1、salt-ssh的使用
官方文档:https://docs.saltstack.com/en/2016.11/topics/ssh/index.html
(1)安装salt-ssh [root@linux-node1 ~]# yum install -y salt-ssh (2)配置salt-ssh [root@linux-node1 ~]# vim /etc/salt/roster linux-node1: host: 192.168.56.11 user: root passwd: 123123 linux-node2: host: 192.168.56.12 user: root passwd: 123123 (3)使用ssh远程执行 [root@linux-node1 ~]# salt-ssh '*' -r 'uptime' linux-node2: ---------- retcode: 0 stderr: stdout: [email protected]'s password: 14:07:19 up 14 days, 8:41, 2 users, load average: 0.04, 0.08, 0.07 linux-node1: ---------- retcode: 0 stderr: stdout: [email protected]'s password: 14:07:20 up 23 days, 8:13, 2 users, load average: 2.86, 0.81, 0.34
2、配置管理
(1)什么是状态?
States是Saltstack中的配置语言,在日常进行配置管理时需要编写大量的States文件。比如我们需要安装一个包,然后管理一个配置文件,最后保证某个服务正常运行。这里就需要我们编写一些states sls文件(描述状态配置的文件)去描述和实现我们的功能。编写的states sls文件都是YAML语法,states sls文件也支持使用Python语言编写。
所谓的状态就是希望系统运行某些命令之后的结果。描述状态使用YAML格式的文件。SLS:salt state
举例安装apache,如下:
[root@linux-node1 ~]# vim /srv/salt/base/web/apache.sls apache: pkg.installed: - name: httpd service.running: - name: httpd file.managed: - name: /etc/httpd/conf/httpd.conf - source: salt://apache/files/httpd.conf - user: root - group: root - mode: 644 解释说明: apache:id声明,在所有环境(base、prod)下全局唯一 pkg:状态模块 .:引用关系 installed:模块中的方法 ::代表层级关系 name:可以理解为参数,后面跟的是参数值 file.managed:文件管理模块,必须要有source指定文件的来源路径 source:文件的来源路径,salt://代表着环境的根路径,这的根路径为:/srv/salt/base/ user、group、mode:分别指定文件的所属者,所属组和权限 以上的文件还可以使用分id的写法: apache-install: pkg.installed: - name: httpd apache-service: service.running: - name: httpd apache-config: file.managed: - name: /etc/httpd/conf/httpd.conf - source: salt://apache/files/httpd.conf - user: root - group: root - mode: 644 存在指定多个配置文件,还可以使用一下写法:(不适用name作为参数传递时,id就是name) /etc/httpd/conf/httpd.conf: file.managed: - source: salt://apache/files/httpd.conf - user: root - group: root - mode: 644 /etc/httpd/conf/php.conf: file.managed: - source: salt://apache/files/php.conf - user: root - group: root - mode: 644
(2) LAMP的状态设计与实现部署
1、设计分析
1 名称 软件包 配置文件 服务 2 使用模块 pkg file service 3 LAMP httpd、php、mariadb、mariadb-server、php-mysql、php-pdo、php-cli /etc/httpd/conf/httpd.conf、/etc/php.ini httpd、mysqld
2、Aapche的状态配置
1 [root@linux-node1 prod]# pwd 2 /srv/salt/prod 3 [root@linux-node1 prod]# mkdir apache php mysql 4 [root@linux-node1 prod]# tree 5 . 6 ├── apache 7 ├── mysql 8 └── php 9 10 3 directories, 0 files 11 12 [root@linux-node1 prod]# cd apache/ 13 [root@linux-node1 apache]# vim apache.sls #编写apache的状态模块 14 apache-install: 15 pkg.installed: 16 - name: httpd 17 18 apache-config: 19 file.managed: 20 - name: /etc/httpd/conf/httpd.conf 21 - source: salt://apache/files/httpd.conf #salt://代表着环境的根路径 22 - user: root 23 - group: root 24 - mode: 644 25 26 apache-service: 27 service.running: 28 - name: httpd 29 - enable: True 30 [root@linux-node1 apache]# mkdir files #创建source目录 31 [root@linux-node1 apache]# cd files/ 32 [root@linux-node1 files]# cp /etc/httpd/conf/httpd.conf . 33 [root@linux-node1 apache]# tree 34 . 35 ├── apache.sls 36 └── files 37 └── httpd.conf 38 39 1 directory, 2 files 40 [root@linux-node1 apache]# salt 'linux-node1' state.sls apache.apache saltenv=prod
3、php的状态配置
[root@linux-node1 prod]# cd php [root@linux-node1 php]# mkdir files [root@linux-node1 php]# vim init.sls php-install: pkg.installed: - pkgs: - php - php-pdo - php-mysql php-config: file.managed: - name: /etc/php.ini - source: salt://php/files/php.ini - user: root - group: root - mode: 644 [root@linux-node1 php]# cp /etc/php.ini files/ [root@linux-node1 php]# tree . ├── files │ └── php.ini └── init.sls 1 directory, 2 files
4、mysql的状态配置
[root@linux-node1 prod]# cd mysql/ [root@linux-node1 mysql]# vim init.sls mysql-install: pkg.installed: - pkgs: - mariadb - mariadb-server mysql-config: file.managed: - name: /etc/my.cnf - source: salt://mysql/files/my.cnf - user: root - gourp: root - mode: 644 mysql-service: service.running: - name: mariadb-server - enable: True [root@linux-node1 mysql]# mkdir files [root@linux-node1 mysql]# cp /etc/my.cnf files/ [root@linux-node1 prod]# tree . ├── apache │ ├── files │ │ └── httpd.conf │ └── init.sls ├── mysql │ ├── files │ │ └── my.cnf │ └── init.sls └── php ├── files │ └── php.ini └── init.sls [root@linux-node1 prod]# salt -S '192.168.56.11' state.sls php.init saltenv=prod linux-node1.example.com: ---------- ID: php-install Function: pkg.installed Result: True Comment: The following packages were installed/updated: php-mysql The following packages were already installed: php-pdo, php Started: 10:30:14.780998 Duration: 118711.436 ms Changes: ---------- php-mysql: ---------- new: 5.4.16-43.el7_4 old: ---------- ID: php-config Function: file.managed Name: /etc/php.ini Result: True Comment: File /etc/php.ini is in the correct state Started: 10:32:13.556562 Duration: 51.913 ms Changes: Summary for linux-node1.example.com ------------ Succeeded: 2 (changed=1) Failed: 0 ------------ Total states run: 2 Total run time: 118.763 s
5、写入top file,执行高级状态
[root@linux-node1 base]# pwd
/srv/salt/base
[root@linux-node1 base]# vim top.sls
prod:
'linux-node1.example.com':
- apache.init
- php.init
- mysql.init
[root@linux-node1 base]# salt 'linux-node1*' state.highstate
linux-node1.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 10:39:04.214911
Duration: 762.144 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 10:39:04.979376
Duration: 13.105 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 10:39:04.992962
Duration: 36.109 ms
Changes:
----------
ID: php-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:39:05.029241
Duration: 0.65 ms
Changes:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 10:39:05.029987
Duration: 10.642 ms
Changes:
----------
ID: mysql-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:39:05.040793
Duration: 0.422 ms
Changes:
----------
ID: mysql-config
Function: file.managed
Name: /etc/my.cnf
Result: True
Comment: File /etc/my.cnf is in the correct state
Started: 10:39:05.041301
Duration: 7.869 ms
Changes:
----------
ID: mysql-service
Function: service.running
Name: mariadb
Result: True
Comment: The service mariadb is already running
Started: 10:39:05.049284
Duration: 28.054 ms
Changes:
Summary for linux-node1.example.com
------------
Succeeded: 8
Failed: 0
------------
Total states run: 8
Total run time: 858.995 ms
[root@linux-node1 base]# pwd /srv/salt/base [root@linux-node1 base]# vim top.sls prod: 'linux-node1.example.com': - apache.init - php.init - mysql.init [root@linux-node1 base]# salt 'linux-node1*' state.highstate linux-node1.example.com: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: All specified packages are already installed Started: 10:39:04.214911 Duration: 762.144 ms Changes: ---------- ID: apache-config Function: file.managed Name: /etc/httpd/conf/httpd.conf Result: True Comment: File /etc/httpd/conf/httpd.conf is in the correct state Started: 10:39:04.979376 Duration: 13.105 ms Changes: ---------- ID: apache-service Function: service.running Name: httpd Result: True Comment: The service httpd is already running Started: 10:39:04.992962 Duration: 36.109 ms Changes: ---------- ID: php-install Function: pkg.installed Result: True Comment: All specified packages are already installed Started: 10:39:05.029241 Duration: 0.65 ms Changes: ---------- ID: php-config Function: file.managed Name: /etc/php.ini Result: True Comment: File /etc/php.ini is in the correct state Started: 10:39:05.029987 Duration: 10.642 ms Changes: ---------- ID: mysql-install Function: pkg.installed Result: True Comment: All specified packages are already installed Started: 10:39:05.040793 Duration: 0.422 ms Changes: ---------- ID: mysql-config Function: file.managed Name: /etc/my.cnf Result: True Comment: File /etc/my.cnf is in the correct state Started: 10:39:05.041301 Duration: 7.869 ms Changes: ---------- ID: mysql-service Function: service.running Name: mariadb Result: True Comment: The service mariadb is already running Started: 10:39:05.049284 Duration: 28.054 ms Changes: Summary for linux-node1.example.com ------------ Succeeded: 8 Failed: 0 ------------ Total states run: 8 Total run time: 858.995 ms