1. YAML语言
YAML是一种直观的能够被电脑识别的数据序列化格式,是一个可读性高并且容易被人类阅读,容易和脚本语言交互,用来表达资料序列的编程语言。
它类似于标准通用标记语言的子集XML的数据描述语言,语法比XML简单很多。
YAML语言的格式如下:
house:
family:
name: Doe
parents:
- John
- Jane
children:
- Paul
- Mark
- Simone
address:
number: 34
street: Main Street
city: Nowheretown
zipcode: 12345YAML的基本规则:
- 使用缩进来表示层级关系,每层2个空格,禁止使用TAB键
- 当冒号不是处于最后时,冒号后面必须有一个空格
- 用 - 表示列表,- 的后面必须有一个空格
- 用 # 表示注释
YAML配置文件要放到SaltStack让我们放的位置,可以在SaltStack的 Master 配置文件中查找file_roots即可看到。[root@master ~]# vim /etc/salt/master ...此处省略N行 #添加 file_roots: base: - /srv/salt/base #基础环境,在base里面做的事是所有主机都可以做的事 test: - /srv/salt/test #测试环境 dev: - /srv/salt/dev #开发环境 prod: - /srv/salt/prod #生产环境 ...此处省略N行 [root@master salt]# mkdir -p /srv/salt/{base,test,dev,prod} [root@master salt]# tree /srv /srv └── salt ├── base ├── dev ├── prod └── test 4 directories, 0 files [root@master ~]# systemctl restart salt-master需要注意:
base是默认的位置,如果file_roots只有一个,则base是必备的且必须叫base,不能改名
2. 用SaltStack配置一个apache实例
2.1 在Master上部署sls配置文件并执行
[root@master salt]# cd /srv/salt/ [root@master salt]# ls base dev prod test [root@master base]# mkdir web/{nginx,apache} -p [root@master base]# tree . └── web ├── apache └── nginx 3 directories, 0 files [root@master base]# vim web/apache/apache.sls //生成一个状态描述文件 [root@master base]# cat web/apache/apache.sls apache-install: pkg.installed: - name: httpd apache-service: service.running: - name: httpd - enable: true // YAML 配置文件中顶格写的被称作ID,必须全局唯一,不能重复 // SaltStack 读 YAML 配置文件时是从上往下读,所以要把先执行的写在前面 //执行状态描述文件 [root@master base]# salt 'minion1' state.sls web.apache.apache saltenv=base #saltenv是环境,是base环境不用指定 minion1: Minion did not return. [No response] The minions may not have all finished running and any remaining minions will return upon completion. To look up the return data for this job later, run the following command: salt-run jobs.lookup_jid 20211102112613895102 #不是报错,是网络延迟 ERROR: Minions returned with non-zero exit code [root@master base]# salt-run jobs.lookup_jid 20211102112613895102 minion1: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: The following packages were installed/updated: httpd Started: 19:26:16.182911 Duration: 19544.442 ms Changes: ---------- apr: ---------- new: 1.6.3-12.el8 old: apr-util: ---------- new: 1.6.1-6.el8 old: apr-util-bdb: ---------- new: 1.6.1-6.el8 old: apr-util-openssl: ---------- new: 1.6.1-6.el8 old: centos-logos-httpd: ---------- new: 85.8-1.el8 old: httpd: ---------- new: 2.4.37-40.module_el8.5.0+852+0aafc63b old: httpd-filesystem: ---------- new: 2.4.37-40.module_el8.5.0+852+0aafc63b old: httpd-tools: ---------- new: 2.4.37-40.module_el8.5.0+852+0aafc63b old: mailcap: ---------- new: 2.1.48-3.el8 old: mod_http2: ---------- new: 1.15.7-3.module_el8.4.0+778+c970deab old: ---------- ID: apache-service Function: service.running Name: httpd Result: True Comment: Service httpd has been enabled, and is running Started: 19:26:35.784719 Duration: 19551.227 ms Changes: ---------- httpd: True Summary for minion1 ------------ Succeeded: 2 (changed=2) Failed: 0 ------------ Total states run: 2 Total run time: 39.096 s [root@minion1 ~]# rpm -qa| grep httpd centos-logos-httpd-85.8-1.el8.noarch httpd-tools-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64 httpd-filesystem-2.4.37-40.module_el8.5.0+852+0aafc63b.noarch httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64 [root@minion1 ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* LISTEN 0 128 *:80 *:*由以上内容可知apache确实已部署成功。
执行状态文件的技巧:
先用test.ping测试需要执行状态文件的主机是否能正常通信,然后再执行状态文件
3. top file
3.1 top file介绍
直接通过命令执行sls文件时够自动化吗?答案是否定的,因为我们还要告诉某台主机要执行某个任务,自动化应该是我们让它干活时,它自己就知道哪台主机要干什么活,但是直接通过命令执行sls文件并不能达到这个目的,为了解决这个问题,top file 应运而生。
top file就是一个入口,top file的文件名可通过在 Master的配置文件中搜索top.sls找出,且此文件必须在 base 环境中,默认情况下此文件必须叫top.sls。
top file的作用就是告诉对应的主机要干什么活,比如让web服务器启动web服务,让数据库服务器安装mysql等等。
top file 实例:[root@master base]# cat web/nginx/install.sls nginx-install: pkg.installed: - name: nginx nginx-service: service.running: - name: nginx - enable: true [root@master base]# tree . └── web ├── apache │ └── install.sls └── nginx └── install.sls [root@master base]# cat top.sls base: //要执行状态文件的环境 'minion1': //要执行状态文件的目标 - web.nginx.install //要执行的状态文件 'minion2': - web.apache.install [root@master base]# salt '*' state.highstate //使用高级状态来执行 master: //在top file里没找到它要干啥 ---------- ID: states Function: no.None Result: False Comment: No Top file or master_tops data matches found. Please see master log for details. Changes: Summary for master ------------ Succeeded: 0 Failed: 1 ------------ Total states run: 1 Total run time: 0.000 ms minion2: Minion did not return. [No response] The minions may not have all finished running and any remaining minions will return upon completion. To look up the return data for this job later, run the following command: salt-run jobs.lookup_jid 20211102121721179739 minion1: Minion did not return. [No response] The minions may not have all finished running and any remaining minions will return upon completion. To look up the return data for this job later, run the following command: salt-run jobs.lookup_jid 20211102121721179739 ERROR: Minions returned with non-zero exit code //查看minion的httpd和nginx状态 [root@minion1 ~]# systemctl status nginx ● nginx.service - The nginx HTTP and reverse proxy server Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: dis> Active: active (running) since Tue 2021-11-02 19:48:56 CST; 30min ago Main PID: 122600 (nginx) Tasks: 2 (limit: 11201) Memory: 8.1M CGroup: /system.slice/nginx.service ├─122600 nginx: master process /usr/sbin/nginx └─122601 nginx: worker process [root@minion2 salt]# systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: dis> Active: active (running) since Tue 2021-11-02 19:16:36 CST; 3min 24s ago Docs: man:httpd.service(8) Main PID: 36279 (httpd) Status: "Running, listening on: port 80" Tasks: 213 (limit: 11201) //停掉httpd然后再单独执行minion2 [root@master base]# salt 'minion2' state.highstate #只通知minion2做任务 minion2: Minion did not return. [No response] The minions may not have all finished running and any remaining minions will return upon completion. To look up the return data for this job later, run the following command: salt-run jobs.lookup_jid 20211102121426215895 ERROR: Minions returned with non-zero exit code注意:
若top file里面的目标是用 * 表示的,要注意的是,top file里面的 * 表示的是所有要执行状态的目标,而 salt ‘*’ state.highstate 里面的 * 表示通知所有机器干活,而是否要干活则是由top file来指定的
3.2 高级状态highstate的使用
管理SaltStack时一般最常用的管理操作就是执行高级状态
[root@master ~]# salt '*' state.highstate //生产环境禁止这样使用salt命令注意:
上面让所有人执行高级状态,但实际工作当中,一般不会这么用,工作当中一般都是通知某台或某些台目标主机来执行高级状态,具体是否执行则是由top file来决定的。若在执行高级状态时加上参数test=True,则它会告诉我们它将会做什么,但是它不会真的去执行这个操作
//停掉minon上的httpd服务 [root@minion1 ~]# systemctl stop nginx [root@minion1 ~]# systemctl status nginx ● nginx.service - The nginx HTTP and reverse proxy server Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: dis> Active: inactive (dead) since Tue 2021-11-02 20:26:23 CST; 21s ago Main PID: 122600 (code=exited, status=0/SUCCESS) [root@minion2 salt]# systemctl stop httpd [root@minion2 salt]# systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: dis> Active: inactive (dead) since Tue 2021-11-02 19:27:14 CST; 6s ago Docs: man:httpd.service(8) Process: 36279 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status> Main PID: 36279 (code=exited, status=0/SUCCESS) Status: "Running, listening on: port 80" //在master上执行高级状态的测试 [root@master base]# salt 'minion2' state.highstate test=true minion2: ---------- ID: apache-install Function: pkg.installed Name: httpd Result: True Comment: All specified packages are already installed Started: 19:28:51.615154 Duration: 677.122 ms Changes: ---------- ID: apache-service Function: service.running Name: httpd Result: None Comment: Service httpd is set to start //将会启动httpd Started: 19:28:52.294097 Duration: 41.935 ms Changes: Summary for minion2 ------------ Succeeded: 2 (unchanged=1) Failed: 0 ------------ Total states run: 2 Total run time: 719.057 ms //在minion上查看httpd是否启动 [root@minion2 salt]# systemctl status httpd ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: dis> Active: inactive (dead) since Tue 2021-11-02 19:27:14 CST; 2min 25s ago Docs: man:httpd.service(8) Process: 36279 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status> Main PID: 36279 (code=exited, status=0/SUCCESS) Status: "Running, listening on: port 80" //由此可见高级状态并没有执行,因为httpd并没有启动
扫一扫
111
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
