SaltStack的Grains主要是收集了minion的一些配置信息,如CPU、內存、硬盤、網絡、操作系統等很少發生變化的靜態數據,我們也可以在minion自定義Grains項和相應的值,Grains也可以用來匹配目標minion。SaltStack的state通過預先定製好的sls(salt state file)文件對被控制主機進行狀態管理,支持包括程序包(pkg)、文件(file)、網絡配置(network)、系統服務(service)、系統用戶(user)等。通過sls文件定義好要達到的狀態實現批量對minion進行自動化配置。本文的主要內容是對Grains和State的基本使用與測試。
一、Grains測試
1、使用命令salt 'salt-minion01' grains.ls可以列出所有的Grains項
2、使用命令 salt 'salt-minion01' grains.items可以查看所有Grains項的值
[root@salt-master ~]# salt 'salt-minion01' grains.items salt-minion01: ---------- SSDs: biosreleasedate: 07/02/2015 biosversion: 6.00 cpu_flags: - fpu - vme - de - pse - tsc - msr - pae - mce - cx8 - apic - sep - mtrr - pge - mca - cmov - pat - pse36 - clflush - dts - mmx - fxsr - sse - sse2 - ss - ht - syscall - nx - pdpe1gb - rdtscp - lm - constant_tsc - arch_perfmon - pebs - bts - xtopology - tsc_reliable - nonstop_tsc - aperfmperf - unfair_spinlock - pni - pclmulqdq - ssse3 - fma - cx16 - pcid - sse4_1 - sse4_2 - x2apic - movbe - popcnt - tsc_deadline_timer - aes - xsave - avx - f16c - rdrand - hypervisor - lahf_lm - abm - 3dnowprefetch - ida - arat - epb - xsaveopt - pln - pts - dts - fsgsbase - bmi1 - hle - avx2 - smep - bmi2 - invpcid - rtm cpu_model: Intel(R) Core(TM) i7-6700HQ CPU @2.60GHz cpuarch: x86_64 disks: - ram0 - ram1 - ram2 - ram3 - ram4 - ram5 - ram6 - ram7 - ram8 - ram9 - ram10 - ram11 - ram12 - ram13 - ram14 - ram15 - loop0 - loop1 - loop2 - loop3 - loop4 - loop5 - loop6 - loop7 - sda - sr0 - dm-0 - dm-1 - dm-2 - dm-3 - dm-4 - dm-5 - dm-6 - dm-7 - dm-8 dns: ---------- domain: ip4_nameservers: ip6_nameservers: nameservers: options: search: sortlist: domain: fqdn: salt-minion01 fqdn_ip4: - 192.168.10.121 fqdn_ip6: gid: 0 gpus: |_ ---------- model: SVGA II Adapter vendor: unknown groupname: root host: salt-minion01 hwaddr_interfaces: ---------- eth0: 00:0c:29:49:e9:93 lo: 00:00:00:00:00:00 id: salt-minion01 init: upstart ip4_interfaces: ---------- eth0: - 192.168.10.121 lo: - 127.0.0.1 ip6_interfaces: ---------- eth0: - fe80::20c:29ff:fe49:e993 lo: - ::1 ip_interfaces: ---------- eth0: - 192.168.10.121 - fe80::20c:29ff:fe49:e993 lo: - 127.0.0.1 - ::1 ipv4: - 127.0.0.1 - 192.168.10.121 ipv6: - ::1 - fe80::20c:29ff:fe49:e993 kernel: Linux kernelrelease: 2.6.32-431.el6.x86_64 locale_info: ---------- defaultencoding: UTF-8 defaultlanguage: en_US detectedencoding: UTF-8 localhost: salt-minion01 machine_id: 7a2aeb71ad0121118ab9fcad00000025 manufacturer: VMware, Inc. master: 192.168.10.120 mdadm: mem_total: 980 nodename: salt-minion01 num_cpus: 2 num_gpus: 1 os: RedHat os_family: RedHat osarch: x86_64 oscodename: Santiago osfinger: Red Hat Enterprise Linux Server-6 osfullname: Red Hat Enterprise Linux Server osmajorrelease: 6 osrelease: 6.5 osrelease_info: - 6 - 5 path: /sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin pid: 1820 productname: VMware Virtual Platform ps: ps -efHww pythonexecutable: /usr/bin/python2.7 pythonpath: - /usr/bin - /usr/lib/python27.zip - /usr/lib64/python2.7 - /usr/lib64/python2.7/plat-linux2 - /usr/lib64/python2.7/lib-tk - /usr/lib64/python2.7/lib-old - /usr/lib64/python2.7/lib-dynload - /usr/lib64/python2.7/site-packages - /usr/lib/python2.7/site-packages pythonversion: - 2 - 7 - 14 - final - 0 saltpath: /usr/lib/python2.7/site-packages/salt saltversion: 2017.7.4 saltversioninfo: - 2017 - 7 - 4 - 0 selinux: ---------- enabled: False enforced: Disabled serialnumber: VMware-56 4d b2 aa b6 10 89 96-a1 45 63 bc 92 49 e9 93 server_id: 1399817943 shell: /bin/sh uid: 0 username: root uuid: aab24d56-10b6-9689-a145-63bc9249e993 virtual: VMware zmqversion: 4.0.5 [root@salt-master ~]#
3、使用salt '*' grains.item os或salt '*' grains.get os都可以單獨查看minion的具體grains項的值(如OS),區別是後者可以只顯示值
4、下面我們來自定義minions的Grains項和值,將salt-minion01標記爲role: webserver和type: apache,將salt-minion02標記爲role: dbserver和type: mysql。先在master的文件根目錄/srv/salt編輯兩個文件,分別是web_grains.conf和db_grains.conf,內容如下:
5、使用cp.get_file將web_grains.conf文件推送到salt-minion01的/etc/salt /minion.d目錄,將db_grains.conf文件推送到salt-minion02的/etc/salt/minion.d目錄,然後使用saltutil.sync_grains刷新下minion的Grains信息,就完成了Grains項和值的自定義了
二、State測試
1、現在想將salt-minion01配置成Apache服務器,並推送index.html文件到/var/www/html目錄,還要啓動httpd服務並設置開機啓動,這一系列操作我們當然可以寫成shell腳本,但用SaltStack的sls文件來定義這些操作則能夠更簡單地實現,首先確認目標minion沒有安裝httpd的包,然後在/srv/salt中編寫好index.html文件和http.sls文件,如下:
[root@salt-master ~]# cat /srv/salt/http.sls httpd: pkg.installed: - names: - httpd - httpd-devel index-html: file.managed: - name: /var/www/html/index.html - source: salt://index.html - user: root - group: root - mode: 644 - require: - pkg: httpd httpd-service: service.running: - name: httpd - enable: True - reload: True - require: - pkg: httpd [root@salt-master ~]#
2、執行命令 salt -G 'role: webserver' state.sls http調用/srv/salt/http.sls文件,並匹配上文自定義的Grains爲"role: webserver"的目標minion,即salt-minion01,如果匹配的目標是多臺minion,那就是批量操作了,執行的結果如下:
3、使用curl測試一下是否能訪問,訪問正常
4、檢查一下http.sls文件所定義的操作,Grains爲“role:webserver”的minion是否都執行了,如裝httpd和httpd-devel包、推送index.html文件到/var/www/html目錄,開機啓動httpd服務,經檢查,確實都按預期執行了
本文出自江健龍的技術博客jiangjianlong.blog.51cto.com,轉載請註明出處。