SaltStack的salt-ssh使用及LAMP状态设计部署

1、salt-ssh的使用

官方文档：https://docs.saltstack.com/en/2016.11/topics/ssh/index.html

（1）安装salt-ssh
[root@linux-node1 ~]# yum install -y salt-ssh（2）配置salt-ssh
[root@linux-node1 ~]# vim /etc/salt/roster 
linux-node1:host: 192.168.56.11user: rootpasswd: 123123
linux-node2:host: 192.168.56.12user: rootpasswd: 123123（3）使用ssh远程执行
[root@linux-node1 ~]# salt-ssh '*' -r 'uptime'
linux-node2:----------retcode:0stderr:stdout:root@192.168.56.12's password: 14:07:19 up 14 days,  8:41,  2 users,  load average: 0.04, 0.08, 0.07
linux-node1:----------retcode:0stderr:stdout:root@192.168.56.11's password: 14:07:20 up 23 days,  8:13,  2 users,  load average: 2.86, 0.81, 0.34

2、配置管理

（1）什么是状态？

所谓的状态就是希望系统运行某些命令之后的结果。描述状态使用YAML格式的文件。SLS：salt state
举例安装apache，如下：

[root@linux-node1 ~]# vim /srv/salt/base/web/apache.sls 
apache:pkg.installed:- name: httpdservice.running:- name: httpdfile.managed:- name: /etc/httpd/conf/httpd.conf- source: salt://apache/files/httpd.conf- user: root- group: root- mode: 644解释说明：
apache：id声明，在所有环境（base、prod）下全局唯一
pkg：状态模块
.：引用关系
installed:模块中的方法
:：代表层级关系
name:可以理解为参数，后面跟的是参数值
file.managed:文件管理模块，必须要有source指定文件的来源路径
source：文件的来源路径，salt://代表着环境的根路径，这的根路径为：/srv/salt/base/
user、group、mode：分别指定文件的所属者，所属组和权限以上的文件还可以使用分id的写法：
apache-install:pkg.installed:- name: httpdapache-service:service.running:- name: httpdapache-config:file.managed:- name: /etc/httpd/conf/httpd.conf- source: salt://apache/files/httpd.conf- user: root- group: root- mode: 644存在指定多个配置文件，还可以使用一下写法：(不适用name作为参数传递时，id就是name)
/etc/httpd/conf/httpd.conf:file.managed:- source: salt://apache/files/httpd.conf- user: root- group: root- mode: 644
/etc/httpd/conf/php.conf:file.managed:- source: salt://apache/files/php.conf- user: root- group: root- mode: 644

（2） LAMP的状态设计与实现部署

1、设计分析

2、Aapche的状态配置

[root@linux-node1 prod]# pwd
/srv/salt/prod
[root@linux-node1 prod]# mkdir apache php mysql
[root@linux-node1 prod]# tree 
.
├── apache
├── mysql
└── php3 directories, 0 files[root@linux-node1 prod]# cd apache/
[root@linux-node1 apache]# vim apache.sls      #编写apache的状态模块
apache-install:pkg.installed:- name: httpdapache-config:file.managed:- name: /etc/httpd/conf/httpd.conf- source: salt://apache/files/httpd.conf    #salt://代表着环境的根路径- user: root- group: root- mode: 644apache-service:service.running:- name: httpd- enable: True
[root@linux-node1 apache]# mkdir files    #创建source目录
[root@linux-node1 apache]# cd files/
[root@linux-node1 files]# cp /etc/httpd/conf/httpd.conf .
[root@linux-node1 apache]# tree 
.
├── apache.sls
└── files└── httpd.conf1 directory, 2 files
[root@linux-node1 apache]# salt 'linux-node1' state.sls apache.apache saltenv=prod

3、php的状态配置

[root@linux-node1 prod]# cd php
[root@linux-node1 php]# mkdir files
[root@linux-node1 php]# vim init.sls
php-install:pkg.installed:- pkgs:- php- php-pdo- php-mysqlphp-config:file.managed:- name: /etc/php.ini- source: salt://php/files/php.ini- user: root- group: root- mode: 644
[root@linux-node1 php]# cp /etc/php.ini files/
[root@linux-node1 php]# tree 
.
├── files
│   └── php.ini
└── init.sls1 directory, 2 files

4、mysql的状态配置

[root@linux-node1 prod]# cd mysql/
[root@linux-node1 mysql]# vim init.sls
mysql-install:pkg.installed:- pkgs:- mariadb- mariadb-servermysql-config:file.managed:- name: /etc/my.cnf- source: salt://mysql/files/my.cnf- user: root- gourp: root- mode: 644mysql-service:service.running:- name: mariadb-server- enable: True
[root@linux-node1 mysql]# mkdir files
[root@linux-node1 mysql]# cp /etc/my.cnf files/
[root@linux-node1 prod]# tree 
.
├── apache
│   ├── files
│   │   └── httpd.conf
│   └── init.sls
├── mysql
│   ├── files
│   │   └── my.cnf
│   └── init.sls
└── php├── files│   └── php.ini└── init.sls
[root@linux-node1 prod]# salt -S '192.168.56.11' state.sls php.init saltenv=prod
linux-node1.example.com:
----------ID: php-installFunction: pkg.installedResult: TrueComment: The following packages were installed/updated: php-mysqlThe following packages were already installed: php-pdo, phpStarted: 10:30:14.780998Duration: 118711.436 msChanges:   ----------php-mysql:----------new:5.4.16-43.el7_4old:
----------ID: php-configFunction: file.managedName: /etc/php.iniResult: TrueComment: File /etc/php.ini is in the correct stateStarted: 10:32:13.556562Duration: 51.913 msChanges:   Summary for linux-node1.example.com
------------
Succeeded: 2 (changed=1)
Failed:    0
------------
Total states run:     2
Total run time: 118.763 s

5、写入top file，执行高级状态

[root@linux-node1 base]# pwd
/srv/salt/base
[root@linux-node1 base]# vim top.sls 
prod:'linux-node1.example.com':- apache.init- php.init- mysql.init
[root@linux-node1 base]# salt 'linux-node1*' state.highstate
linux-node1.example.com:
----------ID: apache-installFunction: pkg.installedName: httpdResult: TrueComment: All specified packages are already installedStarted: 10:39:04.214911Duration: 762.144 msChanges:   
----------ID: apache-configFunction: file.managedName: /etc/httpd/conf/httpd.confResult: TrueComment: File /etc/httpd/conf/httpd.conf is in the correct stateStarted: 10:39:04.979376Duration: 13.105 msChanges:   
----------ID: apache-serviceFunction: service.runningName: httpdResult: TrueComment: The service httpd is already runningStarted: 10:39:04.992962Duration: 36.109 msChanges:   
----------ID: php-installFunction: pkg.installedResult: TrueComment: All specified packages are already installedStarted: 10:39:05.029241Duration: 0.65 msChanges:   
----------ID: php-configFunction: file.managedName: /etc/php.iniResult: TrueComment: File /etc/php.ini is in the correct stateStarted: 10:39:05.029987Duration: 10.642 msChanges:   
----------ID: mysql-installFunction: pkg.installedResult: TrueComment: All specified packages are already installedStarted: 10:39:05.040793Duration: 0.422 msChanges:   
----------ID: mysql-configFunction: file.managedName: /etc/my.cnfResult: TrueComment: File /etc/my.cnf is in the correct stateStarted: 10:39:05.041301Duration: 7.869 msChanges:   
----------ID: mysql-serviceFunction: service.runningName: mariadbResult: TrueComment: The service mariadb is already runningStarted: 10:39:05.049284Duration: 28.054 msChanges:   Summary for linux-node1.example.com
------------
Succeeded: 8
Failed:    0
------------
Total states run:     8
Total run time: 858.995 ms