saltstack实战2
target 就是目标的意思,你要在那台机器上执行此命令或此状态。或者说将此动作或者状态文件推送给谁来执行,让那个minion执行可以进行一些匹配对于拥有大量机器的环境,如果单独一台台的执行指定minion去执行,反而违saltstack设计的初衷。
它有如下参数可以使用
https://images2015.cnblogs.com/blog/1076878/201612/1076878-20161225195013073-1037504523.png
1、
globbing 默认
# salt 'minion01'test.ping
minion01:
True
#
2、
-L,--list,以主机id名列表的形式进行过滤,不同主机id名称使用逗号分离。
# salt -L 'minion01,minion02'test.ping
minion02:
True
minion01:
True
#
3、
-E,--pcre,通过正则表达式进行匹配:
# salt -E '.*01' test.ping
minion01:
True
# salt -E 'minion*' test.ping
minion02:
True
minion01:
True
# salt -E 'm.*02' test.ping
minion02:
True
#
4、
-G,--grain,根据被控主机的grains信息进行匹配过滤,格式为:<grain value>:<grain expression>
grains是存放在minion上的主机信息,包括系统信息和硬件信息等,我们能看到有很多项,使用grains.items能看到
# salt 'minion01' grains.items
minion01:
----------
SSDs:
biosreleasedate:
07/02/2015
biosversion:
6.00
cpu_flags:
- fpu
- vme
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- dts
- mmx
- fxsr
- sse
- sse2
- ss
- syscall
- nx
- pdpe1gb
- rdtscp
- lm
- constant_tsc
- arch_perfmon
- pebs
- bts
- xtopology
- tsc_reliable
- nonstop_tsc
- aperfmperf
- unfair_spinlock
- pni
- pclmulqdq
- ssse3
- fma
- cx16
- pcid
- sse4_1
- sse4_2
- x2apic
- movbe
- popcnt
- tsc_deadline_timer
- aes
- xsave
- avx
- f16c
- rdrand
- hypervisor
- lahf_lm
- abm
- 3dnowprefetch
-> - arat
- xsaveopt
- pln
- pts
- dts
- fsgsbase
- bmi1
- hle
- avx2
- smep
- bmi2
- invpcid
- rtm
- rdseed
- adx
cpu_model:
Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
cpuarch:
x86_64
domain:
fqdn:
minion01
fqdn_ip4:
fqdn_ip6:
gpus:
|_
----------
model:
SVGA II Adapter
vendor:
unknown
host:
minion01
hwaddr_interfaces:
----------
eth0:
00:0c:29:22:4b:e9
lo:
00:00:00:00:00:00
id:
minion01
init:
upstart
ip4_interfaces:
----------
eth0:
- 10.0.1.172
lo:
- 127.0.0.1
ip6_interfaces:
----------
eth0:
- fe80::20c:29ff:fe22:4be9
lo:
- ::1
ip_interfaces:
----------
eth0:
- 10.0.1.172
- fe80::20c:29ff:fe22:4be9
lo:
- 127.0.0.1
- ::1
ipv4:
- 10.0.1.172
- 127.0.0.1
ipv6:
- ::1
- fe80::20c:29ff:fe22:4be9
kernel:
Linux
kernelrelease:
2.6.32-504.el6.x86_64
locale_info:
----------
defaultencoding:
UTF8
defaultlanguage:
en_US
detectedencoding:
UTF-8
localhost:
minion01
lsb_distrib_codename:
Final
lsb_distrib_id:
CentOS
lsb_distrib_release:
6.6
machine_id:
749e39b6649273bf0c83d26300000026
manufacturer:
VMware, Inc.
master:
master
mdadm:
mem_total:
3946
nodename:
minion01
num_cpus:
4
num_gpus:
1
os:
CentOS
os_family:
RedHat
osarch:
x86_64
oscodename:
Final
osfinger:
CentOS-6
osfullname:
CentOS
osmajorrelease:
6
osrelease:
6.6
osrelease_info:
- 6
- 6
path:
/sbin:/usr/sbin:/bin:/usr/bin
productname:
VMware Virtual Platform
ps:
ps -efH
pythonexecutable:
/usr/bin/python2.6
pythonpath:
- /usr/bin
- /usr/lib64/python26.zip
- /usr/lib64/python2.6
- /usr/lib64/python2.6/plat-linux2
- /usr/lib64/python2.6/lib-tk
- /usr/lib64/python2.6/lib-old
- /usr/lib64/python2.6/lib-dynload
- /usr/lib64/python2.6/site-packages
- /usr/lib64/python2.6/site-packages/gst-0.10
- /usr/lib64/python2.6/site-packages/gtk-2.0
- /usr/lib64/python2.6/site-packages/webkit-1.0
- /usr/lib/python2.6/site-packages
- /usr/lib/python2.6/site-packages/setuptools-0.6c11-py2.6.egg-info
pythonversion:
- 2
- 6
- 6
- final
- 0
saltpath:
/usr/lib/python2.6/site-packages/salt
saltversion:
2015.5.10
saltversioninfo:
- 2015
- 5
- 10
- 0
selinux:
----------
enabled:
False
enforced:
Disabled
serialnumber:
VMware-56 4d d2 3c be 05 36 b5-e6 19 4e ef 0b 22 4b e9
server_id:
1310197239
shell:
/bin/sh
virtual:
VMware
zmqversion:
3.2.5
#
使用方式如下
# salt 'minion01' grains.get os
minion01:
CentOS
# salt 'minion01' grains.get>
minion01:
minion01
# salt -G 'os:CentOS'test.ping
minion01:
True
minion02:
True
# salt -G 'id:minion01'test.ping
minion01:
True
#
5、
-S根据IP或者子网匹配
# salt -S '10.0.1.172' test.ping
minion01:
True
# salt -S '10.0.1.173' test.ping
minion02:
True
#
# salt -S '10.0.1.0/24' test.ping
minion02:
True
minion01:
True
#
6、
-C,组合匹配
根据条件运算符not、and、or去匹配不同规则的主机信息
# salt -C 'E@m.*01 or G@id:minion02' test.ping
minion01:
True
minion02:
True
# salt -C 'E@m.*02 or G@id:minion02' test.ping
minion02:
True
#
7、
-N
关于nodegroups
vim/etc/salt/master
在9到12行提示说在当前目录下新建master.d目录,然后里面的*.conf的配置文件会被默认加载到配置里
9 # Per default, the master will automatically include all config files 10 # from master.d/*.conf (master.d is a directory in the same directory
11 # as the main master config file).
12 #default_include: master.d/*.conf
看到定义组,如下格式
711行到713行
707 ##### Node Groups #####
708 ##########################################
709 # Node groups allow for logical groupings of minion nodes. A group consists of a group
710 # name and a compound target.
711 #nodegroups:
712 #group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com and bl*.domain.com'
713 #group2: 'G@os:Debian and foo.domain.com'
接下来我们自定义组。这里我们创建master.d目录,在里面写组的配置。这样和这个master配置文件解耦,防止自己误操作导致master配置文件出问题
自定义两个组,lamp组,成员有minion01和minion02
lnmp组有minion02成员
# cd /etc/salt/
# ls
masterpki
# mkdir master.d
# ls -F
mastermaster.d/pki/
# cd master.d/
# ls
# vim groups.conf
# cat groups.conf
nodegroups:
lamp: L@minion01,minion02
lnmp: minion02
#
# salt -N 'lamp' test.ping
minion01:
True
minion02:
True
# salt -N 'lnmp' test.ping
minion02:
True
#
8、
-I,--pillar,根据被控主机的pillar信息进行匹配
这里只介绍怎么使用 -I 进行pillar数据的匹配。具体pillar怎么配置的请查看pillar的博文
# salt '*'pillar.get apache
minion01:
minion02:
httpd
# salt -I 'apache:httpd'test.ping
minion02:
True
#
页:
[1]