saltstack状态文件设定:
编辑/etc/salt/master,修改其中关于“设置文件的目录”的设置:
说明:注意语法格式,顶格/冒号/两个空格
state_top: top.sls # The state system uses a "top" file to tell the minions what environment to # use and what modules to use. The state_top file is defined relative to the # root of the base environment as defined in "File Server settings" below. #state_top: top.sls [root@master ~]# mkdir -p /etc/salt/states [root@master ~]# vim /etc/salt/states/top.sls [root@master ~]# sed -i '329s/#//' /etc/salt/master state_top: top.sls 说明:将329行的注释取消
进入base环境下,并配置下top.sls
[root@master ~]# cd /etc/salt/states/ [root@master states]# mkdir -p init [root@master states]# mkdir -p prod [root@master states]# vim top.sls [root@master states]# cat top.sls base:'node01.saltstack.com':-init.pkg
说明:base是指定一个名称,init为文件夹的名称,pkg为pkg.sls
[root@master states]# ll 总用量 12 drwxr-xr-x 2 root root 4096 2月 15 14:16 init drwxr-xr-x 2 root root 4096 2月 15 14:16 prod -rw-r--r-- 1 root root 46 2月 15 14:17 top.sls [root@master states]# cd init/ [root@master init]# vim pkg.sls [root@master init]# cat pkg.sls pkg.init:pkg.installed:- names:- lrzsz- mtr- nmap
案例1:使用salt初始化系统模块:
[root@master init]# salt '*' state.sls init.pkg node01.saltstack.com: ----------ID: pkg.initFunction: pkg.installedName: mtrResult: TrueComment: Package mtr is already installed.Started: 14:56:02.574416Duration: 11389.014 msChanges: ----------ID: pkg.initFunction: pkg.installedName: nmapResult: TrueComment: Package nmap is already installed.Started: 14:56:13.963968Duration: 3.619 msChanges: ----------ID: pkg.initFunction: pkg.installedName: lrzszResult: TrueComment: Package lrzsz is already installed.Started: 14:56:13.967979Duration: 1.042 msChanges: Summary ------------ Succeeded: 3 Failed: 0 ------------ Total states run: 3
案例2:saltstack修改内核参数:
[root@master ~]# cd /etc/salt/states/init/ [root@master init]# tree . └── pkg.sls 0 directories, 1 file [root@master init]# mkdir -p files [root@master init]# cd files/ [root@master init]# vim limit.sls limit-conf-config:file.managed:- name: /etc/security/limits.conf- source: salt://init/files/limits.conf- user: root- group: root- mode: 644 [root@master files]# cd /etc/security/ [root@master security]# ls access.conf console.perms limits.d opasswd time.conf chroot.conf console.perms.d namespace.conf pam_env.conf console.apps group.conf namespace.d pam_winbind.conf console.handlers limits.conf namespace.init sepermit.conf [root@master security]# cp limits.conf /etc/salt/states/init/files/ [root@master files]# vim limits.conf * soft core 0 * hard rss 10000 [root@master states]# pwd /etc/salt/states 注意:要将新的模块添加到top.sls中,不然会有其它报错 [root@master states]# cat top.sls base:'*':- init.pkg- init.limit [root@master init]# salt '*' state.highstate node01.saltstack.com: ----------ID: pkg.initFunction: pkg.installedName: mtrResult: TrueComment: Package mtr is already installed.Started: 17:42:55.479576Duration: 7120.831 msChanges: ----------ID: pkg.initFunction: pkg.installedName: nmapResult: TrueComment: Package nmap is already installed.Started: 17:43:02.601307Duration: 2.278 msChanges: ----------ID: pkg.initFunction: pkg.installedName: lrzszResult: TrueComment: Package lrzsz is already installed.Started: 17:43:02.603841Duration: 0.952 msChanges: ----------ID: limit-conf-configFunction: file.managedName: /etc/security/limits.confResult: TrueComment: File /etc/security/limits.conf updatedStarted: 17:43:02.612678Duration: 19.256 msChanges: ----------diff:--- +++ @@ -39,8 +39,8 @@#<domain> <type> <item> <value>#-#* soft core 0-#* hard rss 10000+* soft core 0+* hard rss 10000#@student hard nproc 20#@faculty soft nproc 20#@faculty hard nproc 50 Summary ------------ Succeeded: 4 (changed=1) Failed: 0 ------------ Total states run: 4 客户端测试: [root@node01 security]# egrep -v '#|^$' limits.conf * soft core 0 * hard rss 10000
案例3:同步某个计划任务
最近发现很多服务器上没有配置ntp服务器指向,简单写个计划任务,然后通过状态文件下发 思路: a)准备好需要下发的文件 b)编辑sls文件 c)修改top.sls,添加信息进去 [root@master ~]# cat /var/spool/cron/root */5 * * * * /usr/sbin/ntpdate -u 202.120.2.101>/dev/null 2>&1 [root@master ~]# cd /etc/salt/states/ [root@master states]# ls init prod top.sls [root@master states]# cd init/ [root@master init]# ls files limit.sls pkg.sls [root@master init]# cp limit.sls ntp-crontab.sls [root@master init]# ls files limit.sls ntp-crontab.sls pkg.sls [root@master init]# cd files/ [root@master files]# cp /var/spool/cron/root . [root@master files]# pwd /etc/salt/states/init/files [root@master files]# cat root */5 * * * * /usr/sbin/ntpdate -u 202.120.2.101>/dev/null 2>&1 [root@master files]# mv root ntp-crontab.conf [root@master files]# cat ntp-crontab.conf */5 * * * * /usr/sbin/ntpdate -u 202.120.2.101>/dev/null 2>&1 [root@master files]# cd .. [root@master init]# ls files limit.sls ntp-crontab.sls pkg.sls [root@master ~]# cat /etc/salt/states/init/ntp-crontab.sls ntp-crontab-config:file.managed:- name: /var/spool/cron/root- source: salt://init/files/ntp-crontab.conf- user: root- group: root- mode: 644 计划任务更新执行结果: [root@master init]# salt '*' state.highstate node01.saltstack.com: ----------ID: pkg.initFunction: pkg.installedName: mtrResult: TrueComment: Package mtr is already installed.Started: 21:09:06.608808Duration: 4265.514 msChanges: ----------ID: pkg.initFunction: pkg.installedName: nmapResult: TrueComment: Package nmap is already installed.Started: 21:09:10.874647Duration: 0.685 msChanges: ----------ID: pkg.initFunction: pkg.installedName: lrzszResult: TrueComment: Package lrzsz is already installed.Started: 21:09:10.875446Duration: 0.583 msChanges: ----------ID: limit-conf-configFunction: file.managedName: /etc/security/limits.confResult: TrueComment: File /etc/security/limits.conf is in the correct stateStarted: 21:09:10.879350Duration: 4.1 msChanges: ----------ID: ntp-crontab-configFunction: file.managedName: /var/spool/cron/rootResult: TrueComment: File /var/spool/cron/root updatedStarted: 21:09:10.883639Duration: 9.342 msChanges: ----------diff:New filemode:0644 Summary ------------ Succeeded: 5 (changed=1) Failed: 0 ------------ Total states run: 5 node02.saltstack.com: ----------ID: pkg.initFunction: pkg.installedName: mtrResult: TrueComment: Package mtr is already installed.Started: 21:09:07.831431Duration: 4292.2 msChanges: ----------ID: pkg.initFunction: pkg.installedName: nmapResult: TrueComment: Package nmap is already installed.Started: 21:09:12.123977Duration: 0.714 msChanges: ----------ID: pkg.initFunction: pkg.installedName: lrzszResult: TrueComment: Package lrzsz is already installed.Started: 21:09:12.124798Duration: 0.426 msChanges: ----------ID: limit-conf-configFunction: file.managedName: /etc/security/limits.confResult: TrueComment: File /etc/security/limits.conf is in the correct stateStarted: 21:09:12.128235Duration: 5.165 msChanges: ----------ID: ntp-crontab-configFunction: file.managedName: /var/spool/cron/rootResult: TrueComment: File /var/spool/cron/root updatedStarted: 21:09:12.133621Duration: 8.761 msChanges: ----------diff:New filemode:0644 Summary ------------ Succeeded: 5 (changed=1) Failed: 0 ------------ Total states run: 5 检查结果: [root@node01 spool]# cd /var/spool/cron/ [root@node01 cron]# ls root [root@node01 cron]# cat root */5 * * * * /usr/sbin/ntpdate -u 202.120.2.101>/dev/null 2>&1 [root@node02 ~]# cat /var/spool/cron/root */5 * * * * /usr/sbin/ntpdate -u 202.120.2.101>/dev/null 2>&1 通过对比会发现,与master的下发文件一致
案例4:同步内网的hosts文件(适用于内网没有建立独立DNS的情况)
[root@master ~]# cd /etc/salt/states/init/ [root@master init]# ll 总用量 16 drwxr-xr-x 2 root root 4096 2月 18 21:01 files -rw-r--r-- 1 root root 168 2月 18 17:42 limit.sls -rw-r--r-- 1 root root 169 2月 18 21:08 ntp-crontab.sls -rw-r--r-- 1 root root 79 2月 15 14:55 pkg.sls [root@master init]# cd files/ [root@master files]# vim hosts.conf 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.10.10.140 master master.saltstack.com 10.10.10.141 node01 node01.saltstack.com 10.10.10.142 node02 node02.saltstack.com 10.10.10.143 node03 node03.saltstack.com [root@master init]# cat hosts.sls hosts-config:file.managed:- name: /etc/hosts- source: salt://init/files/hosts.conf- user: root- group: root- mode: 644 说明:下发文件到/etc/hosts,源文件 [root@master states]# cat /etc/salt/states/top.sls base:'*':- init.pkg- init.limit- init.ntp-crontab- init.hosts [root@master states]# salt '*' state.highstate ----------前面的部分我直接省略了-------------- ----------ID: hosts-configFunction: file.managedName: /etc/hostsResult: TrueComment: File /etc/hosts updatedStarted: 21:31:43.644962Duration: 13.119 msChanges: ----------diff:--- +++ @@ -3,3 +3,4 @@10.10.10.140 mastermaster.saltstack.com10.10.10.141 node01node01.saltstack.com10.10.10.142 node02node02.saltstack.com+10.10.10.143 node03node03.saltstack.com Summary ------------ Succeeded: 6 (changed=1) Failed: 0 ------------ Total states run: 6 客户端进行测试: [root@node01 cron]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.10.10.140 master master.saltstack.com 10.10.10.141 node01 node01.saltstack.com 10.10.10.142 node02 node02.saltstack.com 10.10.10.143 node03 node03.saltstack.com [root@node02 ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.10.10.140 master master.saltstack.com 10.10.10.141 node01 node01.saltstack.com 10.10.10.142 node02 node02.saltstack.com 10.10.10.143 node03 node03.saltstack.com 如果此时我在master端修改hosts.conf文件 [root@master init]# pwd /etc/salt/states/init [root@master init]# cat files/hosts.conf 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.10.10.140 master master.saltstack.com 10.10.10.141 node01 node01.saltstack.com 10.10.10.142 node02 node02.saltstack.com 10.10.10.143 node03 node03.saltstack.com 10.10.10.144 openstack01 openstack01.saltstack.com 10.10.10.145 openstack02 openstack02.saltstack.com [root@master init]# salt '*' state.highstate ----------前面的部分我直接省略了-------------- ----------ID: hosts-configFunction: file.managedName: /etc/hostsResult: TrueComment: File /etc/hosts updatedStarted: 21:37:50.679328Duration: 78.269 msChanges: ----------diff:--- +++ @@ -4,3 +4,5 @@10.10.10.141node01node01.saltstack.com10.10.10.142node02node02.saltstack.com10.10.10.143node03node03.saltstack.com+10.10.10.144openstack01openstack01.saltstack.com+10.10.10.145openstack02openstack02.saltstack.com Summary ------------ Succeeded: 6 (changed=1) Failed: 0 ------------ Total states run: 6 客户端进行测试: [root@node01 cron]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.10.10.140 master master.saltstack.com 10.10.10.141 node01 node01.saltstack.com 10.10.10.142 node02 node02.saltstack.com 10.10.10.143 node03 node03.saltstack.com 10.10.10.144 openstack01 openstack01.saltstack.com 10.10.10.145 openstack02 openstack02.saltstack.com [root@node02 ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 10.10.10.140 master master.saltstack.com 10.10.10.141 node01 node01.saltstack.com 10.10.10.142 node02 node02.saltstack.com 10.10.10.143 node03 node03.saltstack.com
关于salt批量配置hosts文件:http://www.ttlsa.com/linux/salt-modules-hosts/
这里我只写一个添加hosts文件的例子,更多内容可以参考上面的链接(干货很多)
[root@master ~]# salt '*' hosts.set_host 10.10.10.145 openstack02.saltstack.com node02.saltstack.com:True node01.saltstack.com:True [root@master ~]# salt '*' hosts.set_host 10.10.10.143 openstack03.saltstack.com node02.saltstack.com:True node01.saltstack.com:True [root@master ~]# salt-ssh '*' cmd.run 'tail -2 /etc/hosts' node02:10.10.10.144 openstack01 openstack01.saltstack.com10.10.10.145 openstack02.saltstack.com node01:10.10.10.144 openstack01 openstack01.saltstack.com10.10.10.145 openstack02.saltstack.com
转载于:https://blog.51cto.com/molewan/1899125
![BZOJ1509: [NOI2003]逃学的小孩(树的直径)](https://www.lydsy.com/JudgeOnline/images/1509.jpg)
