ThinkPHP3.1连忙入门教程

Saltstack 快速入门教程,Saltstack入门教程

KnockoutJs快速入门教程,knockoutjs入门教程

一、引言

之前这个系列文章已经介绍Bootstrap,详情请查看本文:
《Bootstrap入门教程》 ,由于最近项目中,前端是Asp.net MVC + KnockoutJs +
Bootstrap来做的。所以我又重新开始写这个系列。今天就让我们来看看Web前端的MVVM框架——KnockoutJs。

二、KnockoutJs是什么?

做.NET开发的人应该都知道,WPF中就集成了MVVM框架,所以KnockoutJs也是针对Web开发的MVVM框架。关于MVVM好处简单点来说就是——使得业务逻辑代码与页面展示代码分割开,使得前端项目更好维护。

之前,我们写Web页面的时候,JS代码和Html代码混合在一起,并且代码中充斥着大量的DOM对象的操作。这样代码结构非常混乱。有了MVVM框架了,你可以将JS代码和Html代码分割开,并且数据操作部分更加简单,只需要通过相应的语法(data-bind)绑定到对应的标签属性显示即可,从而加快开发速度。

KnockoutJs也就是这样一个MVVM框架。其实与其称其框架,更准备地应该是一个MVVM类库。因为它没有MVVM框架是一个比较“重”的概念,其中应该包括路由等特性。而KnockoutJS中却没有,相比较,AngularJS应该称为一个MVVM框架更加合适。

KnockoutJS主要实现的功能有以下4点:

声明式绑定(Declarative
Bindings):
使用简单的语法将模型数据关联到DOM元素上。即”data-bind”语法
依赖跟踪(Dependency
Tracking):
为转变和联合数据,在模型数据之间建立关系。如商品总价是由各个商品项价格之和。此时商品总价和商品项就可以使用依赖跟踪功能来建立关系。即由各个商品项的总价相加而得出。这种关系由KnockoutJs中computed函数完成。
UI界面自动刷新(Automatic UI
Refresh):
当你的模型状态改变时,UI界面的将自动更新。这点由observable函数完成。
模板(Templating):为您的模型数据快速编写复杂的可嵌套UI。和WPF中模板的概念类似。
接下来,我们通过具体的例子来让大家快速掌握KnockoutJs的使用。

三、声明式绑定
下面让我们看下如何使用KnockoutJS中的data-bind语法来将模型数据绑定到DOM元素中。

1.单向绑定

<!DOCTYPE html>

<html>
<head>
 <meta name="viewport" content="width=device-width" />
 <title>Demo1-单向绑定</title>
 <script type="text/javascript" src="/uploads/rs/376/pbcx3e1z/knockout-3.4.0.js"></script>
</head>
 <body>
  <!--单向绑定-->
  <div>
   <p>First name: <strong data-bind="text: firstName"></strong></p>
   <p>Last name: <strong data-bind="text: lastName"></strong></p>
   <p>First name: <input data-bind="value: firstName" /></p>
   <p>Last name: <input data-bind="value: lastName" /></p>
  </div>

  <!--这段脚本实际项目中应该放在对应的JS文件中,然后在html中通过Script标签来引用即可-->
  <!--JS代码也就是业务逻辑部分,将业务逻辑与Html代码分割开,使得View代码更加简洁,这样后期也易于维护-->
  <script type="text/javascript">
   function ViewModel() {
    this.firstName = "Tommy";
    this.lastName = "Li";
   }
   ko.applyBindings(new ViewModel());
  </script>
 </body>
</html>

2.
上面的例子只是完成了单向绑定的操作。即在上面的例子你会发现,当改变input标签中的值并离开焦点时,上面的值不会更新。其实,KnockoutJS中自动更新功能不会自动添加的,需要对应的函数支持,这个函数就是observable函数,下面具体看看双向绑定的例子:

<!DOCTYPE html>

<html>
<head>
 <meta name="viewport" content="width=device-width" />
 <title>Demo2-双向绑定</title>

 <script type="text/javascript" src="/uploads/rs/376/pbcx3e1z/knockout-3.4.0.js"></script>
</head>
<body>
 <!--双向绑定-->
 <div>
  <p>First name: <strong data-bind="text: firstName"></strong></p>
  <p>Last name: <strong data-bind="text: lastName"></strong></p>
  <p>First name: <input data-bind="value: firstName"/></p>
  <p>Last name: <input data-bind="value: lastName" /></p>
 </div>

 <script type="text/javascript">
  function ViewModel() {
   this.firstName = ko.observable("Tommy");
   this.lastName = ko.observable("Li");
  }

  ko.applyBindings(new ViewModel());
 </script>
</body>
</html>

四、依赖跟踪
接下来让我们看下如何使用KO中的computed函数来完成依赖跟踪。具体例子的实现代码如下所示:

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
 <title>Demo3-依赖跟踪</title>

 <script type="text/javascript" src="/uploads/rs/376/pbcx3e1z/knockout-3.4.0.js"></script>
</head>
<body>
 <!--双向绑定-->
 <div>
  <p>First name: <strong data-bind="text: firstName"></strong></p>
  <p>Last name: <strong data-bind="text: lastName"></strong></p>
  <p>First name: <input data-bind="value: firstName" /></p>
  <p>Last name: <input data-bind="value: lastName"/></p>
  <p>Full name: <strong data-bind="text: fullName"></strong></p>
  <button data-bind="click: capitalizeLastName">LastName To Upper</button>
 </div>

 <script type="text/javascript">
  function ViewModel() {
   this.firstName = ko.observable("Tommy");
   this.lastName = ko.observable("Li");
   // 依赖跟踪
   this.fullName = ko.computed(function () {
    return this.firstName() + " " + this.lastName();
   },this);

   // 通过代码改变observable的值
   this.capitalizeLastName = function() {
    this.lastName(this.lastName().toUpperCase());
   };
  }

  ko.applyBindings(new ViewModel());
 </script>
</body>
</html>

接下来,让我们看一下使用声明式绑定和依赖跟踪复杂点的例子。具体示例代码如下:

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
 <title>Demo4-列表绑定</title>

 <script type="text/javascript" src="http://sandbox.runjs.cn/uploads/rs/376/pbcx3e1z/knockout-3.4.0.js"></script>
</head>
<body>
 <table>
  <thead>
   <tr>
    <td>Name</td>
    <td>Amount</td>
    <td>Price</td>
   </tr>
  </thead>
  <tbody data-bind="foreach: items">
   <tr>
    <td data-bind="text: product.name"></td>
    <td><select data-bind="options:[1,2,3,4,5,6],value: amount"></select></td>
    <td data-bind="text: subTotal"></td>
    <td><a href="#" data-bind="click: $root.remove">Remove</a></td>
   </tr>
  </tbody>
 </table>
 <h3>Order Price: </h3>
 <button data-bind="click: addComputer">Add a Computer</button>

 <script type="text/javascript">
  var products = [{ name: "Learnighard 学习笔记", price: 49 },
  { name: "小米Note", price: 999 },
   { name: "宏碁笔记本", price: 4999 }];

  // 订单类
  function Order() {
   var self = this;
   this.items = ko.observableArray([
    new Item(products[0], 1),
    new Item(products[1],2)
   ]);
   // 订单总价
   this.price = ko.computed(function() {
    var p = 0;
    for (var i = 0; i < self.items().length; i++) {
     var item = self.items()[i];
     p += item.product.price * item.amount();
    }
    return p;
   }, self);

   this.remove = function(item) {
    self.items.remove(item);
   };

   this.addComputer = function () {
    self.items.push(new Item(products[2], 1));
   };
  }

  // 订单项类
  function Item(product, amount) {
   var self = this;
   this.product = product;
   this.amount = ko.observable(amount);
   // 订单项总价
   this.subTotal = ko.computed(function() {
    return self.amount() * self.product.price;
   }, self);
  }

  ko.applyBindings(new Order());
 </script>
</body>
</html>

五、模板
看完以上几个例子,其实你应该感觉到KO(KnockoutJS的简称)的上手还是非常简单的。因为其语法都非常容易理解,接下来看下KO中模板的使用。

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
 <title>Demo5-模板绑定</title>

 <script type="text/javascript" src="/uploads/rs/376/pbcx3e1z/knockout-3.4.0.js"></script>
</head>
 <body>
  <!--模板绑定,div的内容为personTemplate模板内的标签-->
  <!--即最终生成如下标签-->
  <!--<div>
   <p>Name: <strong data-bind="text: name"></strong></p>
   <p>Age: <strong data-bind="text: age"></strong></p>
  </div>-->
  <div data-bind="template:'personTemplate'"></div>

  <script id="personTemplate" type="text/html">
   <p>Name: <strong data-bind="text: name"></strong></p>
   <p>Age: <strong data-bind="text: age"></strong></p>
  </script>

  <script type="text/javascript">
   var ViewModel = {
    name: ko.observable('Tommy'),
    age: ko.observable(28),
    makeOlder: function() {
     this.age(this.age() + 1);
    }
   };

   ko.applyBindings(ViewModel);
  </script>
 </body>
</html>

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
 <title>Demo6-模板绑定</title>

 <script type="text/javascript" src="http://sandbox.runjs.cn/uploads/rs/376/pbcx3e1z/knockout-3.4.0.js"></script>
</head>
 <body>
  <h2>Participants</h2>
  Here are the participants:
  <div data-bind="template: { name: 'persontemplate', foreach: people }"></div>

  <script type="text/html" id="persontemplate">
   <h3 data-bind="text: name"></h3>
   <p>Age: </p>
  </script>
  <script type="text/javascript">
   function MyViewModel() {
    this.people = [
     { name: 'Tommy', age: 27 },
     { name: 'Frank', age: 33 }
    ];
   }
   ko.applyBindings(new MyViewModel());
  </script>
 </body>
</html>

关于模板更多的使用参考官方文档:

六、总结 到此,KnockoutJs的快速入门的内容就结束了,在下一篇文章中继续为大家介绍KO内容,下一篇文章的内容将介绍如何使用KO来做一个实际的项目,大家不要错过哦。

一、引言 之前这个系列文章已经介绍Bootstrap,详情请查看本文:
《Bootstrap入门教程》 ,由于最近…

Saltstack 快速入门教程


1.介绍

Saltstack 比 Puppet 出来晚几年,是基于Python 开发的,也是基于 C/S
架构,服务端 master 和客户端 minions ;Saltstack 和 Puppet 很像,可以说
Saltstatck 整合了 Puppet 和 Chef
的功能,更加强大,更适合大规模批量管理服务器,并且它比 Puppet
更容易配置。 三大功能:
远程命令执行,配置管理(服务,文件,cron,用户,组),云管理。

2.准备工作

准备两台机器,这两台机器都关闭 selinux,清空 iptables 规则并保存。
master:192.168.1.160 slaver:192.168.1.161

更新软件源

[[email protected] ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[[email protected] ~]# yum makecache fast
Loaded plugins: fastestmirror
HuaDongBD                                                                                                                                            | 2.9 kB  00:00:00     
base                                                                                                                                                 | 3.6 kB  00:00:00     
extras                                                                                                                                               | 3.4 kB  00:00:00     
os                                                                                                                                                   | 3.6 kB  00:00:00     
updates                                                                                                                                              | 3.4 kB  00:00:00     
updates/7/x86_64/primary_db                                                                                                                          | 7.8 MB  00:00:07     
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Metadata Cache Created
[[email protected] ~]#

3. 安装

在SaltsStack架构中服务端叫作Master,客户端叫作Minion,都是以守护进程的模式运行,一直监听配置文件中定义的ret_port(saltstack客户端与服务端通信的端口,负责接收客户端发送过来的结果,默认4506端口)和publish_port(saltstack的消息发布系统,默认4505端口)的端口。当Minion运行时会自动连接到配置文件中定义的Master地址ret_port端口进行连接认证。

  • Master:控制中心,salt命令运行和资源状态管理
  • Minion :
    需要管理的客户端机器,会主动去连接Mater端,并从Master端得到资源状态信息,同步资源管理信息
  • States:配置管理的指令集
  • Modules:在命令行中和配置文件中使用的指令模块,可以在命令行中运行
  • Grains:minion端的变量,静态的
  • Pillar:minion端的变量,动态的比较私密的变量,可以通过配置文件实现同步minions定义
  • highstate:为minion端下发永久添加状态,从sls配置文件读取.即同步状态配置
  • salt_schedule:会自动保持客户端配置

3.1 服务端安装

yum install -y epel-release

yum install -y salt-master salt-minion

[[email protected] ~]# yum install -y epel-release
[[email protected] ~]# yum install -y salt-master salt-minion

3.2 客户端安装

[[email protected] ~]# yum install -y epel-release
[[email protected] ~]# yum install -y salt-minion

4.配置

4.1 Salt minion配置

用vi/vim打开/etc/salt/minion,找到配置选项master所在行,一般在第16行。修改内容,去掉#,冒号后有一个空格,将salt更改为master。

示例操作如下:

[[email protected] ~]# vi /etc/salt/minion

[[email protected] ~]# vi /etc/salt/minion

# Set the location of the salt master server. If the master server cannot be
# resolved, then the minion will fail to start.
master: master

如果找不到master对应的行,可以直接在文件尾部添加一行master: mastermaster: 192.168.1.160

也可以使用sed命令直接修改配置文件

[[email protected] ~]# sed -i 's/#master: salt/master: 192.168.1.160/g' /etc/salt/minion

5.启动服务

(1)服务端

[[email protected] ~]# salt-master start

在后端运行

[[email protected] ~]# salt-master start &
[3] 35438
[[email protected] ~]#

(2)客户端

[[email protected] ~]# salt-minion start &
[ERROR   ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
[ERROR   ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate

[[email protected] ~]# salt-minion start &
[ERROR   ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
[ERROR   ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate

[[email protected] ~]# salt-minion start
[ERROR   ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate
[ERROR   ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate

minion在第一次启动时,会在/etc/salt/pki/minion/(该路径在/etc/salt/minion里面设置)下自动生成minion.pem(private
key)和 minion.pub(public key),然后将
minion.pub发送给master。master在接收到minion的public
key后,通过salt-key命令accept minion public
key,这样在master的/etc/salt/pki/master/minions下的将会存放以minion
id命名的 public key,然后master就能对minion发送指令了。

6.配置认证

(1)在服务端上操作 新打开一个nb0终端

[[email protected] ~]# salt-key -a nb0
The following keys are going to be accepted:
Unaccepted Keys:
nb0
Proceed? [n/Y] y
Key for minion nb0 accepted.
[[email protected] ~]#

[[email protected] ~]# salt-key -a nb1
The following keys are going to be accepted:
Unaccepted Keys:
nb1
Proceed? [n/Y]y
Key for minion nb1 accepted.
[[email protected] ~]#

[[email protected] ~]# salt-key -a nb2
The following keys are going to be accepted:
Unaccepted Keys:
nb2
Proceed? [n/Y] y
Key for minion nb2 accepted.
You have mail in /var/spool/mail/root
[[email protected] ~]#

[[email protected] ~]# salt-key
Accepted Keys:
nb0
nb1
nb2
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[[email protected] ~]# 

注意: 在==大规模部署Minion==的时候可以设置自动接受指定等待认证的 key

在修改/etc/salt/master前,先备份一下

[[email protected] ~]# cp /etc/salt/master /etc/salt/master.bak

通过vi打开/etc/salt/master

[[email protected] ~]# vi /etc/salt/master

找到#auto_accept: False一行,修改False为True

# Enable auto_accept, this setting will automatically accept all incoming
# public keys from the minions. Note that this is insecure.
#auto_accept: False

或者通过sed命令修改

[[email protected] ~]# sed -i 's/#auto_accept: False/auto_accept: True/g' /etc/salt/master

ctrl+c停止salt-master,然后再启动

[[email protected] ~]# salt-master start 
^C[WARNING ] Stopping the Salt Master
[WARNING ] Stopping the Salt Master

Exiting on Ctrl-c
[WARNING ] Stopping the Salt Master

Exiting on Ctrl-c

Exiting on Ctrl-c
[[email protected] ~]# salt-master start

(2)测试验证

[[email protected] ~]# salt '*' test.ping
nb2:
    True
nb1:
    True
nb0:
    True
[[email protected] ~]#

这里的 * 必须是在 master 上已经被接受过的客户端,可以通过 salt-key 查到

远程执行命令

[[email protected] ~]# salt '*' cmd.run   'df -h'
nb0:
    Filesystem           Size  Used Avail Use% Mounted on
    /dev/mapper/cl-root   48G   26G   22G  55% /
    devtmpfs             3.9G     0  3.9G   0% /dev
    tmpfs                3.9G   16K  3.9G   1% /dev/shm
    tmpfs                3.9G  402M  3.5G  11% /run
    tmpfs                3.9G     0  3.9G   0% /sys/fs/cgroup
    /dev/sda1           1014M  139M  876M  14% /boot
    /dev/mapper/cl-home   24G   33M   24G   1% /home
    tmpfs                781M     0  781M   0% /run/user/0
    /dev/loop0           7.8G  7.8G     0 100% /var/ftp/iso-home
nb1:
    Filesystem           Size  Used Avail Use% Mounted on
    /dev/mapper/cl-root   48G  4.3G   44G   9% /
    devtmpfs             3.9G     0  3.9G   0% /dev
    tmpfs                3.9G   12K  3.9G   1% /dev/shm
    tmpfs                3.9G  377M  3.5G  10% /run
    tmpfs                3.9G     0  3.9G   0% /sys/fs/cgroup
    /dev/sda1           1014M  139M  876M  14% /boot
    /dev/mapper/cl-home   24G   33M   24G   1% /home
    tmpfs                781M     0  781M   0% /run/user/0
nb2:
    Filesystem           Size  Used Avail Use% Mounted on
    /dev/mapper/cl-root   48G  4.9G   43G  11% /
    devtmpfs             3.9G     0  3.9G   0% /dev
    tmpfs                3.9G   12K  3.9G   1% /dev/shm
    tmpfs                3.9G  401M  3.5G  11% /run
    tmpfs                3.9G     0  3.9G   0% /sys/fs/cgroup
    /dev/sda1           1014M  139M  876M  14% /boot
    /dev/mapper/cl-home   24G   33M   24G   1% /home
    tmpfs                781M     0  781M   0% /run/user/0
[[email protected] ~]# 

首先我们要知道在安装SaltStack的时候Master
跟Minion端都分别安装了哪些文件,这样有利于我
们去了解SaltStack日后的一些日常操作。大家可以
通过以下命令查看SaltStack安装部署的时候分别安
装了哪些命令(yum安装方式)。

[[email protected] ~]# rpm -ql salt-master
/etc/salt/master            #salt master 配置文件
/usr/bin/salt               #salt master  核心操作命令
/usr/bin/salt-cp            #salt  文件传输命令
/usr/bin/salt-key           #salt  证书管理命令
/usr/bin/salt-master        #salt master  服务命令
/usr/bin/salt-run           #salt master runner 命令
/usr/bin/salt-unity
/usr/lib/systemd/system/salt-master.service
/usr/share/man/man1/salt-cp.1.gz
/usr/share/man/man1/salt-key.1.gz
/usr/share/man/man1/salt-master.1.gz
/usr/share/man/man1/salt-run.1.gz
/usr/share/man/man1/salt-unity.1.gz
/usr/share/man/man7/salt.7.gz
[[email protected] ~]#

[[email protected] ~]# salt --version
salt 2015.5.10 (Lithium)
[[email protected] ~]#

7管理对象

如果我们要维护好一个庞大的配置管理系统,那么首先得维护好我们的管理对象,在SaltStack系
统中我们的管理对象叫作Target,在Master上我们可以采用不同Target去管理不同的Minion。这些
Target都是通过去管理和匹配Minion的ID来做的一些集合。

[[email protected] ~]# rpm -ql salt-minion
/etc/salt/minion                #salt minion 配置文件
/usr/bin/salt-call              #salt call 拉取命令
/usr/bin/salt-minion            #salt minion  服务命令
/usr/lib/systemd/system/salt-minion.service
/usr/share/man/man1/salt-call.1.gz
/usr/share/man/man1/salt-minion.1.gz
You have mail in /var/spool/mail/root
[[email protected] ~]# 

(1)正则匹配

在操作与管理Minion时可以通过正则表达式来 匹配Minion ID的方式去管理它们。
比如我们想要 对匹配到’nb*’字符串的Minion进行操作,查看各节点的IP

[[email protected] ~]# salt 'nb*' network.ip_addrs
nb0:
    - 192.168.1.160
nb1:
    - 192.168.1.161
nb2:
    - 192.168.1.162
[[email protected] ~]# 

(2)列表匹配

-L, –list 列表匹配

[[email protected] ~]# salt -L nb1,nb2 test.ping
nb2:
    True
nb1:
    True
[[email protected] ~]# 

(3)Grians匹配

[[email protected] ~]# salt -G 'os:CentOS' test.ping
nb0:
    True
nb1:
    True
nb2:
    True
You have mail in /var/spool/mail/root
[[email protected] ~]#

其中os:CentOS,这里的对象是一组键值对,
这里用到了Minion的Grains的键值对。在后面介绍
Grains的时候会详细讲解,这里只需要知道可以通 过键值对的方式去匹配Minion
ID。

-G, –grain grains 匹配

(4)组匹配

首先在master配置文件中定义组

[[email protected] ~]# vi /etc/salt/master

#####         Node Groups           #####
##########################################
# Node groups allow for logical groupings of minion nodes. A group consists of a group
# name and a compound target.
#nodegroups:
#  group1: '[email protected],bar.domain.com,baz.domain.com and bl*.domain.com'
#  group2: '[email protected]:Debian and foo.domain.com'

[email protected]
和[email protected]
分别表示minion和grain信息
[email protected]开通的是指定的以逗号分隔的多个minionId

Letter

Match Type

Example

Alt Delimiter?

G

Grains glob

[email protected]:Ubuntu

Yes

E

PCRE Minion ID

`[email protected]\d+.(dev

qa

P

Grains PCRE

[email protected]:(RedHat

Fedora

L

List of minions

[email protected],minion3.domain.com or bl*.domain.com

No

I

Pillar glob

[email protected]:foobar

Yes

J

Pillar PCRE

`[email protected]:^(foo

bar)$`

S

Subnet/IP address

[email protected]/24 or [email protected]

No

R

Range cluster

[email protected]%foo.bar

No

Matchers can be joined using boolean and, or, and not operators.

修改group1:group1: '[email protected],nb2'

-N, –nodegroup 组匹配

(5)CIDR匹配 192.168.1.0/24是一个指定的CIDR网段,这里
CIDR匹配的IP地址是Minion连接Matser 4505端口 的来源地址。

[[email protected] ~]# salt -S '192.168.1.0/24' test.ping
nb0:
    True
nb2:
    True
nb1:
    True
[[email protected] ~]# 

8.管理对象属性

Grains是SaltStack组件中非常重要的组件之
一,因为我们在做配置部署的过程中会经常使用
它,Grains是SaltStack记录Minion的一些静态信息
的组件,我们可以简单地理解为Grains里面记录着
每台Minion的一些常用属性,比如CPU、内存、磁
盘、网络信息等,我们可以通过grains.items查看某
台Minion的所有Grains信息,Minions的Grains信息
是Minions启动的时候采集汇报给Master的,在实际
应用环境中我们需要根据自己的业务需求去自定义 一些Grains

8.1通过Minion配置文件定义Grains

先介绍下比较简单的Grains自定义方法,就是通过Minion配置文件定义

Minions的Grains信息是在Minions服务启动的时候汇报给Matser的,所以我们需要修改好Minion配置文
件后重启Minion服务。在Minion的/etc/salt/minion配置文件中默认有一些注释行。这里就是在Minion上
的minion配置文件中如何定义Grains信息例子。下面只需根据自动的需求按照以下格式去填写相应的
键值对就行,大家注意格式就行,SaltStack的配置文件的默认格式都是YAML格式:

# Custom static grains for this minion can be specified here and used in SLS
# files just like all other grains. This example sets 4 custom grains, with
# the 'roles' grain having two values that can be matched against.
#grains:
#  roles:
#    - webserver
#    - memcache
#  deployment: datacenter4
#  cabinet: 13
#  cab_u: 14-15

为了统一管理Minion的Grains信息,需要把这
些注释复制到minion.d/grains文件中

自定义 grains,客户端上配置

[[email protected] ~]# vi /etc/salt/minion

# Custom static grains for this minion can be specified here and used in SLS
# files just like all other grains. This example sets 4 custom grains, with
# the 'roles' grain having two values that can be matched against.
grains:
  roles:
    - nginx
  env:
    - test
  myname:
    - hadron
#  deployment: datacenter4
#  cabinet: 13
#  cab_u: 14-15

重启salt-minion

[[email protected] ~]# ps -aux|grep salt-minion
root      38792  0.0  0.1 231928 15388 pts/0    S    02:32   0:00 /usr/bin/python /usr/bin/salt-minion restart
root      38795  0.5  0.3 547648 28872 pts/0    Sl   02:32   0:00 /usr/bin/python /usr/bin/salt-minion restart
root      43928  0.3  0.1 231928 15384 pts/0    S    02:34   0:00 /usr/bin/python /usr/bin/salt-minion restart
root      43933  1.8  0.3 547648 28784 pts/0    Sl   02:34   0:00 /usr/bin/python /usr/bin/salt-minion restart
root      45693  0.0  0.0 112648   960 pts/0    S+   02:34   0:00 grep --color=auto salt-minion
root      50604  0.0  0.1 231928 15384 pts/0    S    Aug17   0:00 /usr/bin/python /usr/bin/salt-minion start
root      50607  0.0  0.3 760916 29024 pts/0    Sl   Aug17   0:48 /usr/bin/python /usr/bin/salt-minion start
root      92074  0.0  0.1 231928 15388 pts/0    S    01:58   0:00 /usr/bin/python /usr/bin/salt-minion restart
root      92077  0.0  0.3 547916 26832 pts/0    Sl   01:58   0:01 /usr/bin/python /usr/bin/salt-minion restart
[[email protected] ~]# kill 38792 43928 45693 50604
-bash: kill: (45693) - No such process
[[email protected] ~]# ps -aux|grep salt-minion
root      43933  1.2  0.3 547648 28784 pts/0    Sl   02:34   0:00 /usr/bin/python /usr/bin/salt-minion restart
root      46529  0.0  0.0 112648   956 pts/0    S+   02:35   0:00 grep --color=auto salt-minion
root      92074  0.0  0.1 231928 15388 pts/0    S    01:58   0:00 /usr/bin/python /usr/bin/salt-minion restart
root      92077  0.0  0.3 547916 26832 pts/0    Sl   01:58   0:02 /usr/bin/python /usr/bin/salt-minion restart
[1]   Terminated              salt-minion start
[3]-  Terminated              salt-minion restart
[4]+  Terminated              salt-minion restart
[[email protected] ~]# kill 92077 92074 43933
-bash: kill: (43933) - No such process
[[email protected] ~]# ps -aux|grep salt-minion
root      48215  0.0  0.0 112648   960 pts/0    S+   02:36   0:00 grep --color=auto salt-minion
[2]+  Terminated              salt-minion restart
[[email protected] ~]# salt-minion restart &
[1] 49052
[[email protected] ~]# 

服务端获取 grains

[[email protected] ~]# salt 'nb1' grains.item role env myname
nb1:
    ----------
    env:
        - test
    myname:
        - hadron
    role:
        - nginx
[[email protected] ~]# 
[[email protected] ~]# salt 'nb1' grains.item role
nb1:
    ----------
    role:
        - nginx
[[email protected] ~]#

注意:grains 在远程执行命令时很方便。我们可以按照 grains
的一些指标来操作。比如把所有的 web 服务器的 grains 的 role 设置为
nginx,那这样我们就可以批量对 nginx 的服务器进行操作了:

[[email protected] ~]# salt -G role:nginx cmd.run 'hostname'
nb1:
    nb1
[[email protected] ~]# 

[[email protected] ~]# salt -G os:CentOS cmd.run 'hostname'
nb1:
    nb1
nb0:
    nb0
nb2:
    nb2
[[email protected] ~]#

8.2 pillar

pillar 和 grains 不一样,是在 master 上定义的,并且是针对 minion
定义的一些信息。像一些比较重要的数据(密码)可以存在 pillar
里,还可以定义变量等。

(1)服务端自定义配置 pillar

[[email protected] ~]# vim /etc/salt/master

找到如下内容,

#pillar_roots:
#  base:
#    - /srv/pillar
#

去掉#号,修改为

pillar_roots:
  base:
    - /srv/pillar

[[email protected] ~]# mkdir /srv/pillar

自定义配置文件,内容如下

[[email protected] ~]# vim /srv/pillar/test.sls
[[email protected] ~]# cat /srv/pillar/test.sls
conf: /etc/test123.conf
myname: hadron
[[email protected] ~]# 

总入口文件,内容如下

[[email protected] ~]# vim /srv/pillar/top.sls
[[email protected] ~]# cat /srv/pillar/top.sls
base:
  'nb1':
    - test
[[email protected] ~]#

重启master

[[email protected] ~]# ps -aux|grep salt-master
root      29178  0.0  0.3 313076 26816 pts/3    S+   Aug17   0:00 /usr/bin/python /usr/bin/salt-master start
root      29242  0.5  0.4 407192 32856 pts/3    Sl+  Aug17   1:24 /usr/bin/python /usr/bin/salt-master start
root      29243  0.0  0.2 395004 22692 pts/3    Sl+  Aug17   0:00 /usr/bin/python /usr/bin/salt-master start
root      29244  0.0  0.3 395004 24292 pts/3    Sl+  Aug17   0:00 /usr/bin/python /usr/bin/salt-master start
root      29245  0.0  0.2 313076 22016 pts/3    S+   Aug17   0:00 /usr/bin/python /usr/bin/salt-master start
root      29250  0.0  0.3 1204752 28560 pts/3   Sl+  Aug17   0:01 /usr/bin/python /usr/bin/salt-master start
root      29251  0.0  0.3 1205064 28624 pts/3   Sl+  Aug17   0:01 /usr/bin/python /usr/bin/salt-master start
root      29252  0.0  0.3 1205068 28596 pts/3   Sl+  Aug17   0:01 /usr/bin/python /usr/bin/salt-master start
root      29255  0.0  0.3 1205068 28648 pts/3   Sl+  Aug17   0:01 /usr/bin/python /usr/bin/salt-master start
root      29258  0.0  0.3 1205072 28584 pts/3   Sl+  Aug17   0:01 /usr/bin/python /usr/bin/salt-master start
root      29261  0.0  0.2 689932 22668 pts/3    Sl+  Aug17   0:00 /usr/bin/python /usr/bin/salt-master start
root      93354  0.0  0.0 112652   960 pts/2    S+   03:07   0:00 grep --color=auto salt-master
[[email protected] ~]# kill 29178 29242 29243 29244 29245 29250 29251 29252 29255 29258 29261

在单独终端启动

[[email protected] ~]# salt-master start

注意:当更改完 pillar 配置文件后,我们可以通过刷新 pillar 配置来获取新的
pillar 状态

[[email protected] ~]# salt '*' saltutil.refresh_pillar
nb1:
    True
nb0:
    True
nb2:
    True
[[email protected] ~]# 

验证

[[email protected] ~]# salt 'nb1' pillar.items
nb1:
    ----------
    conf:
        /etc/test123.conf
    myname:
        hadron
[[email protected] ~]# salt 'nb1' pillar.item conf
nb1:
    ----------
    conf:
        /etc/test123.conf
[[email protected] ~]# salt 'nb1' pillar.item myname
nb1:
    ----------
    myname:
        hadron
[[email protected] ~]# 

pillar 同样可以用来作为 salt 的匹配对象

[[email protected] ~]# salt -I 'conf:/etc/test123.conf' test.ping
nb1:
    True
[[email protected] ~]# salt -I 'conf:/etc/test123.conf' cmd.run 'w'
nb1:
     03:17:08 up 67 days, 14:25,  1 user,  load average: 0.02, 0.12, 0.24
    USER     TTY      FROM             [email protected]   IDLE   JCPU   PCPU WHAT
    root     pts/0    hadron           Mon21   24:44   2.38s  0.16s -bash
[[email protected] ~]#

9. 配置管理安装Apache

下面进行的演示是远程通过 yum 方式安装 Apache。步骤如下:

(1)配置

[[email protected] ~]# vim /etc/salt/master

找到如下内容

# file_roots:
#   base:
#     - /srv/salt/

去掉#注释

file_roots:
  base:
    - /srv/salt

[[email protected] ~]# mkdir /srv/salt
[[email protected] ~]# vim /srv/salt/top.sls
[[email protected] ~]# cat /srv/salt/top.sls
base:
  'nb1':
    - apache
[[email protected] ~]#

[[email protected] ~]# vim /srv/salt/apache.sls
[[email protected] ~]# cat /srv/salt/apache.sls
apache-service:
  pkg.installed:
    - names:
      - httpd
      - httpd-devel
  service.running:
    - name: httpd
    - enable: True
[[email protected] ~]#

注意:apache-service 是自定义的 id 名。pkg.installed
为包安装函数,下面是要安装的包的名字。service.running
也是一个函数,来保证指定的服务启动,enable 表示开机启动。

(2)重启服务

[[email protected] ~]# salt-master start 
^C[WARNING ] Stopping the Salt Master
[WARNING ] Stopping the Salt Master
[WARNING ] Stopping the Salt Master

Exiting on Ctrl-c

Exiting on Ctrl-c

Exiting on Ctrl-c
You have mail in /var/spool/mail/root
[[email protected] ~]# salt-master start

[[email protected] ~]# salt 'nb1' state.highstate
nb1:
----------
          ID: apache-service
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: Package httpd is already installed.
     Started: 03:38:36.137884
    Duration: 1250.258 ms
     Changes:   
----------
          ID: apache-service
    Function: pkg.installed
        Name: httpd-devel
      Result: True
     Comment: The following packages were installed/updated: httpd-devel
     Started: 03:38:37.388313
    Duration: 33668.276 ms
     Changes:   
              ----------
              apr-devel:
                  ----------
                  new:
                      1.4.8-3.el7
                  old:
              apr-util-devel:
                  ----------
                  new:
                      1.5.2-6.el7
                  old:
              cyrus-sasl:
                  ----------
                  new:
                      2.1.26-20.el7_2
                  old:
              cyrus-sasl-devel:
                  ----------
                  new:
                      2.1.26-20.el7_2
                  old:
              httpd:
                  ----------
                  new:
                      2.4.6-45.el7.centos.4
                  old:
                      2.4.6-45.el7.centos
              httpd-devel:
                  ----------
                  new:
                      2.4.6-45.el7.centos.4
                  old:
              httpd-tools:
                  ----------
                  new:
                      2.4.6-45.el7.centos.4
                  old:
                      2.4.6-45.el7.centos
              openldap-devel:
                  ----------
                  new:
                      2.4.40-13.el7
                  old:
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: Service httpd has been enabled, and is running
     Started: 03:39:11.080192
    Duration: 6685.669 ms
     Changes:   
              ----------
              httpd:
                  True

Summary
------------
Succeeded: 3 (changed=2)
Failed:    0
------------
Total states run:     3
[[email protected] ~]# 

说明 Apache 远程安装已成功。

[[email protected] ~]# systemctl status httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2017-08-18 03:39:17 EDT; 2min 10s ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 11613 (httpd)
   Status: "Total requests: 0; Current requests/sec: 0; Current traffic:   0 B/sec"
   CGroup: /system.slice/httpd.service
           ├─11613 /usr/sbin/httpd -DFOREGROUND
           ├─11715 /usr/sbin/httpd -DFOREGROUND
           ├─11716 /usr/sbin/httpd -DFOREGROUND
           ├─11717 /usr/sbin/httpd -DFOREGROUND
           ├─11718 /usr/sbin/httpd -DFOREGROUND
           └─11719 /usr/sbin/httpd -DFOREGROUND

Aug 18 03:39:16 nb1 systemd[1]: Starting The Apache HTTP Server...
Aug 18 03:39:16 nb1 httpd[11613]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.1.161. Set the 'ServerN...his message
Aug 18 03:39:17 nb1 systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
[[email protected] ~]# 

10.states文件

salt states的核心是sls文件,该文件使用YAML语法定义了一些k/v的数据。

sls文件存放根路径在master配置文件中定义,默认为/srv/salt,该目录在操作系统上不存在,需要手动创建。

在salt中可以通过salt://代替根路径,例如你可以通过salt://top.sls访问/srv/salt/top.sls。

在states中top文件也由master配置文件定义,默认为top.sls,该文件为states的入口文件。
一个简单的sls文件如下:

apache:
 pkg.installed
 service.running
   - require:
     - pkg: apache

说明:此SLS数据确保叫做”apache”的软件包(package)已经安装,并且”apache”服务(service)正在运行中。

  • 第一行,被称为ID说明(ID Declaration)。ID说明表明可以操控的名字。
  • 第二行和第四行是State说明(State
    Declaration),它们分别使用了pkg和service states。pkg
    state通过系统的包管理其管理关键包,service
    state管理系统服务(daemon)。
    在pkg及service列下边是运行的方法。方法定义包和服务应该怎么做。此处是软件包应该被安装,服务应该处于运行中。
  • 第六行使用require。本方法称为”必须指令”(Requisite
    Statement),表明只有当apache软件包安装成功时,apache服务才启动起来

salt-master是通过写sls配置管理minion上重复指令的,服务状态等等。

salt
states的核心是sls文件,该文件使用YAML语法定义了一些k/v的数据。sls文件存放根路径在master配置文件中定义,默认为/srv/salt,该目录在操作系统上不存在,需要手动创建。

[[email protected] ~]# mkdir -p /srv/salt/base

11.文件目录管理

11.1文件管理

(1)服务端配置

[[email protected] ~]# vim /srv/salt/top.sls
[[email protected] ~]# cat /srv/salt/top.sls
base:
  'nb1':
    - apache
  'nb2':
    - filetest
[[email protected] ~]# 

新建 filetest.sls 文件

[[email protected] ~]# vim /srv/salt/filetest.sls
[[email protected] ~]# cat /srv/salt/filetest.sls
file-test:
  file.managed:
    - name: /tmp/filetest.txt
    - source: salt://test/123/1.txt
    - user: root
    - group: root
    - mode: 644
[[email protected] ~]# 

注意:第一行的 file-test
为自定的名字,表示该配置段的名字,可以在别的配置段中引用它;source指定文件从哪里拷贝,这里的
test 目录相当于是 /srv/salt/test 目录;name指定远程客户端要生成的文件。

新建所要测试的源文件

[[email protected] ~]# mkdir -p /srv/salt/test/123/
[[email protected] ~]# echo "file test" > /srv/salt/test/123/1.txt
[[email protected] ~]#

执行命令:

[[email protected] ~]# salt 'nb2' state.highstate
nb2:
----------
          ID: file-test
    Function: file.managed
        Name: /tmp/filetest.txt
      Result: True
     Comment: File /tmp/filetest.txt updated
     Started: 03:59:13.664379
    Duration: 505.159 ms
     Changes:   
              ----------
              diff:
                  New file
              mode:
                  0644

Summary
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
[[email protected] ~]# 

(2)客户端验证

[[email protected] ~]# cat /tmp/filetest.txt 
file test
[[email protected] ~]# 

11.2目录管理

(1)接着编辑之前的 top.sls 文件

修改为如下

[[email protected] ~]# vim /srv/salt/top.sls
[[email protected] ~]# cat /srv/salt/top.sls
base:
  'nb1':
    - apache
  'nb2':
    - filedir
[[email protected] ~]#

(2)新建 filedir.sls 文件

[[email protected] ~]# vim /srv/salt/filedir.sls
[[email protected] ~]# cat /srv/salt/filedir.sls
file-dir:
  file.recurse:
    - name: /tmp/testdir
    - source: salt://test/123
    - user: root
    - file_mode: 644
    - dir_mode: 755
    - mkdir: True
    - clean: True
[[email protected] ~]#

clean: True
源删除文件或目录,目标也会跟着删除,否则不会删除。可以默认设置为 False

(3)新建所要测试的源目录

/srv/salt/test/123已经存在,且有一个文件

[[email protected] ~]# ls /srv/salt/test/123
1.txt
[[email protected] ~]# cat /srv/salt/test/123/1.txt 
file test

(4)执行命令

[[email protected] ~]# salt 'nb2' state.highstate
nb2:
----------
          ID: file-dir
    Function: file.recurse
        Name: /tmp/testdir
      Result: True
     Comment: Recursively updated /tmp/testdir
     Started: 01:38:38.129930
    Duration: 392.34 ms
     Changes:   
              ----------
              /tmp/testdir/1.txt:
                  ----------
                  diff:
                      New file
                  mode:
                      0644

Summary
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
[[email protected] ~]#

(5)客户端验证

[[email protected] ~]# ls /tmp
filetest.txt                     Jetty_0_0_0_0_16010_master____.6nvknp        Jetty_localhost_40934_datanode____.k20t6j
hadoop-root-journalnode.pid      Jetty_0_0_0_0_16030_regionserver____.45q9os  Jetty_nb2_50070_hdfs____xjgcrn
hadoop-unjar4050493136279788948  Jetty_0_0_0_0_8042_node____19tj0x            systemd-private-bd8f0cf7c19147208fb1f2948ed5483f-vmtoolsd.service-LQvsNz
hsperfdata_root                  Jetty_0_0_0_0_8480_journal____.8g4awa        testdir
[[email protected] ~]# ls /tmp/testdir/
1.txt
[[email protected] ~]# 

(6)测试增删功能

在服务端新建newDir目录以及文件a,删除1.txt 文件

[[email protected] ~]# cd /srv/salt/test/123
[[email protected] 123]# mkdir newDir
[[email protected] 123]# echo "Hello" > newDir/a
[[email protected] 123]# rm -rf 1.txt

(7)再次执行命令

[[email protected] ~]# salt 'nb2' state.highstate
nb2:
----------
          ID: file-dir
    Function: file.recurse
        Name: /tmp/testdir
      Result: True
     Comment: Recursively updated /tmp/testdir
     Started: 01:45:59.688250
    Duration: 442.358 ms
     Changes:   
              ----------
              /tmp/testdir/newDir:
                  ----------
                  /tmp/testdir/newDir:
                      New Dir
              /tmp/testdir/newDir/a:
                  ----------
                  diff:
                      New file
                  mode:
                      0644
              removed:
                  - /tmp/testdir/1.txt

Summary
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
[[email protected] ~]#

(8)再次验证

[[email protected] ~]# ls /tmp/testdir/
newDir
[[email protected] ~]# ls /tmp/testdir/newDir/
a
[[email protected] ~]#

注意的是要成功创建newDir目录,前提是newDir目录下要有文件;如若没有,客户端是不会创建newDir目录的。

12.远程执行

前面提到远程执行命令
test.ping,cmd.run,点前面的是模块,点后面的是函数;这样总归是不太规范化,下面详细介绍怎么远程执行命令和脚本。

12.1远程执行命令

(1)接着编辑之前的 top.sls 文件

[[email protected] ~]# vim /srv/salt/top.sls
[[email protected] ~]# cat /srv/salt/top.sls
base:
  'nb1':
    - cmdtest
  'nb2':
    - filedir
[[email protected] ~]# 

(2)新建 cmdtest.sls 文件

[[email protected] ~]# vim /srv/salt/cmdtest.sls
[[email protected] ~]# cat /srv/salt/cmdtest.sls
cmd-test:  
  cmd.run:
    - onlyif: test -f /tmp/1.txt
    - names:
      - touch /tmp/cmdtest.txt
      - mkdir /tmp/cmdtest
    - user: root
[[email protected] ~]# 

条件 onlyif 表示若 /tmp/1.txt文件存在,则执行后面的命令;可以使用
unless,两者正好相反。

[[email protected] ~]# echo "hello" > /tmp/1.txt
[[email protected] ~]# cat /tmp/1.txt 
hello
[[email protected] ~]#

(3)执行命令

[[email protected] ~]# salt 'nb1' state.highstate
nb1:
----------
          ID: cmd-test
    Function: cmd.run
        Name: touch /tmp/cmdtest.txt
      Result: True
     Comment: Command "touch /tmp/cmdtest.txt" run
     Started: 02:23:07.347360
    Duration: 565.866 ms
     Changes:   
              ----------
              pid:
                  7209
              retcode:
                  0
              stderr:
              stdout:
----------
          ID: cmd-test
    Function: cmd.run
        Name: mkdir /tmp/cmdtest
      Result: True
     Comment: Command "mkdir /tmp/cmdtest" run
     Started: 02:23:07.913505
    Duration: 208.682 ms
     Changes:   
              ----------
              pid:
                  7245
              retcode:
                  0
              stderr:
              stdout:

Summary
------------
Succeeded: 2 (changed=2)
Failed:    0
------------
Total states run:     2
[[email protected] ~]#

(4)验证

[[email protected] ~]# ll /tmp|grep cmd
drwxr-xr-x 2 root root   6 Aug 21 02:23 cmdtest
-rw-r--r-- 1 root root   0 Aug 21 02:23 cmdtest.txt
[[email protected] ~]# 

12.2 远程执行脚本

(1)接着编辑之前的 top.sls 文件

[[email protected] ~]# vim /srv/salt/top.sls
[[email protected] ~]# cat /srv/salt/top.sls
base:
  'nb1':
    - cmdtest
  'nb2':
    - shelltest
[[email protected] ~]# 

(2)新建 shelltest.sls 文件

[[email protected] ~]# vim /srv/salt/shelltest.sls
[[email protected] ~]# cat /srv/salt/shelltest.sls
shell-test:
  cmd.script:
    - source: salt://test/1.sh
    - user: root
[[email protected] ~]# 

(3)新建 1.sh 脚本文件

[[email protected] ~]# vim /srv/salt/test/1.sh
[[email protected] ~]# cat /srv/salt/test/1.sh
#!/bin/bash
touch /tmp/shelltest.txt
if [ -d /tmp/shelltest ]
then
    rm -rf /tmp/shelltest
else
    mkdir /tmp/shelltest
fi
[[email protected] ~]#

(4)执行命令

[[email protected] ~]# salt 'nb2' state.highstate
nb2:
----------
          ID: shell-test
    Function: cmd.script
      Result: True
     Comment: Command 'shell-test' run
     Started: 02:35:33.341722
    Duration: 585.072 ms
     Changes:   
              ----------
              pid:
                  48228
              retcode:
                  0
              stderr:
              stdout:

Summary
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
[[email protected] ~]# 

(5)客户端验证

[[email protected] ~]# ll /tmp|grep shell
drwxr-xr-x 2 root root   6 Aug 21 02:35 shelltest
-rw-r--r-- 1 root root   0 Aug 21 02:35 shelltest.txt
[[email protected] ~]# 

通过上面的例子,我们实现了远程执行脚本;如果我们想一键远程安装 LAMP 或者
LNMP,那么只需把本例中的 1.sh 脚本替换成 一键安装的脚本就行。

13.管理任务计划

13.1 建立 cron

(1)编辑 top.sls 文件

[[email protected] ~]# vim /srv/salt/top.sls
[[email protected] ~]# cat /srv/salt/top.sls
base:
  'nb1':
    - crontest
  'nb2':
    - shelltest
[[email protected] ~]#

(2)编辑 crontest.sls 文件

[[email protected] ~]# vim /srv/salt/crontest.sls
[[email protected] ~]# cat /srv/salt/crontest.sls
cron-test:
  cron.present:
    - name: /bin/touch /tmp/111.txt
    - user: root
    - minute: '*'
    - hour: 20
    - daymonth: 1-10
    - month: '3,5'
    - dayweek: '*'
[[email protected] ~]#

注意,*需要用单引号引起来。当然我们还可以使用 file.managed 模块来管理
cron,因为系统的 cron都是以配置文件的形式存在的。

(3)执行命令

[[email protected] ~]# salt 'nb1' state.highstate
nb1:
----------
          ID: cron-test
    Function: cron.present
        Name: /bin/touch /tmp/111.txt
      Result: True
     Comment: Cron /bin/touch /tmp/111.txt added to root's crontab
     Started: 02:47:51.454886
    Duration: 1478.963 ms
     Changes:   
              ----------
              root:
                  /bin/touch /tmp/111.txt

Summary
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
[[email protected] ~]# 

(4)客户端验证

[[email protected] ~]# crontab -l
00      03      *       *       *       ntpdate 192.168.1.81
00      03      *       *       *       ntpdate 192.168.1.81
00      03      *       *       *       ntpdate 192.168.1.81
00      03      *       *       *       ntpdate 192.168.1.81
00      03      *       *       *       ntpdate 192.168.1.160
# Lines below here are managed by Salt, do not edit
# SALT_CRON_IDENTIFIER:/bin/touch /tmp/111.txt
* 20 1-10 3,5 * /bin/touch /tmp/111.txt
[[email protected] ~]# 

13.2 删除 cron

(1)修改 crontest.sls 文件 把 cron.present: 改成 cron.absent:
注意:两者不能共存,要想删除一个 cron,那之前的 present
就得替换掉或者删除掉。

[[email protected] ~]# vim /srv/salt/crontest.sls
[[email protected] ~]# cat /srv/salt/crontest.sls
cron-test:
  cron.absent:
    - name: /bin/touch /tmp/111.txt
    - user: root
    - minute: '*'
    - hour: 20
    - daymonth: 1-10
    - month: '3,5'
    - dayweek: '*'
[ro
[email protected] ~]#

(2)执行命令

[[email protected] ~]# salt 'nb1' state.highstate
nb1:
----------
          ID: cron-test
    Function: cron.absent
        Name: /bin/touch /tmp/111.txt
      Result: True
     Comment: Cron /bin/touch /tmp/111.txt removed from root's crontab
     Started: 02:56:03.583557
    Duration: 29.663 ms
     Changes:   
              ----------
              root:
                  /bin/touch /tmp/111.txt

Summary
------------
Succeeded: 1 (changed=1)
Failed:    0
------------
Total states run:     1
[[email protected] ~]# 

(3)客户端验证

[[email protected] ~]# crontab -l
00      03      *       *       *       ntpdate 192.168.1.81
00      03      *       *       *       ntpdate 192.168.1.81
00      03      *       *       *       ntpdate 192.168.1.81
00      03      *       *       *       ntpdate 192.168.1.81
00      03      *       *       *       ntpdate 192.168.1.160
# Lines below here are managed by Salt, do not edit
[[email protected] ~]#

14.Saltstack 常用命令

14.1拷贝文件到客户端

[[email protected] ~]# salt 'nb1' cp.get_file salt://apache.sls /tmp/cp.txt
nb1:
    /tmp/cp.txt
[[email protected] ~]#

[[email protected] ~]# cat /tmp/cp.txt 
apache-service:
  pkg.installed:
    - names:
      - httpd
      - httpd-devel
  service.running:
    - name: httpd
    - enable: True
[[email protected] ~]# 

14.2 拷贝目录到客户端

[[email protected] ~]# salt 'nb1' cp.get_dir salt://test /tmp
nb1:
    - /tmp/test/1.sh
    - /tmp/test/123/newDir/a
[[email protected] ~]# 

[[email protected] ~]# ll /tmp/test/
total 4
drwxr-xr-x 3 root root  20 Aug 21 03:02 123
-rw-r--r-- 1 root root 126 Aug 21 03:02 1.sh
[[email protected] ~]#

14.3 显示存活的客户端

[[email protected] ~]# salt-run manage.up
- nb0
- nb1
- nb2
[[email protected] ~]# 

14.4 命令下执行服务端的脚本

[[email protected] ~]# vim /srv/salt/test/shell.sh
[[email protected] ~]# cat /srv/salt/test/shell.sh
#! /bin/bash
echo "hadron.cn" > /tmp/shell.txt
[[email protected] ~]# 

[[email protected] ~]# salt 'nb2' cmd.script salt://test/shell.sh
nb2:
    ----------
    pid:
        86257
    retcode:
        0
    stderr:
    stdout:
[[email protected] ~]# 

[[email protected] ~]# cat /tmp/shell.txt 
hadron.cn
[[email protected] ~]# 

15.问题

 [[email protected] ~]# salt-master start
[ERROR   ] An extra return was detected from minion nb1, please verify the minion, this could be a replay attack
[ERROR   ] An extra return was detected from minion nb1, please verify the minion, this could be a replay attack

执行一次命令,返回两个值

 [[email protected] ~]# salt '*' cmd.run   'df -h'
nb1:
    Filesystem           Size  Used Avail Use% Mounted on
    /dev/mapper/cl-root   48G  4.3G   44G   9% /
    devtmpfs             3.9G     0  3.9G   0% /dev
    tmpfs                3.9G   24K  3.9G   1% /dev/shm
    tmpfs                3.9G  385M  3.5G  10% /run
    tmpfs                3.9G     0  3.9G   0% /sys/fs/cgroup
    /dev/sda1           1014M  139M  876M  14% /boot
    /dev/mapper/cl-home   24G   33M   24G   1% /home
    tmpfs                781M     0  781M   0% /run/user/0
nb1:
    Filesystem           Size  Used Avail Use% Mounted on
    /dev/mapper/cl-root   48G  4.3G   44G   9% /
    devtmpfs             3.9G     0  3.9G   0% /dev
    tmpfs                3.9G   24K  3.9G   1% /dev/shm
    tmpfs                3.9G  385M  3.5G  10% /run
    tmpfs                3.9G     0  3.9G   0% /sys/fs/cgroup
    /dev/sda1           1014M  139M  876M  14% /boot
    /dev/mapper/cl-home   24G   33M   24G   1% /home
    tmpfs                781M     0  781M   0% /run/user/0
nb0:
    Filesystem           Size  Used Avail Use% Mounted on
    /dev/mapper/cl-root   48G   27G   22G  55% /
    devtmpfs             3.9G     0  3.9G   0% /dev
    tmpfs                3.9G   16K  3.9G   1% /dev/shm
    tmpfs                3.9G  394M  3.5G  11% /run
    tmpfs                3.9G     0  3.9G   0% /sys/fs/cgroup
    /dev/sda1           1014M  139M  876M  14% /boot
    /dev/mapper/cl-home   24G   33M   24G   1% /home
    tmpfs                781M     0  781M   0% /run/user/0
    /dev/loop0           7.8G  7.8G     0 100% /var/ftp/iso-home
[[email protected] ~]#

问题产生的原因在node2节点上重复启动

 [[email protected] ~]# salt-minion start
^C[WARNING ] Stopping the Salt Minion
[WARNING ] Exiting on Ctrl-c
[[email protected] ~]# 

ctrl+c终止第二次的salt-minion启动即可。

发表评论

电子邮件地址不会被公开。 必填项已用*标注