1.saltstack-YAML语言
Salt使用State模块文件进行配置管理,使用YAML编写,以.sls结尾。
YAML语言是一种很直观能够被电脑识别的数据序列化的语言,容易被人们理解阅读,容易和脚本进行交互的编程语言。
YAML语法格式:
house:
student:
name: tom
age:
- one
- two
- three
address:
number: 1000
emile: [email protected]
#house包含student和address俩个内容,x:x代表的是值,-x代表的是列表
YAML基本规则:
- 使用缩进表示层级关系,每层2个空格,禁止tab键
- 冒号后面必须有一个空格,除非此时处于最后位置可以没有
- 用-表示列表,-的后面必须有一个空格
- #表示注释
YAML文件存放的位置:
yaml配置文件存放的位置,可以在Saltstack中的master配置文件在查找file_roots查看
[root@salt-master ~]# vim /etc/salt/master
file_roots:
base:
- /srv/salt/base
test:
- /srv/salt/test
dev:
- /srv/salt/dev
prod:
- /srv/salt/prod/prod
#base基础环境(通用的,所以主机均可用)
#test测试环境(仅限于测试环境中使用)
#dev开发环境(仅限于开发环境中使用)
#prod生产环境(最严紧,最终放在此环境下)
#配置文件中的file_roots只有一个的话,base环境至少有一个,并且base名字不能更改
[root@salt-master ~]# mkdir -p /srv/salt/{base,test,dev,prod}
[root@salt-master ~]# tree /srv/salt/
/srv/salt/
├── base
├── dev
├── prod
└── test
#重启
[root@salt-master ~]# systemctl restart salt-master.service
2.saltstack-部署Apache
我们在base基础环境目录中,部署一个apache的状态文件以sls结尾
[root@salt-master ~]# cd /srv/salt/base/
[root@salt-master base]# mkdir -p web/apache
[root@salt-master base]# tree .
.
└── web
└── apache
[root@salt-master base]# vim web/apache/install.sls
apache-install:
pkg.installed: # pkg.install:安装包
- name: httpd
apache-service:
service.running: #service.running:运行服务
- name: httpd
- enable: true
#apache-install作为顶格的第一排,必须全局唯一,同类型不要重复
[root@salt-master ~]# ll /srv/salt/base/web/apache/install.sls
-rw-r--r--. 1 root root 124 11月 24 21:12 /srv/salt/base/web/apache/install.sls
#master端执行状态文件
[root@salt-master ~]# salt 'salt-minion' state.sls web.apache.install saltenvs=base #saltenvs指定的是运行目录环境(base默认是可以忽略的,而其它的目录不行)
salt-minion:
----------
ID: apache-install #全局id
Function: pkg.installed #已经安装状态
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 21:23:11.645807
Duration: 823.03 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 21:23:12.470500
Duration: 56.088 ms
Changes:
Summary for salt-minion
------------
Succeeded: 2 #成功俩个
Failed: 0 #失败0个
------------
Total states run: 2
Total run time: 879.118 ms
#saltstack具有幂等性,执行过的第一次不会再执行
#minion端查看
[root@salt-minion ~]# rpm -qa|grep httpd
centos-logos-httpd-85.8-2.el8.noarch
httpd-filesystem-2.4.37-43.module_el8.5.0+1022+b541f3b1.noarch
httpd-tools-2.4.37-43.module_el8.5.0+1022+b541f3b1.x86_64
httpd-2.4.37-43.module_el8.5.0+1022+b541f3b1.x86_64
[root@salt-minion ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2021-11-24 21:22:39 CST; 3min 40s ago
Docs: man:httpd.service(8)
Main PID: 233690 (httpd)
Status: "Running, listening on: port 80"
Tasks: 213 (limit: 5782)
Memory: 43.6M
CGroup: /system.slice/httpd.service
├─233690 /usr/sbin/httpd -DFOREGROUND
├─234494 /usr/sbin/httpd -DFOREGROUND
├─234495 /usr/sbin/httpd -DFOREGROUND
├─234496 /usr/sbin/httpd -DFOREGROUND
└─234497 /usr/sbin/httpd -DFOREGROUND
11月 24 21:22:24 salt-minion systemd[1]: Starting The Apache HTTP Server...
11月 24 21:22:39 salt-minion httpd[233690]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80>
11月 24 21:22:39 salt-minion systemd[1]: Started The Apache HTTP Server.
11月 24 21:22:49 salt-minion httpd[233690]: Server configured, listening on: port 80
执行状态文件的顺序:先认证key,再test.ping测试连通性,最后执行状态文件
3.top file
之前我们执行状态文件,告知了在哪台主机上运行也告知执行哪个文件,所以还不能算是自动化,自动化应该是完全自动的对于相应的活,如web服务器对应web服务,数据库服务器对应数据库服务等,而top file应运而生。
top file作用是相应状态文件对应相应主机,top file的文件名可在master配置文件中搜索top.sls查看,该文件必须在base环境中,默认情况下此文件必须交top.sls
3.1top file实例
实现功能:编写一个top.sls文件,分别在俩台主机上分别安装httpd和mariadb并且开机自启
#编写top.sls文件
[root@salt-master ~]# vim /srv/salt/base/top.sls
base: #base环境中
'salt-minion2': #被控制端主机2号上运行
- database.mariadb.install #指定mariadb状态文件
'salt-minion': #被控制端主机1号上运行
- web.apache.install #指定httpd状态文件
#文件目录结构
[root@salt-master ~]# tree /srv/salt/base/
/srv/salt/base/
├── database
│ └── mariadb
│ └── install.sls
├── top.sls
└── web
└── apache
└── install.sls
#俩个状态文件内容
[root@salt-master ~]# cat /srv/salt/base/web/apache/install.sls
apache-install:
pkg.installed:
- name: httpd
apache-service:
service.running:
- name: httpd
- enable: true
[root@salt-master ~]# cat /srv/salt/base/database/mariadb/install.sls
mysql-install:
pkg.installed:
- name: mariadb-server
mysql-service:
service.running:
- name: mariadb
- enable: true
#运行之前一定要先测试连通性
[root@salt-master ~]# salt '*' test.ping
salt-master:
True
salt-minion2:
True
salt-minion:
True
#开始高级运行模式
[root@salt-master ~]# salt '*' state.highstate
salt-master:
----------
ID: states
Function: no.None
Result: False #因为top文件没有写关于master端的内容,肯定会报错,是正确的
Comment: No Top file or master_tops data matches found. Please see master log for details.
Changes:
Summary for salt-master
------------
Succeeded: 0
Failed: 1
------------
Total states run: 1
Total run time: 0.000 ms
salt-minion2:
----------
ID: mysql-install
Function: pkg.installed
Name: mariadb-server
Result: True #mariadb安装成功
Comment: All specified packages are already installed
Started: 23:28:17.563245
Duration: 612.347 ms
Changes:
----------
ID: mysql-service
Function: service.running #mariadb运行成功
Name: mariadb
Result: True
Comment: The service mariadb is already running
Started: 23:28:18.177361
Duration: 31.91 ms
Changes:
Summary for salt-minion2
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 644.257 ms
salt-minion:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True #apache安装成功
Comment: All specified packages are already installed
Started: 23:28:17.382057
Duration: 864.115 ms
Changes:
----------
ID: apache-service
Function: service.running #apache运行成功
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 23:28:18.247911
Duration: 44.8 ms
Changes:
Summary for salt-minion
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 908.915 ms
#被控制主机上查看具体情况
[root@salt-minion ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:80 *:*
[root@salt-minion ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2021-11-24 23:27:39 CST; 4min 22s ago
[root@salt-minion2 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 50 *:3306 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 [::]:22 [::]:*
[root@salt-minion2 ~]# systemctl status mariadb
● mariadb.service - MariaDB database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
Active: active (running) since 三 2021-11-24 22:59:55 CST; 32min ago
注意说明:
top file里面可以指定单个主机如node,多个主机如node1,node2,所有主机如'*'
salt '*' state.highstate 的*表示通知所有机器干活,哪些机器干什么活取决于top file里面指定的,没指定的均不执行显示false跳过。
3.2高级状态higtstate的使用注意事项
salt '*' highstate执行高级状态命令是最常用的
但是生产环境中怎么用高级状态呢?
加上test测试的功能,测试执行但是不会真的执行如salt '*' highstate test=true
而且必须细致化使用,如salt 'node1' highstate
#针对于俩台机器进行测试运行
[root@salt-master ~]# salt -L 'salt-minion,salt-minion2' state.highstate test=true
salt-minion2:
----------
ID: mysql-install
Function: pkg.installed
Name: mariadb-server
Result: True
Comment: All specified packages are already installed
Started: 10:51:36.688968
Duration: 876.487 ms
Changes:
----------
ID: mysql-service
Function: service.running
Name: mariadb
Result: None
Comment: Service mariadb is set to start
Started: 10:51:37.567403
Duration: 30.598 ms
Changes:
Summary for salt-minion2
------------
Succeeded: 2 (unchanged=1)
Failed: 0
------------
Total states run: 2
Total run time: 907.085 ms
salt-minion:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 10:51:36.438932
Duration: 1240.705 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: None
Comment: Service httpd is set to start
Started: 10:51:37.681507
Duration: 53.165 ms
Changes:
Summary for salt-minion
------------
Succeeded: 2 (unchanged=1)
Failed: 0
------------
Total states run: 2
Total run time: 1.294 s