|
SaltStack数据系统
两种数据系统:Grains和Pillar
1、Grains介绍
Grains又被成为静态数据。Minion启动的时候收集的minion本地的相关信息(操作系统版本,内核版本,CPU,内存,硬盘,设备型号,序列号)。
Grains功能
(1)资产管理;信息查询
(2)用于目标选择
(3)配置管理中使用
2、查看grains
把所有grains里的key都列出来
[iyunv@linux-node1 /etc/salt]# salt 'linux-node1*' grains.ls
linux-node1.example.com:
- SSDs
- biosreleasedate
- biosversion
- cpu_flags
- cpu_model
- cpuarch
- disks
- dns
- domain
- fqdn
- fqdn_ip4
- fqdn_ip6
- gid
- gpus
- groupname
- host
- hwaddr_interfaces
- id
- init
- ip4_interfaces
- ip6_interfaces
- ip_interfaces
- ipv4
- ipv6
- kernel
- kernelrelease
- locale_info
- localhost
- lsb_distrib_codename
- lsb_distrib_id
- machine_id
- manufacturer
- master
- mdadm
- mem_total
- nodename
- num_cpus
- num_gpus
- os
- os_family
- osarch
- oscodename
- osfinger
- osfullname
- osmajorrelease
- osrelease
- osrelease_info
- path
- pid
- productname
- ps
- pythonexecutable
- pythonpath
- pythonversion
- saltpath
- saltversion
- saltversioninfo
- selinux
- serialnumber
- server_id
- shell
- systemd
- uid
- username
- uuid
- virtual
- zmqversion
查看所有的grains的item
[iyunv@linux-node1 /etc/salt]# salt 'linux-node1*' grains.items
linux-node1.example.com:
----------
SSDs:
biosreleasedate:
05/20/2014
biosversion:
6.00
cpu_flags:
- fpu
- vme
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- dts
- mmx
- fxsr
- sse
- sse2
- ss
- syscall
- nx
- pdpe1gb
- rdtscp
- lm
- constant_tsc
- arch_perfmon
- pebs
- bts
- nopl
- xtopology
- tsc_reliable
- nonstop_tsc
- aperfmperf
- eagerfpu
- pni
- pclmulqdq
- ssse3
- fma
- cx16
- pcid
- sse4_1
- sse4_2
- x2apic
- movbe
- popcnt
- tsc_deadline_timer
- xsave
- avx
- f16c
- rdrand
- hypervisor
- lahf_lm
- abm
- ida
- arat
- epb
- pln
- pts
- dtherm
- fsgsbase
- tsc_adjust
- bmi1
- avx2
- smep
- bmi2
- invpcid
- xsaveopt
cpu_model:
Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
cpuarch:
x86_64
disks:
- fd0
- sda
- sr0
- dm-0
- dm-1
dns:
----------
domain:
ip4_nameservers:
- 192.168.56.2
ip6_nameservers:
nameservers:
- 192.168.56.2
search:
domain:
example.com
fqdn:
linux-node1.example.com
fqdn_ip4:
- 192.168.56.11
fqdn_ip6:
gid:
0
gpus:
|_
----------
model:
SVGA II Adapter
vendor:
unknown
groupname:
root
host:
linux-node1
hwaddr_interfaces:
----------
eth0:
00:0c:29:83:fc:c2
lo:
00:00:00:00:00:00
id:
linux-node1.example.com
init:
systemd
ip4_interfaces:
----------
eth0:
- 192.168.56.11
- 192.168.56.20
lo:
- 127.0.0.1
ip6_interfaces:
----------
eth0:
- fe80::20c:29ff:fe83:fcc2
lo:
- ::1
ip_interfaces:
----------
eth0:
- 192.168.56.11
- 192.168.56.20
- fe80::20c:29ff:fe83:fcc2
lo:
- 127.0.0.1
- ::1
ipv4:
- 127.0.0.1
- 192.168.56.11
- 192.168.56.20
ipv6:
- ::1
- fe80::20c:29ff:fe83:fcc2
kernel:
Linux
kernelrelease:
3.10.0-327.18.2.el7.x86_64
locale_info:
----------
defaultencoding:
UTF-8
defaultlanguage:
en_US
detectedencoding:
UTF-8
localhost:
linux-node1
lsb_distrib_codename:
CentOS Linux 7 (Core)
lsb_distrib_id:
CentOS Linux
machine_id:
bce98aed5563467fa74b78a99c46f6f5
manufacturer:
VMware, Inc.
master:
192.168.56.11
mdadm:
mem_total:
1824
nodename:
linux-node1
num_cpus:
1
num_gpus:
1
os:
CentOS
os_family:
RedHat
osarch:
x86_64
oscodename:
CentOS Linux 7 (Core)
osfinger:
CentOS Linux-7
osfullname:
CentOS Linux
osmajorrelease:
7
osrelease:
7.2.1511
osrelease_info:
- 7
- 2
- 1511
path:
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/bin:/sbin
pid:
13810
productname:
VMware Virtual Platform
ps:
ps -efH
pythonexecutable:
/usr/bin/python
pythonpath:
- /usr/bin
- /usr/lib64/python27.zip
- /usr/lib64/python2.7
- /usr/lib64/python2.7/plat-linux2
- /usr/lib64/python2.7/lib-tk
- /usr/lib64/python2.7/lib-old
- /usr/lib64/python2.7/lib-dynload
- /usr/lib64/python2.7/site-packages
- /usr/lib64/python2.7/site-packages/gtk-2.0
- /usr/lib/python2.7/site-packages
pythonversion:
- 2
- 7
- 5
- final
- 0
saltpath:
/usr/lib/python2.7/site-packages/salt
saltversion:
2016.3.1
saltversioninfo:
- 2016
- 3
- 1
- 0
selinux:
----------
enabled:
False
enforced:
Disabled
serialnumber:
VMware-56 4d 5f 3f de d4 01 f1-b8 8a e4 d6 84 83 fc c2
server_id:
1981947194
shell:
/bin/sh
systemd:
----------
features:
+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN
version:
219
uid:
0
username:
root
uuid:
564d5f3f-ded4-01f1-b88a-e4d68483fcc2
virtual:
VMWare
zmqversion:
4.0.5
查看所有主机的IP地址
[iyunv@linux-node1 /etc/salt]# salt '*' grains.item fqdn_ip4
linux-node2.example.com:
----------
fqdn_ip4:
- 192.168.56.12
linux-node1.example.com:
----------
fqdn_ip4:
- 192.168.56.11
使用参数-G,用于目标选择
[iyunv@linux-node1 /etc/salt]# salt -G 'os:CentOS' test.ping
linux-node1.example.com:
True
linux-node2.example.com:
True
[iyunv@linux-node1 /etc/salt]# salt -G 'os:CentOS' cmd.run 'w'
linux-node1.example.com:
10:52:01 up 13:06, 2 users, load average: 0.02, 0.04, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root tty1 06:56 3:54m 0.18s 0.18s -bash
root pts/0 192.168.56.1 09:39 1.00s 0.88s 0.72s /usr/bin/python /usr/bin/salt -G os:CentOS cmd.run w
linux-node2.example.com:
08:00:58 up 1 day, 17:30, 1 user, load average: 0.32, 0.08, 0.07
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root tty1
[iyunv@linux-node1 /etc/salt]# salt -G 'fqdn_ip4:192.168.56.*' test.ping
linux-node1.example.com:
True
linux-node2.example.com:
True
3、定义grains
在minion配置文件里修改
vi /etc/salt/minion
搜索grains,然后将其注释取消掉,并定义roles
grains:
roles: apache
切记,修改完需要重启
systemctl restart salt-minion
查看grains有哪些角色
[iyunv@linux-node1 /etc/salt]# salt '*' grains.item roles
linux-node1.example.com:
----------
roles:
linux-node2.example.com:
----------
roles:
apache
由于只在node2上定义的role,所以只有node2上有返回值
重启所有角色为apache的服务
[iyunv@linux-node1 /etc/salt]# salt -G 'roles:apache' cmd.run 'systemctl restart httpd'
linux-node2.example.com:
[iyunv@linux-node1 /etc/salt]#
4、自定义grains
写grains
单独创建一个名称为grains的文件,minion会在此目录下找
vi /etc/salt/grains
cloud:openstack
重启minion后查看
[iyunv@linux-node1 /etc/salt]# salt '*' grains.item cloud
linux-node1.example.com:
----------
cloud:
linux-node2.example.com:
----------
cloud:
openstack
或者使用
salt '*' saltutil.sync_grains 刷新grains
在top.sls文件中使用grains做目标选择
base:
'*':
- init.init
'roles:apache':
- match: grains #使用grain方式进行匹配
- web.apache #动作
5、配置管理
自己开发一个Grains:
cd /srv/salt
mkdir _grains
创建一个python文件my_grains.py
#!/usr/bin/env python
#-*_ coding: utf-8 -*-
def my_grains():
grains = {}
grains['iaas'] = 'openstack'
grains['edu'] = 'hehe'
return grains
接下来需要将自定义的grains发送给minion
[iyunv@linux-node1 /srv/salt/_grains]# salt '*' saltutil.sync_grains
linux-node2.example.com:
linux-node1.example.com:
进入minion目录,查看自定义的grains被同步到什么地方
/var/cache/salt/minion/extmods
查看新增的grains
salt '*' grains.item iaas
6、pillar
给特定的minion指定特定的数据。
修改pillar配置文件
vi /etc/salt/pillar
pillar_roots:
base:
- /srv/pillar/base
prod:
- /srv/pillar/prod
自己编写pillar
[iyunv@linux-node1 /srv/pillar/web]# cat apache.sls
{% if grains['os'] == 'CentOS' %}
apache: httpd
{% elif grains['os'] == 'Debian' %}
apache: apache2
{% endif %}
写完pillar后,需要执行salt '*' saltutil.refresh_pillar 进行刷新后才能看到新增的pillar
[iyunv@linux-node1 /srv/pillar/web]# salt '*' pillar.items apache
linux-node1.example.com:
----------
apache:
httpd
linux-node2.example.com:
----------
apache:
pillar使用场景
pillar使用参数-I进行匹配
salt -I 'apache:httpd' test.ping
salt -I 'apache:httpd' cmd.run 'w'
7、Grains VS Pillar
类型 数据采集方式 应用场景 定义位置
Grains 静态 minion启动时收集 数据查询 目标选择 配置管理 minion
Pillar 动态 master自定义 目标选择 配置管理 敏感数据 master
|
|
|