1、grains
grains 是在 minion(客户端)启动时收集到的一些信息,比如操作系统类型、网卡ip等。强调是minion启动时收集到的数据,所以如果改了什么硬件啥的,要重启minion才能收集,要不然还是老数据。
1.1)列出grains的key
[root@master salt]# salt '192.168.222.145' grains.ls
1.2)显示所有的key及对应key的值
[root@master salt]# salt '192.168.222.145' grains.items
1.3)显示单个key对应的值
[root@master salt]# salt '192.168.222.145' grains.item fqdn
192.168.222.145:
----------
fqdn:
master
[root@master salt]# salt '192.168.222.145' grains.get fqdn
192.168.222.145:
master
1.4)根据grains匹配并操作,如下匹配所有操作系统是centos的机器并执行w
[root@master salt]# salt -G os:CentOS cmd.run 'w'
192.168.222.146:
01:42:30 up 5:59, 1 user, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/1 192.168.222.1 19:43 56:20 0.34s 0.34s -bash
192.168.222.145:
01:42:32 up 6:01, 1 user, load average: 0.10, 0.05, 0.01
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/1 192.168.222.1 19:41 1.00s 1.07s 0.45s /usr/bin/python
1.5)也可以自定义grains,然后来匹配,在minion的配置文件中修改
[root@master ~]# vim /etc/salt/minion
grains:
roles:
- webserver
- memcache
匹配角色是memcache的机器并输出hehe
[root@master ~]# salt -G roles:memcache cmd.run 'echo hehe'
192.168.222.145:
hehe
1.6)也可以自己创建一个文件来匹配grains
[root@master ~]# vim /etc/salt/grains
web: nginx
这个web不要跟minion里面的重复
[root@master ~]# salt -G web:nginx cmd.run 'uptime'
192.168.222.145:
01:52:23 up 6:10, 1 user, load average: 0.08, 0.05, 0.00
1.7)top.sls里面也可以通过grains匹配
[root@master ~]# vim /srv/salt/top.sls
base:
'web:nginx':
- match: grain
- apache
[root@master ~]# salt '*' state.highstate
192.168.222.146:
----------
ID: states
Function: no.None
Result: False
Comment: No Top file or external nodes data matches found.
Started:
Duration:
Changes:
Summary
------------
Succeeded: 0
Failed: 1
------------
Total states run: 1
192.168.222.145:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 03:02:16.972245
Duration: 1319.294 ms
Changes:
----------
ID: apache-install
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: Package httpd-devel is already installed.
Started: 03:02:18.291724
Duration: 0.646 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 03:02:18.293048
Duration: 50.703 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
ERROR: Minions returned with non-zero exit code
2、Pillar,给minion指定的数据,给谁指定谁就能看到。如下开启pillar,修改配置之后重启服务,可能或会才会有响应。
[root@master ~]# vim /etc/salt/master
pillar_opts: True
[root@master salt]# salt '*' pillar.items
2.1)定义pillar数据,这个入口文件的要求是跟grains一样的
[root@master ~]# vim /etc/salt/master
pillar_roots:
base:
- /srv/pillar
pillar_opts: False
改为false
[root@master ~]# mkdir /srv/pillar
[root@master pillar]# pwd
/srv/pillar
[root@master pillar]# cat apache.sls
{% if grains['os'] == 'CentOS' %}
apache: httpd
{% elif grains['os'] == 'Debian' %}
apache: apache2
{% endif %}
[root@master pillar]# cat top.sls
base:
'*':
- apache
刷新一下
[root@master pillar]# salt '*' saltutil.refresh_pillar
192.168.222.145:
True
192.168.222.146:
True
[root@master pillar]# salt -I 'apache:httpd' test.ping
192.168.222.145:
True
192.168.222.146:
True
名称 | 存储位置 | 数据类型 | 数据采集更新方式 | 应用 |
Grains | minion | 静态数据 | minion启动时收集,也可以使用 saltutil.sync_grains进行刷新。 | 存储minion基本数据。比如用于匹配minion, 自身数据可以用来做资产管理等。 |
Pillar | master | 动态数据 | 在master端定义,指定给对应 的minion。可以使用saltutil.refresh_pillar刷新。 | 存储master指定的数据,只有指定的minion可以看到,用于敏感数据保存。 |