SaltStack的Grains主要是收集了minion的一些配置信息,如CPU、内存、硬盘、网络、操作系统等很少发生变化的静态数据,我们也可以在minion自定义Grains项和相应的值,Grains也可以用来匹配目标minion。SaltStack的state通过预先定制好的sls(salt state file)文件对被控制主机进行状态管理,支持包括程序包(pkg)、文件(file)、网络配置(network)、系统服务(service)、系统用户(user)等。通过sls文件定义好要达到的状态实现批量对minion进行自动化配置。本文的主要内容是对Grains和State的基本使用与测试。
一、Grains测试
1、使用命令salt 'salt-minion01' grains.ls可以列出所有的Grains项
2、使用命令 salt 'salt-minion01' grains.items可以查看所有Grains项的值
[root@salt-master~]# salt 'salt-minion01' grains.itemssalt-minion01: ---------- SSDs: biosreleasedate: 07/02/2015 biosversion: 6.00 cpu_flags: - fpu - vme - de - pse - tsc - msr - pae - mce - cx8 - apic - sep - mtrr - pge - mca - cmov - pat - pse36 - clflush - dts - mmx - fxsr - sse - sse2 - ss - ht - syscall - nx - pdpe1gb - rdtscp - lm - constant_tsc - arch_perfmon - pebs - bts - xtopology - tsc_reliable - nonstop_tsc - aperfmperf - unfair_spinlock - pni - pclmulqdq - ssse3 - fma - cx16 - pcid - sse4_1 - sse4_2 - x2apic - movbe - popcnt - tsc_deadline_timer - aes - xsave - avx - f16c - rdrand - hypervisor - lahf_lm - abm - 3dnowprefetch - ida - arat - epb - xsaveopt - pln - pts - dts - fsgsbase - bmi1 - hle - avx2 - smep - bmi2 - invpcid - rtm cpu_model: Intel(R) Core(TM) i7-6700HQ CPU @2.60GHz cpuarch: x86_64 disks: - ram0 - ram1 - ram2 - ram3 - ram4 - ram5 - ram6 - ram7 - ram8 - ram9 - ram10 - ram11 - ram12 - ram13 - ram14 - ram15 - loop0 - loop1 - loop2 - loop3 - loop4 - loop5 - loop6 - loop7 - sda - sr0 - dm-0 - dm-1 - dm-2 - dm-3 - dm-4 - dm-5 - dm-6 - dm-7 - dm-8 dns: ---------- domain: ip4_nameservers: ip6_nameservers: nameservers: options: search: sortlist: domain: fqdn: salt-minion01 fqdn_ip4: - 192.168.10.121 fqdn_ip6: gid: 0 gpus: |_ ---------- model: SVGA II Adapter vendor: unknown groupname: root host: salt-minion01 hwaddr_interfaces: ---------- eth0: 00:0c:29:49:e9:93 lo: 00:00:00:00:00:00 id: salt-minion01 init: upstart ip4_interfaces: ---------- eth0: - 192.168.10.121 lo: - 127.0.0.1 ip6_interfaces: ---------- eth0: - fe80::20c:29ff:fe49:e993 lo: - ::1 ip_interfaces: ---------- eth0: - 192.168.10.121 - fe80::20c:29ff:fe49:e993 lo: - 127.0.0.1 - ::1 ipv4: - 127.0.0.1 - 192.168.10.121 ipv6: - ::1 - fe80::20c:29ff:fe49:e993 kernel: Linux kernelrelease: 2.6.32-431.el6.x86_64 locale_info: ---------- defaultencoding: UTF-8 defaultlanguage: en_US detectedencoding: UTF-8 localhost: salt-minion01 machine_id: 7a2aeb71ad0121118ab9fcad00000025 manufacturer: VMware, Inc. master: 192.168.10.120 mdadm: mem_total: 980 nodename: salt-minion01 num_cpus: 2 num_gpus: 1 os: RedHat os_family: RedHat osarch: x86_64 oscodename: Santiago osfinger: Red Hat Enterprise Linux Server-6 osfullname: Red Hat Enterprise Linux Server osmajorrelease: 6 osrelease: 6.5 osrelease_info: - 6 - 5 path: /sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin pid: 1820 productname: VMware Virtual Platform ps: ps -efHww pythonexecutable: /usr/bin/python2.7 pythonpath: - /usr/bin - /usr/lib/python27.zip - /usr/lib64/python2.7 - /usr/lib64/python2.7/plat-linux2 - /usr/lib64/python2.7/lib-tk - /usr/lib64/python2.7/lib-old - /usr/lib64/python2.7/lib-dynload - /usr/lib64/python2.7/site-packages - /usr/lib/python2.7/site-packages pythonversion: - 2 - 7 - 14 - final - 0 saltpath: /usr/lib/python2.7/site-packages/salt saltversion: 2017.7.4 saltversioninfo: - 2017 - 7 - 4 - 0 selinux: ---------- enabled: False enforced: Disabled serialnumber: VMware-56 4d b2 aa b6 10 89 96-a1 45 63 bc 92 49 e9 93 server_id: 1399817943 shell: /bin/sh uid: 0 username: root uuid: aab24d56-10b6-9689-a145-63bc9249e993 virtual: VMware zmqversion: 4.0.5[root@salt-master~]#
3、使用salt '*' grains.item os或salt '*' grains.get os都可以单独查看minion的具体grains项的值(如OS),区别是后者可以只显示值
4、下面我们来自定义minions的Grains项和值,将salt-minion01标记为role: webserver和type: apache,将salt-minion02标记为role: dbserver和type: mysql。先在master的文件根目录/srv/salt编辑两个文件,分别是web_grains.conf和db_grains.conf,内容如下:
5、使用cp.get_file将web_grains.conf文件推送到salt-minion01的/etc/salt /minion.d目录,将db_grains.conf文件推送到salt-minion02的/etc/salt/minion.d目录,然后使用saltutil.sync_grains刷新下minion的Grains信息,就完成了Grains项和值的自定义了
二、State测试
1、现在想将salt-minion01配置成Apache服务器,并推送index.html文件到/var/www/html目录,还要启动httpd服务并设置开机启动,这一系列操作我们当然可以写成shell脚本,但用SaltStack的sls文件来定义这些操作则能够更简单地实现,首先确认目标minion没有安装httpd的包,然后在/srv/salt中编写好index.html文件和http.sls文件,如下:
[root@salt-master ~]# cat /srv/salt/http.sls httpd: pkg.installed: - names: - httpd - httpd-develindex-html: file.managed: - name: /var/www/html/index.html - source: salt://index.html - user: root - group: root - mode: 644 - require: - pkg: httpdhttpd-service: service.running: - name: httpd - enable: True - reload: True - require: - pkg: httpd[root@salt-master ~]#
2、执行命令 salt -G 'role: webserver' state.sls http调用/srv/salt/http.sls文件,并匹配上文自定义的Grains为"role: webserver"的目标minion,即salt-minion01,如果匹配的目标是多台minion,那就是批量操作了,执行的结果如下:
3、使用curl测试一下是否能访问,访问正常
4、检查一下http.sls文件所定义的操作,Grains为“role:webserver”的minion是否都执行了,如装httpd和httpd-devel包、推送index.html文件到/var/www/html目录,开机启动httpd服务,经检查,确实都按预期执行了
本文出自江健龙的技术博客jiangjianlong.blog.51cto.com,转载请注明出处。