文件同步:
其實在做openstack的運維對一些文件的同步其實是很繁瑣。有一個配置項或者一行代碼的源碼文件進行同步。那麼現在我們就開始介紹saltstack的文件同步功能
環境說明:操作系統版本:rhel6.5x64
1、master配置同步根目錄
在開始saltstack的配置管理之前,要首先指定saltstack所有狀態文件的根目錄,在master上做如下操作
## 首先修改master的配置文件,指定根目錄,注意縮進全部使用兩個空格來代替Tab(python規範)## 確定指定的目錄是否存在,如果不存在,需要手動來創建目錄
[root@controller1 ~]# vim /etc/salt/master file_roots: base: - /srv/salt dev: - /srv/salt/dev/ [root@controller1 ~]# mkdir -p /srv/salt/dev [root@controller1 ~]# ls -ld /srv/salt/dev drwxr-xr-x 2 root root 4096 Feb 3 21:49 /srv/salt/dev
重啓master服務
[root@controller1 ~]# service salt-master restart Stopping salt-master daemon: [ OK ] Starting salt-master daemon: [ OK ]
2、介紹cp.get_file
首先介紹cp.get_file,用來從master端下載文件到minion的指定目錄下,如下
## 在master上創建測試用的文件
[root@controller1 ~]# echo 'This is test file with saltstack module to cp.get_file' >/opt/getfile.txt [root@controller1 ~]# cat /opt/getfile.txt This is test file with saltstack module to cp.get_file
將文件拷貝到master的同步根目錄下
[root@controller1 ~]# cp /opt/getfile.txt /srv/salt/
在master上執行文件下發
[root@controller1 ~]# salt 'computer3' cp.get_file salt://getfile.txt /tmp/getfile.txt computer3: /tmp/getfile.txt
登錄到computer3上查看同步情況
[root@computer3 ~]# cat /tmp/getfile.txt This is test file with saltstack module to cp.get_file
分發文件的一些屬性:
(1)壓縮 gzip
使用gzip的方式進行壓縮,數字越大,壓縮率就越高,9代表最大的壓縮率
[root@controller1 ~]# salt 'computer8' cp.get_file salt://getfile.txt /tmp/getfile.txt gzip=9 computer8: /tmp/getfile.txt
(2)創建目錄 makedirs(當分發的位置在目標主機上不存在時,自動創建該目錄)
[root@controller1 ~]# salt 'computer8' cp.get_file salt://getfile.txt /tmp/srv/getfile.txt makedirs=True computer8: /tmp/srv/getfile.txt [root@computer8 opt]# ll /tmp/srv/getfile.txt -rw-r--r-- 1 root root 56 Feb 3 22:14 /tmp/srv/getfile.txt
3、grains
先介紹一下grains,這個接口的作用是在minion端的minion服務啓動時,調用這個接口,收集minion端的信息,這些信息數據可以在salt的其他模塊中直接使用,需要注意的是,這個接口只在minion端的minion服務啓動時被調用一次,所以收集的數據是靜態的,不會改變的,除非你重啓了minion端的服務
grains的基本用法:
[root@controller1 ~]# salt 'computer3' grains.ls computer3: - biosreleasedate - biosversion - cpu_flags - cpu_model - cpuarch - defaultencoding - defaultlanguage - domain - fqdn - fqdn_ip4 - fqdn_ip6 - gpus - host - hwaddr_interfaces - id - ip_interfaces - ipv4 - ipv6 - kernel - kernelrelease - localhost - manufacturer - master - mem_total - nodename - num_cpus - num_gpus - os - os_family - osarch - oscodename - osfinger - osfullname - osmajorrelease - osrelease - path - productname - ps - pythonpath - pythonversion - saltpath - saltversion - saltversioninfo - serialnumber - server_id - shell - virtual - zmqversion
使用grains.items模塊列出所有可用grains的具體數據
[root@controller1 ~]# salt 'computer3' grains.items
computer3:
biosreleasedate: 08/28/2013
biosversion: 2.10.0
cpu_flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic popcnt aes lahf_lm arat dts tpr_shadow vnmi flexpriority ept vpid
cpu_model: Intel(R) Xeon(R) CPU E7- 4820 @ 2.00GHz
cpuarch: x86_64
defaultencoding: UTF8
defaultlanguage: en_US
domain:
fqdn: computer3
fqdn_ip4:
192.168.100.23
fqdn_ip6:
gpus:
{'model': 'MGA G200eW WPCM450', 'vendor': 'unknown'}
host: computer3
hwaddr_interfaces: {'lo': '00:00:00:00:00:00', 'tap002cf093-0c': 'fe:16:3e:cf:43:28', 'em4': 'f0:1f:af:90:38:65', 'eth1.2': 'f0:1f:af:90:37:fd', 'em3': 'f0:1f:af:90:38:63', 'brq8f15ee7f-54': 'f0:1f:af:90:37:fd', 'brqadf94242-74': 'f0:1f:af:90:37:fd', 'eth1.400': 'f0:1f:af:90:37:fd', 'eth1': 'f0:1f:af:90:37:fd', 'eth0': 'f0:1f:af:90:37:fb'}
id: computer3
ip_interfaces: {'lo': ['127.0.0.1'], 'tap002cf093-0c': [], 'em4': [], 'eth1.2': [], 'em3': [], 'brq8f15ee7f-54': [], 'brqadf94242-74': [], 'eth1.400': [], 'eth1': [], 'eth0': ['192.168.100.23']}
ipv4:
127.0.0.1
192.168.100.23
ipv6:
::1
fe80::60f7:96ff:feab:3d44
fe80::f21f:afff:fe90:37fb
fe80::f21f:afff:fe90:37fd
fe80::f8e7:cdff:fe54:7d02
fe80::fc16:3eff:fecf:4328
kernel: Linux
kernelrelease: 2.6.32-431.el6.x86_64
localhost: computer3
manufacturer: Dell Inc.
master: 192.168.100.200
mem_total: 225995
nodename: computer3
num_cpus: 64
num_gpus: 1
os: RedHat
os_family: RedHat
osarch: x86_64
oscodename: Santiago
osfinger: Red Hat Enterprise Linux Server-6
osfullname: Red Hat Enterprise Linux Server
osmajorrelease:
6
5
osrelease: 6.5
path: /sbin:/usr/sbin:/bin:/usr/bin
productname: PowerEdge M910
ps: ps -efH
pythonpath:
/usr/bin
/usr/lib64/python26.zip
/usr/lib64/python2.6
/usr/lib64/python2.6/plat-linux2
/usr/lib64/python2.6/lib-tk
/usr/lib64/python2.6/lib-old
/usr/lib64/python2.6/lib-dynload
/usr/lib64/python2.6/site-packages
/usr/lib64/python2.6/site-packages/gtk-2.0
/usr/lib/python2.6/site-packages
/usr/lib/python2.6/site-packages/setuptools-0.6c11-py2.6.egg-info
pythonversion: 2.6.6.final.0
saltpath: /usr/lib/python2.6/site-packages/salt
saltversion: 2014.1.10
saltversioninfo:
2014
1
10
0
serialnumber: XXXXXX
server_id: 111111111
shell: /bin/bash
virtual: physical
zmqversion: 4.0.5ping測試grains中os的值爲RedHat的主機通信是否正常
[root@controller1 ~]# salt -G 'os:RedHat' test.ping computer5: True computer8: True computer6: True computer7: True computer4: True computer3: True
查看uadoop2主機的ip地址,注意這裏不是items噢,而是item
[root@controller1 ~]# salt '*' grains.item ipv4 computer5: ipv4: 127.0.0.1 192.168.100.25 computer7: ipv4: 127.0.0.1 192.168.100.27 computer4: ipv4: 127.0.0.1 192.168.100.24 computer3: ipv4: 127.0.0.1 192.168.100.23 computer8: ipv4: 127.0.0.1 192.168.100.28 computer6: ipv4: 127.0.0.1 192.168.100.26
好了,在介紹了grains接口之後,接下來看下在cp模塊中如何簡單的使用grains的數據呢
先確定os是什麼版本
[root@controller1 RedHat]# salt 'computer4' grains.item os computer4: os: RedHat
[root@controller1 ~]# mkdir /srv/salt/RedHat/ [root@controller1 ~]# mv /srv/salt/getfile.txt /srv/salt/RedHat/ [root@controller1 RedHat]# salt 'computer4' cp.get_file "salt://`grains`.`os`/getfile.txt" /opt/getfile.txt template=jinja computer4: /opt/getfile.txt
4、目錄同步
介紹cp.get_dir,get_dir與get_file的用法十分相似,用來將整個目錄分發到minions
創建測試文件
[root@controller1 ~]# mkdir /srv/salt/test_dir [root@controller1 ~]# echo 'hello word !!' >>/srv/salt/test_dir/hello1.txt [root@controller1 ~]# echo 'hello2 word !!' >>/srv/salt/test_dir/hello2.txt [root@controller1 ~]# ll /srv/salt/test_dir/ total 8 -rw-r--r-- 1 root root 14 Feb 4 14:49 hello1.txt -rw-r--r-- 1 root root 15 Feb 4 14:49 hello2.txt
測試分發: 執行目錄文件的分發,並使用壓縮傳輸
[root@controller1 ~]# salt 'computer4' cp.get_dir salt://test_dir /tmp gzip=9 computer4: - /tmp/test_dir/hello1.txt - /tmp/test_dir/hello2.txt 登錄到目標節點查看分發狀態: [root@computer4 ~]# ll /tmp/test_dir/ total 8 -rw-r--r-- 1 root root 14 Feb 4 14:52 hello1.txt -rw-r--r-- 1 root root 15 Feb 4 14:52 hello2.txt
5、數據的靈活變更
在往下介紹之前,首先介紹一下salt的pillar接口,pillar是salt中比較重要的組件,跟grains有些相似,但是pillar相比於grains更加靈活,而且是動態的,數據可以隨時更新,只要你願意的話。而grains只在minion啓動時採集一次數據,關於pillar官網描述如下,簡單翻譯一下,但不保證翻譯的到位,意思是說pillar是salt實現部署功能的最重要的組件,能夠爲minions生成非常靈活的數據,這些數據可以被salt的其他的組件所使用。
The pillar interface inside of Salt is one of the most important components of a Salt deployment. Pillar is the interface used to generate arbitrary data for specific minions. The data generated in pillar is made available to almost every component of Salt.
grains的基本用法
(1)配置master
[root@controller1 ~]# vim /etc/salt/master pillar_roots: base: - /srv/pillar [root@controller1 ~]# service salt-master restart Stopping salt-master daemon: [ OK ] Starting salt-master daemon: [ OK ] [root@controller1 ~]# mkdir /srv/pillar [root@controller1 ~]# mkdir /srv/pillar/user //創建一個user的測試目錄
(2)創建入口文件
首先在/srv/pillar目錄中要有一個入口文件top.sls
[root@controller1 pillar]# cat top.sls base: 'computer3': - date ## 爲uadoop2定義了一個屬性數據,引用了跟top.sls同目錄下的data.sls 'computer4': - webserver ## 爲uadoop3定義了一個屬性數據,引用了跟top.sls同目錄下的web.sls '*': - user ## 爲所有節點定義了一個屬性數據,引用了/srv/pillar/user/init.sls ## 這裏指定的是一個目錄,salt會自動在top.sls文件中的引用目錄中尋找狀態文件 ## 因此會找到位於user目錄中的init.sls文件 ## 在測試請不要有任何的‘#’ 編寫其他兩個屬性: [root@controller1 pillar]# cat date.sls date: some date [root@controller1 pillar]# cat webserver.sls webserver: test_dir
測試:
# salt '*' pillar.items computer3: ---------- date: some date master: ---------- auth_mode: 1 auto_accept: ....省略N行........... user: ---------- foway: 1200 kadefor: 1000 kora: 1000 computer4: ---------- master: ---------- auth_mode: 1 auto_accept: False cachedir: /var/cache/salt/master .........省略N行.......... user: ---------- foway: 1200 kadefor: 1000 kora: 1000 webserver: test_dir computer5: ---------- master: ---------- auth_mode: 1 auto_accept: False cachedir: /var/cache/salt/master ......省略N行...... user: ---------- foway: 1200 kadefor: 1000 kora: 1000 ...............
在master上遠程獲取剛剛定義的屬性
[root@controller1 pillar]# salt 'computer3' pillar.items computer3: ---------- date: some date master: ---------- auth_mode: 1 auto_accept: False cachedir: ..........省略N行.......... user: ---------- foway: 1200 kadefor: 1000 kora: 1000 [root@controller1 pillar]# salt 'computer4' pillar.items computer4: ---------- master: ---------- auth_mode: 1 auto_accept: False ..........省略N行.......... user: ---------- foway: 1200 kadefor: 1000 kora: 1000 webserver: test_dir
## 可以看到剛剛爲不同的minion定義的屬性已經同步到了各個minion上,從這個測試可以看出,使用pillar
## 我們可以爲不同的minion或者不同的minion組定義不同的屬性,極其靈活。
好了,在介紹了pillar接口之後,接下來看下在cp模塊中如何簡單的使用pillar定義的屬性數據呢
我們可以利用之前定義的屬性來匹配不同的minion
首先先同步一下pillar到每個節點上
[root@controller1 ~]# salt '*' saltutil.refresh_pillar computer8: None computer4: None computer5: None computer6: None computer3: None computer7: None
測試一下匹配
[root@controller1 ~]# salt -I -v 'date:some date' test.ping Executing job with jid 20150204164730224160 ------------------------------------------- computer3: True [root@controller1 ~]# salt -I -v 'webserver:test_dir' test.ping Executing job with jid 20150204165017170702 ------------------------------------------- computer4: True [root@controller1 ~]# salt -I -v 'users:foway:1200' test.ping Executing job with jid 20150204165053938046 ------------------------------------------- computer5: True computer6: True computer7: True computer3: True computer8: True computer4: True
匹配computer3,然後在master上遠程分發文件到computer上去
[root@controller1 salt]# salt -I -v 'webserver:test_dir' cp.get_dir "salt://`pillar`.`webserver`" /opt/ gzip=9 template=jinja Executing job with jid 20150204165518149257 ------------------------------------------- computer4: - /opt//test_dir/hello1.txt - /opt//test_dir/hello2.txt
感覺saltstack的功能很強大,有沒有把你震驚到。繼續學習把。。。。。