一、salt-ssh的使用
官方文档:https://docs.saltstack.com/en/2016.11/topics/ssh/index.html
(1)安装salt-ssh
[root@linux-node1 ~]# yum install -y salt-ssh
(2)配置salt-ssh
[root@linux-node1 ~]# vim /etc/salt/roster
linux-node1:
host: 10.0.0.11
user: root
passwd: qwe123
linux-node2:
host: 10.0.0.12
user: root
passwd: qwe123
(3)使用ssh远程执行
[root@7mini-node1 ~]# salt-ssh '*' -r 'uptime'
7mini-node2:
----------
retcode:
0
stderr:
stdout:
root@10.0.0.12's password:
14:07:19 up 14 days, 8:41, 2 users, load average: 0.04, 0.08, 0.07
7mini-node1:
----------
retcode:
0
stderr:
stdout:
root@10.0.0.11's password:
14:07:20 up 23 days, 8:13, 2 users, load average: 2.86, 0.81, 0.34
二.配置管理
1)SLS:salt state举例安装apache
[root@7mini-node1 ~]# vim /srv/salt/base/web/apache.sls
apache:
pkg.installed:
- name: httpd
service.running:
- name: httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
- user: root
- group: root
- mode: 644
解释说明:
apache:id声明,在所有环境(base、prod)下全局唯一
pkg:状态模块
.:引用关系
installed:模块中的方法
::代表层级关系
name:可以理解为参数,后面跟的是参数值,id就是name
file.managed:文件管理模块,必须要有source指定文件的来源路径
source:文件的来源路径,salt://代表着环境的根路径,这的根路径为:/srv/salt/base/
user、group、mode:分别指定文件的所属者,所属组和权限
以上的文件还可以使用分id的写法:
apache-install:
pkg.installed:
- name: httpd
apache-service:
service.running:
- name: httpd
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
- user: root
- group: root
- mode: 644
存在指定多个配置文件,还可以使用一下写法:(不适用name作为参数传递时,id就是最上面的参数)
/etc/httpd/conf/httpd.conf:
file.managed:
- source: salt://apache/files/httpd.conf
- user: root
- group: root
- mode: 644
/etc/httpd/conf/php.conf:
file.managed:
- source: salt://apache/files/php.conf
- user: root
- group: root
- mode: 644
2) LAMP的状态设计与实现部署
设计需求分析
1、设计分析
| 名称 | 软件包 | 配置文件 | 服务 |
|---|---|---|---|
| 使用模块 | pkg | file | service |
| LAMP | httpd、php、mariadb、mariadb-server、php-mysql、php-pdo、php-cli | /etc/httpd/conf/httpd.conf、/etc/php.ini、/etc/my.cnf | httpd、mysqld |
2、Aapche的状态配置
[root@7mini-node1 prod]# pwd
/srv/salt/prod
[root@7mini-node1 prod]# mkdir apache php mysql
[root@7mini-node1 prod]# tree
.
├── apache
├── mysql
└── php
3 directories, 0 files
[root@7mini-node1 prod]# cd apache/
[root@7mini-node1 apache]# vim apache.sls #编写apache的状态模块
apache-install:
pkg.installed:
- name: httpd
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf #salt://代表着环境的根路径,根路径为/srv/salt/prod
- user: root
- group: root
- mode: 644
apache-service:
service.running:
- name: httpd
- enable: True
[root@7mini-node1 apache]# mkdir files #创建source目录
[root@7mini-node1 apache]# cd files/
[root@7mini-node1 files]# cp /etc/httpd/conf/httpd.conf .
[root@7mini-node1 apache]# tree
.
├── apache.sls
└── files
└── httpd.conf
1 directory, 2 files
[root@7mini-node1 apache]# salt '7mini-node1' state.sls apache.apache saltenv=prod #执行正常无报错,为正常
3、php的状态配置
[root@7mini-node1 prod]# cd php
[root@7mini-node1 php]# mkdir files
[root@7mini-node1 php]# vim init.sls
php-install:
pkg.installed:
- pkgs:
- php
- php-pdo
- php-mysql
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://php/files/php.ini
- user: root
- group: root
- mode: 644
[root@7mini-node1 php]# cp /etc/php.ini files/
[root@7mini-node1 php]# tree
.
├── files
│ └── php.ini
└── init.sls
1 directory, 2 files
[root@7mini-node1 apache]# salt '7mini-node1' state.sls php.init saltenv=prod
4、mysql的状态配置
[root@7mini-node1 prod]# cd mysql/
[root@7mini-node1 mysql]# vim init.sls
mysql-install:
pkg.installed:
- pkgs:
- mariadb
- mariadb-server
mysql-config:
file.managed:
- name: /etc/my.cnf
- source: salt://mysql/files/my.cnf
- user: root
- gourp: root
- mode: 644
mysql-service:
service.running:
- name: mariadb-server
- enable: True
[root@7mini-node1 mysql]# mkdir files
[root@7mini-node1 mysql]# cp /etc/my.cnf files/
[root@7mini-node1 prod]# tree
.
├── apache
│ ├── files
│ │ └── httpd.conf
│ └── init.sls
├── mysql
│ ├── files
│ │ └── my.cnf
│ └── init.sls
└── php
├── files
│ └── php.ini
└── init.sls
[root@linux-node1 prod]# salt '7mini-node1' state.sls php.init saltenv=prod #执行无报错表示成功
5、写入top file,执行高级状态
[root@7mini-node1 base]# pwd /srv/salt/base [root@7mini-node1 base]# vim top.sls prod: '7mini-node1.example.com': - apache.init - php.init - mysql.init [root@linux-node1 base]# salt '7mini-node1*' state.highstate #执行无报错表示成功
测试7mini-node2是否能执行成功
[root@7mini-node1 ~]# salt '7mini-node2' state.highstate