标签:实战 入门 minion 192.168 nginx test ---------- saltstack salt
1.saltstack安装配置及测试
一.安装部署
1.Master端:
yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest.el7.noarch.rpm
yum clean expire-cache && yum update -y
yum -y install salt-master && yum -y install salt-minion
systemctl start salt-master #启动salt-master
systemctl enable salt-master
2.Minion端:
yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest.el7.noarch.rpm
yum clean expire-cache && yum update -y && yum -y install salt-minion
systemctl start salt-minion
systemctl enable salt-minion
二.初步配置
1.Master端配置:
[root@linux-master1 ~]# vim /etc/salt/master //修改下面几行 (由于这个文件内容默认全部注释的,所以可以直接情清空该文件,然后复制下面内容。但是记住配置的格式不能错!!)
interface: 192.168.1.181 //绑定主控端master的ip,冒号后必须空一格
auto_accept: True //当该项配置成True时表示自动认证,就不需要手动运行salt-key命令进行证书信任
file_roots: //指定saltstack文件根目录位置
base: //前面必须留两个空格
- /srv/salt //前面必须留四个空格
[root@linux-master1 ~]# systemctl restart salt-master
Starting salt-master daemon: [ OK ]
(如果master端也想管控自己,可以配置自己的monion)
2.Minion端配置:
[root@linux-node1 ~]# vim /etc/salt/minion //修改下面几行
master: 192.168.1.181 //指定主控端master的ip地址,冒号后必须空一格(可以是主机名)
id: minion-192-168-1-173 //唯一标识符,可以不配,不配默认就是主机名,修改被控端monion主机识别id,建议使用主机名或ip来设置,冒号后必须空一格
[root@linux-node2 ~]# systemctl start salt-minion
Starting salt-minion daemon: [ OK ]
三.测试初步配置通畅性
1.查看当前的salt key信息
[root@zabbix ~]# salt-key -L
Accepted Keys:
minion-dev12-192.168.1.173
minion-test-xktest001-192.168.1.114
minion-testcat001-192.168.1.48
Denied Keys:
Unaccepted Keys:
Rejected Keys:
2.测试被控主机的连通性
[root@zabbix ~]# salt '*' test.ping
minion-dev12-192.168.1.173:
True
minion-testcat001-192.168.1.48:
True
minion-test-xktest001-192.168.1.114:
True
c)远程命令执行(cmd模块),格式:salt 'client配置的id' 模块.方法 '命令参数' (其中'*'表示所有的client)
[root@linux-master1 ~]# salt '*' cmd.run 'uptime'
[root@zabbix ~]# salt '*' cmd.run 'uptime'
minion-dev12-192.168.1.173:
16:58:52 up 701 days, 2:47, 1 user, load average: 0.27, 0.25, 0.28
minion-testcat001-192.168.1.48:
16:58:52 up 189 days, 1:11, 1 user, load average: 1.58, 1.62, 1.46
minion-test-xktest001-192.168.1.114:
16:58:52 up 159 days, 43 min, 1 user, load average: 0.02, 0.16, 0.29
####.关于修改minion的id后,无法连通问题:
minion配置中有一个id配置,默认是hostname,如果id配置和hostname不一致会导致无法进行通信,那么当hostname做了修改,或者错误的时候该怎么配置呢?
①关闭salt-minion
②salt-key -d id 在master上删除minion的id
③minion上删除pki目录 rm -f /etc/salt/pki/minion/*
④minion上删除minion_id文件 [id: minion-dev12-192.168.1.173]
⑤修改完成,启动minion
#此处必须先停掉minion修改,并删除相应的文件,否则会默认地去查找原先的配置,已踩坑
#以下是刚装完查看minion_id变成了www.test123.com。进行修改成linux-node2.example.com
[root@linux-node2 salt]# cat minion_id
www.test123.com
[root@linux-node2 salt]# systemctl stop salt-minion
[root@linux-node2 salt]# rm -rf pki
[root@linux-node2 salt]# rm -rf minion_id
[root@linux-node2 salt]# systemctl start salt-minion
[root@linux-node2 salt]# cat minion_id
linux-node2.example.com
2.saltstack常见使用模块介绍
四.saltstack 常见使用方式
1.利用Saltstack远程执行命令
saltstack的一个比较突出优势就是具备执行远程命令的功能。操作方法与func相似,可以帮助运维人员完成集中化的操作平台。
命令格式: slat '<操作目标>' <方法> [参数]
salt '*' cmd.run 'df -h'
salt '*' cmd.run 'uptime'
salt '*' cmd.run 'free -m'
salt-cp命令 远程批量传输文件
1): -E
通过正则表达式进行匹配。
示例:查看被控制端minion-test*字符开头的主机id名是否连通。
[root@zabbix ~]# salt -E '^minion-test*' test.ping
minion-testcat001-192.168.1.48:
True
minion-test-xktest001-192.168.1.114:
True
2):-L:--list
以主机id名列表的形式进行过滤,格式与Python的列表相似,即不同主机id名称使用逗号分隔。
示例:获取主机id名为minion-testcat001-192.168.1.48,minion-test-xktest001-192.168.1.114 获取完整操作系统发行版名称。
[root@zabbix ~]# salt -L 'minion-testcat001-192.168.1.48,minion-test-xktest001-192.168.1.114' grains.item osfullname
minion-testcat001-192.168.1.48:
----------
osfullname:
CentOS Linux
minion-test-xktest001-192.168.1.114:
----------
osfullname:
CentOS Linux
3):-G:--grain 【常见重要使用模块】
根据被控主机的grains信息(grains是saltstack重要组件之一,重要作用是收集被控主机的基本系统信息)进行匹配过滤,格式为'<grain value>:<glob expression>'。
3.1):grains常见查询:
[root@zabbix ~]# salt 'minion-test*' grains.ls
minion-testcat001-192.168.1.48:
- SSDs
- biosreleasedate
- biosversion
- cpu_flags
- cpu_model
- cpuarch
- cwd
- disks
- dns
- domain
- fqdn
- fqdn_ip4
- fqdn_ip6
- fqdns
- gid
- gpus
- groupname
- host
- hwaddr_interfaces
- id
- init
- ip4_gw
- ip4_interfaces
- ip6_gw
- ip6_interfaces
- ip_gw
- ip_interfaces
- ipv4
- ipv6
- kernel
- kernelrelease
- kernelversion
- locale_info
- localhost
- lsb_distrib_codename
- lsb_distrib_id
- machine_id
- manufacturer
- master
- mdadm
- mem_total
- nodename
- num_cpus
- num_gpus
- os
- os_family
- osarch
- oscodename
- osfinger
- osfullname
- osmajorrelease
- osrelease
- osrelease_info
- path
- pid
- productname
- ps
- pythonexecutable
- pythonpath
- pythonversion
- saltpath
- saltversion
- saltversioninfo
- selinux
- serialnumber
- server_id
- shell
- swap_total
- systemd
- uid
- username
- uuid
- virtual
- zfs_feature_flags
- zfs_support
- zmqversion
[root@zabbix ~]# salt 'minion-test*' grains.items
minion-testcat001-192.168.1.48:
----------
SSDs:
biosreleasedate:
04/01/2014
biosversion:
rel-1.10.2-0-g5f4c7b1-20181220_000000-szxrtosci10000
cpu_flags:
- fpu
- vme
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- mmx
- fxsr
- sse
- sse2
- ss
- ht
- syscall
- nx
- pdpe1gb
- rdtscp
- lm
- constant_tsc
- rep_good
- nopl
- xtopology
- nonstop_tsc
- eagerfpu
- pni
- pclmulqdq
- ssse3
- fma
- cx16
- pcid
- sse4_1
- sse4_2
- x2apic
- movbe
- popcnt
- tsc_deadline_timer
- aes
- xsave
- avx
- f16c
- rdrand
- hypervisor
- lahf_lm
- abm
- 3dnowprefetch
- invpcid_single
- ssbd
- ibrs
- ibpb
- stibp
- fsgsbase
- tsc_adjust
- bmi1
- hle
- avx2
- smep
- bmi2
- erms
- invpcid
- rtm
- mpx
- avx512f
- avx512dq
- rdseed
- adx
- smap
- clflushopt
- clwb
- avx512cd
- avx512bw
- avx512vl
- xsaveopt
- xsavec
- xgetbv1
- arat
- md_clear
- spec_ctrl
- intel_stibp
- flush_l1d
cpu_model:
Intel(R) Xeon(R) Gold 6161 CPU @ 2.20GHz
cpuarch:
x86_64
cwd:
/
disks:
- vda
dns:
----------
domain:
ip4_nameservers:
- 100.125.17.29
- 100.125.135.29
ip6_nameservers:
nameservers:
- 100.125.17.29
- 100.125.135.29
options:
- single-request-reopen
search:
- openstacklocal
sortlist:
domain:
localdomain
fqdn:
localhost.localdomain
fqdn_ip4:
- 127.0.0.1
fqdn_ip6:
- ::1
fqdns:
gid:
0
gpus:
|_
----------
model:
GD 5446
vendor:
unknown
groupname:
root
host:
localhost
hwaddr_interfaces:
----------
eth0:
fa:16:3e:61:e9:24
lo:
00:00:00:00:00:00
id:
minion-testcat001-192.168.1.48
init:
systemd
ip4_gw:
192.168.1.1
ip4_interfaces:
----------
eth0:
- 192.168.1.48
lo:
- 127.0.0.1
ip6_gw:
False
ip6_interfaces:
----------
eth0:
- fe80::f816:3eff:fe61:e924
lo:
- ::1
ip_gw:
True
ip_interfaces:
----------
eth0:
- 192.168.1.48
- fe80::f816:3eff:fe61:e924
lo:
- 127.0.0.1
- ::1
ipv4:
- 127.0.0.1
- 192.168.1.48
ipv6:
- ::1
- fe80::f816:3eff:fe61:e924
kernel:
Linux
kernelrelease:
3.10.0-1062.12.1.el7.x86_64
kernelversion:
#1 SMP Tue Feb 4 23:02:59 UTC 2020
locale_info:
----------
defaultencoding:
UTF-8
defaultlanguage:
en_US
detectedencoding:
UTF-8
timezone:
unknown
localhost:
cat-test
lsb_distrib_codename:
CentOS Linux 7 (Core)
lsb_distrib_id:
CentOS Linux
machine_id:
ef219b153e8049718c374985be33c24e
manufacturer:
OpenStack Foundation
master:
192.168.1.181
mdadm:
mem_total:
7820
nodename:
cat-test
num_cpus:
4
num_gpus:
1
os:
CentOS
os_family:
RedHat
osarch:
x86_64
oscodename:
CentOS Linux 7 (Core)
osfinger:
CentOS Linux-7
osfullname:
CentOS Linux
osmajorrelease:
7
osrelease:
7.8.2003
osrelease_info:
- 7
- 8
- 2003
path:
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
pid:
13036
productname:
OpenStack Nova
ps:
ps -efHww
pythonexecutable:
/usr/bin/python
pythonpath:
- /usr/bin
- /usr/lib/python2.7/site-packages/setuptools-19.6.2-py2.7.egg
- /usr/lib/python2.7/site-packages/pip-7.1.2-py2.7.egg
- /usr/lib/python2.7/site-packages/cloud_init-0.7.9-py2.7.egg
- /usr/lib64/python27.zip
- /usr/lib64/python2.7
- /usr/lib64/python2.7/plat-linux2
- /usr/lib64/python2.7/lib-tk
- /usr/lib64/python2.7/lib-old
- /usr/lib64/python2.7/lib-dynload
- /usr/lib64/python2.7/site-packages
- /usr/lib/python2.7/site-packages
pythonversion:
- 2
- 7
- 5
- final
- 0
saltpath:
/usr/lib/python2.7/site-packages/salt
saltversion:
3000.5
saltversioninfo:
- 3000
- 5
selinux:
----------
enabled:
False
enforced:
Disabled
serialnumber:
acc3aa91-3bdb-4900-90a8-4d49b7e7c136
server_id:
1515288221
shell:
/bin/sh
swap_total:
7999
systemd:
----------
features:
+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN
version:
219
uid:
0
username:
root
uuid:
bf942ead-97b5-439a-b625-93ffb3cf3bce
virtual:
kvm
zfs_feature_flags:
False
zfs_support:
False
zmqversion:
4.1.4
[root@zabbix ~]# salt 'minion-test*' grains.item os
minion-test-xktest001-192.168.1.114:
----------
os:
CentOS
minion-testcat001-192.168.1.48:
----------
os:
CentOS
3.2):grains 正则匹配
示例:获取主机发行版本为7.2的Python版本号
[root@zabbix ~]# salt -G 'osrelease:7.2.*' cmd.run 'python -V'
minion-dev12-192.168.1.173:
Python 2.7.5
[root@zabbix ~]# salt --grain-pcre 'osrelease:7.*' cmd.run 'python -V'
minion-dev12-192.168.1.173:
Python 2.7.5
minion-testcat001-192.168.1.48:
Python 2.7.5
minion-test-xktest001-192.168.1.114:
Python 2.7.5
3.3):自定义grain
*在minion上进行配置grains ,重启systemctl restart salt-minion
grains:
roles:
- webserver
- memcache
deployment: datacenter4
cabinet: 13
cab_u: 14-15
* 在master上查询是否添加上了自定义的grains
salt 'minion-test-xktest001-192.168.1.114' grains.items
cab_u:
14-15
cabinet:
13
deployment:
datacenter4
roles:
- webserver
- memcache
4):-I:--pillar 【常见重要使用模块】
#使用场景:
a.敏感数据
b.定时执行任务
#根据被控主机的pillar(作用是定义与被控主机相关的任何数据,定义好的数据可以被其他组件使用)信息进行过滤匹配.
格式为'对象名称:对象值',比如过滤所有具备'apache:httpd' pillar值的主机。
示例:探测具有"nginx:root:/data"信息的主机连通性【我测试不通】
[root@linux-master1 ~]# salt -I 'nginx:root:/data' test.ping
minion-dev12-192.168.1.173:
True
minion-test-xktest001-192.168.1.114:
True
其中pillar属性配置文件如下(后面会讲到)
nginx:
root:/data
5):-N:--nodegroup
根据主控端master配置文件中的分组名称进行过滤。
如下配置的组信息(主机信息支持正则表达式、grain、条件运算符等),通常根据业务类型划分,不同业务具备相同的特点,包括部署环境、应用平台、配置文件等。
nodegroups:
dev: 'minion-dev12-192.168.1.173'
test: 'minion-testcat001-192.168.1.48,minion-test-xktest001-192.168.1.114'
#xk-test: ''
#uat: ''
其中:
L@ 表示后面的主机id格式为列表,即主机id以逗号隔开;
G@ 表示以grain格式描述;
S@ 表示以ip子网或地址格式描述
示例:探测web1group(或web2group)被控主机的连通性
[root@zabbix ~]# salt -N dev test.ping
minion-dev12-192.168.1.173:
True
[root@zabbix ~]# salt -N test test.ping
minion-testcat001-192.168.1.48:
True
minion-test-xktest001-192.168.1.114:
True
6):-C:--compound
根据条件运算符not、and、or去匹配不同规则的主机信息。
示例:探测minion-192开头并且操作系统为Centos的主机连通性。
[root@zabbix ~]# salt -C 'E@^minion-dev* and G@os:Centos' test.ping
minion-dev12-192.168.1.173:
True
[root@zabbix ~]# salt -C 'E@^minion-test* and G@os:Centos' test.ping
minion-testcat001-192.168.1.48:
True
minion-test-xktest001-192.168.1.114:
True
其中:
not语句不能作为第一个条件执行,不过可以通过以下方法来规避:
示例:探测非minion-prod开头的主机连通性。
[root@zabbix ~]# salt -C '* and not E@^minion-prod*' test.ping
minion-dev12-192.168.1.173:
True
minion-testcat001-192.168.1.48:
True
minion-test-xktest001-192.168.1.114:
True
7):-S:--ipcidr
根据被控主机的ip地址或ip子网进行匹配。
[root@zabbix ~]# salt -S 192.168.0.0/16 test.ping
minion-dev12-192.168.1.173:
True
minion-testcat001-192.168.1.48:
True
minion-test-xktest001-192.168.1.114:
True
[root@zabbix ~]# salt -S 192.168.1.173 test.ping
minion-dev12-192.168.1.173:
True
[root@zabbix ~]# salt -S 192.168.1.114 test.ping
minion-test-xktest001-192.168.1.114:
True
[root@zabbix ~]# salt -S 192.168.1.48 test.ping
minion-testcat001-192.168.1.48:
True
2.Saltstack常用模块及API
saltstack提供了非常丰富的功能模块,涉及操作系统的基础功能、常用工具支持等,更多模块信息请见:https://docs.saltstack.com/en/latest/ref/modules/all/index.html
当然,也可以通过sys模块列出当前版本支持的所有模块:
[root@zabbix ~]# salt '*' sys.list_modules
minion-dev12-192.168.1.173:
- acl
- aliases
- alternatives
- ansible
- apache
- archive #压缩解压
- artifactory
- beacons
- bigip
- boto_cfn
- boto_cloudwatch
- boto_dynamodb
- boto_ec2
- boto_elasticache
- boto_iam
- boto_secgroup
- boto_sns
- bridge
- btrfs
- buildout
- chroot
- cloud
- cmd
- composer
- config
- consul
- container_resource
- cp
- cron
- cryptdev
- data
- defaults
- devmap
- disk
- django
- dnsmasq
- dnsutil
- drbd
- environ
- etcd
- ethtool
- event
- extfs
- file
- firewalld
- freezer
- gem
- genesis
- git
- glassfish
- gnome
- google_chat
- grafana4
- grains
- group
- hashutil
- highstate_doc
- hosts
- http
- incron
- ini
- inspector
- introspect
- iosconfig
- ip
- ipset
- iptables
- jboss7
- jboss7_cli
- jinja
- k8s
- kernelpkg
- key
- keyboard
- kmod
- locale
- locate
- log
- logrotate
- lowpkg
- mandrill
- match
- mattermost
- mine
- minion
- modjk
- mount
- msteams
- nagios_rpc
- namecheap_domains
- namecheap_domains_dns
- namecheap_domains_ns
- namecheap_ssl
- namecheap_users
- network
- nexus
- nginx
- nova
- npm
- nspawn
- nxos_api
- openscap
- openstack_config
- opsgenie
- out
- pagerduty
- pagerduty_util
- pam
- parallels
- partition
- peeringdb
- pillar
- pip
- pkg
- pkg_resource
- postfix
- ps
- publish
- pushover
- pyenv
- qemu_img
- qemu_nbd
- rabbitmq
- random
- random_org
- rbenv
- redis
- rest_sample_utils
- restartcheck
- ret
- rsync
- rvm
- s3
- s6
- salt_proxy
- salt_version
- saltcheck
- saltutil
- schedule
- scsi
- sdb
- seed
- selinux
- serverdensity_device
- service
- shadow
- slack
- slsutil
- smbios
- smtp
- solrcloud
- sqlite3
- ssh
- state
- status
- statuspage
- supervisord
- svn
- sys
- sysctl
- sysfs
- syslog_ng
- system
- telegram
- telemetry
- temp
- test
- timezone
- tuned
- udev
- uptime
- user
- vault
- vbox_guest
- virtualenv
- vsphere
- webutil
- x509
- xfs
- xml
- zabbix
- zenoss
接下来抽取出常见的模块进行介绍,并列举模块API的用法。
API原理:通过调用master client模块,实例化一个LocalClient对象,再调用cmd()方法来实现的。
如下是API实现test.ping的示例:
import salt.client
client = salt.client.LocalClient()
ret = client.cmd('*','test.ping')
print ret
结果以一个标准的python字典形式的字符串返回码,可以通过eval()函数转换成python的字典类型,方便后续的业务逻辑处理,程序运行结果如下:
{'minion-192-168-1-102': True, 'minion-192-168-1-118': True}
截图如下:
[root@zabbix tmp]# python test002.py
{u'minion-test-xktest001-192.168.1.114': True, u'minion-testcat001-192.168.1.48': True, u'minion-dev12-192.168.1.173': True}
###注意:将字符字典转换成python的字典类型,推荐使用ast模块的literal_eval()方法,可以过滤表达式中的恶意函数。
1).Archive模块
功能:实现系统层面的压缩包调用,支持gunzip、gzip、rar、tar、unrar、unzip等。
示例1:采用tar解压被控制机的/tmp/eureka.tar.gz 包
[root@zabbix ~]# salt 'minion-dev12-192.168.1.173' archive.tar xf /tmp/eureka.tar.gz dest=/tmp
minion-dev12-192.168.1.173:
示例2:采用gzip压缩被控制机的/tmp/test.txt文件
[root@zabbix ~]# salt 'minion-dev*' archive.gzip /tmp/eureka.txt
minion-dev12-192.168.1.173:
实例3:将被控制机的/mnt/test打包到/mnt下的test.tar.gz
[root@linux-node1 ~]# salt '*' archive.tar zcf /mnt/test.tar.gz /mnt/test
##将被控制机的/mnt/nginx-1.9.7.tar.gz包解压,解压默认放到被控制机的当前用户家目录(即/root)路径下(注意:archive.tar后面的参数前不能加-)
##将被控制机的/mnt/heihei.tar.bz2包解压,解压默认放到被控制机的当前用户家目录(即/root)路径下
2)......其他的根据常用模块通过查看帮助文档
有非常详细的使用方法
salt 'minion-testcat001-192.168.1.48' sys.doc
常用的模块:
1.sys.doc
2.test [test.ping]
3.system [system.reboot/system.shutdown/system.poweroff]
4.status [cpuinfo/loadavg/meminfo/netstats/uptime/diskusage/procs]
5.service [status/available/restart/stop/status/disabled/get_all]
6.saltutl [is_running/running/kill_job/]
7.pip [install/uninstall/list/freeze/version]
8.pillar [data,ext,get,item,items,raw]
9.cmd [run/script]
10.file [修改文件的一些权限等]
3.saltstack日志转存储
五.配置通过数据库接收saltstack 回显
1.rsyslog接收salt日志
[root@zabbix ~]# salt '*' test.ping --return syslog 【master执行】
minion-dev12-192.168.1.173:
True
minion-testcat001-192.168.1.48:
True
minion-test-xktest001-192.168.1.114:
True
[root@design-0012 ~]# tail -10000 /var/log/messages|grep "minion" 【minon查看】
Dec 1 14:47:33 localhost salt-minion: {"fun_args": [], "jid": "20201201064732908317", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "minion-dev12-192.168.1.173"}
2.mysql接收salt日志
1):准备mysql,新建salt库,并创建表:
CREATE TABLE `salt_returns` (
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
2):salt-minion端安装yum -y install MySQL-python,并配置/etc/salt/minion ,重启salt-minion
[root@cat-test ~]# cat /etc/salt/minion|grep "mysql"
#return: mysql
mysql.host: '192.168.1.100'
mysql.user: 'salt'
mysql.pass: 'Salt@123456'
mysql.db: 'salt'
mysql.port: 3306
3):测试使用
[root@Master ~]# salt '*' cmd.run 'hostname' --return mysql
minion-dev12-192.168.1.173:
design-0012
minion-testcat001-192.168.1.48:
cat-test
minion-test-xktest001-192.168.1.114:
test-xkcat001
##如果有上千上万台,对mysql的压力是非常大的,生产中我们不建议采用。
3.通过配置master来转存储
1):创建sql:https://www.unixhot.com/docs/saltstack/ref/returners/all/salt.returners.mysql.html
2):配置master节点/etc/salt/master
#return: mysql
master_job_cache: mysql
mysql.host: '119.3.56.222'
mysql.user: 'salt'
mysql.pass: 'Salt@123456'
mysql.db: 'salt'
mysql.port: 13067
3):重启
systemctl restart salt-master
4):验证
salt '*' test.ping
查看数据库
4.通过event编写python脚本来转存储
0):安装mysql,创建数据库及账号并授权,安装python的mysql模块
CREATE TABLE `salt_returns` (
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
###########为了方便看数量,新增自增nid:
CREATE TABLE `salt_returns` (
`nid` int auto_increment primary key not null,
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
yum -y install MySQL-python #执行脚本的时候遇的问题,发现安装的是1.2.5的版本导致不兼容,
# ImportError: this is MySQLdb version (1, 2, 5, 'final', 1), but _mysql is version (1, 4, 6, 'final', 0)n
pip uninstall mysqlclient
pip install mysqlclient==1.4.6
1):监听脚本,master端执行salt '*' cmd.run 'hostname',会打印出一个字典。
import salt.utils.event
event=salt.utils.event.MasterEvent('/var/run/salt/master')
for eachevent in event.iter_events(full=True):
print eachevent
print "------"
2):自定义return
a.master节点安装yum -y install MySQL-python
b.编写returnner
vi salt_event_to_mysql.py
#!/bin/env python
#coding=utf8
import json
import salt.config
import salt.utils.event
import MySQLdb
_opts_=salt.config.client_config('/etc/salt/master')
conn=MySQLdb.connect(host=_opts__['mysql.host'],user=_opts_['mysql.user'],passwd=_opts_['mysql.pass'],db=_opts_[''mysql.db',port=_opts_['mysql.port'])
cursor=conn.cursor()
event=salt.utils.event.MasterEvent(_opts_['sock_dir'])
for eachevent in event.iter_events(full=True):
ret=eachevent['data']
if "salt/job/" in eachevent['tag']:
if ret.has_key('id') and ret.has_key('return'):
if ret['fun'] == "saltutil.find_job":
continue
sql='''inster into `salt_returns`(`fun`,`jid`,`return`,`id`,`success`,`full_ret`) values(%s,%s,%s,%s,%s,%s)'''
cursor.execute(sql,(ret['fun'],ret['jid'],json.dumps(ret['return']),ret['id'],ret['success'],json.dumps[ret]))
cursor.execute("COMMIT")
else:
pass
fi
c.增加master节点配置mysql /etc/salt/master
#event_return: mysql
mysql.host: '119.3.56.222'
mysql.user: 'salt'
mysql.pass: 'Salt@123456'
mysql.db: 'salt'
mysql.port: 13067
d.验证是否写入数据库
[root@zabbix tmp]# python salt_event_to_mysql.py
[root@zabbix ~]# salt '*' cmd.run 'free -m' #不用加--return ,查看mysql数据库发现已经写入!
minion-dev12-192.168.1.173:
total used free shared buff/cache available
Mem: 15886 4043 5330 533 6511 10917
Swap: 8191 4874 3317
minion-test-xktest001-192.168.1.114:
total used free shared buff/cache available
Mem: 7820 553 761 8 6505 7018
Swap: 7999 0 7999
minion-testcat001-192.168.1.48:
total used free shared buff/cache available
Mem: 7820 5538 210 87 2071 1894
Swap: 7999 194 7805
4.saltstack核心sls语法简述
1.Salt 的核心是state
state 状态系统的核心是sls,或者叫做 **S**aLt State 文件。
SLS表示系统将会是什么样的一种状态,而且是以一种很简单的格式来包含这些数据----经常也叫做配置管理。
2.sls是什么,用什么语法编写
SLS文件实际上只是一些:字典 dictionaries 列表 list 字符串 数字
sls文件主要使用的YAML语法来进行编写。
3.sls 编写 yaml 注意事项
salt缩进有2个空格组成,不要使用tabs
字典格式的,键值对以1个空格隔开。
例如 cabinet: 13
列表项,使用一个短横杠+一个空格;多个项使用同样的缩进级别作为同一列表的一部分。
例如:roles:
- webserver
- memcache
参考:
YAML 编写规则:
http://docs.saltstack.cn/topics/yaml/index.html
State 模块列表:
https://docs.saltstack.com/en/latest/ref/states/all/index.html
5.saltstack文件系统及sls模版使用
六.文件系统Demo
1.修改配置文件
vi /etc/salt/master #file_roots
file_roots:
base:
- /srv/salt
dev:
- /srv/salt/dev
systemctl restart salt-master
2.创建目录
mkdir /srv/salt -p
mkdir /srv/salt/dev -p
3.写sls文件
[root@zabbix salt]# cat top.sls
base: #哪个环境
'*': #哪些机器
- hosts #使用哪个sls文件
[root@zabbix salt]# cat hosts.sls
/tmp/hosts: #同步到远程机器的的地址
file.managed:
- source: salt://tmp/hosts #同步源
- user: root
- group: root
- mode: 600
/srv/salt/etc/hosts文件要准备好。
###目录结构如下:
../salt/
├── top.sls
│
├── etc
│ ├── hosts
│ └── script
│ └── test.sh
├── hosts
│ ├── a.sls
│ ├── h.sls
│ └── init.sls
4.如何运行
1): salt '*' state.sls hosts 或者 salt '*' state.highstate
[root@zabbix salt]# salt '*' state.sls hosts #state.sls模块,hosts.sls要在/srv/salt根目录下查找该文件
minion-dev12-192.168.1.173:
----------
ID: /tmp/hosts
Function: file.managed
Result: True
Comment: File /tmp/hosts updated
Started: 18:42:34.344385
Duration: 64.319 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,3 @@
salt-master 192.168.1.1
salt-minion01 192.168.1.2
salt-minion02 192.168.1.3
-salt-minion03 192.168.1.4
Summary for minion-dev12-192.168.1.173
------------
Succeeded: 1 (changed=1)
Failed: 0
[root@zabbix salt]# salt '*' state.highstate
minion-dev12-192.168.1.173:
----------
ID: /tmp/hosts
Function: file.managed
Result: True
Comment: File /tmp/hosts is in the correct state
Started: 18:34:54.551044
Duration: 21.687 ms
Changes:
Summary for minion-dev12-192.168.1.173
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
Total run time: 21.687 ms
2):规范化的管理
mkdir /srv/salt/hosts && mv hosts.sls /srv/salt/hosts
salt '*' state.sls hosts.hosts
#hosts.hosts 表示hosts目录下的hosts.sls文件
[root@zabbix salt]# salt '*' state.sls hosts.hosts
minion-dev12-192.168.1.173:
----------
ID: /tmp/hosts
Function: file.managed
Result: True
Comment: File /tmp/hosts updated
Started: 18:47:11.725849
Duration: 64.385 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
salt-master 192.168.1.1
salt-minion01 192.168.1.2
salt-minion02 192.168.1.3
+aaaaa
Summary for minion-dev12-192.168.1.173
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
Total run time: 64.385 ms
#如果需要安装软件,则改为mv hosts.sls init.sls ,给一个默认的init文件。
salt '*' state.sls hosts
#如果能找到hosts.hosts.sls就执行,如果没有则找init.sls !!!
[root@zabbix salt]# salt '*' state.sls hosts
minion-dev12-192.168.1.173:
----------
ID: /tmp/hosts
Function: file.managed
Result: True
Comment: File /tmp/hosts updated
Started: 18:51:05.357742
Duration: 39.004 ms
Changes:
----------
diff:
---
+++
@@ -2,3 +2,4 @@
salt-minion01 192.168.1.2
salt-minion02 192.168.1.3
aaaaa
+bbbbb
Summary for minion-dev12-192.168.1.173
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
Total run time: 39.004 ms
#vi /srv/salt/h.sls
hostname:
cmd.run
[root@zabbix hosts]# salt '*' state.sls hosts.h
minion-dev12-192.168.1.173:
----------
ID: hostname
Function: cmd.run
Result: True
Comment: Command "hostname" run
Started: 18:54:33.566382
Duration: 8.697 ms
Changes:
----------
pid:
24842
retcode:
0
stderr:
stdout:
design-0012
Summary for minion-dev12-192.168.1.173
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
Total run time: 8.697 ms
6.saltstack proxy代理架构
1.saltstack proxy 架构
Master
| |
proxy proxy ------------------>>>>>>也需要安装salt-master
| | | | | |
m1 m2 m2 m4 m5 m6
proxy上需要安装sync来进行同步master上的目录,一个master则不存在文件同步的问题。
Master的执行日志可以存储到Mysql上。
使用的核心组件为:salt syndic
3个重要参数:
syndic_master: 更高级别master的ip地址
syndic_log_file: syndic日志文件的路径(绝对路径或相对路径均可)
order_masters: True 【官方文档没有介绍,如果不加该参数则不进行转发】
1):proxy节点安装
安装yum install -y salt-master
安装yum install -y salt-syndic
vi /etc/salt/master
syndic_master: 192.168.1.181 #添加salt-master节点地址
syndic_log_file: /var/log/salt/syndic
order_masters: True
重启salt-master 和 salt-syndic
2):配置minion到proxy节点
vi /etc/salt/minion
master: 192.168.1.150
or
master: 192.168.1.219
3):清理salt-key认证,从master-->proxy--->minion
master:
cd /etc/salt/master
salt-key -D -y && rm -rf pki
systemctl restart salt-master
proxy:
cd /etc/salt/
salt-key -D -y && rm -rf pki
systemctl restart salt-master && systemctl restart salt-syndic
#如果proxy有2台则进行同样操作
minion:
cd /etc/salt
rm -rf pki
#最后从master节点开始接受key
master: salt-key -A -y
proxy: salt-key -A -y
#验证:
proxy:
[root@tools-skywalking-test001 salt]# salt '*' test.ping
minion-test-xktest001-192.168.1.114:
True
[root@sonarqube-jenkins02 salt]# salt '*' test.ping
minion-testcat001-192.168.1.48:
True
确认从proxy--->minion通畅
master:
[root@zabbix salt]# salt '*' test.ping
minion-test-xktest001-192.168.1.114:
True
minion-testcat001-192.168.1.48:
True
确认master--->proxy【因为proxy没有安装minion所有不会显示】---->minion通畅
2.saltstack 双主 架构
Master1 Master2
| |
m1 m2 m3 m1 m2 m3
双主是在minion上配置2个master:
vi /etc/salt/minion
master:
- m1
- m2
前提是保证minion持续运行能跟2个master持续保持连接。
7.saltstack 生产实践注意事项
1.不建议用salt 的file模块进行:目录管理,代码部署等。
建议用 "命令编排的状态管理":
压缩包,file.managed
cmd.run 执行部署
2.不建议使用salt 管理项目的配置文件。
建议用:分层管理,salt只管理服务的配置 例如Nginx Apache Tomcat
3.如果你有固定的文件服务器
可以使用source: salt:// http:// ftp://
4.SLS 版本化
1.在git上创建项目
2.找一个测试环境,编写sls进行测试,提交到仓库
3.生产环境git pull代码,测试完毕后,再全部执行
可以知道提交变更了什么配置或者文件.
5.使用Master job Cache保存Job的输出Mysql存储
cd /var/cache/salt/jobs
vi /etc/salt/master #keep_jobs: 24 默认保留24小时
生产的话,最好保留输出到Mysql中保存。
6.saltstack 二次开发
1):Master Job cache 将所有的job出输出保存在Mysql
2):如果做管理平台,可以将User id 和Jid做关联
3):使用List 做目标选择
8.saltstack 安装部署实战
1.练习:安装apache 并启动服务?
1):
[root@zabbix base]# cat apache.sls
apache-install:
pkg.installed:
- name: httpd
apache-service:
service.running:
- name: httpd
- enable: True
[root@zabbix base]# salt 'minion-test-xktest001-192.168.1.114' state.sls apache
minion-test-xktest001-192.168.1.114:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 11:11:06.062511
Duration: 1255.692 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 11:11:07.319372
Duration: 221.627 ms
Changes:
----------
httpd:
True
Summary for minion-test-xktest001-192.168.1.114
------------
Succeeded: 2 (changed=1)
Failed: 0
------------
Total states run: 2
Total run time: 1.477 s
注意:如果想把apache.sls放在目录里分类放,可以在base中mkdir apache或者mkdir web
[root@zabbix base]# mv apache.sls apache
[root@zabbix base]# salt 'minion-testcat001-192.168.1.48' state.sls web.apache
2):创建top.sls来执行apache.sls的高级状态
cd /sr/salt/base
vi top.sls
[root@zabbix base]# cat top.sls
base:
'minion-test-xktest001-192.168.1.114':
- web.apache
'minion-testcat001-192.168.1.48':
- web.apache
目录结构如下:执行: salt '*' state.highstate
├── top.sls
└── web
└── apache.sls
2.练习:
使用sls安装nxing,并管理Nginx的配置文件,当Nginx配置文件被修改的时,自动更新配置文件,并重启Nginx?
1.创建sls文件并准备nginx配置文件
mkdir /srv/salt/nginx
vi init.sls
-------------------------------SLS文件--------------------------------------------------
nginx:
pkg:
- installed
service:
- running
- enable: True
- reload: True
-watch: #监控下面2个文件有变化重启
- pkg: nginx
- file: /etc/nginx/nginx.conf
- file: /etc/nginx/conf.d/default.conf
/etc/nginx/nginx.conf:
file.managed:
- source: salt://etc/nginx/nginx.conf
- user: root
- group: root
- mode: 644
/etc/nginx/conf.d/default.conf:
file.managed:
- source: salt://etc/nginx/conf.d/default.conf
- user: root
- group: root
- mode: 644
-----------------------------------------------------------------------------------------
cp /etc/nginx/nginx.conf /srv/salt/etc/nginx/
cp /etc/nginx/conf.d/default.conf.rpmsave /srv/salt/etc/nginx/conf.d/default.conf
2.执行salt 安装
cd /srv/salt/nginx
[root@zabbix nginx]# salt 'minion-test*' state.sls nginx
minion-testcat001-192.168.1.48:
----------
ID: nginx
Function: pkg.installed
Result: True
Comment: The following packages were installed/updated: nginx
Started: 15:57:16.394723
Duration: 30605.935 ms
Changes:
----------
centos-indexhtml:
----------
new:
7-9.el7.centos
old:
dejavu-fonts-common:
----------
new:
2.33-6.el7
old:
dejavu-sans-fonts:
----------
new:
2.33-6.el7
old:
fontconfig:
----------
new:
2.13.0-4.3.el7
old:
fontpackages-filesystem:
----------
new:
1.44-8.el7
old:
gd:
----------
new:
2.0.35-26.el7
old:
gperftools-libs:
----------
new:
2.6.1-1.el7
old:
libX11:
----------
new:
1.6.7-3.el7_9
old:
libX11-common:
----------
new:
1.6.7-3.el7_9
old:
libXau:
----------
new:
1.0.8-2.1.el7
old:
libXpm:
----------
new:
3.5.12-1.el7
old:
libjpeg-turbo:
----------
new:
1.2.90-8.el7
old:
libxcb:
----------
new:
1.13-1.el7
old:
libxslt:
----------
new:
1.1.28-6.el7
old:
nginx:
----------
new:
1:1.16.1-3.el7
old:
nginx-all-modules:
----------
new:
1:1.16.1-3.el7
old:
nginx-filesystem:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-http-image-filter:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-http-perl:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-http-xslt-filter:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-mail:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-stream:
----------
new:
1:1.16.1-3.el7
old:
openssl11-libs:
----------
new:
1:1.1.1g-1.el7
old:
----------
ID: /etc/nginx/nginx.conf
Function: file.managed
Result: True
Comment: File /etc/nginx/nginx.conf is in the correct state
Started: 15:57:47.020842
Duration: 57.542 ms
Changes:
----------
ID: /etc/nginx/conf.d/default.conf
Function: file.managed
Result: True
Comment: File /etc/nginx/conf.d/default.conf updated
Started: 15:57:47.078554
Duration: 21.527 ms
Changes:
----------
diff:
New file
mode:
0644
----------
ID: nginx
Function: service.running
Result: True
Comment: Service nginx has been enabled, and is running
Started: 15:57:47.100388
Duration: 265.845 ms
Changes:
----------
nginx:
True
Summary for minion-testcat001-192.168.1.48
------------
Succeeded: 4 (changed=3)
Failed: 0
------------
Total states run: 4
Total run time: 30.951 s
minion-test-xktest001-192.168.1.114:
----------
ID: nginx
Function: pkg.installed
Result: True
Comment: The following packages were installed/updated: nginx
Started: 15:57:14.591576
Duration: 113224.327 ms
Changes:
----------
centos-indexhtml:
----------
new:
7-9.el7.centos
old:
dejavu-fonts-common:
----------
new:
2.33-6.el7
old:
dejavu-sans-fonts:
----------
new:
2.33-6.el7
old:
fontconfig:
----------
new:
2.13.0-4.3.el7
old:
fontpackages-filesystem:
----------
new:
1.44-8.el7
old:
gd:
----------
new:
2.0.35-26.el7
old:
gperftools-libs:
----------
new:
2.6.1-1.el7
old:
libX11:
----------
new:
1.6.7-3.el7_9
old:
libX11-common:
----------
new:
1.6.7-3.el7_9
old:
libXau:
----------
new:
1.0.8-2.1.el7
old:
libXpm:
----------
new:
3.5.12-1.el7
old:
libjpeg-turbo:
----------
new:
1.2.90-8.el7
old:
libxcb:
----------
new:
1.13-1.el7
old:
libxslt:
----------
new:
1.1.28-6.el7
old:
nginx:
----------
new:
1:1.16.1-3.el7
old:
nginx-all-modules:
----------
new:
1:1.16.1-3.el7
old:
nginx-filesystem:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-http-image-filter:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-http-perl:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-http-xslt-filter:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-mail:
----------
new:
1:1.16.1-3.el7
old:
nginx-mod-stream:
----------
new:
1:1.16.1-3.el7
old:
openssl11-libs:
----------
new:
1:1.1.1g-1.el7
old:
----------
ID: /etc/nginx/nginx.conf
Function: file.managed
Result: True
Comment: File /etc/nginx/nginx.conf is in the correct state
Started: 15:59:07.833296
Duration: 37.33 ms
Changes:
----------
ID: /etc/nginx/conf.d/default.conf
Function: file.managed
Result: True
Comment: File /etc/nginx/conf.d/default.conf updated
Started: 15:59:07.870829
Duration: 19.161 ms
Changes:
----------
diff:
New file
mode:
0644
----------
ID: nginx
Function: service.running
Result: True
Comment: Service nginx has been enabled, and is running
Started: 15:59:07.890284
Duration: 313.406 ms
Changes:
----------
nginx:
True
Summary for minion-test-xktest001-192.168.1.114
------------
Succeeded: 4 (changed=3)
Failed: 0
------------
Total states run: 4
Total run time: 113.594 s
3.检测是否安装nginx包
[root@zabbix nginx]# salt 'minion-test*' cmd.run 'rpm -qa|grep nginx'
minion-testcat001-192.168.1.48:
nginx-mod-mail-1.16.1-3.el7.x86_64
nginx-1.16.1-3.el7.x86_64
nginx-filesystem-1.16.1-3.el7.noarch
nginx-mod-http-perl-1.16.1-3.el7.x86_64
nginx-mod-stream-1.16.1-3.el7.x86_64
nginx-mod-http-image-filter-1.16.1-3.el7.x86_64
nginx-mod-http-xslt-filter-1.16.1-3.el7.x86_64
nginx-all-modules-1.16.1-3.el7.noarch
minion-test-xktest001-192.168.1.114:
nginx-mod-stream-1.16.1-3.el7.x86_64
nginx-mod-mail-1.16.1-3.el7.x86_64
nginx-mod-http-xslt-filter-1.16.1-3.el7.x86_64
nginx-1.16.1-3.el7.x86_64
nginx-all-modules-1.16.1-3.el7.noarch
nginx-filesystem-1.16.1-3.el7.noarch
nginx-mod-http-perl-1.16.1-3.el7.x86_64
nginx-mod-http-image-filter-1.16.1-3.el7.x86_64
4.修改配置文件,让Minion端更新重启【定时更新重启】
1):master:
cd /srv/salt/etc/nginx/conf.d
vi default.conf
listen 8080 #8091改为8080
2):minion端执行命令,更新master端修改后的配置,并重启nginx,去master查找nginx.sls文件,如果没有则执行init.sls文件:
[root@test-xkcat001 ~]# salt-call state.sls nginx
local:
----------
ID: nginx
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:16:01.410080
Duration: 1256.837 ms
Changes:
----------
ID: /etc/nginx/nginx.conf
Function: file.managed
Result: True
Comment: File /etc/nginx/nginx.conf is in the correct state
Started: 10:16:02.670970
Duration: 29.205 ms
Changes:
----------
ID: /etc/nginx/conf.d/default.conf
Function: file.managed
Result: True
Comment: File /etc/nginx/conf.d/default.conf updated
Started: 10:16:02.700376
Duration: 26.272 ms
Changes:
----------
diff:
---
+++
@@ -4,7 +4,7 @@
server {
- listen 8091;
+ listen 8080;
server_name disconf.com;
#charset koi8-r;
----------
ID: nginx
Function: service.running
Result: True
Comment: Service reloaded
Started: 10:16:02.835062
Duration: 80.04 ms
Changes:
----------
nginx:
True
Summary for local
------------
Succeeded: 4 (changed=2)
Failed: 0
------------
Total states run: 4
Total run time: 1.392 s
3):如果想要定时更新
a.将salt-call state.sls nginx 写入crontab中定时执行。
b.pillar的schedule
schedule:
highstate:
function:state.highstate
minutes:1
salt '*' saltutil.refresh_pillar
官方文档:http://docs.saltstack.cn/topics/jobs/index.html
官方示例1:
schedule:
log-loadavg:
function: cmd.run #函数运行一个命令
seconds: 3660
args: #传参数
- 'logger -t salt < /proc/loadavg'
kwargs: #传字典
stateful: False
shell: /bin/sh
#要是用pillar需要释放该模块vi /etc/salt/master 找到pillar_roots
mkdir /srv/pillar
#pillar模块必须添加top.sls
vi top.sls
---------------------------
base: #匹配环境
'*': #匹配主机范围
- nginx #执行nginx这个动作,是pillar下nginx目录
-----------------------------
也可以,这种匹配方式有点问题:
base:
test: #匹配master文件中nodegroups的test分组
- match: nodegroups
- nginx
-------------------------------
创建nginx.sls或者init.sls文件
mkdir /srv/pillar/nginx
vi init.sls
schedule:
nginx:
function: state.sls
minutes: 1
args:
- 'nginx'
#因为我们在/srv/pillar/nginx/init.sls ,所以直接写nginx会默认找init.sls文件,如果没有init.sls则需要写nginx.nginx来找nginx.sls文件。
[root@zabbix pillar]# salt '*' pillar.data
minion-testcat001-192.168.1.48:
----------
schedule:
----------
nginx:
----------
args:
- nginx
function:
state.sls
minutes:
1
minion-test-xktest001-192.168.1.114:
----------
schedule:
----------
nginx:
----------
args:
- nginx
function:
state.sls
minutes:
1
#如果没有执行,则执行刷新操作!
[root@zabbix nginx]# salt '*' saltutil.refresh_pillar
minion-dev12-192.168.1.173:
True
minion-testcat001-192.168.1.48:
True
minion-test-xktest001-192.168.1.114:
True
#再次验证:修改master:vi /srv/salt/etc/nginx/conf.d/default.conf 中端口号8080-->>>>8091
[root@cat-test ~]# netstat -tunpl|grep 8080
[root@cat-test ~]# netstat -tunpl|grep 8080
[root@cat-test ~]# netstat -tunpl|grep 8081
[root@cat-test ~]# netstat -tunpl|grep 8091
tcp 0 0 0.0.0.0:8091 0.0.0.0:* LISTEN 23899/nginx: master
右上图看出,8080端口号消失了,出现了8091端口的nginx进程。
3.安装LAMP(Apache,Mysql,PHP)环境?
上述安装后,LAMP您会了麽,动手做一做。
标签:实战,入门,minion,192.168,nginx,test,----------,saltstack,salt 来源: https://blog.csdn.net/meijinmeng/article/details/116721687
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。