#Elaine:master;Dylan:minion
#利用salt给minion安装包
[root@elaine states]# vim /etc/salt/master
1 default_include: master.d/*.conf 2 3 interface: 0.0.0.0 4 5 ''' 6 state_top: top.sls 7 ''' 8 file_roots: 9 base: 10 - /etc/salt/states 11 prod: 12 - /etc/salt/states/prod 13 '''
[root@elaine states]# vim /etc/salt/states/top.sls
1 base: 2 'dylan': 3 - init.pkg #使用init目录下pkg文件 4 5 pkg.init: #自定义名字 6 pkg.installed: #执行pkg.installed模块 7 - names: #要安装的包名 8 - lrzsz 9 - mtr 10 - nmap
[root@elaine init]# salt '*' state.sls init.pkg
dylan: ---------- ID: pkg.init Function: pkg.installed Result: True Comment: All specified packages are already installed Started: 14:21:07.973412 Duration: 4582.543 ms Changes: Summary for dylan ------------ Succeeded: 1 Failed: 0 ------------ Total states run: 1 Total run time: 4.583 s
#利用salt同步minion端的配置文件
[root@elaine init]# vim /etc/salt/states/init/limit.sls
1 /etc/security/limits.conf: #要同步的目标文件名 2 file.managed: 3 - source: salt://init/files/limits.conf 4 - user: root 5 - group: root 6 - mode: 644 7 #或 8 limit-config: #id名 9 file.managed: 10 - name: /etc/security/limits.conf #要同步的目标文件名 11 - source: salt://init/files/limits.conf 12 - user: root 13 - group: root 14 - mode: 644
[root@elaine init]# cp /etc/security/limits.conf /etc/salt/states/init/files/
[root@elaine states]# vim /etc/salt/states/top.sls
1 base: 2 'dylan': 3 - init.pkg 4 - init.limit
#将输出结果return到mysql
master端安装MySQL-python包,由master端直接写入mysql,不需要加--return mysql
#使用grains定义目标
[root@dylan ~]# vim /etc/salt/grains
test: salt_test
[root@elaine ~]# salt '*' saltutil.sync_grains #刷新
dylan:
[root@elaine /]# salt '*' grains.item test
dylan: ---------- test: salt_test
[root@elaine ~]# salt -G 'test:salt_test' test.ping
dylan:
True
#grains在top.sls状态文件里
[root@elaine /]# vim /etc/salt/states/top.sls
1 base: 2 'dylan': 3 - init.pkg 4 'os:CentOS': 5 - match: grain 6 - init.limit
#使用pillar定义目标
[root@elaine /]# mkdir -p /etc/salt/pillar/init
[root@elaine init]# vim /etc/salt/master
1 pillar_roots: 2 base: 3 - /etc/salt/pillar
[root@elaine /]# vim /etc/salt/pillar/top.sls
1 base: 2 '*': #定义要添加pillar的目标主机 3 - init.rsyslog #定义要添加pillar的方法文件/etc/salt/pillar/init
[root@elaine /]# vim /etc/salt/pillar/init/rsyslog.sls
1 {% if grains['osfinger'] == 'CentOS Linux-7' %} 2 syslog: rsyslog 3 {% elif grains['osfinger'] == 'CentOS-5' %} 4 syslog: syslog 5 {% endif %}
[root@elaine init]# systemctl restart salt-master
[root@elaine init]# salt '*' saltutil.refresh_pillar
dylan:
True
[root@elaine init]# salt '*' pillar.item syslog
dylan: ---------- syslog: rsyslog
[root@elaine init]#
[root@elaine init]# salt -I 'syslog:rsyslog' test.ping
dylan:
True
#安装配置启动zabbix-agent
[root@elaine init]# grep 'Server=' /etc/salt/states/init/files/zabbix_agentd.conf
# Server=
Server={{Zabbix_Server}}#将配置文件里要修改的参数加上变量为Zabbix_Server,该配置文件变为模板文件
[root@elaine init]# vim /etc/salt/states/init/zabbix_agent.sls
1 zabbix_agent: 2 pkg.installed: #安装zabbix-agent 3 - name: zabbix-agent.x86_64 4 5 file.managed: #配置zabbix-agent 6 - name: /etc/zabbix/zabbix_agentd.conf 7 - source: salt://init/files/zabbix_agentd.conf 8 - user: root 9 - group: root 10 - mode: 644 11 - template: jinja #声明模板格式 12 - defaults: 13 Zabbix_Server: {{ pillar['zabbix-agent']['Zabbix_Server'] }}#赋予变量Zabbix_Server新的值(这里利用pillar,直接添加值亦可,如:Zabbix_Server: 192.168.35.129) 14 15 service.running: #启动zabbix-agent 16 - name: zabbix-agent 17 - enable: True 18 #- reload: True #文件更改后reload服务 19 - watch: #文件更改后重启服务 20 - file: zabbix_agent
[root@elaine init]# vim /etc/salt/states/top.sls
1 base: 2 'dylan': 3 - init.pkg 4 - init.zabbix_agent #在top.sls添加要执行的方法文件zabbix_agent.sls 5 'os:CentOS': 6 - match: grain 7 - init.limit
#定义pillar
[root@elaine init]# cat /etc/salt/pillar/init/zabbix_agent.sls
zabbix-agent: Zabbix_Server: 198.162.35.129
[root@elaine pillar]# cat /etc/salt/pillar/top.sls
base: '*': - init.rsyslog - init.zabbix_agent
#salt.ssh
[root@elaine init]# vim /etc/salt/roster
1 squid: 2 host: 172.16.139.88 3 user: root 4 passwd: Ch@n93M3?
[root@elaine init]# salt-ssh -i '*' test.ping
squid:
True
[root@elaine init]# salt-ssh -i '*' cmd.run 'service squid restart'
squid:
停止 squid:................[确定]
正在启动 squid:.[确定]