Basic usage and advanced status of SaltStack
YAML language
YAML is an intuitive data serialization format that can be recognized by computer. It is a programming language with high readability, easy to be read by human beings, easy to interact with scripting language and used to express data sequences.
It is similar to the data description language of XML, a subset of the standard general markup language, and its syntax is much simpler than XML.
The format of YAML language is as follows:
house:
family:
name: Doe
parents:
- John
- Jane
children:
- Paul
- Mark
- Simone
address:
number: 34
street: Main Street
city: Nowheretown
zipcode: 12345
Basic rules of YAML:
- Indent is used to represent the hierarchical relationship. There are 2 spaces in each layer. The TAB key is prohibited
- When the colon is not at the end, there must be a space after the colon
- Use - to represent the list, and there must be a space after -
- Use # to indicate comments
The YAML configuration file should be placed in the location of SaltStack. You can find the file in the Master configuration file of SaltStack_ You can see it from the roots.
[root@master ~]# vim /etc/salt/master
...Omitted here N that 's ok
file_roots:
base:
- /srv/salt/base
test:
- /srv/salt/test
dev:
- /srv/salt/dev
prod:
- /srv/salt/prod
...Omitted here N that 's ok
[root@master ~]# mkdir -p /srv/salt/{base,test,dev,prod}
[root@master ~]# tree /srv/salt/
/srv/salt/
├── base
├── dev
├── prod
└── test
4 directories, 0 files
[root@master ~]# systemctl restart salt-master
Note:
- Base is the default location, if file_ If there is only one root, base is required and must be called base, and cannot be renamed
Configuring an nginx instance with SaltStack
Deploy the sls configuration file on the Master and execute
[root@master ~]# mkdir -p /srv/salt/base
[root@master ~]# cd /srv/salt/base/
[root@master base]# mkdir -p web/nginx
[root@master base]# cd web/nginx/
[root@master nginx]# touch install.sls
[root@master nginx]# vim install.sls
nginx-install:
pkg.installed:
- name: nginx
nginx-service:
service.running:
- name: nginx
- enable: True
[root@master nginx]# salt 'P1' state.sls web.nginx.install saltenv=base
P1:
----------
ID: nginx-install
Function: pkg.installed
Name: nginx
Result: True
Comment: The following packages were installed/updated: nginx
Started: 15:06:42.828000
Duration: 14099.279 ms
Changes:
----------
gd:
----------
new:
2.2.5-7.el8
old:
libXpm:
----------
new:
3.5.12-8.el8
old:
libwebp:
----------
new:
1.0.0-1.el8
old:
nginx:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-all-modules:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-filesystem:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-http-image-filter:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-http-perl:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-http-xslt-filter:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-mail:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
nginx-mod-stream:
----------
new:
1:1.14.1-9.module_el8.0.0+184+e34fea82
old:
perl-Carp:
----------
new:
1.42-396.el8
old:
perl-Errno:
----------
new:
1.28-416.el8
old:
perl-Exporter:
----------
new:
5.72-396.el8
old:
perl-File-Path:
----------
new:
2.15-2.el8
old:
perl-IO:
----------
new:
1.38-416.el8
old:
perl-PathTools:
----------
new:
3.74-1.el8
old:
perl-Scalar-List-Utils:
----------
new:
3:1.49-2.el8
old:
perl-Socket:
----------
new:
4:2.027-3.el8
old:
perl-Text-Tabs+Wrap:
----------
new:
2013.0523-395.el8
old:
perl-Unicode-Normalize:
----------
new:
1.25-396.el8
old:
perl-constant:
----------
new:
1.33-396.el8
old:
perl-interpreter:
----------
new:
4:5.26.3-416.el8
old:
perl-libs:
----------
new:
4:5.26.3-416.el8
old:
perl-macros:
----------
new:
4:5.26.3-416.el8
old:
perl-parent:
----------
new:
1:0.237-1.el8
old:
perl-threads:
----------
new:
1:2.21-2.el8
old:
perl-threads-shared:
----------
new:
1.58-2.el8
old:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: Service nginx has been enabled, and is running
Started: 15:06:56.970902
Duration: 593.592 ms
Changes:
----------
nginx:
True
Summary for P1
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 14.693 s
Check on P1
[root@P1 ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 [::]:80 [::]:*
[root@P1 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy ser>
Loaded: loaded (/usr/lib/systemd/system/nginx.servi>
Active: active (running) since Mon 2021-07-05 15:06>
Main PID: 18258 (nginx)
Tasks: 5 (limit: 11201)
Memory: 12.8M
CGroup: /system.slice/nginx.service
├─18258 nginx: master process /usr/sbin/ngi>
├─18259 nginx: worker process
├─18260 nginx: worker process
├─18261 nginx: worker process
└─18262 nginx: worker process
top file
top file introduction
Is it automatic enough to execute sls files directly through commands? The answer is no, because we have to tell a host to perform a task. Automation should be that when we let it work, it knows which host to do. However, executing sls files directly through commands can not achieve this purpose. In order to solve this problem, top file came into being.
Top file is an entry. The file name of top file can be searched in the Master configuration file SLS, and this file must be in the base environment. By default, this file must be called top sls.
The function of top file is to tell the corresponding host what to do, such as enabling the web server to start web services, enabling the database server to install mysql, and so on.
top file instance:
[root@master ~]# cd /srv/salt/base/
[root@master base]# vim top.sls
base: #Environment to execute the status file
'minion1': #Target to execute status file
- web.nginx.install #Status file to execute
#Stop nginx service of P1
[root@P1 ~]# systemctl stop nginx.service
[root@P1 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy ser>
Loaded: loaded (/usr/lib/systemd/system/nginx.servi>
Active: inactive (dead) since Mon 2021-07-05 15:19:>
Main PID: 18258 (code=exited, status=0/SUCCESS)
7 May 15:06:57 P1 systemd[1]: Starting The nginx HTTP>
7 May 15:06:57 P1 nginx[18255]: nginx: the configurat>
7 May 15:06:57 P1 nginx[18255]: nginx: configuration >
7 May 15:06:57 P1 systemd[1]: Started The nginx HTTP >
7 May 15:19:28 P1 systemd[1]: Stopping The nginx HTTP>
7 May 15:19:28 P1 systemd[1]: nginx.service: Succeede>
7 May 15:19:28 P1 systemd[1]: Stopped The nginx HTTP >
#The following command will report an error because the minion on the master side does not perform any operation, which will not affect the result
[root@master base]# salt '*' state.highstate
master:
----------
ID: states
Function: no.None
Result: False
Comment: No Top file or master_tops data matches found. Please see master log for details.
Changes:
Summary for master
------------
Succeeded: 0
Failed: 1
------------
Total states run: 1
Total run time: 0.000 ms
P1:
----------
ID: nginx-install
Function: pkg.installed
Name: nginx
Result: True
Comment: All specified packages are already installed
Started: 15:20:10.747116
Duration: 1043.271 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: Service nginx is already enabled, and is running
Started: 15:20:11.792775
Duration: 188.931 ms
Changes:
----------
nginx:
True
Summary for P1
------------
Succeeded: 2 (changed=1)
Failed: 0
------------
Total states run: 2
Total run time: 1.232 s
ERROR: Minions returned with non-zero exit code
#View nginx status at P1 end
[root@P1 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy ser>
Loaded: loaded (/usr/lib/systemd/system/nginx.servi>
Active: active (running) since Mon 2021-07-05 15:20>
Process: 40264 ExecStart=/usr/sbin/nginx (code=exite>
Process: 40262 ExecStartPre=/usr/sbin/nginx -t (code>
Process: 40260 ExecStartPre=/usr/bin/rm -f /run/ngin>
Main PID: 40265 (nginx)
Tasks: 5 (limit: 11201)
Memory: 8.8M
CGroup: /system.slice/nginx.service
├─40265 nginx: master process /usr/sbin/ngi>
be careful:
If the target in the top file is represented by *, it should be noted that the * in the top file represents all targets to be executed, and salt '*' state The * in highstate indicates that all machines are notified to work, and whether to work is specified by the top file
Use of advanced state highstate
When managing SaltStack, the most common management operation is to perform advanced status
[root@master ~]# salt '*' state.highstate / / the salt command is prohibited in the production environment
be careful:
The above allows everyone to execute the advanced state, but it is generally not used in actual work. In work, it is generally to notify one or some target hosts to execute the advanced state. The specific execution is determined by the top file.
If you add the parameter test=True when executing the advanced state, it will tell us what it will do, but it will not really perform this operation.
#Stop nginx service on P1
[root@P1 ~]# systemctl stop nginx.service
[root@P1 ~]# systemctl status nginx.service
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Tue 2021-07-06 00:34:12 EDT; 15s ago
Process: 1041 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 1018 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 1002 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 1042 (code=exited, status=0/SUCCESS)
7 June 06:00:26:11 P1 systemd[1]: Starting The nginx HTTP and reverse proxy server...
7 June 06:00:26:11 P1 nginx[1018]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
7 June 00:26:11 P1 nginx[1018]: nginx: configuration file /etc/nginx/nginx.conf test is successful
7 June 06:00:26:11 P1 systemd[1]: nginx.service: Failed to parse PID from file /run/nginx.pid: Invali>
7 June 06:00:26:11 P1 systemd[1]: Started The nginx HTTP and reverse proxy server.
7 June 06:00:34:12 P1 systemd[1]: Stopping The nginx HTTP and reverse proxy server...
7 June 06:00:34:12 P1 systemd[1]: nginx.service: Succeeded.
7 June 06:00:34:12 P1 systemd[1]: Stopped The nginx HTTP and reverse
#Perform advanced status tests on the master
[root@master ~]# salt 'P1' state.highstate test=True
P1:
----------
ID: nginx-install
Function: pkg.installed
Name: nginx
Result: True
Comment: All specified packages are already installed
Started: 00:36:31.024619
Duration: 1187.295 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: None
Comment: Service nginx is set to start
Started: 00:36:32.218554
Duration: 41.331 ms
Changes:
Summary for P1
------------
Succeeded: 2 (unchanged=1)
Failed: 0
------------
Total states run: 2
Total run time: 1.229 s
#Go to P1 to check the status of nginx service
[root@master ~]# salt 'P1' state.highstate test=True
P1:
----------
ID: nginx-install
Function: pkg.installed
Name: nginx
Result: True
Comment: All specified packages are already installed
Started: 00:36:31.024619
Duration: 1187.295 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: None
Comment: Service nginx is set to start
Started: 00:36:32.218554
Duration: 41.331 ms
Changes:
Summary for P1
------------
Succeeded: 2 (unchanged=1)
Failed: 0
------------
Total states run: 2
Total run time: 1.229 s
#No startup, so the advanced state is not executed, just a test to tell us what we will do