如何使用Salt 的各种状态值
Salt的状态系统的核心就是SLS文件,即SaLt State file.
SLS文件呈现一个系统该有的状态,通常这被称为配置管理。
SLS文件会被python解读成一系列的列表,字典,字符串和数字
top.sls
top文件用于映射哪些minion主机应该通过Salt的状态系统来加载哪些SLS模块
SLS文件通常是一个YAML格式的文件
top.sls是SaltStack的核心文件
测试:
创建/srv/salt/top.sls 文件
base:'*':- apache
这里表示所有的minion都调用apache这个SLS模块
创建/srv/salt/apache.sls 文件
httpd:pkg.installed: []service.running:- require:- pkg: httpd
这里第一行httpd 定义安装包的名称,不同的OS,包的名称不同,这里使用CentOS,apache名称为httpd
第二行和第三行使用state状态模块和函数,require一行表示apache安装成功后才能启动
然后就是在指定的minion上安装apache
也可以写成:
httpd:pkg:- installedservice:- running- require:- pkg: httpd
$ sudo salt '*' state.highstate
jidong-fileserver:
----------ID: httpdFunction: pkg.installedResult: TrueComment: Package httpd is already installedStarted: Duration: Changes:
----------ID: httpdFunction: service.runningResult: TrueComment: The service httpd is already runningStarted: Duration: Changes: Summary
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
进一步修改apache.sls文件添加一些其他状态模块。如添加各种账号并制定UID和GID以及用户登录shell等
httpd:pkg.installed: []service.running:- watch:- pkg: httpd- file: /etc/httpd/conf/httpd.conf- user: apacheuser.present:- name: apache- uid: 48- gid: 48- home: /var/www- shell: /sbin/nologin- require:- group: apachegroup.present:- name: apache- gid: 48- require:- pkg: httpd/etc/httpd/conf/httpd.conf:file.managed:- source: salt://httpd.conf- user: root- group: root- mode: 644
httpd.conf文件放置到/srv/salt目录下,通过salt://httpd.conf访问
gintama-qa-server:
----------ID: httpdFunction: pkg.installedResult: TrueComment: Package httpd is already installedStarted: Duration: Changes:
----------ID: /etc/httpd/conf/httpd.confFunction: file.managedResult: TrueComment: File /etc/httpd/conf/httpd.conf is in the correct stateStarted: Duration: Changes:
----------ID: httpdFunction: group.presentName: apacheResult: TrueComment: No changeStarted: Duration: Changes:
----------ID: httpdFunction: user.presentName: apacheResult: TrueComment: User apache is present and up to dateStarted: Duration: Changes:
----------ID: httpdFunction: service.runningResult: FalseComment: Service httpd failed to startStarted: Duration: Changes: Summary
------------
Succeeded: 4
Failed: 1
如果有多个SLS文件需要管理,可以将多个SLS文件组成一个States Tree
将以上的内容改成
/srv/salt/apache/init.sls
/srv/salt/apache/httpd.conf
然后修改init.sls
- source: salt://apache/httpd.conf
再添加一个ssh的例子
/srv/salt/ssh/
├── banner
├── init.sls
├── server.sls
├── ssh_config
└── sshd_config
init.sls
include:- ssh.serveropenssh-clients:pkg.installed/etc/ssh/ssh_config:file.managed:- user: root- group: root- mode: 644- source: salt://ssh/ssh_config
server.sls
openssh-server:pkg.installedsshd:service.running:- require:- pkg: openssh-clients- pkg: openssh-server- file: /etc/ssh/banner- file: /etc/ssh/sshd_config/etc/ssh/sshd_config:file.managed:- user: root- group: root- mode: 644- source: salt://ssh/sshd_config- require:- pkg: openssh-server/etc/ssh/banner:file.managed:- user: root- group: root- mode: 644- source: salt://ssh/banner- require:- pkg: openssh-server
经过测试,这里和文档上的有些出入,在server.sls中添加
include:
- ssh
salt无法执行server.sls中指定的内容。所以将server.sls中的include去掉,改在init.sls中添加include语句
----------ID: openssh-serverFunction: pkg.installedResult: TrueComment: Package openssh-server is already installed.Started: 14:20:26.385555Duration: 3.442 msChanges:
----------ID: openssh-clientsFunction: pkg.installedResult: TrueComment: Package openssh-clients is already installed.Started: 14:20:26.394100Duration: 1.202 msChanges:
----------ID: /etc/ssh/bannerFunction: file.managedResult: TrueComment: File /etc/ssh/banner is in the correct stateStarted: 14:20:26.395813Duration: 8.755 msChanges:
----------ID: /etc/ssh/sshd_configFunction: file.managedResult: TrueComment: File /etc/ssh/sshd_config is in the correct stateStarted: 14:20:26.405102Duration: 6.399 msChanges:
----------ID: sshdFunction: service.runningResult: TrueComment: The service sshd is already runningStarted: 14:20:26.412620Duration: 141.419 msChanges:
----------ID: /etc/ssh/ssh_configFunction: file.managedResult: TrueComment: File /etc/ssh/ssh_config is in the correct stateStarted: 14:20:26.555069Duration: 9.425 msChanges: Summary
-------------
Succeeded: 10
有些时候SLS数据需要扩展,
/srv/salt/ssh/custom-server.sls
include:- ssh.serverextend:/etc/ssh/banner:file:- source: salt://ssh/custom-banner
在/srv/salt/ssh/init.sls中添加一条include语句
include:
- ssh.server
- ssh.custom-server
----------ID: /etc/ssh/bannerFunction: file.managedResult: TrueComment: File /etc/ssh/banner updatedStarted: 15:22:04.989477Duration: 10.723 msChanges: ----------diff:--- +++ @@ -1,1 +1,1 @@-This is a test+This is a custom banner----------
另外一个例子
$ cat /srv/salt/python/init.sls
include:- python.mod_python
$ cat /srv/salt/python/mod_python.sls
include:- apacheextend:httpd:service:- watch:- pkg: mod_pythonmod_python:pkg.installed
----------ID: mod_pythonFunction: pkg.installedResult: TrueComment: The following packages were installed/updated: mod_python.Started: 15:37:24.935284Duration: 85741.449 msChanges: ----------mod_python:----------new:3.3.1-16.el6old:
理解Render System
Salt默认使用YAML格式来编写SLS文件
默认的render是 yaml_jinja ,使用jinja模板引擎。基于模板引擎的renders有三个重要的组件,salt,grains和pillar。
将/srv/salt/apache/init.sls 变更下
apache:pkg.installed:{% if grains['os'] == 'CentOS' %}- name: httpd{% endif %}service.running:{% if grains['os'] == 'CentOS' %}- name: httpd{% endif %}- watch:- pkg: apache- file: /etc/httpd/conf/httpd.conf- user: apacheuser.present:- name: apache- uid: 48- gid: 48- home: /var/www- shell: /sbin/nologin- require:- group: apachegroup.present:- name: apache- gid: 48- require:- pkg: apache/etc/httpd/conf/httpd.conf:file.managed:- source: salt://apache/httpd.conf- user: root- group: root- mode: 644
如果系统OS是CentOS的话安装apache就使用httpd名称
有些时候,选择默认的render可能不满足需求。这时可以使用其他的render,例如python,pydsl和pyobject
python/django.sls:
#!py def run():''' Install the django package '''return {'include': ['python'],'django': {'pkg': ['installed']}}
#!pydsl include('python', delayed=True) state('django').pkg.installed()
#!pyobjects include('python') Pkg.installed("django")
对应的YAML格式
include:- python django:pkg.installed
salt '*' state.highstate
salt-call state.highstate -l debug
salt-minion -l debug
参考文章:
http://docs.saltstack.com/en/latest/topics/tutorials/starting_states.html
转载于:https://blog.51cto.com/john88wang/1650547
如何使用Salt 的各种状态值相关推荐
- PostgreSQL md5 auth method introduce, with random salt protect
在上一篇BLOG中介绍了不要在pg_hba.conf中使用password认证方法, 除非你的客户端和数据库服务器之间的网络是绝对安全的. http://blog.163.com/digoal@126 ...
- signature验证/salt验证/token验证的作用
1.salt验证: salt是随机生成的一串字符,salt验证的作用是将生成的salt与加密的密码密文拼接后再次加密存储 这样可以是存储在数据库中的密码更加安全 2.signature验证: I.将 ...
- 英文谚语:Take that with a grain of salt
take sth. with a grain of salt 这个习语的字面意思是"和一撮盐一起吃下去",为什么要与盐一起吃呢? 据说这个习语要追溯到罗马时代,罗马将军庞培曾发现一 ...
- salt 基本组建之 grains,pillars(整理中)
2019独角兽企业重金招聘Python工程师标准>>> grains minion基本信息的管理 基本使用: <pre> salt '*' grains.ls 查看gra ...
- linux salt命令 -e,linux 下 Salt 命令的疑难杂症
前言 今天运维同事在使用 salt '*' test.ping 两台机器上的执行时间完全不同.正常的为: [root@salt_master ~]# time salt-key -L Accepted ...
- 翻译-Salt与Ansible全方位比较
原文链接:http://jensrantil.github.io/salt-vs-ansible.html 作者: Jens Rantil 之前某些时候我需要评估配置管理系统.结合从他人得到的意见,我 ...
- salt盐度与用户密码加密机制
1 加Salt散列 2 ASP.NET 2.0 Membership中与密码散列有关的代码 声明:本文所罗列之源代码均通过Reflector取自.NET Framework类库,引用这些代码仅出于学习 ...
- saltstack/salt的state.sls的使用
SLS(代表SaLt State文件)是Salt State系统的核心.SLS描述了系统的目标状态,由格式简单的数据构成.这经常被称作配置管理 首先,在master上面定义salt的主目录,默认是在/ ...
- salt '*' state.highstate 报错找不到文件,环境如下No Top file or master_tops data matches found....
salt '*' state.highstate 报错找不到文件,环境如下No Top file or master_tops data matches found. file_roots: b ...
最新文章
- the mysql is running_Mysql报错:TheMySQLserverisrunningwiththe--skip-grant-
- Swift中如何重新懒加载
- java解码base64的png图片_使用PHP对图片进行base64编码和解码(png、jpg,声音、视频)...
- 「3D Object Detection」Lidar Part : First Taste
- numpy基础(part13)--排序
- WPF DataGrid
- C++/C--二分查找之lower_bound( )和upper_bound( )【转载】
- ME525+在线 刷机
- 人力资源书籍排行榜,这些好书不容错过!
- 使用 maven-semantic-release 实现自动化发版
- 部门新来的00后测试员已把我卷崩溃,老油条表示真干不过,但是...
- Openstack“T版“全组件手动部署
- 一个创业公司的融资流程?
- 2022-2028年中国水利工程行业市场行情动态及发展趋向分析报告
- MAC添加受信任证书
- 数字图象的几种色彩模式
- WPF 修改标题栏背景色(标题栏的最小化、最大化、关闭需要调一下)
- php工程师需要掌握的知识体系
- navigator.language 代表的是浏览器的语言?
- Win10 使用技巧集锦 - 自带的截图功能