1、salt-ssh的使用
官方文档:https://docs.saltstack.com/en/2016.11/topics/ssh/index.html
(1)安装salt-ssh
[root@linux-node1 ~]# yum install -y salt-ssh
(2)配置salt-ssh
[root@linux-node1 ~]# vim /etc/salt/roster
linux-node1:
host: 192.168.56.11
user: root
passwd: 123123
linux-node2:
host: 192.168.56.12
user: root
passwd: 123123
(3)使用ssh远程执行
[root@linux-node1 ~]# salt-ssh '*' -r 'uptime'
linux-node2:
----------
retcode:
0
stderr:
stdout:
root@192.168.56.12's password:
14:07:19 up 14 days, 8:41, 2 users, load average: 0.04, 0.08, 0.07
linux-node1:
----------
retcode:
0
stderr:
stdout:
root@192.168.56.11's password:
14:07:20 up 23 days, 8:13, 2 users, load average: 2.86, 0.81, 0.34
2、配置管理
(1)什么是状态?
States是Saltstack中的配置语言,在日常进行配置管理时需要编写大量的States文件。比如我们需要安装一个包,然后管理一个配置文件,最后保证某个服务正常运行。这里就需要我们编写一些states sls文件(描述状态配置的文件)去描述和实现我们的功能。编写的states sls文件都是YAML语法,states sls文件也支持使用Python语言编写。
所谓的状态就是希望系统运行某些命令之后的结果。描述状态使用YAML格式的文件。SLS:salt state
举例安装apache,如下:
[root@linux-node1 ~]# vim /srv/salt/base/web/apache.sls
apache:
pkg.installed:
- name: httpd
service.running:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
- user: root
- group: root
- mode: 644
解释说明:
apache:id声明,在所有环境(base、prod)下全局唯一
pkg:状态模块
.:引用关系
installed:模块中的方法
::代表层级关系
name:可以理解为参数,后面跟的是参数值
file.managed:文件管理模块,必须要有source指定文件的来源路径
source:文件的来源路径,salt://代表着环境的根路径,这的根路径为:/srv/salt/base/
user、group、mode:分别指定文件的所属者,所属组和权限
以上的文件还可以使用分id的写法:
apache-install:
pkg.installed:
- name: httpd
apache-service:
service.running:
- name: httpd
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
- user: root
- group: root
- mode: 644
存在指定多个配置文件,还可以使用一下写法:(不适用name作为参数传递时,id就是name)
/etc/httpd/conf/httpd.conf:
file.managed:
- source: salt://apache/files/httpd.conf
- user: root
- group: root
- mode: 644
/etc/httpd/conf/php.conf:
file.managed:
- source: salt://apache/files/php.conf
- user: root
- group: root
- mode: 644
(2) LAMP的状态设计与实现部署
1、设计分析
1 名称 软件包 配置文件 服务 2 使用模块 pkg file service 3 LAMP httpd、php、mariadb、mariadb-server、php-mysql、php-pdo、php-cli /etc/httpd/conf/httpd.conf、/etc/php.ini httpd、mysqld
2、Aapche的状态配置
1 [root@linux-node1 prod]# pwd 2 /srv/salt/prod 3 [root@linux-node1 prod]# mkdir apache php mysql 4 [root@linux-node1 prod]# tree 5 . 6 ├── apache 7 ├── mysql 8 └── php 9 10 3 directories, 0 files 11 12 [root@linux-node1 prod]# cd apache/ 13 [root@linux-node1 apache]# vim apache.sls #编写apache的状态模块 14 apache-install: 15 pkg.installed: 16 - name: httpd 17 18 apache-config: 19 file.managed: 20 - name: /etc/httpd/conf/httpd.conf 21 - source: salt://apache/files/httpd.conf #salt://代表着环境的根路径 22 - user: root 23 - group: root 24 - mode: 644 25 26 apache-service: 27 service.running: 28 - name: httpd 29 - enable: True 30 [root@linux-node1 apache]# mkdir files #创建source目录 31 [root@linux-node1 apache]# cd files/ 32 [root@linux-node1 files]# cp /etc/httpd/conf/httpd.conf . 33 [root@linux-node1 apache]# tree 34 . 35 ├── apache.sls 36 └── files 37 └── httpd.conf 38 39 1 directory, 2 files 40 [root@linux-node1 apache]# salt 'linux-node1' state.sls apache.apache saltenv=prod
3、php的状态配置
[root@linux-node1 prod]# cd php
[root@linux-node1 php]# mkdir files
[root@linux-node1 php]# vim init.sls
php-install:
pkg.installed:
- pkgs:
- php
- php-pdo
- php-mysql
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://php/files/php.ini
- user: root
- group: root
- mode: 644
[root@linux-node1 php]# cp /etc/php.ini files/
[root@linux-node1 php]# tree
.
├── files
│ └── php.ini
└── init.sls
1 directory, 2 files
4、mysql的状态配置
[root@linux-node1 prod]# cd mysql/ [root@linux-node1 mysql]# vim init.sls mysql-install: pkg.installed: - pkgs: - mariadb - mariadb-server mysql-config: file.managed: - name: /etc/my.cnf - source: salt://mysql/files/my.cnf - user: root - gourp: root - mode: 644 mysql-service: service.running: - name: mariadb-server - enable: True [root@linux-node1 mysql]# mkdir files [root@linux-node1 mysql]# cp /etc/my.cnf files/ [root@linux-node1 prod]# tree . ├── apache │ ├── files │ │ └── httpd.conf │ └── init.sls ├── mysql │ ├── files │ │ └── my.cnf │ └── init.sls └── php ├── files │ └── php.ini └── init.sls [root@linux-node1 prod]# salt -S '192.168.56.11' state.sls php.init saltenv=prod linux-node1.example.com: ---------- ID: php-install Function: pkg.installed Result: True Comment: The following packages were installed/updated: php-mysql The following packages were already installed: php-pdo, php Started: 10:30:14.780998 Duration: 118711.436 ms Changes: ---------- php-mysql: ---------- new: 5.4.16-43.el7_4 old: ---------- ID: php-config Function: file.managed Name: /etc/php.ini Result: True Comment: File /etc/php.ini is in the correct state Started: 10:32:13.556562 Duration: 51.913 ms Changes: Summary for linux-node1.example.com ------------ Succeeded: 2 (changed=1) Failed: 0 ------------ Total states run: 2 Total run time: 118.763 s
5、写入top file,执行高级状态
[root@linux-node1 base]# pwd
/srv/salt/base
[root@linux-node1 base]# vim top.sls
prod:
'linux-node1.example.com':
- apache.init
- php.init
- mysql.init
[root@linux-node1 base]# salt 'linux-node1*' state.highstate
linux-node1.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 10:39:04.214911
Duration: 762.144 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 10:39:04.979376
Duration: 13.105 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 10:39:04.992962
Duration: 36.109 ms
Changes:
----------
ID: php-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:39:05.029241
Duration: 0.65 ms
Changes:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 10:39:05.029987
Duration: 10.642 ms
Changes:
----------
ID: mysql-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:39:05.040793
Duration: 0.422 ms
Changes:
----------
ID: mysql-config
Function: file.managed
Name: /etc/my.cnf
Result: True
Comment: File /etc/my.cnf is in the correct state
Started: 10:39:05.041301
Duration: 7.869 ms
Changes:
----------
ID: mysql-service
Function: service.running
Name: mariadb
Result: True
Comment: The service mariadb is already running
Started: 10:39:05.049284
Duration: 28.054 ms
Changes:
Summary for linux-node1.example.com
------------
Succeeded: 8
Failed: 0
------------
Total states run: 8
Total run time: 858.995 ms
[root@linux-node1 base]# pwd
/srv/salt/base
[root@linux-node1 base]# vim top.sls
prod:
'linux-node1.example.com':
- apache.init
- php.init
- mysql.init
[root@linux-node1 base]# salt 'linux-node1*' state.highstate
linux-node1.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 10:39:04.214911
Duration: 762.144 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 10:39:04.979376
Duration: 13.105 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 10:39:04.992962
Duration: 36.109 ms
Changes:
----------
ID: php-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:39:05.029241
Duration: 0.65 ms
Changes:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 10:39:05.029987
Duration: 10.642 ms
Changes:
----------
ID: mysql-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:39:05.040793
Duration: 0.422 ms
Changes:
----------
ID: mysql-config
Function: file.managed
Name: /etc/my.cnf
Result: True
Comment: File /etc/my.cnf is in the correct state
Started: 10:39:05.041301
Duration: 7.869 ms
Changes:
----------
ID: mysql-service
Function: service.running
Name: mariadb
Result: True
Comment: The service mariadb is already running
Started: 10:39:05.049284
Duration: 28.054 ms
Changes:
Summary for linux-node1.example.com
------------
Succeeded: 8
Failed: 0
------------
Total states run: 8
Total run time: 858.995 ms