一、salt-ssh的使用
官方文档:https://docs.saltstack.com/en/2016.11/topics/ssh/index.html
(1)安装salt-ssh [root@linux-node1 ~]# yum install -y salt-ssh (2)配置salt-ssh [root@linux-node1 ~]# vim /etc/salt/roster linux-node1: host: 10.0.0.11 user: root passwd: qwe123 linux-node2: host: 10.0.0.12 user: root passwd: qwe123 (3)使用ssh远程执行 [root@7mini-node1 ~]# salt-ssh '*' -r 'uptime' 7mini-node2: ---------- retcode: 0 stderr: stdout: root@10.0.0.12's password: 14:07:19 up 14 days, 8:41, 2 users, load average: 0.04, 0.08, 0.07 7mini-node1: ---------- retcode: 0 stderr: stdout: root@10.0.0.11's password: 14:07:20 up 23 days, 8:13, 2 users, load average: 2.86, 0.81, 0.34
二.配置管理
1)SLS:salt state举例安装apache
[root@7mini-node1 ~]# vim /srv/salt/base/web/apache.sls apache: pkg.installed: - name: httpd service.running: - name: httpd file.managed: - name: /etc/httpd/conf/httpd.conf - source: salt://apache/files/httpd.conf - user: root - group: root - mode: 644 解释说明: apache:id声明,在所有环境(base、prod)下全局唯一 pkg:状态模块 .:引用关系 installed:模块中的方法 ::代表层级关系 name:可以理解为参数,后面跟的是参数值,id就是name file.managed:文件管理模块,必须要有source指定文件的来源路径 source:文件的来源路径,salt://代表着环境的根路径,这的根路径为:/srv/salt/base/ user、group、mode:分别指定文件的所属者,所属组和权限 以上的文件还可以使用分id的写法: apache-install: pkg.installed: - name: httpd apache-service: service.running: - name: httpd apache-config: file.managed: - name: /etc/httpd/conf/httpd.conf - source: salt://apache/files/httpd.conf - user: root - group: root - mode: 644 存在指定多个配置文件,还可以使用一下写法:(不适用name作为参数传递时,id就是最上面的参数) /etc/httpd/conf/httpd.conf: file.managed: - source: salt://apache/files/httpd.conf - user: root - group: root - mode: 644 /etc/httpd/conf/php.conf: file.managed: - source: salt://apache/files/php.conf - user: root - group: root - mode: 644
2) LAMP的状态设计与实现部署
设计需求分析
1、设计分析
名称 | 软件包 | 配置文件 | 服务 |
---|---|---|---|
使用模块 | pkg | file | service |
LAMP | httpd、php、mariadb、mariadb-server、php-mysql、php-pdo、php-cli | /etc/httpd/conf/httpd.conf、/etc/php.ini、/etc/my.cnf | httpd、mysqld |
2、Aapche的状态配置
[root@7mini-node1 prod]# pwd /srv/salt/prod [root@7mini-node1 prod]# mkdir apache php mysql [root@7mini-node1 prod]# tree . ├── apache ├── mysql └── php 3 directories, 0 files [root@7mini-node1 prod]# cd apache/ [root@7mini-node1 apache]# vim apache.sls #编写apache的状态模块 apache-install: pkg.installed: - name: httpd apache-config: file.managed: - name: /etc/httpd/conf/httpd.conf - source: salt://apache/files/httpd.conf #salt://代表着环境的根路径,根路径为/srv/salt/prod - user: root - group: root - mode: 644 apache-service: service.running: - name: httpd - enable: True [root@7mini-node1 apache]# mkdir files #创建source目录 [root@7mini-node1 apache]# cd files/ [root@7mini-node1 files]# cp /etc/httpd/conf/httpd.conf . [root@7mini-node1 apache]# tree . ├── apache.sls └── files └── httpd.conf 1 directory, 2 files [root@7mini-node1 apache]# salt '7mini-node1' state.sls apache.apache saltenv=prod #执行正常无报错,为正常
3、php的状态配置
[root@7mini-node1 prod]# cd php [root@7mini-node1 php]# mkdir files [root@7mini-node1 php]# vim init.sls php-install: pkg.installed: - pkgs: - php - php-pdo - php-mysql php-config: file.managed: - name: /etc/php.ini - source: salt://php/files/php.ini - user: root - group: root - mode: 644 [root@7mini-node1 php]# cp /etc/php.ini files/ [root@7mini-node1 php]# tree . ├── files │ └── php.ini └── init.sls 1 directory, 2 files
[root@7mini-node1 apache]# salt '7mini-node1' state.sls php.init saltenv=prod
4、mysql的状态配置
[root@7mini-node1 prod]# cd mysql/ [root@7mini-node1 mysql]# vim init.sls mysql-install: pkg.installed: - pkgs: - mariadb - mariadb-server mysql-config: file.managed: - name: /etc/my.cnf - source: salt://mysql/files/my.cnf - user: root - gourp: root - mode: 644 mysql-service: service.running: - name: mariadb-server - enable: True [root@7mini-node1 mysql]# mkdir files [root@7mini-node1 mysql]# cp /etc/my.cnf files/ [root@7mini-node1 prod]# tree . ├── apache │ ├── files │ │ └── httpd.conf │ └── init.sls ├── mysql │ ├── files │ │ └── my.cnf │ └── init.sls └── php ├── files │ └── php.ini └── init.sls [root@linux-node1 prod]# salt '7mini-node1' state.sls php.init saltenv=prod #执行无报错表示成功
5、写入top file,执行高级状态
[root@7mini-node1 base]# pwd /srv/salt/base [root@7mini-node1 base]# vim top.sls prod: '7mini-node1.example.com': - apache.init - php.init - mysql.init [root@linux-node1 base]# salt '7mini-node1*' state.highstate #执行无报错表示成功
测试7mini-node2是否能执行成功
[root@7mini-node1 ~]# salt '7mini-node2' state.highstate