、配置文件模板

/srv/salt/nginx/nginx.conf

配置文件中:

1、使用{{ grains['num_cpus'] }}获取cpu的数量;

2、{{ grains['max_open_file'] }}获取最大的打开文件数;

3、{{ pillar['nginx']['root'] }}获取url路径,pillar又使用分组来判断获取参数;

#version 1.1.4
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user              nginx;
worker_processes  {{ grains['num_cpus'] }};
{% if grains['num_cpus'] == 2 %}
worker_cpu_affinity 01 10;
{% elif grains['num_cpus'] == 4 %}
worker_cpu_affinity 1000 0100 0010 0001;
{% elif grains['num_cpus'] >= 8 %}
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
{% else %}
worker_cpu_affinity 1000 0100 0010 0001;
{% endif %}
worker_rlimit_nofile {{ grains['max_open_file'] }};

error_log  /var/log/nginx/error.log;
#error_log  /var/log/nginx/error.log  notice;
#error_log  /var/log/nginx/error.log  info;

pid        /var/run/nginx.pid;


events {
    worker_connections  {{ grains['max_open_file'] }};
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  75;

    #gzip  on;
    
    # Load config files from the /etc/nginx/conf.d directory
    # The default server is in conf.d/default.conf
    #include /etc/nginx/conf.d/*.conf;
    server {
        listen       80 default_server;
        server_name  _;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   {{ pillar['nginx']['root'] }};
            index  index.html index.htm;
        }

        error_page  404              /404.html;
        location = /404.html {
            root   /usr/share/nginx/html;
        }

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }

    }

}

 

posted @ 2019-09-11 17:41  熊熊闯深林  阅读(307)  评论(0编辑  收藏  举报