Saltstack匹配Minion ID的多种方法
1、Globbing通配符* 表示匹配所有
1
2
3
salt '*' test.ping
salt '*.example.net'test.ping
salt '*.example.*' test.ping
? 表示任意一个字符
1
salt 'web?.example.net'test.ping
[] 表示枚举或者一个区间
1
2
3
salt 'web' test.ping
salt 'web' test.ping
salt 'web-' test.ping
2、regularexpressions正则表达式
同时匹配 web1-prod和web1-devel:
salt -E 'web1-(prod|devel)'test.ping
#-E表示使用正则表达式匹配
在sls文件中也可使用:
1
2
3
4
base:
'web1-(prod|devel)':
- match: pcre
- webserver
3、List列表
1
salt -L 'web1,web2,web3'test.ping
4、Grains模块
1
2
3
4
5
6
7
8
9
10
# salt -G os:CentOS cmd.run 'w'
linux-node2.example.com:
19:43:02 up 49 min,1 user,load average: 0.06, 0.02, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 10.0.0.1 06:46 3:19 0.09s0.09s -bash
linux-node1.example.com:
19:43:02 up 49 min,1 user,load average: 0.26, 0.07, 0.02
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 10.0.0.1 06:46 2.00s1.84s1.74s /usr/bin/python
#-G表示使用Grains进行匹配
自定义Grains:
1
2
3
# vim /srv/salt/grains
web:
- nginx
在Master上查看
1
2
3
4
5
6
7
8
# salt '*' grains.item web
linux-node1.example.com:
----------
web:
nginx
linux-node2.example.com:
----------
web:
名字(即此处的web)不能和/etc/salt/minion中 roles冲突
在top.sls中使用Grains匹配Minion
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# vim /srv/salt/top.sls
base:
'web:nginx':
- match: grain
- apache
# salt '*' state.highstate linux-node2.example.com:
----------
ID: states
Function: no.None
Result: False
Comment: No Top file or external nodes data matches found
Started:
Duration:
Changes:
Summary
------------
Succeeded: 0
Failed: 1
------------
Total states run: 1
linux-node1.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 19:59:18.844017
Duration: 2694.508 ms
Changes:
----------
ID: apache-install
Function: pkg.installed
Name: httpd-devel
Result: True
Comment: Package httpd-devel is already installed.
Started: 19:59:21.539596
Duration: 2.807 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 19:59:21.545357
Duration: 122.63 ms
Changes:
Summary
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
# cat /srv/salt/apache.sls
apache-install:
pkg.installed:
- names:
- httpd
- httpd-devel
apache-service:
service.running:
- name: httpd
- enable: True
- reload: True
5、Pillar模块
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# vim /etc/salt/master
pillar_roots:
base:
- /srv/pillar
#打开注释
# /etc/init.d/salt-master restart
# mkdir -p /srv/pillar
# cat /srv/pillar/apache.sls
{% if grains['os'] == 'CentOS' %}
apache: httpd
{% elif grains['os'] == 'Debian' %}
apache: apache2
{% endif %}
# vim /srv/pillar/top.sls
base:
'*':
- apache
# '*'表示让所有Minion可以看到apache这个Pillar
# salt '*' saltutil.refresh_pillar
linux-node2.example.com:
True
linux-node1.example.com:
True
#刷新使Pillar生效
# salt '*' pillar.items
linux-node2.example.com:
----------
apache:
httpd
linux-node1.example.com:
----------
apache:
httpd
# salt -I 'apache:httpd' test.ping
linux-node1.example.com:
True
linux-node2.example.com:
True
#-I表示使用Pillar进行匹配
6、Subnet/IP Address Matching使用网段或IP地址进行匹配
1
2
salt -S 192.168.40.20 test.ping
salt -S 10.0.0.0/24 test.ping
也可以在Pillar和sls文件里进行匹配
1
2
3
'172.16.0.0/12':
- match: ipcidr
- internal
注意:只能用于IPv4
页:
[1]