Article Directory
1. pillar
1.1 Introduction to pillar
- Pillar and grains are also a data system, but the application scenarios are different.
- Pillar is to dynamically store information on the master side, mainly storing private and sensitive information (such as username and password, etc.), and you can specify a minion to see the corresponding information.
- pillar is more suitable for use in configuration management
1.2 Common commands
- Refresh pillar data
salt '*' saltutil.refresh_pillar
- Query pillar data
salt '*' pillar.items
salt '*' pillar.item XXX
- Data matching
salt -I XXX:XXX test.ping
1.3 Define pillar
- Create a pillar default directory
mkdir /srv/pillar
- Custom Pillar Item
vim /srv/pillar/package.sls
{
% if grains['fqdn'] == 'server3' %}
package: nginx
{
% elif grains['fqdn'] == 'server2' %}
port: 80
bind: 192.168.17.2
{
% endif %}
vim /srv/pillar/top.sls
base:
'*':
- package
- Refresh pillar data
salt '*' saltutil.refresh_pillar
- Query pillar data
salt '*' pillar.items
salt '*' pillar.item package
- Data matching
salt -I package:nginx test.ping
1.4 Applied to apache
vim /srv/pillar/package.sls
{
% if grains['fqdn'] == 'server3' %}
package: nginx
{
% elif grains['fqdn'] == 'server2' %}
port: 8080
bind: 192.168.17.2
{
% endif %}
vim /srv/salt/apache/init.sls
apache:
pkg.installed:
- pkgs:
- httpd
file.managed:
- source: salt://apache/files/httpd.conf
- name: /etc/httpd/conf/httpd.conf
- template: jinja
- context:
port: {
{
pillar['port'] }}
bind: {
{
pillar['bind'] }}
service.running:
- name: httpd
- enable: true
- watch:
- file: apache
vim /srv/salt/apache/files/httpd.conf
Listen {
{
bind }}:{
{
port }}
salt server2 state.sls apache
1.5 Import variables applied to jinja template import
vim /srv/salt/apache/lib.sls
{
% set port = 80 %}
vim /srv/salt/apache/files/httpd.conf
{
% from 'apache/lib.sls' import port %}#做完实验删除
Listen {
{
bind }}:{
{
port }}
salt server2 state.sls apache
[Found in /srv/pillar/package.sls with /srv/salt/apache/lib.slsportVariables are defined , the last read is used, lib.slsport80 is used]
2. keepalived automation
2.1 Configuration
vim /srv/salt/apache/files/httpd.conf
Listen {
{
port }}
- Create a keepalived directory
mkdir /srv/salt/keepalived
mkdir /srv/salt/keepalived/files
vim /srv/salt/keepalived/init.sls
kp-install:
pkg.installed:
- name: keepalived
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://keepalived/files/keepalived.conf
- template: jinja
- context:
STATE: {
{
pillar['state'] }}
VRID: {
{
pillar['vrid'] }}
PRI: {
{
pillar['pri'] }}
service.running:
- name: keepalived
- enable: true
- reload: true
- watch:
- file: kp-install
vim /srv/pillar/package.sls
{
% if grains['fqdn'] == 'server3' %}
package: nginx
state: BACKUP
vrid: 51
pri: 50
{
% elif grains['fqdn'] == 'server2' %}
port: 80
bind: 192.168.17.2
state: MASTER
vrid: 51
pri: 100
{
% endif %}
vim /srv/salt/keepalived/files/keepalived.conf: Edit jinja template
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state {
{
STATE }}
interface ens33#自己的接口名
virtual_router_id {
{
VRID }}
priority {
{
PRI }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.17.100
}
}
vim /srv/salt/top.sls
base:
'roles:apache':
- match: grain
- apache
- keepalived
'roles:nginx':
- match: grain
- nginx
- keepalived
salt '*' state.highstate
2.2 Testing
- View experiment results:
- When the keepalived of server2 is stopped, BACKUP end: server3 is automatically turned on
![[root@server2 ~]# systemctl stop keepalived.service](https://img-blog.csdnimg.cn/20210121125310824.png)
- Again
salt '*' state.highstate, keepalived of server2 is automatically turned on and VIP is automatically added
3. Automated deployment of zabbix monitoring platform
master端:server1:192.168.17.1
zabbix-server端:server2:192.168.17.2
zabbix-database side: server3: 192.168.17.3
3.1 File structure
mkdir -p /srv/salt/zabbix-server/files
mkdir -p /srv/salt/mysql/files
3.2 Template file
server2文件可通过如下命令得到
salt server2 state.sls zabbix-server
server3文件可通过如下命令得到
salt server3 state.sls mysql
my.cnf
scp server3:/etc/my.cnf /srv/salt/mysql/files/vim /srv/salt/mysql/files/my.cnf
log-bin=mysql-bin
character-set-server=utf8
create.sql
cd /srv/salt/mysql/files/scp server2:/usr/share/doc/zabbix-server-mysql-4.0.5/create.sql.gz .gunzip create.sql.gz
zabbix_server.conf
scp server2:/etc/zabbix/zabbix_server.conf /srv/salt/zabbix-server/files/vim /srv/salt/zabbix-server/files/zabbix_server.conf
91 DBHost=192.168.17.3#数据库端IP
100 DBName=zabbix
116 DBUser=zabbix
124 DBPassword=westos
zabbix.conf
scp server2:/etc/httpd/conf.d/zabbix.conf /srv/salt/zabbix-server/files/vim /srv/salt/zabbix-server/files/zabbix.conf: Modify the time zone to:Asia/Shanghai
zabbix.conf.php: Initialization file (avoid initialization)
scp server2:/etc/zabbix/web/zabbix.conf.php /srv/salt/zabbix-server/files/
(After the zabbix platform is deployed, the file can be generated on the zabbix-server side by initializing the front-end page)
3.3 Write .sls file
/srv/salt/zabbix-server/init.sls
zabbix-server:
pkgrepo.managed:
- name: zabbix
- humanname: zabbix 4.0
- baseurl: http://192.168.17.1/4.0/#软件仓库
- gpgcheck: 0
pkg.installed:
- pkgs:
- zabbix-server-mysql
- zabbix-agent
- zabbix-web-mysql
file.managed:
- name: /etc/zabbix/zabbix_server.conf
- source: salt://zabbix-server/files/zabbix_server.conf
service.running:
- name: zabbix-server
- enable: true
- watch:
- file: zabbix-server
zabbix-agent:
service.running
zabbix-web:
file.managed:
- name: /etc/httpd/conf.d/zabbix.conf
- source: salt://zabbix-server/files/zabbix.conf
service.running:
- name: httpd
- enable: true
- watch:
- file: zabbix-web
/etc/zabbix/web/zabbix.conf.php:
file.managed:
- source: salt://zabbix-server/files/zabbix.conf.php
/srv/salt/mysql/init.sls
mysql-install:
pkg.installed:
- pkgs:
- mariadb-server
- MySQL-python
file.managed:
- name: /etc/my.cnf
- source: salt://mysql/files/my.cnf
service.running:
- name: mariadb
- enable: true
- watch:
- file: mysql-install
mysql-config:
mysql_database.present:
- name: zabbix
mysql_user.present:
- name: zabbix
- host: '%'
- password: "westos"
mysql_grants.present:
- grant: all privileges
- database: zabbix.*
- user: zabbix
- host: '%'
file.managed:
- name: /mnt/create.sql
- source: salt://mysql/files/create.sql
cmd.run:
- name: mysql zabbix < /mnt/create.sql && touch /mnt/zabbix.lock
- creates: /mnt/zabbix.lock
/srv/salt/top.sls
base:
'roles:apache':
- match: grain
- zabbix-server
'roles:nginx':
- match: grain
- mysql
salt '*' state.highstate: Advanced push
