实验目标
1.使用SaltStack部署apache和php,
2.使用salt管理httpd.conf配置文件配置访问info.php使用账户密码
3.在salt里面增加对conf.d目录进行配置管理
4.如何使用salt在追加文件内容
5.学会如何使用 watch require unless
实现步骤
修改master的配置文件,指定base环境路径,base环境是必须指定的
[iyunv@linux-node1 base]# grep -9 ^file_roots /etc/salt/master |grep -v ^#
file_roots:
base:
- /srv/salt/base
dev:
- /srv/salt/dev
test:
- /srv/salt/test
prod:
- /srv/salt/prod
创建目录
[iyunv@linux-node1 base]# mkdir -p /srv/salt/{base,dev,test,prod}
[iyunv@linux
-node1 base]# tree /srv/salt/
/srv/salt/
├── base
├── dev
├── prod
└── test
重启master
[iyunv@linux-node1 base]# systemctl restart salt-master
在base目录下面创建一个web目录用于存放web相关的sls文件
[iyunv@linux-node1 base]# mkdir -p web
cd到bash/web目录里面创建apache.sls文件
[iyunv@linux-node1 base]# cd web/
[iyunv@linux
-node1 web]# cat apache.sls
apache
-install: #id 名字自己取 需要形象一点, 一个id下面一个状态只能出现一次
pkg.installed: #pkg 是状态模块,installed 是模块里面的方法
- name: httpd #方法里面的参数
apache
-service:
service.running:
- name: httpd
- enable: True #设置开机自动启动 #yaml里面格式有严格的要求,注释用#号,不能有table,- 两边需要空格,缩进用2个空格层级关系后面要加分号
执行状态模块部署服务
[iyunv@linux-node1 base]# salt "linux-node2*" state.sls apache
linux
-node2.example.com:
----------
ID: apache
-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started:
14:58:09.228934
Duration:
633.681 ms
Changes:
----------
ID: apache
-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is running
Started:
14:58:09.863302
Duration:
310.567 ms
Changes:
----------
httpd:
True
Summary
------------
Succeeded:
2 (changed=1)
Failed:
0
------------
Total states run: 2
#此时node2 上面已经部署好了apache
高级状态的使用 需要在master配置文件里面打开 state_top: top.sls并重启master
[iyunv@linux-node1 web]# grep -n ^state_top /etc/salt/master
329:state_top: top.sls
[iyunv@linux-node1 web]# systemctl restart salt-master
在bese环境目录下面添加top.sls
[iyunv@linux-node1 base]# more top.sls
base:
'linux-node2.example.com':
- web.apache
'linux-node1.example.com':
- web.apache
[iyunv@linux
-node1 base]# pwd
/srv/salt/base
执行高级模块方法,高级方法到 base下面找top.sls 文件编排告诉每个minion需要干什么,一般生产环境用高级状态多些
[iyunv@linux-node1 base]# salt "*" state.highstate
linux
-node1.example.com:
----------
ID: apache
-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started:
15:23:08.597951
Duration:
709.521 ms
Changes:
----------
ID: apache
-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is
in the desired state
Started:
15:23:09.308417
Duration:
233.623 ms
Changes:
Summary
------------
Succeeded:
2
Failed:
0
------------
Total states run: 2
linux-node2.example.com:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: Package httpd is already installed.
Started: 15:23:09.171596
Duration: 721.901 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 15:23:09.894209
Duration: 221.615 ms
Changes:
Summary
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
上面我们使用了2个状态模块pkg和service,下面我们使用file文件配置模块
模块使用参考文档
https://www.unixhot.com/docs/saltstack/ref/states/all/salt.states.file.html#module-salt.states.file
在base/web目录下面添加一个lamp.sls,一般在添加里面的内容之前需要在外面找一台服务器进行测试拿到准确的包信息后再进行配置
[iyunv@linux-node1 web]# cat lamp.sls
lamp-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf #服务实际使用的文件路径
- source: salt://web/files/httpd.conf #salt的源文件用于分发到minion上面 路径是base目录下面的web 这里也支持http和ftp方式
- user: root
- group: root
- mode: 644
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://web/files/php.ini
- user: root
- group: root
- mode: 644
lamp-service:
service.running:
- name: httpd
- enable: True
拷贝源文件到base/web目录下,这个根据自己的实际情况找源文件拷贝过来
[iyunv@linux-node1 web]# cp /etc/httpd/conf/httpd.conf /srv/salt/base/web/files/
[iyunv@linux-node1 web]# cp /etc/php.ini /srv/salt/base/web/files/
执行状态模块部署服务
[iyunv@linux-node1 web]# salt "*" state.sls web.lamp
linux
-node1.example.com:
----------
ID: lamp
-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started:
15:43:56.883540
Duration:
633.814 ms
Changes:
----------
ID: apache
-config
Function:
file.managed
Name:
/etc/httpd/conf/httpd.conf
Result: True
Comment: File
/etc/httpd/conf/httpd.conf is in the correct state
Started:
15:43:57.520199
Duration:
4.242 ms
Changes:
----------
ID: php
-config
Function:
file.managed
Name:
/etc/php.ini
Result: True
Comment: File
/etc/php.ini is in the correct state
Started:
15:43:57.524589
Duration:
4.149 ms
Changes:
----------
ID: lamp
-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is
in the desired state
Started:
15:43:57.529404
Duration:
258.952 ms
Changes:
Summary
------------
Succeeded:
4
Failed:
0
------------
Total states run: 4
linux-node2.example.com:
----------
ID: lamp-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started: 15:43:58.566172
Duration: 611.409 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 15:43:59.180091
Duration: 4.063 ms
Changes:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 15:43:59.184248
Duration: 3.803 ms
Changes:
----------
ID: lamp-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 15:43:59.188496
Duration: 208.1 ms
Changes:
Summary
------------
Succeeded: 4
Failed: 0
------------
Total states run: 4
使用file模块下面的recurse方法进行apache的conf.d目录管理配置如下
apache-conf:
file.recurse:
- name: /etc/httpd/conf.d
- source: salt://web/files/apache-conf.d
创建salt源目录,并拷贝数据导源文件目录,数据文件来源根据自己业务的实际情况
[iyunv@linux-node1 ~]# mkdir /srv/salt/base/web/files/apache-conf.d
[iyunv@linux
-node1 ~]# cd /srv/salt/base/web/files/apache-conf.d/
[iyunv@linux
-node1 apache-conf.d]# cp -a /etc/httpd/conf.d/* .
[iyunv@linux-node1 apache-conf.d]# ls
autoindex.conf php.conf README userdir.conf welcome.conf
[iyunv@linux-node1 apache-conf.d]#
测试在files/apache-conf.d/welcome.conf 添加一行#xiewenming test
[iyunv@linux-node1 files]# echo "#xieweming test" >> apache-conf.d/welcome.conf
验证目录管理是否生效
可以先使用test=True 只做测试,不会在minion节点上面真正执行,确认无问题后再让minion去执行
[iyunv@linux-node1 files]# salt "linux-node2*" state.highstate test=True
linux
-node2.example.com:
----------
ID: lamp
-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started:
16:12:56.440265
Duration:
666.288 ms
Changes:
----------
ID: apache
-config
Function:
file.managed
Name:
/etc/httpd/conf/httpd.conf
Result: True
Comment: The
file /etc/httpd/conf/httpd.conf is in the correct state
Started:
16:12:57.108448
Duration:
3.959 ms
Changes:
----------
ID: php
-config
Function:
file.managed
Name:
/etc/php.ini
Result: True
Comment: The
file /etc/php.ini is in the correct state
Started:
16:12:57.112503
Duration:
3.61 ms
Changes:
----------
ID: lamp
-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is
in the desired state
Started:
16:12:57.116505
Duration:
244.585 ms
Changes:
----------
ID: apache
-conf
Function:
file.recurse
Name:
/etc/httpd/conf.d
Result: None
Comment: ####
/etc/httpd/conf.d/welcome.conf ####
The
file /etc/httpd/conf.d/welcome.conf is set to be changed
Started:
16:12:57.361390
Duration:
1096.52 ms
Changes:
----------
/etc/httpd/conf.d/welcome.conf:
----------
diff:
---
+++
@@ -20,3 +20,4 @@
Alias /noindex/css/open-sans.css /usr/share/httpd/noindex/css/open-sans.css
Alias /images/apache_pb.gif /usr/share/httpd/noindex/images/apache_pb.gif
Alias /images/poweredby.png /usr/share/httpd/noindex/images/poweredby.png
+#xieweming test
Summary
------------
Succeeded: 5 (unchanged=1, changed=1)
Failed: 0
------------
Total states run: 5
验证没有问题在node1和node2上面都执行
我们这里就2台所有可以直接用*
 
[iyunv@linux-node1 files]# salt "*" state.highstate
linux
-node1.example.com:
----------
ID: lamp
-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started:
16:19:31.724191
Duration:
782.903 ms
Changes:
----------
ID: apache
-config
Function:
file.managed
Name:
/etc/httpd/conf/httpd.conf
Result: True
Comment: File
/etc/httpd/conf/httpd.conf is in the correct state
Started:
16:19:32.509438
Duration:
4.62 ms
Changes:
----------
ID: php
-config
Function:
file.managed
Name:
/etc/php.ini
Result: True
Comment: File
/etc/php.ini is in the correct state
Started:
16:19:32.514200
Duration:
4.418 ms
Changes:
----------
ID: lamp
-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is
in the desired state
Started:
16:19:32.519273
Duration:
234.566 ms
Changes:
----------
ID: apache
-conf
Function:
file.recurse
Name:
/etc/httpd/conf.d
Result: True
Comment: Recursively updated
/etc/httpd/conf.d
Started:
16:19:32.754002
Duration:
1082.389 ms
Changes:
----------
/etc/httpd/conf.d/welcome.conf:
----------
diff:
---
+++
@@ -20,3 +20,4 @@
Alias /noindex/css/open-sans.css /usr/share/httpd/noindex/css/open-sans.css
Alias /images/apache_pb.gif /usr/share/httpd/noindex/images/apache_pb.gif
Alias /images/poweredby.png /usr/share/httpd/noindex/images/poweredby.png
+#xieweming test
Summary
------------
Succeeded: 5 (changed=1)
Failed: 0
------------
Total states run: 5
linux-node2.example.com:
----------
ID: lamp-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started: 16:19:32.296865
Duration: 789.23 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 16:19:33.089019
Duration: 3.807 ms
Changes:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 16:19:33.092933
Duration: 3.459 ms
Changes:
----------
ID: lamp-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 16:19:33.096823
Duration: 232.349 ms
Changes:
----------
ID: apache-conf
Function: file.recurse
Name: /etc/httpd/conf.d
Result: True
Comment: Recursively updated /etc/httpd/conf.d
Started: 16:19:33.329410
Duration: 1079.801 ms
Changes:
----------
/etc/httpd/conf.d/welcome.conf:
----------
diff:
---
+++
@@ -20,3 +20,4 @@
Alias /noindex/css/open-sans.css /usr/share/httpd/noindex/css/open-sans.css
Alias /images/apache_pb.gif /usr/share/httpd/noindex/images/apache_pb.gif
Alias /images/poweredby.png /usr/share/httpd/noindex/images/poweredby.png
+#xieweming test
Summary
------------
Succeeded: 5 (changed=1)
Failed: 0
------------
Total states run: 5
salt "*" state.highstate
使用watch在apache配置文件发送变化时,重新加载apache配置
增加下面的红色字体部分
[iyunv@linux-node1 web]# more lamp.sls
lamp
-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache
-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://web/files/httpd.conf
- user: root
- group: root
- mode: 644
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://web/files/php.ini
- user: root
- group: root
- mode: 644
lamp-service:
service.running:
- name: httpd
- enable: True
->
- watch: #增加
- file: apache-config #监控上面的apache-config>
apache-conf:
file.recurse:
- name: /etc/httpd/conf.d
- source: salt://web/files/apache-conf.d
另外一种watc_in写法,我们只需要掌握一种就可以
...
lamp
-service:
service.running:
- name: httpd
- enable: True
->
- watch:
- file: apache-config
apache
-conf:
file.recurse:
- name: /etc/httpd/conf.d
- source: salt://web/files/apache-conf.d
- watch_in:
- service: lamp-service
...
View Code 修改一下配置文件进行验证成功
[iyunv@linux-node1 files]# salt "*" state.highstate
linux
-node1.example.com:
----------
ID: lamp
-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started:
16:39:08.336027
Duration:
733.712 ms
Changes:
----------
ID: apache
-config
Function:
file.managed
Name:
/etc/httpd/conf/httpd.conf
Result: True
Comment: File
/etc/httpd/conf/httpd.conf updated
Started:
16:39:09.071795
Duration:
13.576 ms
Changes:
----------
diff:
---
+++
@@ -28,6 +28,7 @@
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
#
+
ServerRoot "/etc/httpd"
#
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 16:39:09.085478
Duration: 3.597 ms
Changes:
----------
ID: lamp-service
Function: service.running
Name: httpd
Result: True
Comment: Service>
Started: 16:39:09.337223
Duration: 253.101 ms
Changes:
----------
httpd:
True
----------
ID: apache-conf
Function: file.recurse
Name: /etc/httpd/conf.d
Result: True
Comment: The directory /etc/httpd/conf.d is in the correct state
Started: 16:39:09.590622
Duration: 25.654 ms
Changes:
Summary
------------
Succeeded: 5 (changed=2)
Failed: 0
------------
Total states run: 5
linux-node2.example.com:
----------
ID: lamp-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started: 16:39:08.904921
Duration: 735.305 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf updated
Started: 16:39:09.643019
Duration: 16.038 ms
Changes:
----------
diff:
---
+++
@@ -28,6 +28,7 @@
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
#
+
ServerRoot "/etc/httpd"
#
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 16:39:09.659260
Duration: 3.724 ms
Changes:
----------
ID: lamp-service
Function: service.running
Name: httpd
Result: True
Comment: Service>
Started: 16:39:09.900780
Duration: 255.082 ms
Changes:
----------
httpd:
True
----------
ID: apache-conf
Function: file.recurse
Name: /etc/httpd/conf.d
Result: True
Comment: The directory /etc/httpd/conf.d is in the correct state
Started: 16:39:10.156119
Duration: 165.767 ms
Changes:
Summary
------------
Succeeded: 5 (changed=2)
Failed: 0
------------
Total states run: 5
View Code
使用require可以让各ID之间产生依赖关系,避免无效执行
比如执行apache-config>
lamp-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache
-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://web/files/httpd.conf
- user: root
- group: root
- mode: 644
- require:
- pkg: lamp-install
测试apache php环境工作是否正常,在2个节点上的apache工作目录下创建phpinfo文件
[iyunv@linux-node2 conf.d]# cd /var/www/html/
[iyunv@linux
-node2 html]# mkdir admin
[iyunv@linux
-node2 html]# cd admin/
[iyunv@linux
-node2 admin]# vi info.php
[iyunv@linux
-node2 admin]# cat info.php
<?php
phpinfo()
?>
可以正常打开
现在使用salt添加访问phpinfo需要账号密码
在salt的apache的配置管理文件里面添加验证 如下红色字体部分
[iyunv@linux-node1 files]# pwd
/srv/salt/base/web/files
[iyunv@linux-node1 files]#
[iyunv@linux-node1 files]# tail -15 httpd.conf
#EnableMMAP off
EnableSendfile on
<Directory "/var/www/html/admin">
AllowOverride All
Order allow,deny
Allow from All
AuthUserFile /etc/httpd/conf/htpasswd_file
AuthName "hehe"
AuthType Basic
Require user admin
</Directory>
# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
在lamp.sls 里面添加一个名为apache-auth 状态ID并使用require指定依赖关系
[iyunv@linux-node1 web]# pwd
/srv/salt/base/web
[iyunv@linux-node1 web]# ls
apache.sls files lamp.sls
[iyunv@linux-node1 web]# tail -10 lamp.sls
- name: /etc/httpd/conf.d
- source: salt://web/files/apache-conf.d
apache-auth:
pkg.installed:
- name: httpd-tools
- require_in:
- cmd: apache-auth #如果没有这个rpm包下面的cmd.run就不运行,指定依赖关系
cmd.run:
- name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin #创建 账号为admin 密码为admin的密码文件
执行状态模块,验证没有报错
[iyunv@linux-node1 web]# salt "*" state.highstate
linux
-node1.example.com:
----------
ID: lamp
-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started:
17:26:36.171081
Duration:
760.101 ms
Changes:
----------
ID: apache
-config
Function:
file.managed
Name:
/etc/httpd/conf/httpd.conf
Result: True
Comment: File
/etc/httpd/conf/httpd.conf is in the correct state
Started:
17:26:36.936510
Duration:
12.034 ms
Changes:
----------
ID: php
-config
Function:
file.managed
Name:
/etc/php.ini
Result: True
Comment: File
/etc/php.ini is in the correct state
Started:
17:26:36.948778
Duration:
5.661 ms
Changes:
----------
ID: lamp
-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is
in the desired state
Started:
17:26:36.955341
Duration:
335.213 ms
Changes:
----------
ID: apache
-conf
Function:
file.recurse
Name:
/etc/httpd/conf.d
Result: True
Comment: The directory
/etc/httpd/conf.d is in the correct state
Started:
17:26:37.290804
Duration:
26.826 ms
Changes:
----------
ID: apache
-auth
Function: pkg.installed
Name: httpd
-tools
Result: True
Comment: Package httpd
-tools is already installed.
Started:
17:26:37.317767
Duration:
0.518 ms
Changes:
----------
ID: apache
-auth
Function: cmd.run
Name: htpasswd
-bc /etc/httpd/conf/htpasswd_file admin admin
Result: True
Comment: Command
"htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin" run
Started:
17:26:37.319460
Duration:
17.893 ms
Changes:
----------
pid:
20315
retcode:
0
stderr:
Adding password
for user admin
stdout:
Summary
------------
Succeeded:
7 (changed=1)
Failed:
0
------------
Total states run: 7
linux-node2.example.com:
----------
ID: lamp-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started: 17:26:36.819001
Duration: 801.418 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 17:26:37.625380
Duration: 5.27 ms
Changes:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 17:26:37.630775
Duration: 5.974 ms
Changes:
----------
ID: lamp-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 17:26:37.637798
Duration: 276.924 ms
Changes:
----------
ID: apache-conf
Function: file.recurse
Name: /etc/httpd/conf.d
Result: True
Comment: The directory /etc/httpd/conf.d is in the correct state
Started: 17:26:37.914890
Duration: 114.468 ms
Changes:
----------
ID: apache-auth
Function: pkg.installed
Name: httpd-tools
Result: True
Comment: Package httpd-tools is already installed.
Started: 17:26:38.029465
Duration: 0.858 ms
Changes:
----------
ID: apache-auth
Function: cmd.run
Name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
Result: True
Comment: Command "htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin" run
Started: 17:26:38.031904
Duration: 24.688 ms
Changes:
----------
pid:
8667
retcode:
0
stderr:
Adding password for user admin
stdout:
Summary
------------
Succeeded: 7 (changed=1)
Failed: 0
------------
Total states run: 7
View Code 再次访问phpinfo就有验证了
但是上面有些小问题
当多次执行apache-auth状态模块的时候,密码文件会被重新创建并覆盖
解决办法:我们可以使用unless进行判断,unless 如果条件为真就执行,为假就不执行
修改apache-auth状态模块如下
[iyunv@linux-node1 web]# tail -8 lamp.sls
apache
-auth:
pkg.installed:
- name: httpd-tools
- require_in:
- cmd: apache-auth #如果没有这个rpm包下面的cmd.run就不运行,解决依赖关系
cmd.run:
- name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- unless: test -f /etc/httpd/conf/htpasswd_file #unless 不只限于用test 支持脚本等任何命令 只要判断 期返回结果0 或者1 0为真 1为假 就可以
再次执行lamp.sls状态模块,就解决了上面的问题
[iyunv@linux-node1 web]# salt "*" state.highstate
linux
-node2.example.com:
----------
ID: lamp
-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started:
17:41:08.415429
Duration:
739.009 ms
Changes:
----------
ID: apache
-config
Function:
file.managed
Name:
/etc/httpd/conf/httpd.conf
Result: True
Comment: File
/etc/httpd/conf/httpd.conf is in the correct state
Started:
17:41:09.158151
Duration:
4.038 ms
Changes:
----------
ID: php
-config
Function:
file.managed
Name:
/etc/php.ini
Result: True
Comment: File
/etc/php.ini is in the correct state
Started:
17:41:09.162303
Duration:
4.511 ms
Changes:
----------
ID: lamp
-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is
in the desired state
Started:
17:41:09.167489
Duration:
260.979 ms
Changes:
----------
ID: apache
-conf
Function:
file.recurse
Name:
/etc/httpd/conf.d
Result: True
Comment: The directory
/etc/httpd/conf.d is in the correct state
Started:
17:41:09.428715
Duration:
27.714 ms
Changes:
----------
ID: apache
-auth
Function: pkg.installed
Name: httpd
-tools
Result: True
Comment: Package httpd
-tools is already installed.
Started:
17:41:09.456576
Duration:
0.529 ms
Changes:
----------
ID: apache
-auth
Function: cmd.run
Name: htpasswd
-bc /etc/httpd/conf/htpasswd_file admin admin
Result: True
Comment: unless execution succeeded
Started:
17:41:09.458220
Duration:
7.17 ms
Changes:
Summary
------------
Succeeded:
7
Failed:
0
------------
Total states run: 7
linux-node1.example.com:
----------
ID: lamp-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed.
Started: 17:41:08.069936
Duration: 769.874 ms
Changes:
----------
ID: apache-config
Function: file.managed
Name: /etc/httpd/conf/httpd.conf
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 17:41:08.842186
Duration: 4.2 ms
Changes:
----------
ID: php-config
Function: file.managed
Name: /etc/php.ini
Result: True
Comment: File /etc/php.ini is in the correct state
Started: 17:41:08.846533
Duration: 4.393 ms
Changes:
----------
ID: lamp-service
Function: service.running
Name: httpd
Result: True
Comment: Service httpd is already enabled, and is in the desired state
Started: 17:41:08.851964
Duration: 244.197 ms
Changes:
----------
ID: apache-conf
Function: file.recurse
Name: /etc/httpd/conf.d
Result: True
Comment: The directory /etc/httpd/conf.d is in the correct state
Started: 17:41:09.096343
Duration: 20.85 ms
Changes:
----------
ID: apache-auth
Function: pkg.installed
Name: httpd-tools
Result: True
Comment: Package httpd-tools is already installed.
Started: 17:41:09.117331
Duration: 0.53 ms
Changes:
----------
ID: apache-auth
Function: cmd.run
Name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
Result: True
Comment: unless execution succeeded
Started: 17:41:09.119400
Duration: 6.484 ms
Changes:
Summary
------------
Succeeded: 7
Failed: 0
------------
Total states run: 7
View Code
base的目录结构如下
[iyunv@linux-node1 salt]# tree base
base
├── fileappend.sls
├── top.sls
└── web
├── apache.sls
├── files
│ ├── apache
-conf.d
│ │ ├── autoindex.conf
│ │ ├── php.conf
│ │ ├── README
│ │ ├── userdir.conf
│ │ └── welcome.conf
│ ├── httpd.conf
│ └── php.ini
└── lamp.sls
3 directories, 11 files
cat lamp.sls
[iyunv@linux-node1 base]# cat web/lamp.sls
lamp
-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache
-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://web/files/httpd.conf
- user: root
- group: root
- mode: 644
- require:
- pkg: lamp-install
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://web/files/php.ini
- user: root
- group: root
- mode: 644
lamp-service:
service.running:
- name: httpd
- enable: True
->
- watch:
- file: apache-config
apache-conf:
file.recurse:
- name: /etc/httpd/conf.d
- source: salt://web/files/apache-conf.d
apache-auth:
pkg.installed:
- name: httpd-tools
- require_in:
- cmd: apache-auth #如果没有这个rpm包下面的cmd.run就不运行,解决依赖关系
cmd.run:
- name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- unless: test -f /etc/httpd/conf/htpasswd_file
View Code
至此apache和php测试已完成
这里补充一个file模块的append方法
[iyunv@linux-node1 base]# pwd
/srv/salt/base
[iyunv@linux-node1 base]# cat fileappend.sls
/etc/profile: #这里是ID的另一种用法,可以直接用文件的路径
file.append:
- text:
- "#xiewneming test" #注意如果添加的内容里面有特殊符合,需要加上引号
执行状态模块,添加成功
[iyunv@linux-node1 base]# salt "linux-node1*" state.sls fileappend
linux
-node1.example.com:
----------
ID:
/etc/profile
Function:
file.append
Result: True
Comment: Appended
1 lines
Started:
17:53:02.877027
Duration:
7.669 ms
Changes:
----------
diff:
---
+++
@@ -75,3 +75,4 @@
unset i
unset -f pathmunge
None
+#xiewneming test
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
总结
1.添加状态模块的时候,应该自己得先在别的机器上面跑一遍流程在添加
2.状态模块中- source: salt://web/files/apache-conf.d #支持ftp或者http上面 base环境的路径
3.使用的时候要先测试 test=True
4.ID 有不同表示方式
5.状态模块需要执行模块执行才能生效
6.相同的业务用目录进行分类管理
7.sls文件是从上往下按照顺序执行
8.一个ID下面一个状态只能出现一次
9.pkg是虚拟的包管理,在不同系统下面包的安装命令不同 比如 CentOS 和Ubuntu
10.watch 和watch_in require和require_in 在状态模块中可以统一用其中的一种
11.salt默认是有缓存的,可以无关紧要的配置重启进程刷新缓存
salt任务执行过程中不删除缓存目录里面的文件 缓存目录默认为/var/cache/salt
附 赵班长的 GitHub saltbook-code网址
https://github.com/unixhot/saltbook-code/tree/master |
QQ群⑧:
窥视卡
雷达卡
发表于 2018-1-3 21:35:58
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡