你的位置:首页 > 操作系统

[操作系统]saltstack简单部署和实践


#Elaine:master;Dylan:minion
#利用salt给minion安装包
[root@elaine states]# vim /etc/salt/master

 1 default_include: master.d/*.conf 2  3 interface: 0.0.0.0 4  5 ''' 6 state_top: top.sls 7 ''' 8 file_roots: 9  base:10   - /etc/salt/states11  prod:12   - /etc/salt/states/prod13 '''

View Code

 



[root@elaine states]# vim /etc/salt/states/top.sls

 1 base: 2  'dylan': 3   - init.pkg  #使用init目录下pkg文件 4    5 pkg.init:   #自定义名字 6  pkg.installed:  #执行pkg.installed模块 7   - names:  #要安装的包名 8    - lrzsz 9    - mtr10    - nmap

View Code

 



[root@elaine init]# salt '*' state.sls init.pkg

dylan:----------     ID: pkg.init  Function: pkg.installed   Result: True   Comment: All specified packages are already installed   Started: 14:21:07.973412  Duration: 4582.543 ms   Changes:  Summary for dylan------------Succeeded: 1Failed:  0------------Total states run:   1Total run time:  4.583 s

 



#利用salt同步minion端的配置文件
[root@elaine init]# vim /etc/salt/states/init/limit.sls

 1 /etc/security/limits.conf:   #要同步的目标文件名 2  file.managed: 3   - source: salt://init/files/limits.conf 4   - user: root 5   - group: root 6   - mode: 644 7   #或 8 limit-config:             #id名 9  file.managed:10   - name: /etc/security/limits.conf #要同步的目标文件名11   - source: salt://init/files/limits.conf12   - user: root13   - group: root14   - mode: 644

View Code

 


 
[root@elaine init]# cp /etc/security/limits.conf /etc/salt/states/init/files/

[root@elaine states]# vim /etc/salt/states/top.sls

1 base:2  'dylan':3   - init.pkg4   - init.limit

View Code

 




#将输出结果return到mysql
master端安装MySQL-python包,由master端直接写入mysql,不需要加--return mysql

#使用grains定义目标
[root@dylan ~]# vim /etc/salt/grains 

test: salt_test

[root@elaine ~]# salt '*' saltutil.sync_grains  #刷新

dylan:

 

[root@elaine /]# salt '*' grains.item test
 

dylan:  ----------  test:    salt_test

 


[root@elaine ~]# salt -G 'test:salt_test' test.ping

dylan:  True

#grains在top.sls状态文件里
[root@elaine /]# vim /etc/salt/states/top.sls

1 base:2  'dylan':3   - init.pkg4  'os:CentOS':5   - match: grain6   - init.limit

View Code

 



#使用pillar定义目标
[root@elaine /]# mkdir -p /etc/salt/pillar/init
[root@elaine init]# vim /etc/salt/master

1 pillar_roots:2  base:3   - /etc/salt/pillar

[root@elaine /]# vim /etc/salt/pillar/top.sls

1 base:2  '*':        #定义要添加pillar的目标主机3   - init.rsyslog  #定义要添加pillar的方法文件/etc/salt/pillar/init

[root@elaine /]# vim /etc/salt/pillar/init/rsyslog.sls

1 {% if grains['osfinger'] == 'CentOS Linux-7' %}2 syslog: rsyslog3 {% elif grains['osfinger'] == 'CentOS-5' %}4 syslog: syslog5 {% endif %}

[root@elaine init]# systemctl restart salt-master
[root@elaine init]# salt '*' saltutil.refresh_pillar

dylan:  True

[root@elaine init]# salt '*' pillar.item syslog

dylan:  ----------  syslog:    rsyslog

[root@elaine init]#
[root@elaine init]# salt -I 'syslog:rsyslog' test.ping

dylan:  True

 

#安装配置启动zabbix-agent    
[root@elaine init]# grep 'Server='  /etc/salt/states/init/files/zabbix_agentd.conf

# Server=Server={{Zabbix_Server}}#将配置文件里要修改的参数加上变量为Zabbix_Server,该配置文件变为模板文件

[root@elaine init]# vim /etc/salt/states/init/zabbix_agent.sls  

 1 zabbix_agent: 2  pkg.installed:        #安装zabbix-agent 3   - name: zabbix-agent.x86_64   4  5  file.managed:         #配置zabbix-agent 6   - name: /etc/zabbix/zabbix_agentd.conf 7   - source: salt://init/files/zabbix_agentd.conf 8   - user: root 9   - group: root10   - mode: 64411   - template: jinja      #声明模板格式12   - defaults:13    Zabbix_Server: {{ pillar['zabbix-agent']['Zabbix_Server'] }}#赋予变量Zabbix_Server新的值(这里利用pillar,直接添加值亦可,如:Zabbix_Server: 192.168.35.129)14 15  service.running:       #启动zabbix-agent16   - name: zabbix-agent17   - enable: True18   #- reload: True       #文件更改后reload服务19   - watch:          #文件更改后重启服务20    - file: zabbix_agent

 



[root@elaine init]# vim /etc/salt/states/top.sls

1 base:2  'dylan':3   - init.pkg4   - init.zabbix_agent #在top.sls添加要执行的方法文件zabbix_agent.sls5  'os:CentOS':6   - match: grain7   - init.limit

#定义pillar      
[root@elaine init]# cat /etc/salt/pillar/init/zabbix_agent.sls

zabbix-agent: Zabbix_Server: 198.162.35.129

[root@elaine pillar]# cat /etc/salt/pillar/top.sls

base: '*':  - init.rsyslog  - init.zabbix_agent

 

 

#salt.ssh
[root@elaine init]# vim /etc/salt/roster

1  squid:2  host: 172.16.139.883  user: root4  passwd: Ch@n93M3?

[root@elaine init]# salt-ssh -i '*' test.ping

squid:  True

[root@elaine init]# salt-ssh -i '*' cmd.run 'service squid restart'

squid:  停止 squid:................[确定]  正在启动 squid:.[确定]