zoukankan      html  css  js  c++  java
  • SaltStack的配置管理--jinja (七)

    SaltStack的配置管理--jinja

    需求场景:使用jinja模板,让各节点的httpd都监听在本机的ip

    [root@7mini-node1 apache]# vim files/httpd.conf 
    配置文件修改监听的ip地址和端口以变量的形式
    Listen {{ IPADDR }}:{{ PORT }}
    

     修改apache的sls的文件

    [root@7mini-node1 apache]# vim init.sls 
    apache-install:
      pkg.installed:
        - name: httpd
    
    apache-config:
      file.managed:
        - name: /etc/httpd/conf/httpd.conf
        - source: salt://apache/files/httpd.conf
        - user: root
        - group: root
        - mode: 644
        - template: jinja------------------>声明这个是模板
        - defaults:------------------------>定义默认的参数和值
          PORT: 80------------------------->PORT和IPADDR都为变量
          IPADDR: {{ grains['fqdn_ip4'][0] }}---->通过grains返回数据,此处返回的是一个列表形式,增加[0]指定第一个
    
    apache-auth:
      pkg.installed:
        - name: httpd-tools
      cmd.run:
        - name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
        - unless: test -f /etc/httpd/conf/htpasswd_file
    
    apache-service:
      service.running:
        - name: httpd
        - enable: True
        - reload: True
        - watch:
          - file: apache-config
    

     sls执行结果

    [root@7mini-node1 apache]# salt  "10.0.0.11" state.highstate
    ----------
              ID: apache-config
        Function: file.managed
            Name: /etc/httpd/conf/httpd.conf
          Result: True
         Comment: File /etc/httpd/conf/httpd.conf updated
         Started: 11:14:08.537957
        Duration: 25.518 ms
         Changes:   
                  ----------
                  diff:
                      --- 
                      +++ 
                      @@ -42,7 +42,7 @@
                       # prevent Apache from glomming onto all bound IP addresses.
                       #
                       #Listen 12.34.56.78:80
                      -Listen 80
                      +Listen 10.0.0.11:80---->更改为监听本机ip地址,端口为80
    
                       #
                       # Dynamic Shared Object (DSO) Support
    

    查看端口及总结

    [root@7mini-node1 apache]# netstat -tulnp|grep httpd
    tcp        0      0 10.0.0.11:80        0.0.0.0:*               LISTEN      6837/httpd          
    [root@7mini-node1 apache]# vim /srv/salt/base/top.sls 
    prod:
      '7mini-node1*:
        - lamp
    [root@7mini-node1 apache]# salt '*' state.highstate
    [root@7mini-node2 ~]# netstat -tulnp |grep httpd
    tcp        0      0 10.0.0.12:80        0.0.0.0:*                LISTEN      16447/httpd         
    
    总结:
    1.修改httpd.conf配置
    2.修改sls增加:
    - template: jinja
      - defaults:
        PORT: 80
        IPADDR: {{ grains['fqdn_ip4'][0] }}
    

      

      

  • 相关阅读:
    [CFNews] Ediscovery: 4 scenarios that call for computer forensics
    [CFNews] MacForensicsLab发布MacLockPick 3.0
    [CFNews] Logicube也欲分“山寨机”取证一杯羹
    [CFNews] Tableau 发布全功能只读接口T35689iu
    [转载] Windows 8 TypedURLsTime
    [CFNews] Guidance发布EnCase V7.04.01中文及英文版
    [CFNews] AIS Inc. 发布苹果取证产品MacResponse LE
    [CFNews] Office 20072010、PGP全盘加密快速破解,Passware Kit 11.7发布
    [CFNews] GSI发布EnCase v7.04
    [CFNews] Paraben发布ProjectAPhone新型号ICD8000
  • 原文地址:https://www.cnblogs.com/jimmy-xuli/p/9128991.html
Copyright © 2011-2022 走看看