当前位置:网站首页>Saltstack configuration management
Saltstack configuration management
2022-07-28 19:32:00 【Amu 690】
List of articles
One 、YAML Language
YAML It is an intuitive data serialization format that can be recognized by computer , It is highly readable and easy for human to read , Easy to interact with scripting languages , Programming language used to express data sequence .
It is similar to a subset of the standard common markup language XML Data description language of , Grammar than XML Simple a lot .
YAML The format of the language is as follows :
house:
family:
name: Doe
parents:
- John
- Jane
children:
- Paul
- Mark
- Simone
address:
number: 34
street: Main Street
city: Nowheretown
zipcode: 12345
YAML The basic rules of :
- Use indents to represent hierarchical relationships , Each layer 2 A space , No use TAB key
- When the colon is not at the end , There must be a space after the colon
- use - Represents a list ,- There must be a space after
- use # Notation
YAML The configuration file should be placed in SaltStack Let's put it in the right place , Can be in SaltStack Of Master Find in profile file_roots You can see .
// View help documents
[[email protected] ~]# cd /etc/salt/
[[email protected] salt]# ls
cloud cloud.profiles.d minion proxy
cloud.conf.d cloud.providers.d minion.d proxy.d
cloud.deploy.d master minion_id roster
cloud.maps.d master.d pki
[[email protected] salt]# vim master
# file_roots:
# base:
# - /srv/salt/
# dev:
# - /srv/salt/dev/services
# - /srv/salt/dev/states
# prod:
# - /srv/salt/prod/services
# - /srv/salt/prod/states
#
#file_roots:
# base:
# - /srv/salt
// base: Based on the environment ( The configuration is common to all hosts )
// test: Test environment ( Only for the test environment )
// dev: development environment ( Only for the development environment )
// prod: Generating environment ( Only for the generation environment )
So let's not set it like the help document above
// Modify the configuration file
[[email protected] salt]# vim master
#file_roots:
# base:
# - /srv/salt
#
file_roots: // Write your own
base:
- /srv/salt/base
dev:
- /srv/salt/dev
prod:
- /srv/salt/prod
test:
- /srv/salt/test
// Create environment Directory
[[email protected] salt]# tree /srv/
/srv/
0 directories, 0 files
[[email protected] salt]# mkdir -p /srv/salt/{base,test,dev,prod}
[[email protected] salt]# tree /srv/
/srv/
`-- salt |-- base |-- dev |-- prod `-- test
// Restart the service
[[email protected] salt]# systemctl restart salt-master
We need to pay attention to :
- base Is the default location , If file_roots only one , be base It is necessary and must be called base, You can't change your name
Two 、 use SaltStack To configure a apache example
Environmental statement :
| Host name | Host type | IP | System | Applications that need to be installed |
|---|---|---|---|---|
| master | Control machine | 192.168.91.135 | CentOS8 | salt-master salt-minion |
| node1 | Controlled machine | 192.168.91.137 | CentOS8 | salt-minion |
| node2 | Controlled machine | 192.168.91.134 | CentOS8 | salt-minion |
| node3 | Controlled machine | 192.168.91.138 | CentOS8 | salt-minion |
Be careful :node1 This host has been set id, Visit with IP Visiting , No longer host name access
2.1 stay Master Upper Department sls Configure the file and execute
// Create a apache Catalog
[[email protected] salt]# cd /srv/salt/base/
[[email protected] base]# ls
[[email protected] base]# mkdir -p web/apache
[[email protected] base]# tree
.
`-- web `-- apache
2 directories, 0 files
// Generate a status description file
[[email protected] base]# vim web/apache/install.sls
apache-install:
pkg.installed:
- name: httpd // install httpd
apache-service:
service.running:
- name: httpd
- enable: True // function httpd, Set up self start
// YAML What is written in the top grid of the configuration file is called ID, It has to be globally unique , Can't repeat
// SaltStack read YAML The configuration file is read from top to bottom , So write the first execution in front
// see node1 Does the host have apache service
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]# // No, apache service
// test node1 Whether the host can ping through
[[email protected] base]# salt "192.168.91.137" test.ping
192.168.91.137:
True
// stay 192.168.91.137 Host execution state The state function , stay web.apache.apache Execute under the document
[[email protected] base]# salt '192.168.91.137' state.sls web.apache.install saltenv=base
// saltnev: Specify the environment , The default is base Environmental Science
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 14:48:59.409563
Duration: 21188.407 ms
Changes:
----------
apr:
----------
new:
1.6.3-12.el8
old:
apr-util:
----------
new:
1.6.1-6.el8
old:
apr-util-bdb:
----------
new:
1.6.1-6.el8
old:
apr-util-openssl:
----------
new:
1.6.1-6.el8
old:
centos-logos-httpd:
----------
new:
85.8-1.el8
old:
httpd:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
httpd-filesystem:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
httpd-tools:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
mailcap:
----------
new:
2.1.48-3.el8
old:
mod_http2:
----------
new:
1.15.7-3.module_el8.4.0+778+c970deab
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 14:49:20.627691
Duration: 2168.635 ms
Changes:
----------
httpd:
True
Summary for 192.168.91.137
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 23.357 s
2.2 stay node1 Check on the host
// Check the installation
[[email protected] ~]# rpm -qa | grep httpd
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
// see apache Service startup
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: active (running) since Tue 2021-11-02 14:49:22 C>
Docs: man:httpd.service(8)
Main PID: 531114 (httpd)
Status: "Running, listening on: port 80"
Tasks: 213 (limit: 23484)
Memory: 42.8M
CGroup: /system.slice/httpd.service
├─531114 /usr/sbin/httpd -DFOREGROUND
├─531789 /usr/sbin/httpd -DFOREGROUND
├─531790 /usr/sbin/httpd -DFOREGROUND
├─531791 /usr/sbin/httpd -DFOREGROUND
└─531792 /usr/sbin/httpd -DFOREGROUND
Nov 02 14:49:20 node1 systemd[1]: Starting The Apache HTTP >
Nov 02 14:49:22 node1 httpd[531114]: AH00558: httpd: Could >
Nov 02 14:49:22 node1 systemd[1]: Started The Apache HTTP S>
Nov 02 14:49:41 node1 httpd[531114]: Server configured, lis>
web Page access test 
From the above we can see that apache Indeed, it has been successfully deployed .
// Execute in the test environment
[[email protected] base]# tree
.
`-- web `-- apache
`-- install.sls 2 directories, 1 file [[email protected] base]# cp -r web ../test [[email protected] base]# tree ../test ../test `-- web
`-- apache `-- install.sls
2 directories, 1 file
[[email protected] base]# salt '192.168.91.137' state.sls web.apache.install saltenv=test
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 15:02:53.841175
Duration: 647.493 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 15:02:54.490562
Duration: 44.13 ms
Changes:
Summary for 192.168.91.137
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 691.623 ms
Tips for executing status files :
- First use test.ping Test whether the host that needs to execute the status file can communicate normally , Then execute the status file
3、 ... and 、top file
3.1 top file Introduce
Execute directly by command sls Are files automated enough ? The answer is No , Because we have to tell a host to perform a task , Automation should be when we let it work , It knows which host will do what work , But execute directly by command sls Documents do not achieve this purpose , To solve this problem ,top file emerge as the times require .
top file It's just an entrance ,top file The file name of can be found in Master Search in the configuration file of top.sls find , And this file must be in base Environment , By default, this file must be called top.sls.
top file The function of is to tell the corresponding host what to do , Let's say web Server startup web service , Let the database server install mysql wait .
top file example :
stay node1 Installed on the host httpd,node2 Installed on the host nginx,node3 Installed on the host httpd
preparation
// To uninstall first node1 Host computer httpd service
[[email protected] ~]# yum -y remove httpd
The unloading process is omitted ...
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]#
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# systemctl status httpd
Unit httpd.service could not be found.
// Check node2 Is the host installed nginx service
[[email protected] ~]# rpm -qa | grep nginx
[[email protected] ~]#
// Check node3 Is the host installed httpd service
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]#
Actual operation
// establish mariadb Catalog
[[email protected] base]# ls
web
[[email protected] base]# mkdir -p web/nginx
[[email protected] base]# tree
.
`-- web |-- apache | `-- install.sls
`-- nginx 3 directories, 1 file // Write a nginx Installation file [[email protected] base]# vim web/nginx/install.sls nginx-install: pkg.installed: - name: nginx nginx-service: service.running: - name: nginx - enable: True [[email protected] base]# tree . `-- web
|-- apache
| `-- install.sls `-- nginx
`-- install.sls
3 directories, 2 files
[[email protected] base]# pwd
/srv/salt/base
[[email protected] base]# vim top.sls
base: // The environment in which the status file is to be executed
192.168.91.137: // To execute the target of the status file
- web.apache.install // Status file to execute
node2:
- web.nginx.install
node3:
- web.apache.install
// Check the host connection
[[email protected] base]# salt '*' test.ping
192.168.91.137:
True
master:
True
node2:
True
node3:
True
// Use advanced state to perform
[[email protected] base]# salt '*' state.highstate
master:
----------
ID: states
Function: no.None
Result: False
Comment: No Top file or master_tops data matches found. Please see master log for details.
Changes: // master There is an error , Because master I have no definition on this host , It's normal
Summary for master
------------
Succeeded: 0
Failed: 1
------------
Total states run: 1
Total run time: 0.000 ms
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:31:58.727210
Duration: 809.511 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 16:31:59.539214
Duration: 51.557 ms
Changes:
Summary for 192.168.91.137
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 861.068 ms
node2:
----------
ID: nginx-isntall
Function: pkg.installed
Name: nginx
Result: True
Comment: All specified packages are already installed
Started: 16:32:01.415844
Duration: 1112.745 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: The service nginx is already running
Started: 16:32:02.533262
Duration: 59.586 ms
Changes:
Summary for node2
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 1.172 s
node3:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:32:02.523591
Duration: 1346.453 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 16:32:03.877325
Duration: 192.106 ms
Changes:
Summary for node3
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 1.539 s
// testing
[[email protected] ~]# rpm -qa | grep httpd
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
[[email protected] ~]# rpm -qa | grep nginx
nginx-mod-stream-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-filesystem-1.14.1-9.module_el8.0.0+184+e34fea82.noarch
nginx-mod-http-perl-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-mod-mail-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-all-modules-1.14.1-9.module_el8.0.0+184+e34fea82.noarch
nginx-mod-http-xslt-filter-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-mod-http-image-filter-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
[[email protected] ~]# rpm -qa | grep httpd
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
Be careful :
- if top file The goal is to use * It means , It should be noted that ,top file Inside * Represents the target of all States to be executed , and salt ‘*’ state.highstate Inside * Indicates that all machines are notified to work , Whether to work or not is determined by top file Designated
3.2 Advanced status highstate Use
management SaltStack In general, the most common management operation is to execute advanced state
[[email protected] ~]# salt '*' state.highstate // Such use is prohibited in the production environment salt command
Be careful :
It allows everyone to perform advanced status , But in practice , I don't usually use it like this , In work, it is usually to notify one or some target hosts to execute advanced status , Whether it is implemented or not is determined by top file To decide .
If you add a parameter when executing the advanced state test=True, Then it will tell us what it will do , But it won't really perform this operation
// Stop node3 Host computer httpd service
[[email protected] ~]# systemctl stop httpd
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: inactive (dead) since Tue 2021-11-02 16:37:07 CS>
Docs: man:httpd.service(8)
Process: 561432 ExecStart=/usr/sbin/httpd $OPTIONS -DFORE>
Main PID: 561432 (code=exited, status=0/SUCCESS)
Status: "Running, listening on: port 80"
Nov 02 16:27:47 node3 systemd[1]: Starting The Apache HTTP >
Nov 02 16:28:07 node3 httpd[561432]: AH00558: httpd: Could >
Nov 02 16:28:07 node3 systemd[1]: Started The Apache HTTP S>
Nov 02 16:28:17 node3 httpd[561432]: Server configured, lis>
Nov 02 16:37:06 node3 systemd[1]: Stopping The Apache HTTP >
Nov 02 16:37:07 node3 systemd[1]: httpd.service: Succeeded.
Nov 02 16:37:07 node3 systemd[1]: Stopped The Apache HTTP S>
// stay master Perform advanced state tests on
[[email protected] base]# salt 'node3' test.ping
node3:
True
[[email protected] base]# salt 'node3' state.highstate test=True
node3:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:41:47.095885
Duration: 821.71 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: None
Comment: Service httpd is set to start
Started: 16:41:47.919808
Duration: 47.748 ms
Changes:
Summary for node3
------------
Succeeded: 2 (unchanged=1)
Failed: 0
------------
Total states run: 2
Total run time: 869.458 ms
// stay node3 Check out httpd Whether to start
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: inactive (dead) since Tue 2021-11-02 16:41:33 CS>
Docs: man:httpd.service(8)
Process: 580967 ExecStart=/usr/sbin/httpd $OPTIONS -DFORE>
Main PID: 580967 (code=exited, status=0/SUCCESS)
Status: "Running, listening on: port 80"
Nov 02 16:37:59 node3 systemd[1]: Starting The Apache HTTP >
Nov 02 16:38:19 node3 httpd[580967]: AH00558: httpd: Could >
Nov 02 16:38:19 node3 systemd[1]: Started The Apache HTTP S>
Nov 02 16:38:30 node3 httpd[580967]: Server configured, lis>
Nov 02 16:41:32 node3 systemd[1]: Stopping The Apache HTTP >
Nov 02 16:41:33 node3 systemd[1]: httpd.service: Succeeded.
Nov 02 16:41:33 node3 systemd[1]: Stopped The Apache HTTP S>
// It can be seen that the advanced state does not execute , because httpd It didn't start
边栏推荐
- 读了三年论文,我今天才学会阅读摘要
- WPF implements MessageBox message prompt box with mask
- ardupilot软件在环仿真与在线调试
- 力扣 1331. 数组序号转换
- An intern's journey to cnosdb
- 宝塔面板搭建小说CMS管理系统源码实测 - ThinkPHP6.0
- Ardupilot software in the loop simulation and online debugging
- Have you ever seen this kind of dynamic programming -- the stock problem of state machine dynamic programming (Part 2)
- New this prototype precompiled exercise
- 一家芯片公司倒在了B轮
猜你喜欢
英文翻译西班牙语-批量英文翻译西班牙工具免费
source insight项目导入和使用教程
![[solved] ac86u ml revision firmware virtual memory creation failed, prompting that the USB disk reading and writing speed does not meet the requirements](/img/1c/6dbfcb5e6ade52d8cbfabcb34616a5.png)
[solved] ac86u ml revision firmware virtual memory creation failed, prompting that the USB disk reading and writing speed does not meet the requirements
Srs4.0 installation steps
adb remount of the / superblock failed: Permission denied
Streamlit machine learning application development tutorial
用于异常检测的Transformer - InTra《Inpainting Transformer for Anomaly Detection》
Adobe Flash player 34.0.0.92 and available version modification methods (2021-01-23
navicate修改数据库名的方式
当CNN遇见Transformer《CMT:Convolutional Neural Networks Meet Vision Transformers》
随机推荐
App自动化测试是怎么实现H5测试的
ES6 new - arrow function
Pytorch:交叉熵损失(CrossEntropyLoss)以及标签平滑(LabelSmoothing)的实现
Transformer for anomaly detection - instra "painting transformer for anomaly detection"
一家芯片公司倒在了B轮
When CNN meets transformer cmt:revolutionary neural networks meet vision transformers
New this prototype precompiled exercise
Srs4.0 installation steps
Smart contract security - overflow vulnerability
Prometheus部署
Rust Getting Started Guide (modules and engineering structures)
Have you ever seen this kind of dynamic programming -- the stock problem of state machine dynamic programming (Part 2)
SaltStack常用的模块
Asp net MVC web development tutorial
stc12c5a60s2功能说明(STC12C5A60S2默认触发)
Web 3.0 development learning path
App自动化测试是怎么实现H5测试的
WPF implements MessageBox message prompt box with mask
C语言循环语句强化练习题
Design of library management database system