码迷,mamicode.com
首页 > 其他好文 > 详细

salt package manager (SPM)

时间:2017-08-28 23:48:59      阅读:262      评论:0      收藏:0      [点我收藏+]

标签:div   ora   python2   卸载   关系   通用   extra   oca   php5   

salt package manager

简称SPM,使用man查看spm命令的使用方法,这一部分内容比较多,初浅的看了下文档,暂时先总结个大概,后续慢慢在探究一下细节,再进行补充。

salt 的包管理主要包含以下3个部分,

关系如图示:

技术分享


 

 

(1)Packaging System

    包组织系统:主要内容包含如何建立一个SPM Packages。

         解析formula格式的目录结构:

         技术分享


 

(2)Repo System

    建立repo包仓库和相关信息

     技术分享


 

(3)Salt Master

    如何安装.spm的包,安装之后的部分目录结构如下:

    技术分享

 

 下面根据实例来初浅的讲解一下SPM的配置和安装逻辑,至于运用后续再进行探究。

首先确认一下salt-master的版本,SPM功能在2015.10以后的版本才有,目前使用的环境是2016.11的版本

(一)找到制作SPM的=包的原材料,官网推荐的一个站点https://github.com/saltstack-formulas,使用git下载几个formula格式的源码包

         git clone https://github.com/saltstack-formulas/nginx-formula.git

    git clone https://github.com/saltstack-formulas/redis-formula.git

       将软件包放置在/srv/spm,注意下载的源码包必须符合formula格式,formula包的格式要求参见http://docs.saltstack.cn/topics/spm/spm_formula.html#spm-formula

    下载下来的软件包是一个目录,结构参见图package system

(二)制作spm包

     spm build /path/to/salt-packages-source/myapp-formula

     制作的spm包被存放在/srv/spm_build目录里面,例如包名为apache-201507-1.spm。

     同时在源码目录下面会产生几个目录pillar,reactor这几个目录。

(三)生成SPM-METADATA信息

     spm create_repo /srv/spm_build

     生成的metedata文件就存放在spm包目录下

(四)配置安装环境和安装spm包

    配置安装repo源:

      /etc/salt/spm.repos.d/spm.repo

     网络源:

      my_repo:
      url: https://spm.example.com/

        本地源:      

      my_repo:
      url: file:///srv/spm_build

    更新源:

    spm update_repo

    安装spm包:

      spm install apache

      spm local install /srv/spm/apache-201506-1.spm  #直接安装本地spm包

      安装的包路径在/srv/spm/salt下,目录结构如下:    

       技术分享
 1 salt/
 2 └── apache
 3     ├── certificates.sls
 4     ├── config.sls
 5     ├── debian_full.sls
 6     ├── files
 7     │   ├── Debian
 8     │   ├── FreeBSD
 9     │   ├── RedHat
10     │   └── Suse
11     ├── init.sls
12     ├── logrotate.sls
13     ├── manage_security.sls
14     ├── map.jinja
15     ├── mod_actions.sls
16     ├── mod_cgi.sls
17     ├── mod_dav_svn.sls
18     ├── mod_fastcgi.sls
19     ├── mod_fcgid.sls
20     ├── mod_geoip.sls
21     ├── mod_headers.sls
22     ├── mod_mpm.sls
23     ├── mod_pagespeed.sls
24     ├── mod_perl2.sls
25     ├── mod_php5.sls
26     ├── mod_proxy_fcgi.sls
27     ├── mod_proxy_http.sls
28     ├── mod_proxy.sls
29     ├── mod_remoteip.sls
30     ├── mod_rewrite.sls
31     ├── mod_security
32     │   ├── init.sls
33     │   └── rules.sls
34     ├── modsecurity.yaml
35     ├── mod_socache_shmcb.sls
36     ├── mod_ssl.sls
37     ├── mod_suexec.sls
38     ├── modules.sls
39     ├── mod_vhost_alias.sls
40     ├── mod_wsgi.sls
41     ├── mod_xsendfile.sls
42     ├── no_default_vhost.sls
43     ├── osfingermap.yaml
44     ├── own_default_vhost.sls
45     ├── register_site.sls
46     ├── uninstall.sls
47     └── vhosts
48         ├── minimal.tmpl
49         ├── proxy.tmpl
50         ├── redirect.tmpl
51         ├── standard.sls
52         └── standard.tmpl
View Code

    卸载spm包:

      spm remove apache 

 (五)在file_roots中配置spm源,即可配置本地spm源,也可以配置网络spm源   

       技术分享
1 file_roots:
2 base:
3 1. /srv/salt
4 2. /srv/spm/salt
View Code
       技术分享
1 gitfs_remotes:
2   - https://github.com/saltstack-formulas/apache-formula
3   - https://github.com/saltstack-formulas/memcached-formula
View Code

    配置好spm包源之后便于include到state文件中,部署到minion端,以下是几种常见的用法:

       a)include导入spm包        

      技术分享
1 include:
2   - epel
3 
4 python26:
5   pkg.installed:
6     - require:
7       - pkg: epel
View Code

    b)在top文件中引用     

      技术分享
1 base:
2   ‘controller‘:
3     - openstack.horizon
4     - openstack.keystone
5   ‘hyper-*‘:
6     - openstack.nova
7     - openstack.glance
8   ‘storage-*‘:
9     - openstack.swift
View Code

    详细的说明参见:https://docs.saltstack.com/en/2016.11/topics/development/conventions/formulas.html

关于Formulas格式的SPM包的一些初步理解:

  制作一个Formulas格式的spm包,可以在salt环境为我们提供一整套通用管理业务软件的方法,这些方法包括软件包安装,服务管理,配置管理等,当我们include一个spm包之后, 里面可配置的地方全部已经帮我们以模板,变量的方式设置好了,屏蔽了底层因操作系统环境差异而产生的配置差异给我们带来额外的麻烦,减少了冗余。

  示例:

    一个Formulas包的init.sls,这是类似python里面的__init__一个初始化的结构函数。    

    技术分享
 1 {% from "apache/map.jinja" import apache with context %}
 2 
 3 apache:
 4   pkg.installed:
 5     - name: {{ apache.server }}
 6   group.present:
 7     - name: {{ apache.group }}
 8     - system: True
 9   user.present:
10     - name: {{ apache.user }}
11     - gid: {{ apache.group }}
12     - system: True
13   service.running:
14     - name: {{ apache.service }}
15     - enable: True
16 
17 # The following states are inert by default and can be used by other states to
18 # trigger a restart or reload as needed.
19 apache-reload:
20   module.wait:
21     - name: service.reload
22     - m_name: {{ apache.service }}
23 
24 apache-restart:
25   module.wait:
26     - name: service.restart
27     - m_name: {{ apache.service }}
View Code

    其中第一行中的{% from "apache/map.jinja" import apache with context %}模板中引入了apache/map.jinja

    再看apache/map.jinja中的内容:    

    技术分享
  1 {% import_yaml "apache/osfingermap.yaml" as osfingermap %}
  2 {% import_yaml "apache/modsecurity.yaml" as modsec %}
  3 
  4 {% set apache = salt[‘grains.filter_by‘]({
  5     ‘Gentoo‘: {
  6         ‘server‘: ‘www-servers/apache‘,
  7         ‘service‘: ‘apache2‘,
  8         ‘user‘: ‘apache‘,
  9         ‘group‘: ‘apache‘,
 10         ‘configfile‘: ‘/etc/apache2/httpd.conf‘,
 11 
 12         ‘mod_wsgi‘: ‘www-apache/mod_wsgi‘,
 13         ‘mod_fcgid‘: ‘www-apache/mod_fcgid‘,
 14 
 15         ‘vhostdir‘: ‘/etc/apache2/vhosts.d‘,
 16         ‘confdir‘: ‘/etc/conf.d/apache2‘,
 17         ‘confext‘: ‘.conf‘,
 18         ‘default_site‘: ‘default‘,
 19         ‘default_site_ssl‘: ‘default-ssl‘,
 20         ‘logdir‘: ‘/var/log/apache2‘,
 21         ‘logrotatedir‘: ‘/etc/logrotate.d/apache2‘,
 22         ‘wwwdir‘: ‘/var/www‘,
 23     },
 24     ‘Debian‘: {
 25         ‘server‘: ‘apache2‘,
 26         ‘service‘: ‘apache2‘,
 27         ‘user‘: ‘www-data‘,
 28         ‘group‘: ‘www-data‘,
 29         ‘configfile‘: ‘/etc/apache2/apache2.conf‘,
 30         ‘portsfile‘: ‘/etc/apache2/ports.conf‘,
 31 
 32         ‘mod_wsgi‘: ‘libapache2-mod-wsgi‘,
 33         ‘mod_php5‘: ‘libapache2-mod-php5‘,
 34         ‘mod_perl2‘: ‘libapache2-mod-perl2‘,
 35         ‘mod_fcgid‘: ‘libapache2-mod-fcgid‘,
 36         ‘mod_pagespeed_source‘: ‘https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb‘,
 37         ‘mod_xsendfile‘: ‘libapache2-mod-xsendfile‘,
 38         ‘mod_fastcgi‘: ‘libapache2-mod-fastcgi‘,
 39 
 40         ‘vhostdir‘: ‘/etc/apache2/sites-available‘,
 41         ‘confdir‘: ‘/etc/apache2/conf.d‘,
 42         ‘confext‘: ‘.conf‘,
 43         ‘default_site‘: ‘default‘,
 44         ‘default_site_ssl‘: ‘default-ssl‘,
 45         ‘logdir‘: ‘/var/log/apache2‘,
 46         ‘logrotatedir‘: ‘/etc/logrotate.d/apache2‘,
 47         ‘wwwdir‘: ‘/srv‘,
 48     },
 49     ‘RedHat‘: {
 50         ‘server‘: ‘httpd‘,
 51         ‘service‘: ‘httpd‘,
 52         ‘user‘: ‘apache‘,
 53         ‘group‘: ‘apache‘,
 54         ‘configfile‘: ‘/etc/httpd/conf/httpd.conf‘,
 55 
 56         ‘mod_wsgi‘: ‘mod_wsgi‘,
 57         ‘conf_mod_wsgi‘: ‘/etc/httpd/conf.d/wsgi.conf‘,
 58         ‘mod_php5‘: ‘php‘,
 59         ‘mod_pagespeed_source‘: ‘https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm‘,
 60 
 61         ‘vhostdir‘: ‘/etc/httpd/vhosts.d‘,
 62         ‘confdir‘: ‘/etc/httpd/conf.d‘,
 63         ‘confext‘: ‘.conf‘,
 64         ‘default_site‘: ‘default‘,
 65         ‘default_site_ssl‘: ‘default-ssl‘,
 66         ‘logdir‘: ‘/var/log/httpd‘,
 67         ‘logrotatedir‘: ‘/etc/logrotate.d/httpd‘,
 68         ‘wwwdir‘: ‘/var/www‘,
 69         ‘default_charset‘: ‘UTF-8‘,
 70     },
 71     ‘Suse‘: {
 72         ‘server‘: ‘apache2‘,
 73         ‘service‘: ‘apache2‘,
 74         ‘user‘: ‘wwwrun‘,
 75         ‘group‘: ‘www‘,
 76         ‘configfile‘: ‘/etc/apache2/httpd.conf‘,
 77 
 78         ‘mod_wsgi‘: ‘apache2-mod_wsgi‘,
 79         ‘mod_php5‘: ‘apache2-mod_php5‘,
 80         ‘mod_fcgid‘: ‘apache2-mod_fcgid‘,
 81 
 82         ‘vhostdir‘: ‘/etc/apache2/vhosts.d‘,
 83         ‘confdir‘: ‘/etc/apache2/conf.d‘,
 84         ‘confext‘: ‘.conf‘,
 85         ‘default_site‘: ‘vhost.template‘,
 86         ‘default_site_ssl‘: ‘vhost-ssl.template‘,
 87         ‘logdir‘: ‘/var/log/apache2‘,
 88         ‘wwwdir‘: ‘/srv/www‘,
 89     },
 90     ‘FreeBSD‘: {
 91         ‘server‘: ‘apache22‘,
 92         ‘service‘: ‘apache22‘,
 93         ‘user‘: ‘www‘,
 94         ‘group‘: ‘www‘,
 95         ‘configfile‘: ‘/usr/local/etc/apache22/httpd.conf‘,
 96         ‘portsfile‘: ‘/usr/local/etc/apache22/ports.conf‘,
 97 
 98         ‘mod_php5‘: ‘mod_php56‘,
 99         ‘mod_perl2‘: ‘ap22-mod_perl2‘,
100         ‘mod_wsgi‘: ‘ap22-mod_wsgi3‘,
101 
102         ‘vhostdir‘: ‘/usr/local/etc/apache22/Includes‘,
103         ‘confdir‘: ‘/usr/local/etc/apache22/extra‘,
104         ‘modulesdir‘: ‘/usr/local/etc/apache22/modules.d‘,
105         ‘global_document_root‘: ‘/usr/local/www/apache22/data‘,
106 
107         ‘confext‘: ‘‘,
108         ‘default_site‘: ‘default‘,
109         ‘default_site_ssl‘: ‘default-ssl‘,
110         ‘logdir‘: ‘/var/log/‘,
111         ‘wwwdir‘: ‘/usr/local/www/apache22/‘,
112     },
113 }, merge=salt[‘grains.filter_by‘]({
114     ‘precise‘: {
115         ‘confext‘: ‘‘,
116         ‘default_site‘: ‘default‘,
117         ‘default_site_ssl‘: ‘default-ssl‘,
118     },
119     ‘trusty‘: {
120         ‘confext‘: ‘.conf‘,
121         ‘default_site‘: ‘000-default.conf‘,
122         ‘default_site_ssl‘: ‘default-ssl.conf‘,
123     },
124     ‘utopic‘: {
125         ‘confext‘: ‘.conf‘,
126         ‘default_site‘: ‘000-default.conf‘,
127         ‘default_site_ssl‘: ‘default-ssl.conf‘,
128     },
129     ‘vivid‘: {
130         ‘confext‘: ‘.conf‘,
131         ‘default_site‘: ‘000-default.conf‘,
132         ‘default_site_ssl‘: ‘default-ssl.conf‘,
133     },
134     ‘wily‘: {
135         ‘confext‘: ‘.conf‘,
136         ‘default_site‘: ‘000-default.conf‘,
137         ‘default_site_ssl‘: ‘default-ssl.conf‘,
138     },
139     ‘xenial‘: {
140         ‘confext‘: ‘.conf‘,
141         ‘default_site‘: ‘000-default.conf‘,
142         ‘default_site_ssl‘: ‘default-ssl.conf‘,
143     },
144     ‘yakkety‘: {
145         ‘confext‘: ‘.conf‘,
146         ‘default_site‘: ‘000-default.conf‘,
147         ‘default_site_ssl‘: ‘default-ssl.conf‘,
148     },
149     ‘zesty‘: {
150         ‘confext‘: ‘.conf‘,
151         ‘default_site‘: ‘000-default.conf‘,
152         ‘default_site_ssl‘: ‘default-ssl.conf‘,
153     },
154     ‘artful‘: {
155         ‘confext‘: ‘.conf‘,
156         ‘default_site‘: ‘000-default.conf‘,
157         ‘default_site_ssl‘: ‘default-ssl.conf‘,
158     },
159     ‘jessie‘: {
160         ‘wwwdir‘: ‘/var/www‘,
161         ‘confext‘: ‘.conf‘,
162         ‘default_site‘: ‘000-default.conf‘,
163         ‘default_site_ssl‘: ‘default-ssl.conf‘,
164     },
165     ‘stretch‘: {
166         ‘wwwdir‘: ‘/var/www‘,
167         ‘confext‘: ‘.conf‘,
168         ‘default_site‘: ‘000-default.conf‘,
169         ‘default_site_ssl‘: ‘default-ssl.conf‘,
170     },
171     ‘buster‘: {
172         ‘wwwdir‘: ‘/var/www‘,
173         ‘confext‘: ‘.conf‘,
174         ‘default_site‘: ‘000-default.conf‘,
175         ‘default_site_ssl‘: ‘default-ssl.conf‘,
176     },
177 }, grain=‘oscodename‘, merge=salt[‘grains.filter_by‘](
178     osfingermap
179 , grain=‘osfinger‘, merge=salt[‘pillar.get‘](‘apache:lookup‘)))) %}
180 
181 {% set modsecurity = salt[‘grains.filter_by‘](
182     modsec
183 , grain=‘os_family‘, merge=salt[‘pillar.get‘](‘apache:mod_security‘)) or {} %}
184 
185 {# merge the os family/codename mod_sec‘s specific data over the defaults #}
186 {% do apache.update({ ‘mod_security‘: modsecurity }) %}
View Code

    又导入了两个yaml的配置内容

    技术分享
 1 default:
 2   version: ‘2.4‘
 3 Ubuntu-12.04:
 4   version: ‘2.2‘
 5 Red Hat Enterprise Linux Server-6:
 6   version: ‘2.2‘
 7 Red Hat Enterprise Linux Server-7:
 8   version: ‘2.4‘
 9 CentOS-6:
10   version: ‘2.2‘
11 CentOS Linux-7:
12   version: ‘2.4‘
13   conf_mod_wsgi: ‘/etc/httpd/conf.modules.d/10-wsgi.conf‘
14 Oracle Linux Server-6:
15   version: ‘2.2‘
16 Oracle Linux Server-7:
17   version: ‘2.4‘
18 Amazon Linux AMI-2014:
19   version: ‘2.2‘
20 Amazon Linux AMI-2015:
21   version: ‘2.2‘
22 Amazon Linux AMI-2016:
23   version: ‘2.2‘
View Code
    技术分享
 1 default:
 2   crs_install: False
 3   manage_config: False
 4 Debian:
 5   crs_install: False
 6   manage_config: False
 7   package: libapache2-mod-security2
 8   crs_package: modsecurity-crs
 9   config_file: /etc/modsecurity/modsecurity.conf-recommended
10 RedHat:
11   crs_install: False
12   manage_config: False
13   package: mod_security
14   crs_package: mod_security_crs
15   config_file: /etc/httpd/conf.d/mod_security.conf
View Code

    里面的配置的grains变量根据minion端的实际配置读取,达到消除部署的差异化,提高配置性的灵活性和便利性。

 

先写一点吧,后面再续.........

 

salt package manager (SPM)

标签:div   ora   python2   卸载   关系   通用   extra   oca   php5   

原文地址:http://www.cnblogs.com/solitarywares/p/7442225.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有 京ICP备13008772号-2
迷上了代码!