一、什么是Salt States?
Salt States是Salt模块的扩展,主系统使用的状态系统叫SLS系统,SLS代表Saltstack State,Salt是一些状态文件,其中包含有关如何配置Salt子节点的信息,这些状态被存放在一个目录下,可以用很多不同的格式来书写,我们可以把这些Salt States当做是对minion的管理脚本的配置模式,通过配置SLS文件,指定目标minions,可以实现在master上对minions的运行状态进行管理。
二、Salt State树
跟系统文件一样,salt state文件也有自己的树系统,这通过配置文件中的file_roots配置,默认配置如下:
#在/etc/salt/master中配置下面选项,指定salt state的根目录在/srv/salt
|
1
2
3
4
5
6
7
8
9
10
|
[root@server01 salt]
# grep -A3 file_roots: /etc/salt/master
# file_roots:
# base:
# - /srv/salt/
# dev:
--
file_roots:
base:
-
/srv/salt
[root@server01 salt]
#
|
修改master配置文件后要重启,使得配置文件生效
|
1
|
[root@server01 salt]
# systemctl restart salt-master.service
|
Salt State的top文件
top.sls文件是SaltState的默认sls文件,再未作特别指定的时候,salt会默认调用top.sls来执行。例如
salt '*' state.highstate
top.sls文件需要手动创建,位置则是在Salt State树定义的目录/srv/salt下:
创建一个top.sls文件
|
1
2
3
4
5
6
7
8
|
[root@server01 salt]
# vim top.sls
# 添加内容如下,注意sls文件是用两个空格来作为缩进
# base 匹配状态数的base目录,即/srv/salt
# '*' 表示匹配所有的minions,即所有认证通过的客户端
# - webserver:表示执行base目录下webserver.sls状态文件或是webserver/init.sls文件
base:
'*'
:
- webserver
|
例如:创建一个Salt State文件
上面的top.sls文件中定义了一个webserver文件,下面来添加一个webserver文件
在文件/srv/salt/webserver.sls文件中添加如下内容
# Apache:ID声明,跟yum install Apache指定的名称一样
# pkg: 状态声明,说明下面的操作是什么状态操作
# - installed:函数声明,说明该sls文件要指定执行操作的函数
|
1
2
3
4
5
|
[root@server01 salt]
# vim webserver.sls
httpd:
pkg:
- installed
[root@server01 salt]
#
|
执行我们定义的Salt State文件,更新所有的minion的状态
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
[root@server01 salt]
# salt '*' state.highstate
server02:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed.
Started: 02:56:15.414698
Duration: 1114.898 ms
Changes:
Summary
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
server03:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed.
Started: 02:56:15.448065
Duration: 1129.985 ms
Changes:
Summary
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
[root@server01 salt]
#
|
说明:根据上面top.sls以及webserver.sls的内容,所有的minion都会安装Apache服务,如果在top.sls中修改minion的匹配,则仅会匹配到的minion进行操作。当然也可以特别指定sls文件来执行,这里用sls文件为state.sls
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
[root@server01 salt]
# salt 'server02' state.sls webserver
server02:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed.
Started: 02:58:59.038307
Duration: 885.997 ms
Changes:
Summary
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
[root@server01 salt]
#
|
#开启debug日志(minion端执行)
[root@server02 ~]# salt-minion -l debug
#设置默认超时(服务端执行)
[root@server01 salt]# salt '*' state.highstate -t 60
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
[root@server01 salt]
# salt '*' state.highstate -t 60
server03:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed.
Started: 03:03:24.248749
Duration: 900.103 ms
Changes:
Summary
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
server02:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed.
Started: 03:03:30.229662
Duration: 966.72 ms
Changes:
Summary
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
[root@server01 salt]
#
|
三、实战操作
经过上面的简单介绍,下面来演示一下文件分发和软件安装
1、分发/etc/hosts文件
1)准备sls文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
[root@server01 salt]
# pwd
/srv/salt
[root@server01 salt]
# cat hosts.sls
/etc/hosts
:
file
.managed:
-
source
: salt:
//testfiles/hosts
- user: root
- group: root
- mode: 644
[root@server01 salt]
#
[root@server01 salt]
# cat top.sls
base:
'*'
:
- webserver
- hosts
[root@server01 salt]
#
[root@server01 salt]
# mkdir testfiles
[root@server01 salt]
# cp /etc/hosts testfiles/
[root@server01 salt]
# ll
total 12
-rw-r--r-- 1 root root 120 Jun 12 21:21 hosts.sls
drwxr-xr-x 2 root root 19 Jun 13 03:08 testfiles
-rw-r--r-- 1 root root 41 Jun 13 03:07
top
.sls
-rw-r--r-- 1 root root 30 Jun 13 02:56 webserver.sls
[root@server01 salt]
# tree
.
├── hosts.sls
├── testfiles
│ └── hosts
├──
top
.sls
└── webserver.sls
1 directory, 4 files
[root@server01 salt]
#
|
a、使用state.highstate调用
注意:使用state.highstate调用的前提是存在top.sls文件,因此需要提前写好top.sls文件。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
[root@server01 salt]
# salt '*' state.highstate
server03:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed.
Started: 03:11:08.018494
Duration: 937.237 ms
Changes:
----------
ID:
/etc/hosts
Function:
file
.managed
Result: True
Comment: File
/etc/hosts
is
in
the correct state
Started: 03:11:08.984360
Duration: 5.308 ms
Changes:
Summary
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
server02:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed.
Started: 03:11:14.019185
Duration: 905.721 ms
Changes:
----------
ID:
/etc/hosts
Function:
file
.managed
Result: True
Comment: File
/etc/hosts
is
in
the correct state
Started: 03:11:14.927716
Duration: 4.522 ms
Changes:
Summary
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
[root@server01 salt]
#
|
b、使用state.sls调用
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
[root@server01 salt]
# salt '*' state.sls hosts
server03:
----------
ID:
/etc/hosts
Function:
file
.managed
Result: True
Comment: File
/etc/hosts
is
in
the correct state
Started: 03:12:05.888857
Duration: 17.182 ms
Changes:
Summary
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
server02:
----------
ID:
/etc/hosts
Function:
file
.managed
Result: True
Comment: File
/etc/hosts
is
in
the correct state
Started: 03:12:05.903366
Duration: 16.217 ms
Changes:
Summary
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
[root@server01 salt]
#
|
2、安装软件包
1)准备sls文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@server01 salt]
# vim package.sls
pkg-
install
:
pkg.installed:
- names:
- gcc
- lrzsz
- tree
- dos2unix
[root@server01 salt]
#
[root@server01 salt]
# vim top.sls
base:
'server02'
:
- package
[root@server01 salt]
#
|
a、使用state.highstate调用
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
[root@server01 salt]
# salt 'server02' state.highstate
server02:
----------
ID: pkg-
install
Function: pkg.installed
Name: gcc
Result: True
Comment: Package gcc is already installed.
Started: 03:16:42.645005
Duration: 888.648 ms
Changes:
----------
ID: pkg-
install
Function: pkg.installed
Name: tree
Result: True
Comment: Package tree is already installed.
Started: 03:16:43.533802
Duration: 0.405 ms
Changes:
----------
ID: pkg-
install
Function: pkg.installed
Name: dos2unix
Result: True
Comment: The following packages were installed
/updated
: dos2unix
Started: 03:16:43.534278
Duration: 188849.681 ms
Changes:
----------
dos2unix:
----------
new:
6.0.3-4.el7
old:
----------
ID: pkg-
install
Function: pkg.installed
Name: lrzsz
Result: True
Comment: Package lrzsz is already installed.
Started: 03:19:52.435148
Duration: 0.436 ms
Changes:
Summary
------------
Succeeded: 4 (changed=1)
Failed: 0
------------
Total states run: 4
[root@server01 salt]
#
|
b、使用state.sls调用
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
[root@server01 salt]
# salt 'server02' state.sls package
server02:
----------
ID: pkg-
install
Function: pkg.installed
Name: gcc
Result: True
Comment: Package gcc is already installed.
Started: 03:23:31.945630
Duration: 849.86 ms
Changes:
----------
ID: pkg-
install
Function: pkg.installed
Name: tree
Result: True
Comment: Package tree is already installed.
Started: 03:23:32.795666
Duration: 0.58 ms
Changes:
----------
ID: pkg-
install
Function: pkg.installed
Name: dos2unix
Result: True
Comment: Package dos2unix is already installed.
Started: 03:23:32.796341
Duration: 0.328 ms
Changes:
----------
ID: pkg-
install
Function: pkg.installed
Name: lrzsz
Result: True
Comment: Package lrzsz is already installed.
Started: 03:23:32.796745
Duration: 0.359 ms
Changes:
Summary
------------
Succeeded: 4
Failed: 0
------------
Total states run: 4
[root@server01 salt]
#
|
其他日常使用方法
3、管理定时任务
1)准备sls文件(添加定时任务)
|
1
2
3
4
5
6
7
|
[root@server01 salt]
# vim cron.sls
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1:
cron
.present:
- identifier: SUPERCRON
- user: root
- minute:
'0'
[root@server01 salt]
#
|
2)使用state.sls调用
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
[root@server01 salt]
# salt 'server02' state.sls cron
server02:
----------
ID:
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1
Function:
cron
.present
Result: True
Comment: Cron
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1 already present
Started: 03:41:04.035604
Duration: 10.506 ms
Changes:
Summary
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
[root@server01 salt]
#
|
#检查执行结果
|
1
2
3
4
5
6
|
[root@server01 salt]
# salt 'server02' cron.raw_cron root
server02:
# Lines below here are managed by Salt, do not edit
# SALT_CRON_IDENTIFIER:SUPERCRON
0 * * * *
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1
[root@server01 salt]
#
|
3)准备sls文件(删除定时任务)
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@server01 salt]
# vim cron.sls
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1:
cron
.absent:
- identifier: SUPERCRON
- user: root
- minute:
'0'
[root@server01 salt]
# cat top.sls
base:
'server02'
:
-
cron
[root@server01 salt]
#
|
4)使用state.highstate调用
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
[root@server01 salt]
# salt 'server02' state.highstate
server02:
----------
ID:
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1
Function:
cron
.absent
Result: True
Comment: Cron
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1 removed from root's
crontab
Started: 03:45:13.267202
Duration: 26.493 ms
Changes:
----------
root:
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@server01 salt]
#
|
#检查执行结果
|
1
2
3
4
|
[root@server01 salt]
# salt 'server02' cron.raw_cron root
server02:
# Lines below here are managed by Salt, do not edit
[root@server01 salt]
#
|
本文转自027ryan 51CTO博客,原文链接:http://blog.51cto.com/ucode/1935002
,如需转载请自行联系原作者
