zoukankan      html  css  js  c++  java
  • saltstack常用模块

    介绍一些常用的saltstack模块,更多模块参考官方网站

    1、跟安装包相关的模块:salt.states.pkg

    salt.states.pkg.downloaded(name, version=None, pkgs=None, fromrepo=None, ignore_epoch=None, **kwargs)
    

     

    当同时使用了name,pkgs那么name将会被忽略
     
    salt.states.pkg.installed(name, version=None, refresh=None, fromrepo=None, skip_verify=False, skip_suggestions=False, pkgs=None, sources=None, allow_updates=False, pkg_verify=False, normalize=True, ignore_epoch=False, reinstall=False, update_holds=False, **kwargs)
    

     

    salt.states.pkg.removed(name, version=None, pkgs=None, normalize=True, ignore_epoch=False, **kwargs)
    removed卸载某包

     

    2、远程执行命令的模块

    salt.states.cmd.run(name, onlyif=None, unless=None, creates=None, cwd=None, runas=None, shell=None, env=None, stateful=False, umask=None, output_loglevel='debug', quiet=False, timeout=None, ignore_timeout=False, use_vt=False, **kwargs)
    

       name:The command to execute, remember that the command will execute with the path and permissions of the salt-minion.

      cwd:The current working directory to execute the command in, defaults to /root

      unless:当执行的命令为false时,那么才执行name中的命令

      require:执行name中命令的依赖关系:
      pkg:必须安装了python包
      file:该file文件路径下有这个py文件
    3、文件管理操作方面的模块
    salt.states.file.managed(name, source=None, source_hash='`, source_hash_name=None, user=None, group=None, mode=None, template=None, makedirs=False, dir_mode=None, context=None, replace=True, defaults=None, backup='`, show_changes=True, create=True, contents=None, tmp_ext='`, contents_pillar=None, contents_grains=None, contents_newline=True, contents_delimiter=':', encoding=None, encoding_errors='strict', allow_empty=True, follow_symlinks=True, check_cmd=None, skip_verify=False, win_owner=None, win_perms=None, win_deny_perms=None, win_inheritance=True, **kwargs)
    

     

    file.managed:文件管理,多用于复制,如果没有就创建该文件

    salt.states.file.append(name, text=None, makedirs=False, source=None, source_hash=None, template='jinja', sources=None, source_hashes=None, defaults=None, context=None, ignore_whitespace=True) 
    append-memcache-php:
      file.append:
        - name: /usr/local/php/etc/php.ini
        - text:
          - extension=memcache.so
      cmd.run:
        - name: /etc/init.d/php-fpm restart
    

     file.append:向某文件中添加内容text=内容,name为需要添加的文件

    salt.states.file.directory(name, user=None, group=None, recurse=None, max_depth=None, dir_mode=None, file_mode=None, makedirs=False, clean=False, require=None, exclude_pat=None, follow_symlinks=False, force=False, backupname=None, allow_symlink=True, children_only=False, win_owner=None, win_perms=None, win_deny_perms=None, win_inheritance=True, **kwargs) 
    

     file.directory:创建一个文件目录

    /etc/keepalived:
      file.directory:
        - user: root
        - group: root
        - mode: 755
    

     4、跟系统服务相关:state.service

    salt.states.service.running(name, enable=None, sig=None, init_delay=None, no_block=False, unmask=False, unmask_runtime=False, **kwargs)
    

     service.running:开启系统某服务enable为添加到自启动,name表示该启动的服务名称

      service.running:
        - name: nginx
        - enable: True
        - reload: True
        - require: 
          - file: /etc/init.d/nginx
          - cmd: nginx-init
        - watch:
          - file: /usr/local/nginx/conf/nginx.conf
    

     5、跟系统内核相关的设置:

    salt.states.sysctl.present(name, value, config=None) Ensurethatthenamedsysctlvalueissetinmemoryandpersistedtothenamedconfigurationfile. Thedefault sysctl configuration file is /etc/sysctl.conf name The name of the sysctl value to edit value The sysctl value to apply config Thelocationofthesysctlconfigurationfile. Ifnotspecified,theproperlocationwillbedetectedbased on platform.
    

     sysctl.present:修改系统内核参数

    [root@node1 init]# cat sysctl.sls 
    vm.swappiness:
      sysctl.present:
        - value: 0
    
    net.ipv4.ip_local_port_range:
      sysctl.present:
        - value: 10000 61000
    
    fs.file-max:
      sysctl.present:
        - value: 186981
    

     6、创建用户user和group用到的模块

    www-user-group:
      group.present:
        - name: www
        - gid: 1000
    
      user.present:
        - name: www
        - fullname: www
        - shell: /sbin/nologin
        - uid: 1000
        - gid: 1000
    

     7、状态配置中require、unless详解:

    [root@node1 base]# cat if_unless.sls 
    getshell:
      file.managed:
        - name: /tmp/echo.sh
        - source: salt://init/files/echo.sh
      cmd.run:
        - name: /bin/bash /tmp/echo.sh
        - unless: test -f /tmp/if_unless.sh
        - require:
          - file: /tmp/echo.sh
    

     详解:

    require:require要求下面的file必须事先经过了file.managed进行了设置,才能使用作为依赖条件
    unless:测试tmp下面是否有if_unless.sh这个文件,如果测试成功有那么不会再执行,如果测试命令返回的code不是0那么才会执行
    unless:一行表示,如果该文件存在,就不需要再执行name中的命令了(包如果安装了就需要再安装)
     
    8、使用template: jinja来定义变量
    zabbix-agent-service:
      file.managed:
        - name: /etc/zabbix/zabbix_agentd.conf
        - source: salt://init/files/zabbix_agentd.conf
        - template: jinja
        - defaults:
          Server: {{ pillar['zabbix-agent']['Zabbix_Server'] }}
    

     在该salt://init/files/zabbix_agentd.conf配置文件中将Server={{ Server }}引用上面定义的变量即可

    或者使用grains和pillar使用变量:

    keepalived-service:
      file.managed:
        - name: /etc/keepalived/keepalived.conf
        - source: salt://cluster/files/haproxy-outside-keepalived.conf
        - user: root
        - group: root
        - mode: 644
        - template: jinja
        {% if grains['fqdn'] == 'node1' %}
        - ROUTEID: haproxy_node1
        - STATEID: MASTER
        - PRIORITYID: 150
        {% elif grains['fqdn'] == 'node2' %}
        - ROUTEID: haproxy_node2
        - STATEID: BACKUP
        - PRIORITYID: 100
        {% endif %}
    
  • 相关阅读:
    NFS4.1规范研究:session
    散列冲突与作为特征值的散列
    使用Select的3个注意事项
    3个学习Socket编程的简单例子:TCP Server/Client, Select
    Gdb调试多进程程序
    Usage of pmake
    诡异的bug: tcsh陷入死循环
    【转】PowerDesigner 物理数据模型(PDM) 说明
    大批量文件处理的7条建议
    OLE DB、ODBC 和 Oracle 连接池 (ADO.NET)
  • 原文地址:https://www.cnblogs.com/jsonhc/p/7661607.html
Copyright © 2011-2022 走看看