saltstack 安装和基本配置使用

标签：eve   pillar   log   make   vpd   web   lag   restart   term   

• pkgs:

  • httpd
  • php
  • php-mysql

  file.managed:

• name: /etc/httpd/conf/httpd.conf
• source: salt://apache/files/httpd.conf
• mode: 644
• user: root

• group: root

  service.running:

• name: httpd
• enable: Ture
• watch:
  • file: apache-install
    [root@server1 apache]# salt server2 state.sls apache.install #server2上apache自动修改端口为8080
    [root@server1 salt]# mkdir pkgs #自动推送源码nginx
    [root@server1 salt]# cd pkgs
    [root@server1 pkgs]# vim make.sls
    gcc-make:
    pkg.installed:
• pkgs:
  • gcc
  • pcre-devel
  • openssl-devel

[root@server1 pkgs]# ls
make.sls
[root@server1 pkgs]# cd ..
[root@server1 salt]# ls
apache nginx pkgs
[root@server1 salt]# cd nginx/
[root@server1 nginx]# ls
files install.sls
[root@server1 nginx]# vim install.sls
include:

• pkgs.make

nginx-install:
file.managed:

• name: /mnt/nginx-1.14.0.tar.gz

• source: salt://nginx/files/nginx-1.14.0.tar.gz

  cmd.run:

• name: cd /mnt && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak ‘s/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g‘ src/core/nginx.h && sed -i.bak ‘s/CFLAGS="$CFLAGS -g"/#CCFLAGS="$CFLAGS -g"/g‘ auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-threads --with-file-aio &>/dev/null && make &>/dev/null && make install &>/dev/null && cd .. && rm -fr nginx-1.14.0
• creates: /usr/local/nginx
  [root@server1 nginx]# salt server3 state.sls nginx.install
  写启动脚本修改一些
  [root@server1 nginx]# vim service.sls
  include:
  • nginx.install

/usr/local/nginx/conf/nginx.conf:
file.managed:

• source: salt://nginx/files/nginx.conf

/etc/init.d/nginx:
file.managed:

• source: salt://nginx/files/nginx
• mode: 755

nginx:
service.running:

• reload: True
• watch:
  • file: /usr/local/nginx/conf/nginx.conf
    [root@server1 files]# ls
    nginx nginx-1.14.0.tar.gz nginx.conf #将启动脚步和配置文件放到nginx中的files文件夹内
    [root@server1 salt]# vim top.sls
    base:
    "server2":
    • apache.service
      "server3":
    • nginx.service
      [root@server1 salt]# salt ‘*‘ state.highstate
      负载均衡haproxy
      [root@server1 salt]# yum install salt-minion
      [root@server1 salt]# vim /etc/salt/minion #修改master端口
      [root@server1 salt]# /etc/init.d/salt-minion start
      [root@server1 salt]# salt-key -a server1
      [root@server1 salt]# mkdir haproxy
      [root@server1 salt]# cd haproxy/
      [root@server1 haproxy]# mkdir files
      [root@server1 haproxy]# cd files/
      [root@server1 files]# ls #包和配置文件拷贝过来
      haproxy-1.6.11.tar.gz haproxy.cfg haproxy.init
      [root@server1 haproxy]# vim install.sls
      include:
    • pkgs.make

haproxy-install:
file.managed:

• name: /mnt/haproxy-1.6.11.tar.gz
• source: salt://haproxy/files/haproxy-1.6.11.tar.gz
  cmd.run:
• name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy &> /dev/null && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
• creates: /usr/local/haproxy

/etc/haproxy:
file.directory:

• mode: 755

/usr/sbin/haproxy:
file.symlink:

• target: /usr/local/haproxy/sbin/haproxy
  [root@server1 haproxy]# vim service.sls
  include:
  • haproxy.install
  • users.haproxy

/etc/haproxy/haproxy.cfg:
file.managed:

• source: salt://haproxy/files/haproxy.cfg

haproxy-service:
file.managed:

• name: /etc/init.d/haproxy
• source: salt://haproxy/files/haproxy.init
• mode: 755
  service.running:
• name: haproxy
• relpad: True
• watch:
  • file: /etc/haproxy/haproxy.cfg

[root@server1 salt]# mkdir users
[root@server1 users]# vim haproxy.sls
haproxy-group:
group.present:

• name: haproxy
• gid: 200

haproxy-user:
user.present:

• name: haproxy
• uid: 200
• gid: 200
• shell: /sbin/nologin
• home: /usr/local/haproxy
• createhome: False
  [root@server1 salt]# vim top.sls
  base:
  "server1":
  • haproxy.service
    "server2":
  • apache.service
    "server3":

  • nginx.service
    [root@server1 haproxy]# ls
    files install.sls service.sls
    [root@server1 haproxy]# cd files/
    [root@server1 files]# ls
    haproxy-1.6.11.tar.gz haproxy.cfg haproxy.init
    [root@server1 files]# vim haproxy.cfg #修改配置文件
    
    [root@server1 files]# salt ‘*‘ state.highstate #推送完毕，给server2
    和server3发布目录写个测试页面
    [root@server1 files]# for i in {1..6}; do curl 172.25.135.1; done #测试
    nginx
    apache
    nginx
    apache
    nginx
    apache
    批量主机定义：
    [root@server1 salt]# salt server3 grains.item os
    server3:

    os:
    RedHat
    [root@server1 salt]# salt server2 grains.item os
    server2:

    os:
    RedHat
    [root@server1 salt]# salt -G ‘os:redhat‘ cmd.run hostname
    server2:
    server2
    server1:
    server1
    server3:
    server3
    [root@server2 ~]# vim /etc/salt/minion
    grains:
    roles:

• apache

[root@server2 ~]# /etc/init.d/salt-minion restart
[root@server3 ~]# cd /etc/salt/
[root@server3 salt]# vim grains
roles: nginx
[root@server1 salt]# salt server2 grains.item roles
server2:

roles:
    - apache

[root@server1 salt]# salt server3 grains.item roles
server3:

roles:
    nginx

[root@server1 salt]# vim top.sls
base:
"server1":

• haproxy.service
  "roles:apache":
• match: grain
• apache.service
  "roles:nginx":
• match: grain
• nginx.service
  [root@server1 salt]# salt ‘*‘ state.highstate

[root@server1 salt]# mkdir _grains
[root@server1 salt]# cd _grains/
[root@server1 _grains]# vim my_grains.py
#! /usr/bin/env python
def my_grains():
grains = {};
grains[‘hello‘] = ‘world‘
grains[‘salt‘] = ‘stack‘
return grains
[root@server1 _grains]# salt server2 saltutil.sync_grains
[root@server1 _grains]# salt server2 grains.item hello
server2:

hello:
    world

[root@server1 salt]# cd /etc/salt
[root@server1 salt]# mkdir /srv/pillar/
[root@server1 pillar]# /etc/init.d/salt-master restart
[root@server1 pillar]# mkdir web
[root@server1 pillar]# cd web/
[root@server1 web]# ls
[root@server1 web]# vim install.sls
{% if grains[‘fqdn‘] == ‘server2‘ %}
webserver: httpd
{% elif grains[‘fqdn‘] == ‘server3‘%}
webserver: nginx
{% endif %}

[root@server1 web]# cd ..
[root@server1 pillar]# ls
web
[root@server1 pillar]# vim top.sls
base:
‘*‘:

• web.install
  [root@server1 pillar]# salt ‘*‘ pillar.items
  server2:

  webserver:
  httpd
  server1:

  server3:

  webserver:
  nginx
  [root@server1 pillar]# salt ‘‘ saltutil.refresh_pillar
  server2:
  True
  server3:
  True
  server1:
  True
  [root@server1 pillar]# salt ‘‘ pillar.items webserver
  server3:

  webserver:
  nginx
  server1:

  webserver:
  server2:

  webserver:
  httpd
  [root@server1 pillar]# salt -I ‘webserver:nginx‘ test.ping
  server3:
  True
  [root@server1 pillar]# salt -S 172.25.135.0/24 test.ping
  server3:
  True
  server2:
  True
  server1:
  True
  金佳模版：
  [root@server1 salt]# cd apache/
  [root@server1 apache]# vim install.sls
  apache-install:
  pkg.installed:

• pkgs:

  • httpd
  • php
  • php-mysql

  file.managed:

• name: /etc/httpd/conf/httpd.conf
• source: salt://apache/files/httpd.conf
• mode: 644
• user: root
• group: root
• template: jinja
• context:
  port: 80
  bind: {{ grains[‘ipv4‘][1] }}
  [root@server1 apache]# vim files/httpd.conf #修改监听端口
  Listen {{ bind }}:{{ port }}
  [root@server1 apache]# salt server2 state.sls apache.install

saltstack 安装和基本配置使用

标签：eve   pillar   log   make   vpd   web   lag   restart   term   

原文地址：http://blog.51cto.com/13810716/2312695