grians
[root@server1 salt]# salt server1 grains.items
server1:
----------
SSDs:
biosreleasedate:
01/01/2011
biosversion:
0.5.1
cpu_flags:
- fpu
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- mmx
- fxsr
- sse
- sse2
- syscall
- nx
- rdtscp
- lm
- constant_tsc
- up
- rep_good
- unfair_spinlock
- pni
- pclmulqdq
- ssse3
- cx16
- sse4_1
- sse4_2
- x2apic
- popcnt
- tsc_deadline_timer
- aes
- xsave
- avx
- hypervisor
- lahf_lm
- xsaveopt
cpu_model:
Intel Xeon E312xx (Sandy Bridge)
cpuarch:
x86_64
disks:
- ram0
- ram1
- ram2
- ram3
- ram4
- ram5
- ram6
- ram7
- ram8
- ram9
- ram10
- ram11
- ram12
- ram13
- ram14
- ram15
- loop0
- loop1
- loop2
- loop3
- loop4
- loop5
- loop6
- loop7
- vda
- dm-0
- dm-1
dns:
----------
domain:
ip4_nameservers:
ip6_nameservers:
nameservers:
options:
search:
sortlist:
domain:
fqdn:
server1
fqdn_ip4:
- 172.25.12.1
fqdn_ip6:
gid:
0
gpus:
|_
----------
model:
Device 0100
vendor:
unknown
groupname:
root
host:
server1
hwaddr_interfaces:
----------
eth0:
52:54:00:36:48:e6
lo:
00:00:00:00:00:00
id:
server1
init:
upstart
ip4_interfaces:
----------
eth0:
- 172.25.12.1
lo:
- 127.0.0.1
ip6_interfaces:
----------
eth0:
- fe80::5054:ff:fe36:48e6
lo:
- ::1
ip_interfaces:
----------
eth0:
- 172.25.12.1
- fe80::5054:ff:fe36:48e6
lo:
- 127.0.0.1
- ::1
ipv4:
- 127.0.0.1
- 172.25.12.1
ipv6:
- ::1
- fe80::5054:ff:fe36:48e6
kernel:
Linux
kernelrelease:
2.6.32-431.el6.x86_64
locale_info:
----------
defaultencoding:
UTF8
defaultlanguage:
en_US
detectedencoding:
UTF8
localhost:
server1
manufacturer:
Red Hat
master:
172.25.12.1
mdadm:
mem_total:
996
nodename:
server1
num_cpus:
1
num_gpus:
1
os:
RedHat
os_family:
RedHat
osarch:
x86_64
oscodename:
Santiago
osfinger:
Red Hat Enterprise Linux Server-6
osfullname:
Red Hat Enterprise Linux Server
osmajorrelease:
6
osrelease:
6.5
osrelease_info:
- 6
- 5
path:
/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin
pid:
2336
productname:
KVM
ps:
ps -efH
pythonexecutable:
/usr/bin/python2.6
pythonpath:
- /usr/bin
- /usr/lib64/python26.zip
- /usr/lib64/python2.6
- /usr/lib64/python2.6/plat-linux2
- /usr/lib64/python2.6/lib-tk
- /usr/lib64/python2.6/lib-old
- /usr/lib64/python2.6/lib-dynload
- /usr/lib64/python2.6/site-packages
- /usr/lib64/python2.6/site-packages/gtk-2.0
- /usr/lib/python2.6/site-packages
pythonversion:
- 2
- 6
- 6
- final
- 0
saltpath:
/usr/lib/python2.6/site-packages/salt
saltversion:
2016.11.3
saltversioninfo:
- 2016
- 11
- 3
- 0
selinux:
----------
enabled:
True
enforced:
Enforcing
server_id:
1398511437
shell:
/bin/sh
uid:
0
username:
root
uuid:
f5b954e3-0b7d-4c9c-97e1-a1201e34d65d
virtual:
kvm
zmqversion:
4.0.5
[root@server1 salt]# salt '*' grains.item roles
server1:
----------
roles:
server3:
----------
roles:
nginx
server2:
----------
roles:
apache
[root@server1 salt]# salt server1 grains.item ipv4 ##查看server1的ipv4的信息
server1:
----------
ipv4:
- 127.0.0.1
- 172.25.12.1
[root@server1 salt]# salt server1 grains.item uuid ##查看server1的uuid
server1:
----------
uuid:
026611d5-381c-42ab-bb83-e307d4e89b1a
[root@server1 salt]# salt server1 grains.item os ##查看server的os
server1:
----------
os:
RedHat
[root@server1 salt]# salt -G 'os:RedHat' test.ping ##对系统为RedHat的主机进行test.ping方法
server2:
True
server3:
True
server1:
True
[root@server1 salt]# salt -G 'os:RedHat' cmd.run hostname ##运行hostname命令
server2:
server2
server3:
server3
server1:
server1修改roles
(1)
[root@server2 pki]# vim /etc/salt/minion
120 grains:
121 roles:
122 apache
[root@server2 pki]# /etc/init.d/salt-minion restart
[root@server1 salt]# salt '*' grains.item roles
server2:
----------
roles:
apache
server3:
----------
roles:
server1:
----------
roles:
(2)
[root@server3 salt]# vim grains
roles:
nginx
[root@server1 ~]# salt server3 saltutil.sync_grains
[root@server1 ~]# salt '*' grains.item roles
server1:
----------
roles:
server3:
----------
roles:
nginx
server2:
----------
roles:
apache
[root@server1 salt]# salt -G 'roles:apache' cmd.run hostname
server2:
server2
[root@server1 salt]# salt -G 'roles:nginx' cmd.run hostname
server3:
server3
[root@server1 salt]# salt server2 grains.item roles
server2:
----------
roles:
- apache
[root@server1 salt]# salt server3 grains.item roles
server3:
----------
roles:
- nginx(3)
[root@server1 _grains]# cd /srv/salt
[root@server1 salt]# mkdir _grains
[root@server1 salt]# cd _grains/
[root@server1 _grains]# vim my_grains.py
#!/usr/bin/env python
def my_grains():
grains = {}
grains['hello']='world'
grains['salt'] = 'stack'
return grains
[root@server1 _grains]# salt server2 saltutil.sync_grains
server2:
- grains.my_grains
[root@server2 salt]# cd /var/cache/salt/
[root@server2 salt]# tree minion/
minion/
|-- accumulator
|-- extmods
| `-- grains
| |-- my_grains.py
| `-- my_grains.pyc
|-- files
| `-- base
| |-- _grains
| | `-- my_grains.py
| |-- httpd
| | |-- files
| | | `-- httpd.conf
| | `-- install.sls
| `-- top.sls
|-- highstate.cache.p
|-- module_refresh
|-- pkg_refresh
|-- proc
`-- sls.p
9 directories, 10 files
[root@server1 ~]# salt '*' grains.item hello
server2:
----------
hello:
world
server3:
----------
hello:
server1:
----------
hello:
[root@server1 ~]# salt '*' grains.item salt
server3:
----------
salt:
server2:
----------
salt:
stack
server1:
----------
salt:
pillar方法
相当于grains的静态参数,pillar可以配置更灵活的参数,熟练的运用pillar可以十分强大的发挥saltatack的威力。pillar是动态参数
开启pillar
[root@server1 ~]# cd /etc/salt/
[root@server1 salt]# vim master
694 pillar_roots:
695 base:
696 - /srv/pillar
[root@server1 salt]# mkdir /srv/pillar
[root@server1 salt]# /etc/init.d/salt-master restart
Stopping salt-master daemon: [ OK ]
Starting salt-master daemon: [ OK ]建立base目录
[root@server1 srv]# mkdir pillar
[root@server1 srv]# cd pillar/
[root@server1 pillar]# mkdir web
[root@server1 pillar]# vim web/install.sls
[root@server1 pillar]# cat web/install.sls
{% if grains['fqdn'] == 'server2' %}
webserver: httpd
{% elif grains['fqdn'] == 'server3' %}
webserver: nginx
{% elif grains['fqdn'] == 'server1' %}
webserver: haproxy
{% endif %}
[root@server1 pillar]# vim top.sls
[root@server1 pillar]# cat top.sls
base:
'*':
- web.install刷新
[root@server1 web]# salt '*' saltutil.refresh_pillar
server3:
True
server2:
True
server1:
True
获取pillar信息
[root@server1 pillar]# salt '*' pillar.items
server1:
----------
webserver:
haproxy
server3:
----------
webserver:
nginx
server2:
----------
webserver:
httpd
[root@server1 pillar]# salt 'server3' pillar.items
server3:
----------
webserver:
nginx
[root@server1 pillar]# salt 'server2' pillar.items
server2:
----------
webserver:
httpd
指定信息查询
[root@server1 web]# salt -I 'webserver:nginx' cmd.run hostname
server3:
server3
[root@server1 web]# salt -I 'webserver:httpd' cmd.run hostname
server2:
server2
[root@server1 web]# salt -I 'webserver:haproxy' cmd.run hostname
server1:
server1
查询对应网段中正常的主机
[root@server1 web]# salt -S 172.25.12.0/24 test.ping
server1:
True
server3:
True
server2:
True
不同主机设定不同的参数(jinja模块)
{% %}:定义
{{ }}:取值
脚本定义固定端口
[root@server1 httpd]# vim /srv/salt/httpd/install.sls
apache-install:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://httpd/files/httpd.conf
- mode: 644
- user: root
- template: jinja
- context:
bind: 172.25.12.2
port: 8080
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: apache-install
[root@server1 files]# vim /srv/salt/httpd/files/httpd.conf
137 Listen {{ bind }}:{{ port }}
[root@server1 files]# salt server2 state.sls httpd.install
server2:
----------
ID: apache-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 17:25:32.218137
Duration: 416.967 ms
Changes:
----------
ID: apache-install
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 17:25:32.637641
Duration: 63.492 ms
Changes:
----------
ID: apache-install
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started: 17:25:32.702022
Duration: 138.405 ms
Changes:
----------
httpd:
True
Summary for server2
------------
Succeeded: 3 (changed=1)
Failed: 0
------------
Total states run: 3
Total run time: 618.864 ms
定义为动态信息
[root@server1 httpd]# vim lib.sls
{% set port = 80 %}
[root@server1 files]# vim /srv/salt/httpd/files/httpd.conf
1 {% from 'httpd/lib.sls' import port with context %}
137 Listen {{ port }}
[root@server1 files]# salt server2 state.sls httpd.install
server2:
----------
ID: apache-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 17:33:54.378293
Duration: 378.188 ms
Changes:
----------
ID: apache-install
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 17:33:54.758907
Duration: 91.961 ms
Changes:
----------
ID: apache-install
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started: 17:33:54.851735
Duration: 148.833 ms
Changes:
----------
httpd:
True
Summary for server2
------------
Succeeded: 3 (changed=1)
Failed: 0
------------
Total states run: 3
Total run time: 618.982 ms
other
[root@server1 httpd]# vim /srv/salt/httpd/install.sls
apache-install:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://httpd/files/httpd.conf
- mode: 644
- user: root
- template: jinja
- context:
bind: {{ grains['ipv4'][-1] }}
port: 8080
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: apache-install
[root@server1 files]# vim /srv/salt/httpd/files/httpd.conf
137 Listen {{ bind }}:{{ port }}
[root@server1 files]# salt server2 state.sls httpd.install
server2:
----------
ID: apache-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 17:39:23.697588
Duration: 404.715 ms
Changes:
----------
ID: apache-install
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 17:39:24.105856
Duration: 100.667 ms
Changes:
----------
ID: apache-install
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started: 17:39:24.207424
Duration: 146.447 ms
Changes:
----------
httpd:
True
Summary for server2
------------
Succeeded: 3 (changed=1)
Failed: 0
------------
Total states run: 3
Total run time: 651.829 ms
pillar方法
[root@server1 ~]# vim /srv/pillar/web/install.sls
{% if grains['fqdn'] == 'server2' %}
webserver: httpd
bind: 172.25.12.2
port: 80
{% elif grains['fqdn'] == 'server3' %}
webserver: nginx
{% elif grains['fqdn'] == 'server1' %}
webserver: haproxy
{% endif %}