标签:haproxy cl root sls nginx 组件 SaltStack 04stats salt
SaltStack基础 - 04stats组件
一、states文件
- salt states的核心是sls文件,该文件使用YAML语法定义了一些k/v的数据。
- sls文件存放的根路径在master配置文件中定义file_roots,默认为/srv/salt,如果不存在,需要手动创建。
- 在salt中可以通过salt://代替根路径,例通过salt://top.sls 访问 /srv/salt/top.sls。
- 在states中top文件也由master配置文件定义,默认为top.sls,该文件为states的入口文件。
- salt-master默认会读取file_roots指定配置目录下的top.sls。这个是在master配置文件下的state_top: top.sls决定的。
1.1 定义top.sls及sls文件
### master配置文件中定义了三种环境,每种环境都可以定义多个目录,但是要避免冲突。
[root@cl-server salt]# vi /etc/salt/master
file_roots:
base:
- /application/salt
prod:
- /application/salt/prod
test:
- /application/salt/test
[root@cl-server salt]# cat top.sls
base: ### 第一行,声明使用base环境
'*': ### 第二行,定义target,这里是匹配所有
- apache ### 第三行,声明使用哪些states目录,salt会寻找每个目录下的init.sls文件。
### 简单的sls文件:
[root@cl-server salt]# pwd
/application/salt
[root@cl-server salt]# cat apache/init.sls
apache: # 1
pkg.installed: # 2
- names: # 3
- httpd # 4
service.running: # 5
- require: # 6
- pkg: apache # 7
第一行,被称为ID说明(ID Declaration)。ID说明表明可以操控的名字。
第二行和第五行是State说明(State Declaration),它们分别使用了pkg和service states。pkg state通过系统的包管理其管理关键包,service state管理系统服务(daemon)。
在pkg及service列下边是运行的方法。方法定义包和服务应该怎么做。此处是软件包应该被安装,服务应该处于运行中。
第六行使用require。本方法称为”必须指令”(Requisite Statement),表明只有当apache软件包安装成功时,apache服务才启动起来。
1.2 执行state.highstate
### 上面命令会触发 minion 从master下载top.sls文件以及其中的states,然后编译、执行。执行完之后,minion会将执行结果的摘要信息汇报给master。
[root@cl-server salt]# salt 'cl-node02' state.highstate
[root@cl-server salt]# salt 'cl-node02' state.highstate test=True
cl-node02:
----------
ID: apache
Function: pkg.installed
Name: httpd
Result: None
Comment: The following packages would be installed/updated: httpd
Started: 17:38:09.549432
Duration: 751.19 ms
Changes:
----------
ID: apache
Function: service.running
Result: None
Comment: Service apache not present; if created in this state run, it would have been started
Started: 17:38:10.301490
Duration: 21.253 ms
Changes:
Summary for cl-node02
------------
Succeeded: 2 (unchanged=2)
Failed: 0
------------
Total states run: 2
Total run time: 772.443 ms
二、使用sls部署服务
2.1 执行 base 环境下的stats文件
[root@cl-server salt]# mkdir prod test init [root@cl-server salt]# cd init/ [root@cl-server init]# tree . ├── audit.sls ├── dns.sls ├── env_init.sls ├── files │ └── resolv.conf ├── history.sls └── sysctl.sls 1 directory, 6 files
[root@cl-server init]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- group: root
- mode: 644
[root@cl-server init]# cat history.sls
etc_profile_append_time:
file.append:
- name: /etc/profile
- text:
- export HISTTIMEFORMAT="%F %T `whoami`"
[root@cl-server init]# cat audit.sls
etc_bashrc_log:
file.append:
- name: /etc/bashrc
- text:
- export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
[root@cl-server init]# cat sysctl.sls
vm.swappiness:
sysctl.present:
- value: 0
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 1024 65000
fs.file-max:
sysctl.present:
- value: 100000
[root@cl-server init]# cat env_init.sls
include:
- init.dns
- init.history
- init.sysctl
# - init.audit
### base 对应 /etc/salt/master 中 file_roots 的标签:找到 base 对应的目录位置,然后对指定服务器进行脚本执行 init.env_init
[root@cl-server salt]# cat top.sls
base:
'*':
- init.env_init
[root@cl-server salt]# salt 'cl-node03' state.highstate test=True
[root@cl-server salt]# salt 'cl-node03' state.highstate
2.2 执行prod环境下的state文件
[root@cl-server prod]# tree
.
├── haproxy
│ ├── files
│ │ ├── haproxy-2.4.4.tar.gz
│ │ └── haproxy.init
│ └── install.sls
└── pkg
└── pkg-init.sls
3 directories, 4 files
[root@cl-server salt]# salt 'cl-node03' state.sls haproxy.install saltenv=prod test=True
[root@cl-server haproxy]# cat install.sls
include:
- pkg.pkg-init # 相对目录,相对于/application/salt/prod
haproxy-install:
file.managed: #ID
- source: salt://haproxy/files/haproxy-2.4.4.tar.gz
- name: /usr/local/src/haproxy-2.4.4.tar.gz # name声明,没有ID可以将name声明放在ID处
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar xf haproxy-2.4.4.tar.gz &&
cd haproxy-2.4.4 && make TARGET=linux-glibc PRXFIX=/usr/local/haproxy &&
make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy
- require: # 指定依赖
- pkg: pkg-init # 依赖ID为pkg-init的pkg模块,这个pkg模块必须执行成功才执行本模块
- file: haproxy-install # 依赖ID为haproxy-install的file模块
haproxy-init:
file.managed:
- source: salt://haproxy/files/haproxy.init
- name: /etc/init.d/haproxy
- user: root
- group: root
- mode: 755
- require:
- cmd: haproxy-install
cmd.run:
- name: chkconfig --add haproxy
- unless: chkconfig --list |grep haproxy
- require:
- file: haproxy-init
net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: 1
haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- user: root
- group: root
- mode: 755
[root@cl-server prod]# tree
.
├── cluster
│ ├── files
│ │ └── haproxy-outside.cfg
│ └── haproxy-outside.sls
├── haproxy
│ ├── files
│ │ ├── haproxy-2.4.4.tar.gz
│ │ └── haproxy.init
│ └── install.sls
└── pkg
└── pkg-init.sls
[root@cl-server prod]# cat cluster/haproxy-outside.sls
include:
- haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy-outside.cfg
- user: root
- group: root
- mode: 644
service.running:
- name: haproxy
- enable: True # 是否开机自启动
- reload: True # 是否reload, 不加则配置文件变动,服务restart
- require:
- cmd: haproxy-init
- watch:
- file: haproxy-service # 关注文件,文件变化reload
2.3 在top文件中指定各环境state文件
[root@cl-server salt]# cat top.sls
base:
'*':
- init.env_init
prod:
'cl-node01':
- cluster.haproxy-outside
[root@cl-server salt]# salt '*' state.highstate test=True
三、state文件案例
3.1 安装Httpd
### 安装并启动httpd
[root@cl-server httpd]# cat install.sls
httpd-install:
pkg.installed:
- pkgs:
- httpd
- php
service.running:
- name: httpd
- enable: True
- reload: True
### 推送执行:
[root@cl-server httpd]# salt cl-node01 state.sls httpd.install
### 设置httpd初始化配置文件
[root@cl-server httpd]# cat install.sls
httpd-install:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://httpd/files/httpd.conf
- mode: 644
- user: root
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: httpd-install
3.2 安装Nginx
### 编译安装Nginx
[root@cl-server nginx]# tree
.
├── files
│ ├── nginx
│ ├── nginx-1.18.0.tar.gz
│ ├── nginx.conf
│ └── nginx.service
├── install.sls
├── pkgs
│ └── make.sls
└── service.sls
### 编译安装脚本
[root@cl-server nginx]# cat pkgs/make.sls
make-gss:
pkg.installed:
- pkgs:
- pcre-devel
- openssl-devel
- gcc
[root@cl-server nginx]# cat install.sls
include:
- nginx.pkgs.make
nginx_install:
file.managed:
- name: /root/nginx-1.18.0.tar.gz
- source: salt://nginx/files/nginx-1.18.0.tar.gz
cmd.run:
- name: cd /root/ && tar zxf nginx-1.18.0.tar.gz && cd nginx-1.18.0
&& ./configure --prefix=/application/nginx --with-file-aio --with-threads --with-http_ssl_module --with-http_stub_status_module &> /dev/null
&& make &>/dev/null && make install &>/dev/null
- creates: /application/nginx
### 创建服务用户的脚本
[root@cl-server salt]# cat users/nginx.sls
nginx-group:
group.present:
- name: nginx
- gid: 800
nginx-user:
user.present:
- name: nginx
- uid: 800
- gid: 800
- shell: /sbin/nologin
- createhome: False
- home: /application/nginx
### 服务启动脚本
[root@cl-server nginx]# cat service.sls
include:
- nginx.install
- users.nginx
/application/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
nginx-service:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx
- mode: 755
service.running:
- name: nginx
- reload: True
- watch:
- file: /application/nginx/conf/nginx.conf
### 推送执行
[root@cl-server nginx]# salt cl-node02 state.sls nginx.service
3.3 安装Haproxy
### 安装Haproxy
[root@cl-server haproxy]# cat install.sls
haproxy-install:
pkg.installed:
- pkgs:
- haproxy
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://haproxy/files/haproxy.cfg
service.running:
- name: haproxy
- reload: True
- watch:
- file: haproxy-install
3.4 使用top同时安装三个服务
### 在/application/salt 下创建 top.sls
[root@cl-server salt]# vi top.sls
base:
'cl-node01':
- httpd.install
'cl-node02':
- nginx.service
'cl-server':
- haproxy.install
[root@cl-server salt]# salt '*' state.highstate
标签:haproxy,cl,root,sls,nginx,组件,SaltStack,04stats,salt 来源: https://www.cnblogs.com/kingdomer/p/15544728.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。