官方文档 https://docs.saltstack.com/en/latest/topics/states/index.html
配置管理之SLS
Salt State SLS描述文件(YAML)
名称ID声明 默认是name声明
备注: 一个ID声明下面。状态模块不能重复使用
例:
apache-install:
pkg.installed:
- names:
- httpd
- httpd-devel
apache-service: # ID声明,高级状态,ID必须唯一。
service.running: # State声明 状态声明
- name: httpd # 选项声明
- enable: True
php:
pkg.installed
常用状态模块介绍
1)pkg (https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html#module-salt.states.pkg)
pkg.installed # 安装
pkg.latest # 确保最新版本
pkg.remove # 卸载
pkg.purge # 卸载并删除配置文件
# 同时安装多个包
common_packages:
pkg.installed:
- pkgs:
- unzip
- dos2unix
- salt-minion: 2015.8.5-1.el6
2)file (https://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#module-salt.states.file)
salt:// 表示当前环境的根目录。例如:
那么salt://lamp/files/httpd.conf 表示 /srv/salt/lamp/files/httpd.conf
3)service (https://docs.saltstack.com/en/latest/ref/states/all/salt.states.service.html#module-salt.states.service)
redis:
service.running:
- enable: True # 开机自启动
- reload: True # 重载
LAMP架构slat实现安装、配置、启动
1.安装软件包 pkg
2.修改配置文件 file
3.启动服务 service
lamp.sls文件内容如下
lamp-pkg:
pkg.installed:
- pkgs:
- httpd
- php
- mariadb
- mariadb-server
- php-mysql
- php-cli
- php-mbstring
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://lamp/files/httpd.conf
- user: root
- group: root
- mode: 644
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://lamp/files/php.ini
- user: root
- group: root
- mode: 644
mysql-config:
file.managed:
- name: /etc/my.cnf
- source: salt://lamp/files/my.cnf
- user: root
- group: root
- mode: 644
apache-service:
service.running:
- name: httpd
- enable: True
- reload: True
mysql-service:
service.running:
- name: mariadb
- enable: True
- reload: True
命令: salt 'linux-node2*' state.sls lamp.lamp
执行结果
1 linux-node2.example.com: 2 ---------- 3 ID: lamp-pkg 4 Function: pkg.installed 5 Result: True 6 Comment: 4 targeted packages were installed/updated. 7 The following packages were already installed: httpd, mariadb-server, mariadb 8 Started: 12:56:16.178765 9 Duration: 194279.377 ms 10 Changes: 11 ---------- 12 libzip: 13 ---------- 14 new: 15 0.10.1-8.el7 16 old: 17 php: 18 ---------- 19 new: 20 5.4.16-36.3.el7_2 21 old: 22 php-cli: 23 ---------- 24 new: 25 5.4.16-36.3.el7_2 26 old: 27 php-common: 28 ---------- 29 new: 30 5.4.16-36.3.el7_2 31 old: 32 php-mbstring: 33 ---------- 34 new: 35 5.4.16-36.3.el7_2 36 old: 37 php-mysql: 38 ---------- 39 new: 40 5.4.16-36.3.el7_2 41 old: 42 php-pdo: 43 ---------- 44 new: 45 5.4.16-36.3.el7_2 46 old: 47 ---------- 48 ID: apache-config 49 Function: file.managed 50 Name: /etc/httpd/conf/httpd.conf 51 Result: True 52 Comment: File /etc/httpd/conf/httpd.conf is in the correct state 53 Started: 12:59:30.519583 54 Duration: 98.547 ms 55 Changes: 56 ---------- 57 ID: php-config 58 Function: file.managed 59 Name: /etc/php.ini 60 Result: True 61 Comment: File /etc/php.ini is in the correct state 62 Started: 12:59:30.620067 63 Duration: 36.824 ms 64 Changes: 65 ---------- 66 ID: mysql-config 67 Function: file.managed 68 Name: /etc/my.cnf 69 Result: True 70 Comment: File /etc/my.cnf is in the correct state 71 Started: 12:59:30.657074 72 Duration: 58.78 ms 73 Changes: 74 ---------- 75 ID: apache-service 76 Function: service.running 77 Name: httpd 78 Result: True 79 Comment: The service httpd is already running 80 Started: 12:59:30.853149 81 Duration: 40.481 ms 82 Changes: 83 ---------- 84 ID: mysql-service 85 Function: service.running 86 Name: mariadb 87 Result: True 88 Comment: The service mariadb is already running 89 Started: 12:59:30.893939 90 Duration: 33.928 ms 91 Changes: 92 93 Summary for linux-node2.example.com 94 ------------ 95 Succeeded: 6 (changed=1) 96 Failed: 0 97 ------------ 98 Total states run: 6 99 Total run time: 194.548 s
第二种方式:
文件lamp2.sls 内容如下:
apache-server:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://lamp/files/httpd.conf
- user: root
- group: root
- mode: 644
service.running:
- name: httpd
- enable: True
- reload: True
mysql-server:
pkg.installed:
- pkgs:
- mariadb
- mariadb-server
file.managed:
- name: /etc/my.cnf
- source: salt://lamp/files/my.cnf
- user: root
- group: root
- mode: 644
service.running:
- name: mariadb
- enable: True
- reload: True
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://lamp/files/php.ini
- user: root
- group: root
- mode: 644
命令: salt 'linux-node2*' state.sls lamp.lamp2
执行结果
1 linux-node2.example.com: 2 ---------- 3 ID: apache-server 4 Function: pkg.installed 5 Result: True 6 Comment: All specified packages are already installed 7 Started: 13:13:53.886308 8 Duration: 665.948 ms 9 Changes: 10 ---------- 11 ID: apache-server 12 Function: file.managed 13 Name: /etc/httpd/conf/httpd.conf 14 Result: True 15 Comment: File /etc/httpd/conf/httpd.conf is in the correct state 16 Started: 13:13:54.553919 17 Duration: 19.867 ms 18 Changes: 19 ---------- 20 ID: apache-server 21 Function: service.running 22 Name: httpd 23 Result: True 24 Comment: The service httpd is already running 25 Started: 13:13:54.574411 26 Duration: 29.927 ms 27 Changes: 28 ---------- 29 ID: mysql-server 30 Function: pkg.installed 31 Result: True 32 Comment: All specified packages are already installed 33 Started: 13:13:54.604496 34 Duration: 0.771 ms 35 Changes: 36 ---------- 37 ID: mysql-server 38 Function: file.managed 39 Name: /etc/my.cnf 40 Result: True 41 Comment: File /etc/my.cnf is in the correct state 42 Started: 13:13:54.605362 43 Duration: 15.125 ms 44 Changes: 45 ---------- 46 ID: mysql-server 47 Function: service.running 48 Name: mariadb 49 Result: True 50 Comment: The service mariadb is already running 51 Started: 13:13:54.620592 52 Duration: 29.75 ms 53 Changes: 54 ---------- 55 ID: php-config 56 Function: file.managed 57 Name: /etc/php.ini 58 Result: True 59 Comment: File /etc/php.ini is in the correct state 60 Started: 13:13:54.650496 61 Duration: 17.036 ms 62 Changes: 63 64 Summary for linux-node2.example.com 65 ------------ 66 Succeeded: 7 67 Failed: 0 68 ------------ 69 Total states run: 7 70 Total run time: 778.424 ms
配置管理之状态间关系
状态间关系:
1.我依赖谁 require
apache-service:
service.running:
- name: httpd
- enable: True
- reload: True
- require:
- pkg: lamp-pkg # pkg ID
- file: apache-config # file ID
2 我被谁依赖 require_in
mysql-config:
file.managed:
- name: /etc/my.cnf
- source: salt://lamp/files/my.cnf
- user: root
- group: root
- mode: 644
- require_in:
- service: mysql-service
3 我监控谁 watch
apache-service:
service.running:
- name: httpd
- enable: True
- reload: True
- require:
- pkg: lamp-pkg
- watch:
- file: apache-config
1. 若果apache-config这个id的状态发生变化就reload
2. 如果不加reload: True,那么就restart
4 我被谁监控 watch_in
5 我引用谁 include
例:lamp第一种方法中,将安装、配置、启动分别保存3个文件, 由一个总文件引用
init.sls文件内容
include: - lamp.lamp_pkg - lamp.lamp_config - lamp.lamp_service
lamp_pkg.sls文件内容
lamp-pkg:
pkg.installed:
- pkgs:
- httpd
- php
- mariadb
- mariadb-server
- php-mysql
- php-cli
- php-mbstring
lamp_config.sls文件内容
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://lamp/files/httpd.conf
- user: root
- group: root
- mode: 644
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://lamp/files/php.ini
- user: root
- group: root
- mode: 644
mysql-config:
file.managed:
- name: /etc/my.cnf
- source: salt://lamp/files/my.cnf
- user: root
- group: root
- mode: 644
- require_in:
- service: mysql-service
lamp_service.sls文件内容
apache-service:
service.running:
- name: httpd
- enable: True
- reload: True
- require:
- pkg: lamp-pkg
- watch:
- file: apache-config
mysql-service:
service.running:
- name: mariadb
- enable: True
- reload: True
执行命令:salt 'linux-node2*' state.sls lamp.init
6 我扩展谁
如何编写SLS技巧:
1.按状态分类 如果单独使用,很清晰。
2.按服务分类 可以被其他的SLS include。例如LNMP include mysql的服务。
jinja2
文档:http://docs.jinkan.org/docs/jinja2/
模板包含 变量 或 表达式,两种分隔符: {% ... %} 和 {{ ... }} 。前者用于执行诸如 for 循环 或赋值的语句,后者把表达式的结果打印到模板上。
salt中如何使用jinja2:
文档:https://docs.saltstack.com/en/latest/topics/jinja/index.html
1)告诉File模块,你要使用jinja
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://lamp/files/httpd.conf
- user: root
- group: root
- mode: 644
- template: jinja
2)列出参数列表
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://lamp/files/httpd.conf
- user: root
- group: root
- mode: 644
- template: jinja
- defaults:
PORT: 8080
3)模板引用
httpd.conf配置文件引用如下
执行命令:salt 'linux-node2*' state.sls lamp.init
执行结果:
1 linux-node2.example.com: 2 ---------- 3 ID: lamp-pkg 4 Function: pkg.installed 5 Result: True 6 Comment: All specified packages are already installed 7 Started: 11:15:02.903236 8 Duration: 4591.748 ms 9 Changes: 10 ---------- 11 ID: apache-config 12 Function: file.managed 13 Name: /etc/httpd/conf/httpd.conf 14 Result: True 15 Comment: File /etc/httpd/conf/httpd.conf updated 16 Started: 11:15:07.558365 17 Duration: 90.859 ms 18 Changes: 19 ---------- 20 diff: 21 --- 22 +++ 23 @@ -39,7 +39,7 @@ 24 # prevent Apache from glomming onto all bound IP addresses. 25 # 26 #Listen 12.34.56.78:80 27 -Listen 80 28 +Listen 8080 29 30 # 31 # Dynamic Shared Object (DSO) Support 32 ---------- 33 ID: php-config 34 Function: file.managed 35 Name: /etc/php.ini 36 Result: True 37 Comment: File /etc/php.ini is in the correct state 38 Started: 11:15:07.649429 39 Duration: 63.754 ms 40 Changes: 41 ---------- 42 ID: mysql-config 43 Function: file.managed 44 Name: /etc/my.cnf 45 Result: True 46 Comment: File /etc/my.cnf is in the correct state 47 Started: 11:15:07.713515 48 Duration: 49.273 ms 49 Changes: 50 ---------- 51 ID: apache-service 52 Function: service.running 53 Name: httpd 54 Result: True 55 Comment: Service reloaded 56 Started: 11:15:07.800629 57 Duration: 135.15 ms 58 Changes: 59 ---------- 60 httpd: 61 True 62 ---------- 63 ID: mysql-service 64 Function: service.running 65 Name: mariadb 66 Result: True 67 Comment: The service mariadb is already running 68 Started: 11:15:07.936165 69 Duration: 95.71 ms 70 Changes: 71 72 Summary for linux-node2.example.com 73 ------------ 74 Succeeded: 6 (changed=2) 75 Failed: 0 76 ------------ 77 Total states run: 6 78 Total run time: 5.026 s
- 模板里面支持: salt执行模块 grinas 进行赋值
例:修改配置文件httpd.conf,将IP地址指向本机IP,通过grains['fqdn_ip4'][0]可以获取本机IP地址
salt 'linux-node2*' grains.item fqdn_ip4
- 模板里面支持:salt远程执行模块
例:修改配置文件httpd.conf,{{ salt['netwrok.hw_addr']('eth0') }}
salt 'linux-node2*' network.hw_addr eth0
执行命令:salt 'linux-node2*' state.sls lamp.init
执行结果
1 linux-node2.example.com: 2 ---------- 3 ID: lamp-pkg 4 Function: pkg.installed 5 Result: True 6 Comment: All specified packages are already installed 7 Started: 11:51:57.213758 8 Duration: 664.953 ms 9 Changes: 10 ---------- 11 ID: apache-config 12 Function: file.managed 13 Name: /etc/httpd/conf/httpd.conf 14 Result: True 15 Comment: File /etc/httpd/conf/httpd.conf updated 16 Started: 11:51:57.880642 17 Duration: 82.912 ms 18 Changes: 19 ---------- 20 diff: 21 --- 22 +++ 23 @@ -39,7 +39,9 @@ 24 # prevent Apache from glomming onto all bound IP addresses. 25 # 26 #Listen 12.34.56.78:80 27 -Listen 8080 28 +Listen 192.168.137.12:8080 29 + 30 +# MAC IS: 00:0c:29:fd:dd:02 31 32 # 33 # Dynamic Shared Object (DSO) Support 34 ---------- 35 ID: php-config 36 Function: file.managed 37 Name: /etc/php.ini 38 Result: True 39 Comment: File /etc/php.ini is in the correct state 40 Started: 11:51:57.963715 41 Duration: 14.577 ms 42 Changes: 43 ---------- 44 ID: mysql-config 45 Function: file.managed 46 Name: /etc/my.cnf 47 Result: True 48 Comment: File /etc/my.cnf is in the correct state 49 Started: 11:51:57.978393 50 Duration: 12.482 ms 51 Changes: 52 ---------- 53 ID: apache-service 54 Function: service.running 55 Name: httpd 56 Result: True 57 Comment: Service reloaded 58 Started: 11:51:58.021471 59 Duration: 127.043 ms 60 Changes: 61 ---------- 62 httpd: 63 True 64 ---------- 65 ID: mysql-service 66 Function: service.running 67 Name: mariadb 68 Result: True 69 Comment: The service mariadb is already running 70 Started: 11:51:58.148913 71 Duration: 58.592 ms 72 Changes: 73 74 Summary for linux-node2.example.com 75 ------------ 76 Succeeded: 6 (changed=2) 77 Failed: 0 78 ------------ 79 Total states run: 6 80 Total run time: 960.559 ms
- 模板里面支持: salt执行模块 pillar进行赋值
例:修改配置文件httpd.conf,{{ pillar['apache'] }}
salt 'linux-node2*' pillar.item apache
执行命令:salt 'linux-node2*' state.sls lamp.init
执行结果:
1 linux-node2.example.com: 2 ---------- 3 ID: lamp-pkg 4 Function: pkg.installed 5 Result: True 6 Comment: All specified packages are already installed 7 Started: 12:01:16.490143 8 Duration: 712.121 ms 9 Changes: 10 ---------- 11 ID: apache-config 12 Function: file.managed 13 Name: /etc/httpd/conf/httpd.conf 14 Result: True 15 Comment: File /etc/httpd/conf/httpd.conf updated 16 Started: 12:01:17.204369 17 Duration: 93.136 ms 18 Changes: 19 ---------- 20 diff: 21 --- 22 +++ 23 @@ -42,6 +42,7 @@ 24 Listen 192.168.137.12:8080 25 26 # MAC IS: 00:0c:29:fd:dd:02 27 +# pillar: httpd 28 29 # 30 # Dynamic Shared Object (DSO) Support 31 ---------- 32 ID: php-config 33 Function: file.managed 34 Name: /etc/php.ini 35 Result: True 36 Comment: File /etc/php.ini is in the correct state 37 Started: 12:01:17.297764 38 Duration: 17.209 ms 39 Changes: 40 ---------- 41 ID: mysql-config 42 Function: file.managed 43 Name: /etc/my.cnf 44 Result: True 45 Comment: File /etc/my.cnf is in the correct state 46 Started: 12:01:17.315170 47 Duration: 15.217 ms 48 Changes: 49 ---------- 50 ID: apache-service 51 Function: service.running 52 Name: httpd 53 Result: True 54 Comment: Service httpd is already enabled, and is running 55 Started: 12:01:17.331369 56 Duration: 184.591 ms 57 Changes: 58 ---------- 59 httpd: 60 True 61 ---------- 62 ID: mysql-service 63 Function: service.running 64 Name: mariadb 65 Result: True 66 Comment: The service mariadb is already running 67 Started: 12:01:17.516431 68 Duration: 32.057 ms 69 Changes: 70 71 Summary for linux-node2.example.com 72 ------------ 73 Succeeded: 6 (changed=2) 74 Failed: 0 75 ------------ 76 Total states run: 6 77 Total run time: 1.054 s