SaltStack 配置管理

Posted 终身学习者

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了SaltStack 配置管理相关的知识,希望对你有一定的参考价值。

一、配置管理

    Salt使用State模块文件进行配置管理,使用YAML编写,以.sls结尾,如果进行配置管理首先需要再Master的配置文件中指定“file roots”的选项,Salt支持的环境的配置,比如开发环节、测试环境、生产环境,但是base环境时必须的,而且base环境必须包含入口文件top.sls

第一步:设置file_roots

        修改Master配置文件,指定Flie_roots
        [[email protected]-server ~]# vim /etc/salt/master
        file_roots:
           base:
             - /srv/salt/
        创建相应的目录
            [[email protected]-server ~]# mkdir /srv/salt/ -p
        重启Salt_Master
            [[email protected]-server ~]# /etc/init.d/salt-master restart
            Stopping salt-master daemon:                               [确定]
            Starting salt-master daemon:                               [确定]

    第二步:设置top.sls
        在top.sls入口文件设置环境(如生产、开发、测试对应不同的minion和模块)
            [[email protected] ~]# cat /srv/salt/top.sls
            base:
              ‘*‘:
              - apache
        解释:所有的Minion均执行base目录下的init模块下的pkg-int.sls,我们可以把很多的sls放在一个目录中,方便管理,在top.sls只需要指定目录结构即可。
    第三步:编写状态文件
        [[email protected] ~]# cat /srv/salt/apache.sls
        apache-install:
          pkg.installed:
            - names:
              - httpd
              - httpd-devel
        apache-service:
          service.running:
            - enable: True
            - reload: True
    第四步:执行状态
            [[email protected] ~]# salt ‘*‘ state.highstate
            salt-client:
            ----------
                      ID: apache-install
                Function: pkg.installed
                    Name: httpd
                  Result: True
                 Comment: The following packages were installed/updated: httpd
                 Started: 05:04:09.754956
                Duration: 32117.267 ms
                 Changes:
                          ----------
                          apr-util-ldap:
                              ----------
                              new:
                                  1.3.9-3.el6_0.1
                              old:
                          httpd:
                              ----------
                              new:
                                  2.2.15-55.el6.centos.2
                              old:
                          httpd-tools:
                              ----------
                              new:
                                  2.2.15-55.el6.centos.2
                              old:
            ----------
                      ID: apache-install
                Function: pkg.installed
                    Name: httpd-devel
                  Result: True
                 Comment: The following packages were installed/updated: httpd-devel
                 Started: 05:04:41.879147
                Duration: 31723.148 ms
                 Changes:
                          ----------
                          apr-devel:
                              ----------
                              new:
                                  1.3.9-5.el6_2
                              old:
                          apr-util-devel:
                              ----------
                              new:
                                  1.3.9-3.el6_0.1
                              old:
                          cyrus-sasl-devel:
                              ----------
                              new:
                                  2.1.23-15.el6_6.2
                              old:
                          db4-cxx:
                              ----------
                              new:
                                  4.7.25-20.el6_7
                              old:
                          db4-devel:
                              ----------
                              new:
                                  4.7.25-20.el6_7
                              old:
                          expat:
                              ----------
                              new:
                                  2.0.1-13.el6_8
                              old:
                                  2.0.1-11.el6_2
                          expat-devel:
                              ----------
                              new:
                                  2.0.1-13.el6_8
                              old:
                          httpd-devel:
                              ----------
                              new:
                                  2.2.15-55.el6.centos.2
                              old:
                          openldap-devel:
                              ----------
                              new:
                                  2.4.40-12.el6
                              old:
            ----------
                      ID: apache-service
                Function: service.running
                  Result: False
                 Comment: The named service apache-service is not available
                 Started: 05:05:13.606430
                Duration: 16.255 ms
                 Changes:
            
            Summary
            ------------
            Succeeded: 2 (changed=2)
            Failed:    1
            ------------
            Total states run:     3
        根据上面的设置,执行完状态后。Salt会检查Minion上是否有上面编写的三个软件包。如果没有就会自动使用Yum安装上。
        启动httpd服务
        [[email protected] ~]# salt ‘*‘ cmd.run ‘/etc/init.d/httpd start‘
        salt-client:
            Starting httpd: httpd: apr_sockaddr_info_get() failed for salt-client
            httpd: Could not reliably determine the server‘s fully qualified domain name, using 127.0.0.1 for ServerName
            ?[60G[?[0;32m  OK  ?[0;39m]
    
    第五步:操作练习
    
    下面是我生产安装Haproxy的案例,使用的源码,你参考下。
    
    
    haproxy-install:
    file.managed:
    - name: /usr/local/src/haproxy-1.5.3.tar.gz
    - source: salt://haproxy/files/haproxy-1.5.3.tar.gz
    - mode: 755
    - user: root
    - group: root
    cmd.run:
    - name: cd /usr/local/src && tar zxf haproxy-1.5.3.tar.gz && cd haproxy-1.5.3 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
    - unless: test -d /usr/local/haproxy
    - require:
    - file: haproxy-install
    
    /etc/init.d/haproxy:
    file.managed:
    - source: salt://haproxy/files/haproxy.init
    - mode: 755
    - user: root
    - group: root
    - require:
    - cmd: haproxy-install
    
    net.ipv4.ip_nonlocal_bind:
    sysctl.present:
    - value: 1
    
    haproxy-config-dir:
    file.directory:
    - name: /etc/haproxy
    - mode: 755
    - user: root
    - group: root
    
    haproxy-init:
    cmd.run:
    - name: chkconfig --add haproxy
    - unless: chkconfig --list | grep haproxy
            - require:
            - file: /etc/init.d/haproxy

以上是关于SaltStack 配置管理的主要内容,如果未能解决你的问题,请参考以下文章

SaltStack之配置管理

SaltStack配置管理-jinja模板

SaltStack之配置管理

SaltStack 配置管理

[自动化] Saltstack服务配置详解

SaltStack的配置管理--jinja