一、minion信息查询
[root@server3 salt]# salt '*' test.ping
server5:
True
server3:
True
server4:
True
1、查询所有信息
[root@server3 salt]
2、查询指定信息
[root@server3 salt]
server4:
----------
os:
RedHat
[root@server3 salt]
server4:
----------
fqdn:
server4
3、过滤指定信息(G:指定静态)
[root@server3 salt]
server5:
True
[root@server3 salt]
server4:
True
4、根据信息匹配主机
[root@server4 ~]
Stopping httpd: [ OK ]
[root@server5 ~]
nginx is stopped
[root@server3 salt]
/srv/salt
[root@server3 salt]
base:
'server3':
- haproxy.install
'roles:apache':
- match: grain
- httpd.service
'server5':
- nginx.server
[root@server3 salt]
[root@server4 salt]
httpd (pid 2963) is running...
[root@server5 ~]
nginx (pid 1887) is running...
二、静态信息grains定义
1、方法1:
[root@server4 salt]
120 grains:
121 roles:
122 - apache
[root@server4 salt]
Stopping salt-minion:root:server4 daemon: OK
Starting salt-minion:root:server4 daemon: OK
[root@server3 salt]# salt server4 grains.item roles
server4:
----------
roles:
- apache
2、方法2:
[root@server4 salt]
[root@server4 salt]
name: test
[root@server4 salt]
Stopping salt-minion:root:server4 daemon: OK
Starting salt-minion:root:server4 daemon: OK
[root@server3 salt]
server4:
name:
test
3、方法3:
[root@server4 salt]
name: test
state: Running
[root@server3 salt]
server4:
[root@server3 salt]
server4:
----------
state:
Running
4、方法4:
[root@server3 salt]# mkdir _grains
[root@server3 salt]# cd _grains/
[root@server3 _grains]# vim my_grains.py
def my_grains():
grains = {};
grains['Age'] = '20'
return grains
[root@server3 _grains]# salt server4 saltutil.sync_grains
server4:
- grains.my_grains
[root@server3 _grains]# salt server4 grains.item Age
server4:
----------
Age:
20
- minion端同步信息(top.sls信息与master一致)
[root@server4 base]# pwd
/var/cache/salt/minion/files/base
[root@server4 base]# tree .
.
├── _grains
│ └── my_grains.py
├── httpd
│ ├── apache.sls
│ ├── files
│ │ └── httpd.conf
│ ├── install.sls
│ └── service.sls
└── top.sls
三、动态信息 pillar 定义
1、配置文件修改
[root@server3 _grains]
[root@server3 salt]
694 pillar_roots:
695 base:
696 - /srv/pillar
[root@server3 salt]
[root@server3 salt]
Stopping salt-master daemon: [ OK ]
Starting salt-master daemon: [ OK ]
2、建立pillar推送信息
[root@server3 salt]
[root@server3 pillar]
[root@server3 pillar]
{% if grains['fqdn'] == 'server4' %}
webserver: httpd
{% elif grains['fqdn'] == 'server5' %}
webserver: nginx
{% elif grains['fqdn'] == 'server3' %}
webserver: haproxy
{% endif %}
[root@server3 pillar]
base:
'*':
- web.install
3、刷新 piller
[root@server3 pillar]# salt '*' saltutil.refresh_pillar
server3:
True
server5:
True
server4:
True
[root@server3 pillar]# salt '*' pillar.items
server3:
----------
webserver:
haproxy
server5:
----------
webserver:
nginx
server4:
----------
webserver:
httpd
[root@server3 pillar]
server5:
server5
[root@server3 pillar]
server3:
server3
[root@server3 pillar]
server4:
server4
4、查询同一Vlan的活跃主机
[root@server3 pillar]
server4:
True
server5:
True
server3:
True
四、不同主机设定不同参数(jinja模板)
1、配置httpd服务端口
[root@server3 salt]# vim httpd/service.sls
file.managed:
- source: salt://httpd/files/httpd.conf
- mode: 644
- user: root
- group: root
- template: jinja
- contest:
port: 8080
[root@server3 salt]
135
136 Listen {{ port }}
[root@server3 salt]
diff:
+++
@@ -133,7 +133,7 @@
-Listen 80
+Listen 8080
2、定义为动态信息(无需刷新)
[root@server3 salt]
{% if grains['fqdn'] == 'server4' %}
webserver: httpd
port: 80
{% elif grains['fqdn'] == 'server5' %}
webserver: nginx
{% elif grains['fqdn'] == 'server3' %}
webserver: haproxy
{% endif %}
[root@server3 salt]
/etc/httpd/conf/httpd.conf:
file.managed:
- source: salt://httpd/files/httpd.conf
- mode: 644
- user: root
- group: root
- template: jinja
- contest:
port: {{ pillar['port'] }}
[root@server3 salt]
----------
diff:
---
+++
@@ -133,7 +133,7 @@
-Listen 8080
+Listen 80
----------
3、模板导入的格式
[root@server3 salt]
{% set bind = '172.25.120.4' %}
[root@server3 salt]
1 {% from 'lib.sls' import bind with context %}
136
137 Listen {{ bind }}:{{ port }}
[root@server3 salt]
@@ -133,7 +134,7 @@
-Listen 8080
+Listen 172.25.120.4:8080
- 改变监听端口,需要重启(修改脚本,reload-> restart)
[root@server4 ~]
Stopping httpd: [FAILED]
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.120.4 for ServerName
[ OK ]
[root@server4 ~]
tcp 0 0 172.25.120.4:8080 0.0.0.0:* LISTEN 0 14850 3517/httpd
4、grains方法
[root@server3 salt]
1
136
137 Listen {{ bind }}:{{ port }}
[root@server3 salt]
- template: jinja
- contest:
port: {{ pillar['port'] }}
bind: {{ grains['ipv4'][-1] }}
[root@server3 salt]
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
5、pillar、grains取值
[root@server3 salt]
[root@server3 salt]
port: 80
[root@server3 salt]
136
137 Listen {{ grains['fqdn_ip4'][0] }}:{{ pillar['port'] }}
[root@server3 salt]
-Listen 172.25.120.4:8080
+Listen 172.25.120.4:80
6、pillar方法
[root@server3 salt]
- template: jinja
- contest:
port: {{ pillar['port'] }}
bind: {{ pillar['bind'] }}
[root@server3 salt]
{% if grains['fqdn'] == 'server4' %}
webserver: httpd
port: 80
bind: 172.25.120.4
[root@server3 salt]
五、Saltstack一键部署keepalived
[root@server3 keepalived]# salt server3 state.sls keepalived.install
include:
- pkgs.make
keepalived-install:
file.managed:
- name: /opt/keepalived-1.4.3.tar.gz
- source: salt://keepalived/files/keepalived-1.4.3.tar.gz
cmd.run:
- name: cd /opt && tar zxf keepalived-1.4.3.tar.gz && cd keepalived-1.4.3 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make > /dev/null && make install > /dev/null && cd /usr/local/keepalived/etc/rc.d/init.d && chmod +x keepalived && ln -s /usr/local/keepalived/etc/keepalived/ /etc&& ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ && ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ && ln -s /usr/local/keepalived/sbin/keepalived /sbin/
- creates: /usr/local/keepalived
1、准备配置文件(可以先推送业余版)
[root@server3 salt]
[root@server3 salt]
[root@server3 salt]
keepalived keepalived-1.4.3.tar.gz keepalived.conf
2、修改配置文件
[root@server3 salt]
3 global_defs {
4 notification_email {
5 root@localhost
6 }
7 notification_email_from keepalived@localhost
8 smtp_server 127.0.0.1
12
18 state {{ STATE }}
20 virtual_router_id {{ vrid }}
21 priority {{ priority }}
27 virtual_ipaddress {
28 172.25.120.100
29 }
3、编写脚本
[root@server3 salt]# vim keepalived/install.sls
include:
- pkgs.make
keepalived-install:
file.managed:
- name: /opt/keepalived-1.4.3.tar.gz
- source: salt://keepalived/files/keepalived-1.4.3.tar.gz
cmd.run:
- name: cd /opt && tar zxf keepalived-1.4.3.tar.gz && cd keepalived-1.4.3 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make > /dev/null && make install > /dev/null
- creates: /usr/local/keepalived
file.symlink:
- target : /usr/local/keepalived/etc/sysconfig/keepalived
file.symlink:
- target : /usr/local/keepalived/sbin/keepalived
file.directory:
- mode: 755
[root@server3 salt]# vim keepalived/service.sls
include:
- keepalived.install
file.managed:
- source: salt://keepalived/files/keepalived.conf
- template: jinja
- context:
STATE: {{ pillar['state'] }}
vrid: {{ pillar['vrid'] }}
priority: {{ pillar['priority'] }}
keepalived-service:
file.managed:
- name: /etc/init.d/keepalived
- source: salt://keepalived/files/keepalived
- mode: 755
service.running:
- name: keepalived
- reload: True
- watch:
- file: /etc/keepalived/keepalived.conf
4、定义变量
[root@server3 salt]
[root@server3 srv]
[root@server3 pillar]
[root@server3 pillar]
[root@server3 pillar]
{% if grains['fqdn'] == 'server3' %}
state: MASTER
vrid: 120
priority: 100
{% elif grains['fqdn'] == 'server6' %}
state: BACKUP
vrid: 120
priority: 50
{% endif %}
5、修改base
[root@server3 pillar]# vim top.sls
base:
'server4':
- web.install
'server5':
- web.install
'server3':
- keepalived.install
'server6':
- keepalived.install
[root@server3 pillar]# cd ..
[root@server3 srv]# cd salt/
[root@server3 salt]# vim top.sls
base:
'server3':
- haproxy.install
- keepalived.service
'server6':
- haproxy.install
- keepalived.service
'roles:apache':
- match: grain
- httpd.service
'server5':
- nginx.server
6、推送
[root@server3 salt]
[root@server3 salt]
2: eth0:
inet 172.25.120.3/24 brd 172.25.120.255 scope global eth0
inet 172.25.120.100/32 scope global eth0
7、keepalived测试
[root@server3 salt]
server4
[root@server3 salt]
server5
[root@server3 salt]
server4
[root@server3 salt]
server5
[root@server3 salt]
Stopping keepalived: [ OK ]
[root@server3 salt]
server4
[root@server3 salt]
server5
[root@server3 salt]
server4
[root@server3 salt]
server5