当前位置:网站首页>Saltstack configuration management
Saltstack configuration management
2022-07-28 19:32:00 【Amu 690】
List of articles
One 、YAML Language
YAML It is an intuitive data serialization format that can be recognized by computer , It is highly readable and easy for human to read , Easy to interact with scripting languages , Programming language used to express data sequence .
It is similar to a subset of the standard common markup language XML Data description language of , Grammar than XML Simple a lot .
YAML The format of the language is as follows :
house:
family:
name: Doe
parents:
- John
- Jane
children:
- Paul
- Mark
- Simone
address:
number: 34
street: Main Street
city: Nowheretown
zipcode: 12345
YAML The basic rules of :
- Use indents to represent hierarchical relationships , Each layer 2 A space , No use TAB key
- When the colon is not at the end , There must be a space after the colon
- use - Represents a list ,- There must be a space after
- use # Notation
YAML The configuration file should be placed in SaltStack Let's put it in the right place , Can be in SaltStack Of Master Find in profile file_roots You can see .
// View help documents
[[email protected] ~]# cd /etc/salt/
[[email protected] salt]# ls
cloud cloud.profiles.d minion proxy
cloud.conf.d cloud.providers.d minion.d proxy.d
cloud.deploy.d master minion_id roster
cloud.maps.d master.d pki
[[email protected] salt]# vim master
# file_roots:
# base:
# - /srv/salt/
# dev:
# - /srv/salt/dev/services
# - /srv/salt/dev/states
# prod:
# - /srv/salt/prod/services
# - /srv/salt/prod/states
#
#file_roots:
# base:
# - /srv/salt
// base: Based on the environment ( The configuration is common to all hosts )
// test: Test environment ( Only for the test environment )
// dev: development environment ( Only for the development environment )
// prod: Generating environment ( Only for the generation environment )
So let's not set it like the help document above
// Modify the configuration file
[[email protected] salt]# vim master
#file_roots:
# base:
# - /srv/salt
#
file_roots: // Write your own
base:
- /srv/salt/base
dev:
- /srv/salt/dev
prod:
- /srv/salt/prod
test:
- /srv/salt/test
// Create environment Directory
[[email protected] salt]# tree /srv/
/srv/
0 directories, 0 files
[[email protected] salt]# mkdir -p /srv/salt/{base,test,dev,prod}
[[email protected] salt]# tree /srv/
/srv/
`-- salt |-- base |-- dev |-- prod `-- test
// Restart the service
[[email protected] salt]# systemctl restart salt-master
We need to pay attention to :
- base Is the default location , If file_roots only one , be base It is necessary and must be called base, You can't change your name
Two 、 use SaltStack To configure a apache example
Environmental statement :
| Host name | Host type | IP | System | Applications that need to be installed |
|---|---|---|---|---|
| master | Control machine | 192.168.91.135 | CentOS8 | salt-master salt-minion |
| node1 | Controlled machine | 192.168.91.137 | CentOS8 | salt-minion |
| node2 | Controlled machine | 192.168.91.134 | CentOS8 | salt-minion |
| node3 | Controlled machine | 192.168.91.138 | CentOS8 | salt-minion |
Be careful :node1 This host has been set id, Visit with IP Visiting , No longer host name access
2.1 stay Master Upper Department sls Configure the file and execute
// Create a apache Catalog
[[email protected] salt]# cd /srv/salt/base/
[[email protected] base]# ls
[[email protected] base]# mkdir -p web/apache
[[email protected] base]# tree
.
`-- web `-- apache
2 directories, 0 files
// Generate a status description file
[[email protected] base]# vim web/apache/install.sls
apache-install:
pkg.installed:
- name: httpd // install httpd
apache-service:
service.running:
- name: httpd
- enable: True // function httpd, Set up self start
// YAML What is written in the top grid of the configuration file is called ID, It has to be globally unique , Can't repeat
// SaltStack read YAML The configuration file is read from top to bottom , So write the first execution in front
// see node1 Does the host have apache service
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]# // No, apache service
// test node1 Whether the host can ping through
[[email protected] base]# salt "192.168.91.137" test.ping
192.168.91.137:
True
// stay 192.168.91.137 Host execution state The state function , stay web.apache.apache Execute under the document
[[email protected] base]# salt '192.168.91.137' state.sls web.apache.install saltenv=base
// saltnev: Specify the environment , The default is base Environmental Science
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: The following packages were installed/updated: httpd
Started: 14:48:59.409563
Duration: 21188.407 ms
Changes:
----------
apr:
----------
new:
1.6.3-12.el8
old:
apr-util:
----------
new:
1.6.1-6.el8
old:
apr-util-bdb:
----------
new:
1.6.1-6.el8
old:
apr-util-openssl:
----------
new:
1.6.1-6.el8
old:
centos-logos-httpd:
----------
new:
85.8-1.el8
old:
httpd:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
httpd-filesystem:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
httpd-tools:
----------
new:
2.4.37-40.module_el8.5.0+852+0aafc63b
old:
mailcap:
----------
new:
2.1.48-3.el8
old:
mod_http2:
----------
new:
1.15.7-3.module_el8.4.0+778+c970deab
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 14:49:20.627691
Duration: 2168.635 ms
Changes:
----------
httpd:
True
Summary for 192.168.91.137
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 23.357 s
2.2 stay node1 Check on the host
// Check the installation
[[email protected] ~]# rpm -qa | grep httpd
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
// see apache Service startup
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: active (running) since Tue 2021-11-02 14:49:22 C>
Docs: man:httpd.service(8)
Main PID: 531114 (httpd)
Status: "Running, listening on: port 80"
Tasks: 213 (limit: 23484)
Memory: 42.8M
CGroup: /system.slice/httpd.service
├─531114 /usr/sbin/httpd -DFOREGROUND
├─531789 /usr/sbin/httpd -DFOREGROUND
├─531790 /usr/sbin/httpd -DFOREGROUND
├─531791 /usr/sbin/httpd -DFOREGROUND
└─531792 /usr/sbin/httpd -DFOREGROUND
Nov 02 14:49:20 node1 systemd[1]: Starting The Apache HTTP >
Nov 02 14:49:22 node1 httpd[531114]: AH00558: httpd: Could >
Nov 02 14:49:22 node1 systemd[1]: Started The Apache HTTP S>
Nov 02 14:49:41 node1 httpd[531114]: Server configured, lis>
web Page access test 
From the above we can see that apache Indeed, it has been successfully deployed .
// Execute in the test environment
[[email protected] base]# tree
.
`-- web `-- apache
`-- install.sls 2 directories, 1 file [[email protected] base]# cp -r web ../test [[email protected] base]# tree ../test ../test `-- web
`-- apache `-- install.sls
2 directories, 1 file
[[email protected] base]# salt '192.168.91.137' state.sls web.apache.install saltenv=test
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 15:02:53.841175
Duration: 647.493 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 15:02:54.490562
Duration: 44.13 ms
Changes:
Summary for 192.168.91.137
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 691.623 ms
Tips for executing status files :
- First use test.ping Test whether the host that needs to execute the status file can communicate normally , Then execute the status file
3、 ... and 、top file
3.1 top file Introduce
Execute directly by command sls Are files automated enough ? The answer is No , Because we have to tell a host to perform a task , Automation should be when we let it work , It knows which host will do what work , But execute directly by command sls Documents do not achieve this purpose , To solve this problem ,top file emerge as the times require .
top file It's just an entrance ,top file The file name of can be found in Master Search in the configuration file of top.sls find , And this file must be in base Environment , By default, this file must be called top.sls.
top file The function of is to tell the corresponding host what to do , Let's say web Server startup web service , Let the database server install mysql wait .
top file example :
stay node1 Installed on the host httpd,node2 Installed on the host nginx,node3 Installed on the host httpd
preparation
// To uninstall first node1 Host computer httpd service
[[email protected] ~]# yum -y remove httpd
The unloading process is omitted ...
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]#
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# systemctl status httpd
Unit httpd.service could not be found.
// Check node2 Is the host installed nginx service
[[email protected] ~]# rpm -qa | grep nginx
[[email protected] ~]#
// Check node3 Is the host installed httpd service
[[email protected] ~]# rpm -qa | grep httpd
[[email protected] ~]#
Actual operation
// establish mariadb Catalog
[[email protected] base]# ls
web
[[email protected] base]# mkdir -p web/nginx
[[email protected] base]# tree
.
`-- web |-- apache | `-- install.sls
`-- nginx 3 directories, 1 file // Write a nginx Installation file [[email protected] base]# vim web/nginx/install.sls nginx-install: pkg.installed: - name: nginx nginx-service: service.running: - name: nginx - enable: True [[email protected] base]# tree . `-- web
|-- apache
| `-- install.sls `-- nginx
`-- install.sls
3 directories, 2 files
[[email protected] base]# pwd
/srv/salt/base
[[email protected] base]# vim top.sls
base: // The environment in which the status file is to be executed
192.168.91.137: // To execute the target of the status file
- web.apache.install // Status file to execute
node2:
- web.nginx.install
node3:
- web.apache.install
// Check the host connection
[[email protected] base]# salt '*' test.ping
192.168.91.137:
True
master:
True
node2:
True
node3:
True
// Use advanced state to perform
[[email protected] base]# salt '*' state.highstate
master:
----------
ID: states
Function: no.None
Result: False
Comment: No Top file or master_tops data matches found. Please see master log for details.
Changes: // master There is an error , Because master I have no definition on this host , It's normal
Summary for master
------------
Succeeded: 0
Failed: 1
------------
Total states run: 1
Total run time: 0.000 ms
192.168.91.137:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:31:58.727210
Duration: 809.511 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 16:31:59.539214
Duration: 51.557 ms
Changes:
Summary for 192.168.91.137
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 861.068 ms
node2:
----------
ID: nginx-isntall
Function: pkg.installed
Name: nginx
Result: True
Comment: All specified packages are already installed
Started: 16:32:01.415844
Duration: 1112.745 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: The service nginx is already running
Started: 16:32:02.533262
Duration: 59.586 ms
Changes:
Summary for node2
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 1.172 s
node3:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:32:02.523591
Duration: 1346.453 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 16:32:03.877325
Duration: 192.106 ms
Changes:
Summary for node3
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 1.539 s
// testing
[[email protected] ~]# rpm -qa | grep httpd
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
[[email protected] ~]# rpm -qa | grep nginx
nginx-mod-stream-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-filesystem-1.14.1-9.module_el8.0.0+184+e34fea82.noarch
nginx-mod-http-perl-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-mod-mail-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-all-modules-1.14.1-9.module_el8.0.0+184+e34fea82.noarch
nginx-mod-http-xslt-filter-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
nginx-mod-http-image-filter-1.14.1-9.module_el8.0.0+184+e34fea82.x86_64
[[email protected] ~]# rpm -qa | grep httpd
httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch
centos-logos-httpd-85.8-1.el8.noarch
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*
[[email protected] ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
Be careful :
- if top file The goal is to use * It means , It should be noted that ,top file Inside * Represents the target of all States to be executed , and salt ‘*’ state.highstate Inside * Indicates that all machines are notified to work , Whether to work or not is determined by top file Designated
3.2 Advanced status highstate Use
management SaltStack In general, the most common management operation is to execute advanced state
[[email protected] ~]# salt '*' state.highstate // Such use is prohibited in the production environment salt command
Be careful :
It allows everyone to perform advanced status , But in practice , I don't usually use it like this , In work, it is usually to notify one or some target hosts to execute advanced status , Whether it is implemented or not is determined by top file To decide .
If you add a parameter when executing the advanced state test=True, Then it will tell us what it will do , But it won't really perform this operation
// Stop node3 Host computer httpd service
[[email protected] ~]# systemctl stop httpd
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: inactive (dead) since Tue 2021-11-02 16:37:07 CS>
Docs: man:httpd.service(8)
Process: 561432 ExecStart=/usr/sbin/httpd $OPTIONS -DFORE>
Main PID: 561432 (code=exited, status=0/SUCCESS)
Status: "Running, listening on: port 80"
Nov 02 16:27:47 node3 systemd[1]: Starting The Apache HTTP >
Nov 02 16:28:07 node3 httpd[561432]: AH00558: httpd: Could >
Nov 02 16:28:07 node3 systemd[1]: Started The Apache HTTP S>
Nov 02 16:28:17 node3 httpd[561432]: Server configured, lis>
Nov 02 16:37:06 node3 systemd[1]: Stopping The Apache HTTP >
Nov 02 16:37:07 node3 systemd[1]: httpd.service: Succeeded.
Nov 02 16:37:07 node3 systemd[1]: Stopped The Apache HTTP S>
// stay master Perform advanced state tests on
[[email protected] base]# salt 'node3' test.ping
node3:
True
[[email protected] base]# salt 'node3' state.highstate test=True
node3:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 16:41:47.095885
Duration: 821.71 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: None
Comment: Service httpd is set to start
Started: 16:41:47.919808
Duration: 47.748 ms
Changes:
Summary for node3
------------
Succeeded: 2 (unchanged=1)
Failed: 0
------------
Total states run: 2
Total run time: 869.458 ms
// stay node3 Check out httpd Whether to start
[[email protected] ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; e>
Active: inactive (dead) since Tue 2021-11-02 16:41:33 CS>
Docs: man:httpd.service(8)
Process: 580967 ExecStart=/usr/sbin/httpd $OPTIONS -DFORE>
Main PID: 580967 (code=exited, status=0/SUCCESS)
Status: "Running, listening on: port 80"
Nov 02 16:37:59 node3 systemd[1]: Starting The Apache HTTP >
Nov 02 16:38:19 node3 httpd[580967]: AH00558: httpd: Could >
Nov 02 16:38:19 node3 systemd[1]: Started The Apache HTTP S>
Nov 02 16:38:30 node3 httpd[580967]: Server configured, lis>
Nov 02 16:41:32 node3 systemd[1]: Stopping The Apache HTTP >
Nov 02 16:41:33 node3 systemd[1]: httpd.service: Succeeded.
Nov 02 16:41:33 node3 systemd[1]: Stopped The Apache HTTP S>
// It can be seen that the advanced state does not execute , because httpd It didn't start
边栏推荐
- Streamlit machine learning application development tutorial
- 【笔记】《结网:互联网产品经理改变世界》
- SQL audit tool self introduction owls
- 英文翻译阿拉伯语-批量英文翻译阿拉伯语工具免费
- 使用SaltStack自动化部署LNMP
- 中国首枚芯片邮票面世:内置120um超薄NFC芯片
- Sudo rosdep init error: cannot download default
- R language text mining and natural language processing tutorial
- sudo rosdep init 出现 ERROR: cannot download default
- SaltStack之数据系统
猜你喜欢
一家芯片公司倒在了B轮
Kotlin Android development novice tutorial
![[solved] ac86u ml revision firmware virtual memory creation failed, prompting that the USB disk reading and writing speed does not meet the requirements](/img/1c/6dbfcb5e6ade52d8cbfabcb34616a5.png)
[solved] ac86u ml revision firmware virtual memory creation failed, prompting that the USB disk reading and writing speed does not meet the requirements
文章翻译软件-批量免费翻译软件支持各大翻译接口
Streamlit machine learning application development tutorial
Report redirect after authorized login on wechat official account_ The problem of wrong URI parameters
Smart contract security - overflow vulnerability
Application of time series database in monitoring operation and maintenance platform
SaltStack入门
Convertible bond concept table x notation gives you a convenient and fast experience!
随机推荐
用于异常检测的Transformer - InTra《Inpainting Transformer for Anomaly Detection》
JS modify table font and table border style
C language cycle sentence strengthening exercises
JDBC simple encapsulation
Pytoch: quickly find the main diagonal elements and non diagonal elements of NxN matrix
调用整数或字符数组函数里的参数应该传入啥
Jestson nano Object detection
以数字化转型为契机,3C企业如何通过SRM供应商云协同平台实现高效协同?
Pytoch: implementation of crossentropyloss and labelsmoothing
当CNN遇见Transformer《CMT:Convolutional Neural Networks Meet Vision Transformers》
Quickly install torch spark, torch geometric and other packages in moment pool cloud
搜索问题与技术
Rust 入门指南(crate 管理)
Method of win7 system anti ARP attack
ICLR21(classification) - 未来经典“ViT” 《AN IMAGE IS WORTH 16X16 WORDS》(含代码分析)
Adobe Flash player 34.0.0.92 and available version modification methods (2021-01-23
使用百度EasyDL实现明厨亮灶厨师帽识别
用LEX(FLEX)生成PL语言的词法分析器
串口接收应用——环形缓冲buffer
微信公众号授权登录后报redirect_uri参数错误的问题