介绍一些常用的saltstack模块,更多模块参考官方网站
1、跟安装包相关的模块:salt.states.pkg
salt.states.pkg.downloaded(name, version=None, pkgs=None, fromrepo=None, ignore_epoch=None, **kwargs)
当同时使用了name,pkgs那么name将会被忽略
salt.states.pkg.installed(name, version=None, refresh=None, fromrepo=None, skip_verify=False, skip_suggestions=False, pkgs=None, sources=None, allow_updates=False, pkg_verify=False, normalize=True, ignore_epoch=False, reinstall=False, update_holds=False, **kwargs)
salt.states.pkg.removed(name, version=None, pkgs=None, normalize=True, ignore_epoch=False, **kwargs)
removed卸载某包
2、远程执行命令的模块
salt.states.cmd.run(name, onlyif=None, unless=None, creates=None, cwd=None, runas=None, shell=None, env=None, stateful=False, umask=None, output_loglevel='debug', quiet=False, timeout=None, ignore_timeout=False, use_vt=False, **kwargs)
name:The command to execute, remember that the command will execute with the path and permissions of the salt-minion.
cwd:The current working directory to execute the command in, defaults to /root
unless:当执行的命令为false时,那么才执行name中的命令
require:执行name中命令的依赖关系:
pkg:必须安装了python包
file:该file文件路径下有这个py文件
3、文件管理操作方面的模块
salt.states.file.managed(name, source=None, source_hash='`, source_hash_name=None, user=None, group=None, mode=None, template=None, makedirs=False, dir_mode=None, context=None, replace=True, defaults=None, backup='`, show_changes=True, create=True, contents=None, tmp_ext='`, contents_pillar=None, contents_grains=None, contents_newline=True, contents_delimiter=':', encoding=None, encoding_errors='strict', allow_empty=True, follow_symlinks=True, check_cmd=None, skip_verify=False, win_owner=None, win_perms=None, win_deny_perms=None, win_inheritance=True, **kwargs)
file.managed:文件管理,多用于复制,如果没有就创建该文件
salt.states.file.append(name, text=None, makedirs=False, source=None, source_hash=None, template='jinja', sources=None, source_hashes=None, defaults=None, context=None, ignore_whitespace=True)
append-memcache-php:
file.append:
- name: /usr/local/php/etc/php.ini
- text:
- extension=memcache.so
cmd.run:
- name: /etc/init.d/php-fpm restart
file.append:向某文件中添加内容text=内容,name为需要添加的文件
salt.states.file.directory(name, user=None, group=None, recurse=None, max_depth=None, dir_mode=None, file_mode=None, makedirs=False, clean=False, require=None, exclude_pat=None, follow_symlinks=False, force=False, backupname=None, allow_symlink=True, children_only=False, win_owner=None, win_perms=None, win_deny_perms=None, win_inheritance=True, **kwargs)
file.directory:创建一个文件目录
/etc/keepalived:
file.directory:
- user: root
- group: root
- mode: 755
4、跟系统服务相关:state.service
salt.states.service.running(name, enable=None, sig=None, init_delay=None, no_block=False, unmask=False, unmask_runtime=False, **kwargs)
service.running:开启系统某服务enable为添加到自启动,name表示该启动的服务名称
service.running:
- name: nginx
- enable: True
- reload: True
- require:
- file: /etc/init.d/nginx
- cmd: nginx-init
- watch:
- file: /usr/local/nginx/conf/nginx.conf
5、跟系统内核相关的设置:
salt.states.sysctl.present(name, value, config=None) Ensurethatthenamedsysctlvalueissetinmemoryandpersistedtothenamedconfigurationfile. Thedefault sysctl configuration file is /etc/sysctl.conf name The name of the sysctl value to edit value The sysctl value to apply config Thelocationofthesysctlconfigurationfile. Ifnotspecified,theproperlocationwillbedetectedbased on platform.
sysctl.present:修改系统内核参数
[root@node1 init]# cat sysctl.sls
vm.swappiness:
sysctl.present:
- value: 0
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 61000
fs.file-max:
sysctl.present:
- value: 186981
6、创建用户user和group用到的模块
www-user-group:
group.present:
- name: www
- gid: 1000
user.present:
- name: www
- fullname: www
- shell: /sbin/nologin
- uid: 1000
- gid: 1000
7、状态配置中require、unless详解:
[root@node1 base]# cat if_unless.sls
getshell:
file.managed:
- name: /tmp/echo.sh
- source: salt://init/files/echo.sh
cmd.run:
- name: /bin/bash /tmp/echo.sh
- unless: test -f /tmp/if_unless.sh
- require:
- file: /tmp/echo.sh
详解:
require:require要求下面的file必须事先经过了file.managed进行了设置,才能使用作为依赖条件
unless:测试tmp下面是否有if_unless.sh这个文件,如果测试成功有那么不会再执行,如果测试命令返回的code不是0那么才会执行
unless:一行表示,如果该文件存在,就不需要再执行name中的命令了(包如果安装了就需要再安装)
8、使用template: jinja来定义变量
zabbix-agent-service:
file.managed:
- name: /etc/zabbix/zabbix_agentd.conf
- source: salt://init/files/zabbix_agentd.conf
- template: jinja
- defaults:
Server: {{ pillar['zabbix-agent']['Zabbix_Server'] }}
在该salt://init/files/zabbix_agentd.conf配置文件中将Server={{ Server }}引用上面定义的变量即可
或者使用grains和pillar使用变量:
keepalived-service:
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://cluster/files/haproxy-outside-keepalived.conf
- user: root
- group: root
- mode: 644
- template: jinja
{% if grains['fqdn'] == 'node1' %}
- ROUTEID: haproxy_node1
- STATEID: MASTER
- PRIORITYID: 150
{% elif grains['fqdn'] == 'node2' %}
- ROUTEID: haproxy_node2
- STATEID: BACKUP
- PRIORITYID: 100
{% endif %}