SaltStack ---Jinja模板的使用
1 Jinja模板简介
Jinja是一种基于python的模板引擎,在SLS文件里可以直接使用jinja模板来做一些操作。通过jinja模板可以为不同服务器定义各自的变量。比如当我们需要对多台服务器做一些apache服务配置时,由于每台服务器信息不一样(比如ip不同),如果为每台服务器去创建SLS文件就不太合理,而通过jinja模板则可以用生成变量→读取变量的方式来为每个服务器设置应有的信息。
2 Jinja模板使用
- {% … %} :用于执行诸如 for 循环 或赋值的语句
- {{ … }}:把表达式的结果打印到模板上
2.1 使用控制结构包装条件
(1)将虚拟机主机名写入指定文件
- 编辑sls文件:vim /srv/salt/test.sls
/mnt/testfile:
file.append:
{% if grains['fqdn'] == 'server2' %}
- text: server2
{% elif grains['fqdn'] == 'server3' %}
- text: server3
{% endif %}
- 测试:
salt '*' state.sls test
2.2 Jinja模板部署apache
(1)安装apache时将主机的ip写入到默认的发布目录
- 编辑init.sls文件:
vim /srv/salt/apache/init.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- source: salt://apache/files/index.html
- name: /var/www/html/index.html
service.running:
- name: httpd
- enable: true
- watch:
- file: apache
/var/www/html/index.html:
file.managed:
- source: salt://apache/files/index.html
- template: jinja
- 编辑Jinja模板:
vim /srv/salt/apache/files/index.html
{{ grains['ipv4'][-1] }}
- 测试:
salt server2 state.sls apache
(2)安装apache时将主机的ip和主机名写入到默认的发布目录
- 编辑init.sls文件:
vim /srv/salt/apache/init.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- source: salt://apache/files/index.html
- name: /var/www/html/index.html
service.running:
- name: httpd
- enable: true
- watch:
- file: apache
/var/www/html/index.html:
file.managed:
- source: salt://apache/files/index.html
- template: jinja
- context:
NAME: server2
#NAME: {{ grains['ipv4'] }}
- 编辑apache的默认发布目录:
vim /srv/salt/apache/files/index.html
{{ NAME }} ##直接引用变量
{{ grains['ipv4'][-1] }} ##直接引用grains变量
测试:salt server2 state.sls apache
cd /var/www/html
(3)安装apache时将主机名写入到默认的发布目录,并制定监听的端口
- 编辑init.sls文件:
vim /srv/salt/apache/init.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- source: salt://apache/files/httpd.conf
- name: /etc/httpd/conf/httpd.conf
- template: jinja
- context:
port: 80
bind: {{ grains['ipv4'][-1] }}
service.running:
- name: httpd
- enable: true
- watch:
- file: apache
/var/www/html/index.html:
file.managed:
- source: salt://apache/files/index.html
- template: jinja
- context:
NAME: {{ grains['fqdn'] }}
- 编辑apache配置的Jinja模板文件:
vim /srv/salt/apache/files/httpd.conf
- 测试:
salt server2 state.sls apache
查看minion端httpd监听的bind和端口号:netstat -antlp
2.3 Jinja模板部署keepalive
新建目录:
mkdir /srv/salt/keepalived
mkdir /srv/salt/keepalived/files
(1)编辑init.als文件:vim /srv/salt/keepalived/init.sls
kp-install:
pkg.installed:
- name: keepalived
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://keepalived/files/keepalived.conf
- template: jinja
- context:
STATE: {{ pillar['state'] }}
VRID: {{ pillar['vrid'] }}
PRI: {{ pillar['pri'] }}
service.running:
- name: keepalived
- enable: true
- reload: true
- watch:
- file: kp-install
- 编辑keepalived配置文件的Jinja模板:
vim /srv/salt/keepalived/files/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@locahost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id {{ VRID }}
priority {{ PRI }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.12.100
}
}
- 编辑pillar的文件:
vim /srv/pillar/package.sls
{% if grains['fqdn'] == 'server3' %}
package: nginx
state: BACKUP
vrid: 51
pri: 50
{% elif grains['fqdn'] == 'server2' %}
port: 80
bind: 172.25.12.2
state: MASTER
vrid: 51
pri: 100
{% endif %}
vim pillar/top.sls
base:
'*':
- package
- 编辑top.sls:
vim /srv/salt/top.sls
base:
'roles:apache':
- match: grain
- apache
- keepalived
'roles:nginx':
- match: grain
- nginx
- keepalived
- 测试:
salt '*' state.highstate
curl 172.25.12.100
- server2停止 keepalived.服务后:
systemctl stop keepalived.service
curl 172.25.12.100
- 此时服务迁移到了server3
2.4 import方式
- import方式,可在state文件之间共享
- 在Jinja模板中定义变量的方式优先级最高
import方式部署apache
(1) 定义变量文件:vim /srv/salt/apache/lib.sls
{% set port = 80 %}
(2) 导入模板文件:vim /srv/salt/apache/files/httpd.conf
{% from 'apache/lib.sls' import port %}
Listen {{ bind }}:{{ port }}
(3) 编辑部署apache的引导文件:vim /srv/salt/apache/init.sls
apache:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- source: salt://apache/files/httpd.conf
- name: /etc/httpd/conf/httpd.conf
- template: jinja
- context:
port: {{ pillar['port'] }}
bind: {{ grains['ipv4'][-1] }}
service.running:
- name: httpd
- enable: true
- watch:
- file: apache
/var/www/html/index.html:
file.managed:
- source: salt://apache/files/index.html
- template: jinja
- context:
NAME: {{ grains['fqdn'] }}
(4)编辑pillar的package.sls文件:vim /srv/pillar/package.sls
{% if grains['fqdn'] == 'server3' %}
package: nginx
{% elif grains['fqdn'] == 'server2' %}
port: 8080
bind: 172.25.12.2
{% endif %}
(5) 编辑pillar的top.sls文件:vim /srv/pillar/top.sls
base:
'*':
- package ##/srv/pillar/package.sls
(6)测试:salt server2 state.sls apache
- 查看minion的httpd服务和端口号:
netstat -antlp