本文介绍如何使用SaltStack进行服务器的自动化配置与管理,包括Master和Minion的安装配置、远程命令执行、自定义模块、编写状态文件(SLS)实现服务部署及grains和pillar的应用。
文章目录
一、master和minion
在server1中
cd /etc/yum.repos.d/
vim salt.repo #更改里面的配置文件
记得关闭真机里面的sexlinux
yum repolist
如果可以的话
记得把文件传送
scp salt.repo server2:/etc/yum.repos.d/
scp salt.repo server3:/etc/yum.repos.d/
yum list salt-*
yum install salt-master.noarch -y
systemctl enable --now salt-master.service
就可以了
在server2,3中
yum install salt-minicom.x86_64
cd /etc/salt/
vim minion
在minion里面
更改master: 172.25.32.1
systemctl enable --now salt-minion.service
结果
salt-key -L #列出
salt-key -A #添加所有
salt '*' test.ping
yum install lsof -y
lsof -i :4505 #查看端口
salt-key -L
二、远程执行
1、远程命令执行
在1中
salt server2 pkg.install 'httpd
salt server2 pkg.version salt-minion
salt server2 sys.doc service
salt server2 service.start httpd
2、远程执行模块
cd /srv/
mkdir salt
cd salt/
mkdir _modules
cd _modules/
vim my_disk.py
my_disk.py里面编写
def df():
return __salt__['cmd.run']('df -h')
然后
salt server2 saltutil.sync_modules
salt server2 my_disk.df
说面模块连接完成了
3、编写.sls文件(apache)
cd /srv/salt
vim apache.sls
mkdir apache
mv apache.sls apache
cd apache/
mv apache.sls init.sls
salt server2 state.sls apache
scp 172.25.32.2:/etc/httpd/conf/httpd.conf .
如果创建了目录,把sls文件移动到目录
必须把文件名称改为init.sls文件
这样才能直接打目录名就可以执行
比如
salt server2 state.sls apache
vim init.sls
文件编写
apache:
pkg.installed: #表示下载什么包
- pkgs:
- httpd
- php
file.managed:
- name: /etc/httpd/conf/httpd.conf #更改文件内容
- source: salt://apache/httpd.conf #更具这个目录来更改
service.running: #服务内容
- name: httpd
- enable: true
- reload: true
- watch:
- file: apache #发现更改至今reload
编写nginx
mkdir nginx
cd nginx/
vim init.sls
nginx-install:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
file.managed:
- name: /mnt/nginx-1.20.1.tar.gz
- source: salt://nginx/nginx-1.20.1.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.20.1.tar.gz && cd nginx-1.20.1 && sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-threads --with-file-aio &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/nginx
salt server3 state.sls nginx
ls一次
里面需要
init.sls nginx-1.20.1.tar.gz nginx.conf nginx.service service.sls
然后ls一下,里面需要
nginx.service(从真机里面弄来的)
#cd /usr/local/nginx/conf/
#scp nginx.conf server1:/srv/salt/nginx(从三号机里面弄来)
nginx.conf
vim nginx.conf
user nginx;
worker_processes auto;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 65535;
}
nginx-1.20.1.tar.gz(从真机子里面弄来)
vim service.sls
include:
- nginx
nginx-user:
user.present:
- name: nginx
- shell: /sbin/nologin
- home: /usr/local/nginx
- createhome: false
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/nginx.conf
nginx-service:
file.managed:
- name: /usr/lib/systemd/system/nginx.service
- source: salt://nginx/nginx.service
service.running:
- name: nginx
- enable: true
- reload: true
- watch:
- file: /usr/local/nginx/conf/nginx.conf
salt server3 state.sls nginx.service
三、
1、修改grains的三种方法
#在2中
vim /etc/salt/minion
grains:
roles: apache
#在3中
vim /etc/salt/grains
roles: nginx
#在1中
mkdir _grains
cd _grains/
vim grains.py
def grains():
grains = {}
grains['hello'] = 'world'
grains['salt'] = 'stack'
return grains
salt '*' saltutil.sync_grains
salt server2 grains.item hello
salt -G 'roles:apache' cmd.run hostname
2、pillar
cd ..
mkdir pillar
cd pillar/
vim pkgs.sls
{% if grains['fqdn'] == 'server2' %}
package: httpd
port: 80
{% elif grains['fqdn'] == 'server3' %}
package: httpd
port: 8080
{% endif %}
vim top.sls
base:
'*':
- pkgs
salt '*' pillar.items
salt '*' saltutil.refresh_pillar
salt -I 'package:nginx' cmd.run hostname
salt '*' pillar.items
salt '*' saltutil.refresh_pillar
3、grains
cd ..
cd salt/
vim test.sls
/mnt/testfile:
file.append:
{% if grains['fqdn'] == 'server2' %}
- text: server2
{% elif grains['fqdn'] == 'server3' %}
- text: server3
{% endif %}
vim top.sls
base:
'roles:apache':
- match: grain
- apache
'roles:nginx':
- match: grain
- nginx.service
salt '*' state.sls test
四、综合运用
cd /srv/salt/apache
vim init.sls
apache:
pkg.installed:
- pkgs:
- {{ pillar['package'] }}
/etc/httpd/conf/httpd.conf:
file.managed:
- source: salt://apache/httpd.conf
- template: jinja
- context:
http_port: {{ pillar['port'] }}
http_host: {{ grains['ipv4'][-1] }}
service.running:
- name: httpd
- enable: true
- reload: true
- watch:
- file: /etc/httpd/conf/httpd.conf
vim httpd.conf
扫一扫
1563
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
