当前位置:网站首页>Saltstack configuration management
Saltstack configuration management
2022-07-28 19:32:00 【Amu 690】
List of articles
One 、YAML Language
YAML It is an intuitive data serialization format that can be recognized by computer , It is highly readable and easy for human to read , Easy to interact with scripting languages , Programming language used to express data sequence .
It is similar to a subset of the standard common markup language XML Data description language of , Grammar than XML Simple a lot .
YAML The format of the language is as follows :
house:
family:
name: Doe
parents:
- John
- Jane
children:
- Paul
- Mark
- Simone
address:
number: 34
street: Main Street
city: Nowheretown
zipcode: 12345
YAML The basic rules of :
- Use indents to represent hierarchical relationships , Each layer 2 A space , No use TAB key
- When the colon is not at the end , There must be a space after the colon
- use - Represents a list ,- There must be a space after
- use # Notation
YAML The configuration file should be placed in SaltStack Let's put it in the right place , Can be in SaltStack Of Master Find in profile file_roots You can see .
// View help documents
[[email protected] ~]# cd /etc/salt/
[[email protected] salt]# ls
cloud cloud.profiles.d minion proxy
cloud.conf.d cloud.providers.d minion.d proxy.d
cloud.deploy.d master minion_id roster
cloud.maps.d master.d pki
[[email protected] salt]# vim master
# file_roots:
# base:
# - /srv/salt/
# dev:
# - /srv/salt/dev/services
# - /srv/salt/dev/states
# prod:
# - /srv/salt/prod/services
# - /srv/salt/prod/states
#
#file_roots:
# base:
# - /srv/salt
// base: Based on the environment ( The configuration is common to all hosts )
// test: Test environment ( Only for the test environment )
// dev: development environment ( Only for the development environment )
// prod: Generating environment ( Only for the generation environment )
So let's not set it like the help document above
// Modify the configuration file
[[email protected] salt]# vim master
#file_roots:
# base:
# - /srv/salt
#
file_roots: // Write your own
base:
- /srv/salt/base
dev:
- /srv/salt/dev
prod:
- /srv/salt/prod
test:
- /srv/salt/test
// Create environment Directory
[[email protected] salt]# tree /srv/
/srv/
0 directories, 0 files
[[email protected] salt]# mkdir -p /srv/salt/{base,test,dev,prod}
[[email protected] salt]# tree /srv/
/srv/
`-- salt |-- base |-- dev |-- prod `-- test
// Restart the service
[[email protected] salt]# systemctl restart salt-master
We need to pay attention to :
- base Is the default location , If file_roots only one , be base It is necessary and must be called base, You can't change your name
Two 、 use SaltStack To configure a apache example
Environmental statement :
| Host name | Host type | IP | System | Applications that need to be installed |
|---|---|---|---|---|
| master | Control machine | 192.168.91.135 | CentOS8 | salt-master salt-minion |
| node1 | Controlled machine | 192.168.91.137 | CentOS8 | salt-minion |
| node2 | Controlled machine | 192.168.91.134 | CentOS8 | salt-minion |
| node3 | Controlled machine | 192.168.91.138 | CentOS8 | salt-minion |
Be careful :node1 This host has been set id, Visit with IP Visiting , No longer host name access
2.1 stay Master Upper Department sls Configure the file and execute
// Create a apache Catalog
[[email protected] salt]# cd /srv/salt/base/
[[email protected] base]# ls
[[email protected] base]# mkdir -p web/apache
[[email protected] base]# tree
.
`-- web `-- apache
2 directories, 0 files
// Generate a status description file
[[email protected] base]# vim web/apache/install.sls
apache-install:
pkg.installed:
- name: httpd // install httpd
apache-service:
service.running:
- name: httpd
- enable: True // function httpd, Set up self start
// YAML What is written in the top grid of the configuration file is called ID, It has to be globally unique , Can't repeat
// SaltStack read YAML The configuration file is read from top to bottom , So write the first execution in front
// see node1 Does the host have apache service
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]# // No, apache service
// test node1 Whether the host can ping through
[[email protected] base]# salt "192.168.91.137" test.ping
192.168.91.137:
True
// stay 192.168.91.137 Host execution state The state function , stay web.apache.apache Execute under the document
[[email protected] base]# salt '192.168.91.137' state.sls web.apache.install saltenv=base
// saltnev: Specify the environment , The default is base Environmental Science
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 14:48:59.409563
Duration: 21188.407 ms
Changes:
----------
apr:
----------
new:
1.6.3-12.el8
old:
apr-util:
----------
new:
1.6.1-6.el8
old:
apr-util-bdb:
----------
new:
1.6.1-6.el8
old:
apr-util-openssl:
----------
new:
1.6.1-6.el8
old:
centos-logos-httpd:
----------
new:
85.8-1.el8
old:
httpd:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
httpd-filesystem:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
httpd-tools:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
mailcap:
----------
new:
2.1.48-3.el8
old:
mod_http2:
----------
new:
1.15.7-3.module_el8.4.0+778+c970deab
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 14:49:20.627691
Duration: 2168.635 ms
Changes:
----------
httpd:
True
Summary for 192.168.91.137
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 23.357 s
2.2 stay node1 Check on the host
// Check the installation
[[email protected] ~]# rpm -qa | grep httpd
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
// see apache Service startup
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: active (running) since Tue 2021-11-02 14:49:22 C>
Docs: man:httpd.service(8)
Main PID: 531114 (httpd)
Status: "Running, listening on: port 80"
Tasks: 213 (limit: 23484)
Memory: 42.8M
CGroup: /system.slice/httpd.service
├─531114 /usr/sbin/httpd -DFOREGROUND
├─531789 /usr/sbin/httpd -DFOREGROUND
├─531790 /usr/sbin/httpd -DFOREGROUND
├─531791 /usr/sbin/httpd -DFOREGROUND
└─531792 /usr/sbin/httpd -DFOREGROUND
Nov 02 14:49:20 node1 systemd[1]: Starting The Apache HTTP >
Nov 02 14:49:22 node1 httpd[531114]: AH00558: httpd: Could >
Nov 02 14:49:22 node1 systemd[1]: Started The Apache HTTP S>
Nov 02 14:49:41 node1 httpd[531114]: Server configured, lis>
web Page access test 
From the above we can see that apache Indeed, it has been successfully deployed .
// Execute in the test environment
[[email protected] base]# tree
.
`-- web `-- apache
`-- install.sls 2 directories, 1 file [[email protected] base]# cp -r web ../test [[email protected] base]# tree ../test ../test `-- web
`-- apache `-- install.sls
2 directories, 1 file
[[email protected] base]# salt '192.168.91.137' state.sls web.apache.install saltenv=test
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 15:02:53.841175
Duration: 647.493 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 15:02:54.490562
Duration: 44.13 ms
Changes:
Summary for 192.168.91.137
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 691.623 ms
Tips for executing status files :
- First use test.ping Test whether the host that needs to execute the status file can communicate normally , Then execute the status file
3、 ... and 、top file
3.1 top file Introduce
Execute directly by command sls Are files automated enough ? The answer is No , Because we have to tell a host to perform a task , Automation should be when we let it work , It knows which host will do what work , But execute directly by command sls Documents do not achieve this purpose , To solve this problem ,top file emerge as the times require .
top file It's just an entrance ,top file The file name of can be found in Master Search in the configuration file of top.sls find , And this file must be in base Environment , By default, this file must be called top.sls.
top file The function of is to tell the corresponding host what to do , Let's say web Server startup web service , Let the database server install mysql wait .
top file example :
stay node1 Installed on the host httpd,node2 Installed on the host nginx,node3 Installed on the host httpd
preparation
// To uninstall first node1 Host computer httpd service
[[email protected] ~]# yum -y remove httpd
The unloading process is omitted ...
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]#
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# systemctl status httpd
Unit httpd.service could not be found.
// Check node2 Is the host installed nginx service
[[email protected] ~]# rpm -qa | grep nginx
[[email protected] ~]#
// Check node3 Is the host installed httpd service
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]#
Actual operation
// establish mariadb Catalog
[[email protected] base]# ls
web
[[email protected] base]# mkdir -p web/nginx
[[email protected] base]# tree
.
`-- web |-- apache | `-- install.sls
`-- nginx 3 directories, 1 file // Write a nginx Installation file [[email protected] base]# vim web/nginx/install.sls nginx-install: pkg.installed: - name: nginx nginx-service: service.running: - name: nginx - enable: True [[email protected] base]# tree . `-- web
|-- apache
| `-- install.sls `-- nginx
`-- install.sls
3 directories, 2 files
[[email protected] base]# pwd
/srv/salt/base
[[email protected] base]# vim top.sls
base: // The environment in which the status file is to be executed
192.168.91.137: // To execute the target of the status file
- web.apache.install // Status file to execute
node2:
- web.nginx.install
node3:
- web.apache.install
// Check the host connection
[[email protected] base]# salt '*' test.ping
192.168.91.137:
True
master:
True
node2:
True
node3:
True
// Use advanced state to perform
[[email protected] base]# salt '*' state.highstate
master:
----------
ID: states
Function: no.None
Result: False
Comment: No Top file or master_tops data matches found. Please see master log for details.
Changes: // master There is an error , Because master I have no definition on this host , It's normal
Summary for master
------------
Succeeded: 0
Failed: 1
------------
Total states run: 1
Total run time: 0.000 ms
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:31:58.727210
Duration: 809.511 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 16:31:59.539214
Duration: 51.557 ms
Changes:
Summary for 192.168.91.137
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 861.068 ms
node2:
----------
ID: nginx-isntall
Function: pkg.installed
Name: nginx
Result: True
Comment: All specified packages are already installed
Started: 16:32:01.415844
Duration: 1112.745 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: The service nginx is already running
Started: 16:32:02.533262
Duration: 59.586 ms
Changes:
Summary for node2
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 1.172 s
node3:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:32:02.523591
Duration: 1346.453 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 16:32:03.877325
Duration: 192.106 ms
Changes:
Summary for node3
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 1.539 s
// testing
[[email protected] ~]# rpm -qa | grep httpd
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
[[email protected] ~]# rpm -qa | grep nginx
nginx-mod-stream-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-filesystem-1.14.1-9.module_el8.0.0+184+e34fea82.noarch
nginx-mod-http-perl-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-mod-mail-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-all-modules-1.14.1-9.module_el8.0.0+184+e34fea82.noarch
nginx-mod-http-xslt-filter-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-mod-http-image-filter-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
[[email protected] ~]# rpm -qa | grep httpd
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
Be careful :
- if top file The goal is to use * It means , It should be noted that ,top file Inside * Represents the target of all States to be executed , and salt ‘*’ state.highstate Inside * Indicates that all machines are notified to work , Whether to work or not is determined by top file Designated
3.2 Advanced status highstate Use
management SaltStack In general, the most common management operation is to execute advanced state
[[email protected] ~]# salt '*' state.highstate // Such use is prohibited in the production environment salt command
Be careful :
It allows everyone to perform advanced status , But in practice , I don't usually use it like this , In work, it is usually to notify one or some target hosts to execute advanced status , Whether it is implemented or not is determined by top file To decide .
If you add a parameter when executing the advanced state test=True, Then it will tell us what it will do , But it won't really perform this operation
// Stop node3 Host computer httpd service
[[email protected] ~]# systemctl stop httpd
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: inactive (dead) since Tue 2021-11-02 16:37:07 CS>
Docs: man:httpd.service(8)
Process: 561432 ExecStart=/usr/sbin/httpd $OPTIONS -DFORE>
Main PID: 561432 (code=exited, status=0/SUCCESS)
Status: "Running, listening on: port 80"
Nov 02 16:27:47 node3 systemd[1]: Starting The Apache HTTP >
Nov 02 16:28:07 node3 httpd[561432]: AH00558: httpd: Could >
Nov 02 16:28:07 node3 systemd[1]: Started The Apache HTTP S>
Nov 02 16:28:17 node3 httpd[561432]: Server configured, lis>
Nov 02 16:37:06 node3 systemd[1]: Stopping The Apache HTTP >
Nov 02 16:37:07 node3 systemd[1]: httpd.service: Succeeded.
Nov 02 16:37:07 node3 systemd[1]: Stopped The Apache HTTP S>
// stay master Perform advanced state tests on
[[email protected] base]# salt 'node3' test.ping
node3:
True
[[email protected] base]# salt 'node3' state.highstate test=True
node3:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:41:47.095885
Duration: 821.71 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: None
Comment: Service httpd is set to start
Started: 16:41:47.919808
Duration: 47.748 ms
Changes:
Summary for node3
------------
Succeeded: 2 (unchanged=1)
Failed: 0
------------
Total states run: 2
Total run time: 869.458 ms
// stay node3 Check out httpd Whether to start
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: inactive (dead) since Tue 2021-11-02 16:41:33 CS>
Docs: man:httpd.service(8)
Process: 580967 ExecStart=/usr/sbin/httpd $OPTIONS -DFORE>
Main PID: 580967 (code=exited, status=0/SUCCESS)
Status: "Running, listening on: port 80"
Nov 02 16:37:59 node3 systemd[1]: Starting The Apache HTTP >
Nov 02 16:38:19 node3 httpd[580967]: AH00558: httpd: Could >
Nov 02 16:38:19 node3 systemd[1]: Started The Apache HTTP S>
Nov 02 16:38:30 node3 httpd[580967]: Server configured, lis>
Nov 02 16:41:32 node3 systemd[1]: Stopping The Apache HTTP >
Nov 02 16:41:33 node3 systemd[1]: httpd.service: Succeeded.
Nov 02 16:41:33 node3 systemd[1]: Stopped The Apache HTTP S>
// It can be seen that the advanced state does not execute , because httpd It didn't start
边栏推荐
- Asp net MVC web development tutorial
- Update of objects in ES6
- Rust Getting Started Guide (rustup, cargo)
- After several twists and turns, how long can the TSDB C-bit of influxdb last?
- source insight项目导入和使用教程
- 彻底理解位运算——与(&)、非(~)、或(|)、异或(^)
- SaltStack之数据系统
- Application of time series database in Hydropower Station
- 以数字化转型为契机,3C企业如何通过SRM供应商云协同平台实现高效协同?
- R language text mining and natural language processing tutorial
猜你喜欢
After several twists and turns, how long can the TSDB C-bit of influxdb last?
智能合约安全——溢出漏洞
Image processing web application development tutorial
Application of time series database in cigarette factory
Cell综述:人类微生物组研究中的单细胞方法
Rust 入门指南(modules 和工程结构)
WPF 实现带蒙版的 MessageBox 消息提示框
Sword finger offer II 109. unlock the password lock
Dockler的基础用法
这个客制化键盘,秀翻我了~
随机推荐
为研发高端光刻胶,晶瑞股份斥资7500万元购买SK海力士的ASML光刻机
TSDB and blockchain
Prometheus部署
用于异常检测的Transformer - InTra《Inpainting Transformer for Anomaly Detection》
Asp net MVC web development tutorial
用LEX(FLEX)生成PL语言的词法分析器
Pytorch:快速求得NxN矩阵的主对角线(diagonal)元素与非对角线元素
C language cycle sentence strengthening exercises
Application of time series database in intelligent power consumption field
R language text mining and natural language processing tutorial
[notes] Networking: Internet product managers change the world
Doxygen document generation tool
ES6 conversion of new data type set and arr set map
Quickly install torch spark, torch geometric and other packages in moment pool cloud
Pytoch: quickly find the main diagonal elements and non diagonal elements of NxN matrix
When CNN meets transformer cmt:revolutionary neural networks meet vision transformers
App自动化测试是怎么实现H5测试的
Mid 2022 summary
Swing事件处理的过程是怎样的?
Application of TSDB in civil aircraft industry