目标需求
1.使用jinja模板让apache配置监听本地ip地址
2.了解grains的基本使用方法
说明:实验环境是在前面的第二篇和第三篇基础上完成
实现步骤
使用grains获取ip地址信息
使用fqdn_ip4获取,获取下来是一个列表元素,在jinja模板里面使用IPADDR: { { grains [ 'fqdn_ip4'][0] }}表示
[root@linux-node1 web]# salt "linux-node2*" grains.item fqdn_ip4 linux-node2.example.com: ---------- fqdn_ip4: - 192.168.56.12
修改lamp.sls文件
红色部分为新添加
[root@linux-node1 web]# pwd /srv/salt/base/web [root@linux-node1 web]# cat lamp.sls lamp-install: pkg.installed: - pkgs: - httpd - php - php-pdo - php-mysql apache-config: file.managed: - name: /etc/httpd/conf/httpd.conf - source: salt://web/files/httpd.conf - user: root - group: root - mode: 644 - template: jinja - defaults: PORT: 8080 #变量PORT和模板文件的PORT变量要对应 IPADDR: { { grains [ 'fqdn_ip4'][0] }} #支持python语法 可以把花括号的内容直接写在模板里面 但是不建议 结构不清晰 #变量很强大 支持cmd.run 返回结果等等 - require: - pkg: lamp-install php-config: file.managed: - name: /etc/php.ini - source: salt://web/files/php.ini - user: root - group: root - mode: 644 lamp-service: service.running: - name: httpd - enable: True - reload: True - watch: - file: apache-config apache-conf: file.recurse: - name: /etc/httpd/conf.d - source: salt://web/files/apache-conf.d apache-auth: pkg.installed: - name: httpd-tools - require_in: - cmd: apache-auth #如果没有这个rpm包下面的cmd.run就不运行,解决依赖关系 cmd.run: - name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin - unless: test -f /etc/httpd/conf/htpasswd_file
执行状态模块
因为在top.sls里面已经编排好了任务可以使用高级方法执行
[root@linux-node1 web]# salt "linux-node2*" grains.item fqdn_ip4 linux-node2.example.com: ---------- fqdn_ip4: - 192.168.56.12 [root@linux-node1 web]# salt "*" state.highstate linux-node2.example.com: ---------- ID: lamp-install Function: pkg.installed Result: True Comment: All specified packages are already installed. Started: 03:14:57.069948 Duration: 702.264 ms Changes: ---------- ID: apache-config Function: file.managed Name: /etc/httpd/conf/httpd.conf Result: True Comment: File /etc/httpd/conf/httpd.conf updated Started: 03:14:57.774499 Duration: 20.62 ms Changes: ---------- diff: --- +++ @@ -41,7 +41,7 @@ # prevent Apache from glomming onto all bound IP addresses. # #Listen 12.34.56.78:80 -Listen 80 +Listen 192.168.56.12:8080 # # Dynamic Shared Object (DSO) Support ---------- ID: php-config Function: file.managed Name: /etc/php.ini Result: True Comment: File /etc/php.ini is in the correct state Started: 03:14:57.795215 Duration: 5.237 ms Changes: ---------- ID: lamp-service Function: service.running Name: httpd Result: True Comment: Service reloaded Started: 03:14:58.015811 Duration: 232.47 ms Changes: ---------- httpd: True ---------- ID: apache-conf Function: file.recurse Name: /etc/httpd/conf.d Result: True Comment: The directory /etc/httpd/conf.d is in the correct state Started: 03:14:58.248535 Duration: 36.039 ms Changes: ---------- ID: apache-auth Function: pkg.installed Name: httpd-tools Result: True Comment: Package httpd-tools is already installed. Started: 03:14:58.284678 Duration: 0.477 ms Changes: ---------- ID: apache-auth Function: cmd.run Name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin Result: True Comment: unless execution succeeded Started: 03:14:58.286230 Duration: 6.097 ms Changes: Summary ------------ Succeeded: 7 (changed=2) Failed: 0 ------------ Total states run: 7
此时在查看node2节点 http监听的ip和端口已改变
[root@linux-node2 ~]# netstat -an |more Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 192.168.56.12:8080 0.0.0.0:* LISTEN
grains相关操作
[root@linux-node1 web]# salt 'linux-node2*' grains.items linux-node2.example.com: ---------- SSDs: biosreleasedate: 07/02/2015 biosversion: 6.00 cpu_flags: - fpu - vme - de - pse - tsc - msr - pae - mce - cx8 - apic - sep - mtrr - pge - mca - cmov - pat - pse36 - clflush - dts - mmx - fxsr - sse - sse2 - ss - ht - syscall - nx - pdpe1gb - rdtscp - lm - constant_tsc - arch_perfmon - pebs - bts - nopl - xtopology - tsc_reliable - nonstop_tsc - aperfmperf - eagerfpu - pni - pclmulqdq - ssse3 - fma - cx16 - pcid - sse4_1 - sse4_2 - x2apic - movbe - popcnt - tsc_deadline_timer - aes - xsave - avx - f16c - rdrand - hypervisor - lahf_lm - abm - 3dnowprefetch - ida - arat - epb - pln - pts - dtherm - hwp - hwp_noitfy - hwp_act_window - hwp_epp - fsgsbase - tsc_adjust - bmi1 - avx2 - smep - bmi2 - invpcid - rdseed - adx - smap - xsaveopt - xsavec - xgetbv1 - xsaves cpu_model: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz cpuarch: x86_64 domain: example.com fqdn: linux-node2.example.com fqdn_ip4: - 192.168.56.12 fqdn_ip6: gpus: |_ ---------- model: SVGA II Adapter vendor: unknown host: linux-node2 hwaddr_interfaces: ---------- eth0: 00:0c:29:6d:87:0c lo: 00:00:00:00:00:00 id: linux-node2.example.com init: systemd ip4_interfaces: ---------- eth0: - 192.168.56.12 lo: - 127.0.0.1 ip6_interfaces: ---------- eth0: - fe80::20c:29ff:fe6d:870c lo: - ::1 ip_interfaces: ---------- eth0: - 192.168.56.12 - fe80::20c:29ff:fe6d:870c lo: - 127.0.0.1 - ::1 ipv4: - 127.0.0.1 - 192.168.56.12 ipv6: - ::1 - fe80::20c:29ff:fe6d:870c kernel: Linux kernelrelease: 3.10.0-327.28.2.el7.x86_64 locale_info: ---------- defaultencoding: UTF-8 defaultlanguage: en_US detectedencoding: UTF-8 localhost: linux-node2 lsb_distrib_id: CentOS Linux machine_id: 14e217a8e7d7475391d62b10129baa2f manufacturer: VMware, Inc. master: 192.168.56.11 mdadm: mem_total: 1823 nodename: linux-node2 num_cpus: 2 num_gpus: 1 os: CentOS os_family: RedHat osarch: x86_64 oscodename: Core osfinger: CentOS Linux-7 osfullname: CentOS Linux osmajorrelease: 7 osrelease: 7.2.1511 osrelease_info: - 7 - 2 - 1511 path: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin productname: VMware Virtual Platform ps: ps -efH pythonexecutable: /usr/bin/python pythonpath: - /usr/bin - /usr/lib64/python27.zip - /usr/lib64/python2.7 - /usr/lib64/python2.7/plat-linux2 - /usr/lib64/python2.7/lib-tk - /usr/lib64/python2.7/lib-old - /usr/lib64/python2.7/lib-dynload - /usr/lib64/python2.7/site-packages - /usr/lib/python2.7/site-packages pythonversion: - 2 - 7 - 5 - final - 0 saltpath: /usr/lib/python2.7/site-packages/salt saltversion: 2015.5.10 saltversioninfo: - 2015 - 5 - 10 - 0 selinux: ---------- enabled: False enforced: Disabled serialnumber: VMware-56 4d b6 6a 53 53 28 0d-ff 3e 60 49 63 6d 87 0c server_id: 693238429 shell: /bin/sh systemd: ---------- features: +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN version: 219 virtual: VMware zmqversion: 3.2.5
[root@linux-node1 web]# salt 'linux-node2*' grains.ls linux-node2.example.com: - SSDs - biosreleasedate - biosversion - cpu_flags - cpu_model - cpuarch - domain - fqdn - fqdn_ip4 - fqdn_ip6 - gpus - host - hwaddr_interfaces - id - init - ip4_interfaces - ip6_interfaces - ip_interfaces - ipv4 - ipv6 - kernel - kernelrelease - locale_info - localhost - lsb_distrib_id - machine_id - manufacturer - master - mdadm - mem_total - nodename - num_cpus - num_gpus - os - os_family - osarch - oscodename - osfinger - osfullname - osmajorrelease - osrelease - osrelease_info - path - productname - ps - pythonexecutable - pythonpath - pythonversion - saltpath - saltversion - saltversioninfo - selinux - serialnumber - server_id - shell - systemd - virtual - zmqversion
获取内存
[root@linux-node1 web]# salt 'linux-node2*' grains.item mem_total linux-node2.example.com: ---------- mem_total: 1823
注意:grains获取的信息是静态的,因为是在minion启动的时候收集上来的,比如热插拔磁盘grains数据默认是不会发生变化
salt使用grains筛选特点的minion执行任务
比如筛选CentOS系统执行uptime命令
[root@linux-node1 web]# salt -G 'os:CentOS' cmd.run "uptime" linux-node2.example.com: 03:55:54 up 22:10, 1 user, load average: 0.00, 0.01, 0.05
grains的使用场景有很多
1.过滤信息用于jinja模板
2.salt筛选指定的minion执行任务
3.可以收集服务器硬件信息然后格式化数据入库,再进行web展示,百度有相关的开源产品(http://echarts.baidu.com/examples.html)
4.做监控数据采集
5.CMDB
....
https://github.com/unixhot/saltbook-code/tree/master