SaltStack的配置管理--jinja
需求场景:使用jinja模板,让各节点的httpd都监听在本机的ip
[root@7mini-node1 apache]# vim files/httpd.conf
配置文件修改监听的ip地址和端口以变量的形式
Listen {{ IPADDR }}:{{ PORT }}
修改apache的sls的文件
[root@7mini-node1 apache]# vim init.sls
apache-install:
pkg.installed:
- name: httpd apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
- user: root
- group: root
- mode: 644
- template: jinja------------------>声明这个是模板
- defaults:------------------------>定义默认的参数和值
PORT: 80------------------------->PORT和IPADDR都为变量
IPADDR: {{ grains['fqdn_ip4'][0] }}---->通过grains返回数据,此处返回的是一个列表形式,增加[0]指定第一个 apache-auth:
pkg.installed:
- name: httpd-tools
cmd.run:
- name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- unless: test -f /etc/httpd/conf/htpasswd_file apache-service:
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: apache-config
sls执行结果
[root@7mini-node1 apache]# salt "10.0.0.11" state.highstate
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 11:14:08.537957
Duration: 25.518 ms
Changes:
----------
diff:
---
+++
@@ -42,7 +42,7 @@
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
-Listen 80
+Listen 10.0.0.11:80---->更改为监听本机ip地址,端口为80 #
# Dynamic Shared Object (DSO) Support
查看端口及总结
[root@7mini-node1 apache]# netstat -tulnp|grep httpd
tcp 0 0 10.0.0.11:80 0.0.0.0:* LISTEN 6837/httpd
[root@7mini-node1 apache]# vim /srv/salt/base/top.sls
prod:
'7mini-node1*:
- lamp
[root@7mini-node1 apache]# salt '*' state.highstate
[root@7mini-node2 ~]# netstat -tulnp |grep httpd
tcp 0 0 10.0.0.12:80 0.0.0.0:* LISTEN 16447/httpd 总结:
1.修改httpd.conf配置
2.修改sls增加:
- template: jinja
- defaults:
PORT: 80
IPADDR: {{ grains['fqdn_ip4'][0] }}