Saltstack 简明教程
SaltStack - Configuration Management
配置管理是 SaltStack 中最重要的概念之一。它用于创建可重用的配置模板,称为 state 。状态描述将系统组件或应用程序置于已知配置所需的一切。
Configuration management is one of the most significant concept in SaltStack. It is used to create a reusable configuration template, called a state. The state describes everything required to put a system component or an application into a known configuration.
Salt State
Salt 状态是对系统特定部分的可重用配置。状态更容易理解,并使用简单的 YAML 描述。
Salt state is a reusable configuration for a specific part of a system. States are easier to understand and described using a simple YAML.
Create a Salt State
Salt 状态很容易创建。让我们在本章中创建一个简单状态。移至目录 “salt-vagrant-demo/saltstack/salt/”,并创建一个名为 samples.sls 的文件,并在其中添加以下行。
Salt states are easy to create. Let us create a simple state in this chapter. Move to the directory “salt-vagrant-demo/saltstack/salt/” and create a file named samples.sls and add the following lines in it.
samples.sls
samples.sls
install_network_packages:
pkg.installed:
- pkgs:
- rsync
- lftp
- curl现在,保存文件并在 Salt 主控程序中运行以下命令。
Now, save the file and run the following command in the Salt master.
root@saltmaster:/home/vagrant# salt 'minion1’ state.apply samples这里,我们通过使用 Salt 状态在 Salt Minion minion1 中安装了 rsync, lftp 和 curl 。如果它正常运行,您将看到如下所示的响应。
Here, we installed rsync, lftp and curl through the pkg.installed module using the Salt state in a salt minion, minion1. If it works properly, you could see the response as shown below.
它将生成以下 output −
It will produce the following output −
minion1:
----------
ID: install_network_packages
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 08:08:48.612336
Duration: 545.385 ms
Changes:
Summary for minion1
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
Total run time: 545.385 msApply Salt State
现在,我们使用 ‘.sls’ 文件创建了状态,并通过具体调用对其应用。Salt 有一个称为 top.sls 文件的默认状态文件。顶层文件用于将多个状态文件应用于 Salt Minion。顶层文件描述了状态的应用位置。 States 和 Top file 相互配合,共同创建 SaltStack 配置管理功能的核心。
Now that we have created a state using the ‘.sls’ file and applied it by specifically calling it. Salt has a default state file called as the top.sls file. The top file is used to apply multiple state files to Salt minions. The top file describes where states should be applied. Well, States and the Top file work together to create the core of SaltStack’s configuration management capability.
现在,让我们在目录 saltstack/salt 中创建一个简单的 top.sls 文件,并添加以下内容。
Let us now create a simple top.sls file in the directory saltstack/salt and add the following.
top.sls
top.sls
base:
'*':
- common
'minion1':
- samples这里, state ,通常将 applies 状态 all system 应用于 minion1 。
Here, the state, commonly applies to all system state, samples applies to minion1.
接下来,运行 Salt 主控程序并应用状态,如下所示。
Next, run the Salt master and apply the state as shown below.
root@saltmaster:/home/vagrant# salt '*' state.apply它将生成以下 output −
It will produce the following output −
minion1:
----------
ID: common_packages
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 09:33:35.642355
Duration: 588.21 ms
Changes:
Summary for minion1
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
Total run time: 588.210 ms
minion2:
----------
ID: common_packages
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 09:33:35.890331
Duration: 602.79 ms
Changes:
Summary for minion2
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
Total run time: 602.790 msApply Batch Size
如果您连接了很多 Minion,那么您可以限制一次更新的系统数量。这通过使用 –batch-size 选项执行,该选项定义如下。
If you have a large number of connected minions, then you can limit how many systems are updated at once. It is performed by using the –batch-size option, which is defined below.
root@saltmaster:/home/vagrant# salt --batch-size 5 '*' state.apply它将生成以下 output −
It will produce the following output −
Executing run on ['minion2', 'minion1']
jid:
20170314094638482664
minion1:
----------
ID: common_packages
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 09:46:41.228519
Duration: 582.24 ms
Changes:
Summary for minion1
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
Total run time: 582.240 ms
retcode:
0
jid:
20170314094638482664
minion2:
----------
ID: common_packages
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 09:46:41.153609
Duration: 605.235 ms
Changes:
Summary for minion2
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
Total run time: 605.235 ms
retcode:
0Salt State Functions
Salt 状态函数用于在远程系统上安装和配置应用程序。让我们使用 Salt 状态函数安装 “Vim” 包。
Salt state functions are used to install and configure applications on your remote system. Let us install a “Vim” package using the Salt state function.
Create and Apply State Function
在 “salt-vagrant-demo/saltstack/salt/sample.sls” 目录下,创建一个名为 "sample.sls" 的文件,并添加以下内容:
Create a file named “sample.sls” under the directory “salt-vagrant-demo/saltstack/salt/sample.sls” and add the following −
sample.sls
sample.sls
install vim:
pkg.installed:
- name: vimVagrant 环境启动后,运行 salt master 并通过运行以下命令应用 sample.sls。
Once, Vagrant environment is up, run the salt master and apply the sample.sls by running the following command.
root@saltmaster:/home/vagrant# sudo salt 'minion2’ state.apply sample它将生成以下 output −
It will produce the following output −
minion2:
----------
ID: install vim
Function: pkg.installed
Name: vim
Result: True
Comment: Package vim is installed
Started: 15:07:45.752764
Duration: 553.506 ms
Changes:
Summary for minion2
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
Total run time: 553.506 ms现在,我们已经添加了一个名为 “Vim” 的包。让我们来利用 Salt 测试方法测试此包。
Now, we have added a package “Vim”. Let us now test the package using the Salt testing method.
Salt State Testing
通过向状态添加 “test = True” 选项,强制进行测试运行。返回的信息将以黄色显示将应用的状态,而结果将报告为 “None”。
The test run is mandated by adding the “test = True” option to the states. The return information will show states that will be applied in yellow and the result is reported as ‘None’.
用于测试状态的命令如下:
The following command is used to test the state −
root@saltmaster:/home/vagrant# sudo salt 'minion2’ state.apply sample test = True它将生成以下 output −
It will produce the following output −
minion2:
----------
ID: install vim
Function: pkg.installed
Name: vim
Result: True
Comment: Package vim is already installed
Started: 15:07:45.752764
Duration: 553.506 ms
Changes:
Summary for minion2
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
Total run time: 553.506 msSaltStack ─ Pillar Component
Pillar 是实现 Salt 状态可重用性的重要组成部分。它用于为使用目标分配的 minion 定义安全数据。Salt pillar 数据存储端口、文件路径、配置参数和密码等值。
Pillar is an essential component to make Salt states reusable. It is used to define secure data for minions assigned using targets. Salt pillar data stores values such as ports, file paths, configuration parameters and passwords.
Pillar config File
pillar_roots 的配置在主配置文件中如下所示:
The configuration for the pillar_roots in the master config file is shown below −
pillar_roots:
base:
- /srv/pillar此处,文件位于 “/srv/pillar” 目录中。
Here, the file is in the “/srv/pillar” directory.
考虑位于 /srv/pillar/top.sls 中的 top 文件具有以下结构:
Consider, the top file located in /srv/pillar/top.sls has the following structure −
base:
'*':
- default现在,移至位于 /srv/pillar/default.sls 的 default.sls 文件,并添加以下代码。
Now, move to the default.sls file located in /srv/pillar/default.sls and add the following code.
# Default pillar values
apache
git保存文件后,刷新 pillar 以更新所有更改。
After saving the file, refresh the pillar to update all the changes.
Refreshing the Pillar
可以使用以下命令刷新 pillar。
You can refresh the pillar using the following command.
root@saltmaster:/home/vagrant# salt '*' saltutil.refresh_pillar上述命令用于刷新所有 minion 上的 Salt pillar 数据。
The above command is used to refresh the Salt pillar data on all the minions.
List Pillar Data
若要列出 pillar 数据,可以使用以下命令。
To list out the pillar data, you can use the command given below.
root@saltmaster:/home/vagrant# salt '*' pillar.ls它将生成以下 output −
It will produce the following output −
minion2:
- apache
- git
minion1:
- apache
- gitPillar Items
设置 pillar 后,可以通过 pillar 模块在 minion 上查看数据。可以通过下面定义的函数 pillar.items 来访问它。
Once the pillar is setup, the data can be viewed on the minion via the pillar module. It can be accessed through the function pillar.items, which is defined below.
root@saltmaster:/home/vagrant# salt '*' pillar.items它将生成以下 output −
It will produce the following output −
minion2:
----------
apache:
httpd
git:
git
minion1:
----------
apache:
httpd
git:
gitSaltStack – Include Component
“Include” 组件用于在多个位置定义相同配置任务。这样很容易执行。在状态文件顶部,使用以下格式添加包含项:
The ‘Include’ component is used to define the same configuration task in multiple places. It is easy to perform. At the top of your state file, add an include using the following format −
include:
- state file 1
- state file 2此处, state file 1 和 state file 2 是你想要包含的 SLS 文件的名称。无需包含 .sls 扩展名。包含的 Salt 状态被插入当前文件的顶部。
Here, state file 1 and state file 2 are the names of the SLS files that you want to include. No need to include the .sls extension. The Included Salt states are inserted at the top of the current file.
Grains Interface
Grains 是一个用于获取有关底层系统信息的界面。收集 grains 以获取有关操作系统、域名、IP 地址、内核、操作系统类型、内存和许多其他系统属性的信息。
Grains is an interface used to derive the information about the underlying system. Grains are collected for the operating system, domain name, IP address, kernel, OS type, memory and many other system properties.
Grains Targeting
在定向小兵时可以使用 Grains 数据,如下代码块所述。
Grain data can be used when targeting minions, which is defined in the following code block.
root@saltmaster:/home/vagrant# salt -G 'os:Ubuntu' test.ping它将生成以下 output −
It will produce the following output −
minion1:
True
minion2:
True