SaltStack部署服务及配置管理apache+php-第二篇
实验目标
1.使用SaltStack部署apache和php,
2.使用salt管理httpd.conf配置文件配置访问info.php使用账户密码
3.在salt里面增加对conf.d目录进行配置管理
4.如何使用salt在追加文件内容
5.学会如何使用 watch require unless
实现步骤
修改master的配置文件,指定base环境路径,base环境是必须指定的
- [root@linux-node1 base]# grep - ^file_roots /etc/salt/master |grep -v ^#
- file_roots:
- base:
- - /srv/salt/base
- dev:
- - /srv/salt/dev
- test:
- - /srv/salt/test
- prod:
- - /srv/salt/prod
创建目录
- [root@linux-node1 base]# mkdir -p /srv/salt/{base,dev,test,prod}
- [root@linux-node1 base]# tree /srv/salt/
- /srv/salt/
- ├── base
- ├── dev
- ├── prod
- └── test
重启master
- [root@linux-node1 base]# systemctl restart salt-master
在base目录下面创建一个web目录用于存放web相关的sls文件
- [root@linux-node1 base]# mkdir -p web
cd到bash/web目录里面创建apache.sls文件
- [root@linux-node1 base]# cd web/
- [root@linux-node1 web]# cat apache.sls
- apache-install: #id 名字自己取 需要形象一点, 一个id下面一个状态只能出现一次
- pkg.installed: #pkg 是状态模块,installed 是模块里面的方法
- - name: httpd #方法里面的参数
- apache-service:
- service.running:
- - name: httpd
- - enable: True #设置开机自动启动
#yaml里面格式有严格的要求,注释用#号,不能有table,- 两边需要空格,缩进用2个空格层级关系后面要加分号
执行状态模块部署服务
- [root@linux-node1 base]# salt "linux-node2*" state.sls apache
- linux-node2.example.com:
- ----------
- ID: apache-install
- Function: pkg.installed
- Name: httpd
- Result: True
- Comment: Package httpd is already installed.
- Started: ::09.228934
- Duration: 633.681 ms
- Changes:
- ----------
- ID: apache-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is running
- Started: ::09.863302
- Duration: 310.567 ms
- Changes:
- ----------
- httpd:
- True
- Summary
- ------------
- Succeeded: (changed=)
- Failed:
- ------------
- Total states run: 2
#此时node2 上面已经部署好了apache
高级状态的使用 需要在master配置文件里面打开 state_top: top.sls并重启master
[root@linux-node1 web]# grep -n ^state_top /etc/salt/master
329:state_top: top.sls
[root@linux-node1 web]# systemctl restart salt-master
在bese环境目录下面添加top.sls
- [root@linux-node1 base]# more top.sls
- base:
- 'linux-node2.example.com':
- - web.apache
- 'linux-node1.example.com':
- - web.apache
- [root@linux-node1 base]# pwd
- /srv/salt/base
执行高级模块方法,高级方法到 base下面找top.sls 文件编排告诉每个minion需要干什么,一般生产环境用高级状态多些
- [root@linux-node1 base]# salt "*" state.highstate
- linux-node1.example.com:
- ----------
- ID: apache-install
- Function: pkg.installed
- Name: httpd
- Result: True
- Comment: Package httpd is already installed.
- Started: ::08.597951
- Duration: 709.521 ms
- Changes:
- ----------
- ID: apache-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::09.308417
- Duration: 233.623 ms
- Changes:
- Summary
- ------------
- Succeeded:
- Failed:
- ------------
- Total states run:
- linux-node2.example.com:
- ----------
- ID: apache-install
- Function: pkg.installed
- Name: httpd
- Result: True
- Comment: Package httpd is already installed.
- Started: ::09.171596
- Duration: 721.901 ms
- Changes:
- ----------
- ID: apache-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::09.894209
- Duration: 221.615 ms
- Changes:
- Summary
- ------------
- Succeeded:
- Failed:
- ------------
- Total states run:
上面我们使用了2个状态模块pkg和service,下面我们使用file文件配置模块
模块使用参考文档
- https://www.unixhot.com/docs/saltstack/ref/states/all/salt.states.file.html#module-salt.states.file
在base/web目录下面添加一个lamp.sls,一般在添加里面的内容之前需要在外面找一台服务器进行测试拿到准确的包信息后再进行配置
[root@linux-node1 web]# cat lamp.sls
lamp-install:
pkg.installed:
- pkgs:
- httpd
- php
- php-pdo
- php-mysql
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf #服务实际使用的文件路径
- source: salt://web/files/httpd.conf #salt的源文件用于分发到minion上面 路径是base目录下面的web 这里也支持http和ftp方式
- user: root
- group: root
- mode: 644
php-config:
file.managed:
- name: /etc/php.ini
- source: salt://web/files/php.ini
- user: root
- group: root
- mode: 644
lamp-service:
service.running:
- name: httpd
- enable: True
拷贝源文件到base/web目录下,这个根据自己的实际情况找源文件拷贝过来
[root@linux-node1 web]# cp /etc/httpd/conf/httpd.conf /srv/salt/base/web/files/
[root@linux-node1 web]# cp /etc/php.ini /srv/salt/base/web/files/
执行状态模块部署服务
- [root@linux-node1 web]# salt "*" state.sls web.lamp
- linux-node1.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::56.883540
- Duration: 633.814 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::57.520199
- Duration: 4.242 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::57.524589
- Duration: 4.149 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::57.529404
- Duration: 258.952 ms
- Changes:
- Summary
- ------------
- Succeeded:
- Failed:
- ------------
- Total states run:
- linux-node2.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::58.566172
- Duration: 611.409 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::59.180091
- Duration: 4.063 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::59.184248
- Duration: 3.803 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::59.188496
- Duration: 208.1 ms
- Changes:
- Summary
- ------------
- Succeeded:
- Failed:
- ------------
- Total states run:
使用file模块下面的recurse方法进行apache的conf.d目录管理配置如下
- apache-conf:
- file.recurse:
- - name: /etc/httpd/conf.d
- - source: salt://web/files/apache-conf.d
创建salt源目录,并拷贝数据导源文件目录,数据文件来源根据自己业务的实际情况
- [root@linux-node1 ~]# mkdir /srv/salt/base/web/files/apache-conf.d
- [root@linux-node1 ~]# cd /srv/salt/base/web/files/apache-conf.d/
- [root@linux-node1 apache-conf.d]# cp -a /etc/httpd/conf.d/* .
- [root@linux-node1 apache-conf.d]# ls
- autoindex.conf php.conf README userdir.conf welcome.conf
- [root@linux-node1 apache-conf.d]#
测试在files/apache-conf.d/welcome.conf 添加一行#xiewenming test
- [root@linux-node1 files]# echo "#xieweming test" >> apache-conf.d/welcome.conf
验证目录管理是否生效
可以先使用test=True 只做测试,不会在minion节点上面真正执行,确认无问题后再让minion去执行
- [root@linux-node1 files]# salt "linux-node2*" state.highstate test=True
- linux-node2.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::56.440265
- Duration: 666.288 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: The file /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::57.108448
- Duration: 3.959 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: The file /etc/php.ini is in the correct state
- Started: ::57.112503
- Duration: 3.61 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::57.116505
- Duration: 244.585 ms
- Changes:
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: None
- Comment: #### /etc/httpd/conf.d/welcome.conf ####
- The file /etc/httpd/conf.d/welcome.conf is set to be changed
- Started: ::57.361390
- Duration: 1096.52 ms
- Changes:
- ----------
- /etc/httpd/conf.d/welcome.conf:
- ----------
- diff:
- ---
- +++
- @@ -, +, @@
- Alias /noindex/css/open-sans.css /usr/share/httpd/noindex/css/open-sans.css
- Alias /images/apache_pb.gif /usr/share/httpd/noindex/images/apache_pb.gif
- Alias /images/poweredby.png /usr/share/httpd/noindex/images/poweredby.png
- +#xieweming test
- Summary
- ------------
- Succeeded: (unchanged=, changed=)
- Failed:
- ------------
- Total states run:
验证没有问题在node1和node2上面都执行
我们这里就2台所有可以直接用*
- [root@linux-node1 files]# salt "*" state.highstate
- linux-node1.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::31.724191
- Duration: 782.903 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::32.509438
- Duration: 4.62 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::32.514200
- Duration: 4.418 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::32.519273
- Duration: 234.566 ms
- Changes:
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: True
- Comment: Recursively updated /etc/httpd/conf.d
- Started: ::32.754002
- Duration: 1082.389 ms
- Changes:
- ----------
- /etc/httpd/conf.d/welcome.conf:
- ----------
- diff:
- ---
- +++
- @@ -, +, @@
- Alias /noindex/css/open-sans.css /usr/share/httpd/noindex/css/open-sans.css
- Alias /images/apache_pb.gif /usr/share/httpd/noindex/images/apache_pb.gif
- Alias /images/poweredby.png /usr/share/httpd/noindex/images/poweredby.png
- +#xieweming test
- Summary
- ------------
- Succeeded: (changed=)
- Failed:
- ------------
- Total states run:
- linux-node2.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::32.296865
- Duration: 789.23 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::33.089019
- Duration: 3.807 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::33.092933
- Duration: 3.459 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::33.096823
- Duration: 232.349 ms
- Changes:
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: True
- Comment: Recursively updated /etc/httpd/conf.d
- Started: ::33.329410
- Duration: 1079.801 ms
- Changes:
- ----------
- /etc/httpd/conf.d/welcome.conf:
- ----------
- diff:
- ---
- +++
- @@ -, +, @@
- Alias /noindex/css/open-sans.css /usr/share/httpd/noindex/css/open-sans.css
- Alias /images/apache_pb.gif /usr/share/httpd/noindex/images/apache_pb.gif
- Alias /images/poweredby.png /usr/share/httpd/noindex/images/poweredby.png
- +#xieweming test
- Summary
- ------------
- Succeeded: (changed=)
- Failed:
- ------------
- Total states run:
salt "*" state.highstate
使用watch在apache配置文件发送变化时,重新加载apache配置
增加下面的红色字体部分
- [root@linux-node1 web]# more lamp.sls
- lamp-install:
- pkg.installed:
- - pkgs:
- - httpd
- - php
- - php-pdo
- - php-mysql
- apache-config:
- file.managed:
- - name: /etc/httpd/conf/httpd.conf
- - source: salt://web/files/httpd.conf
- - user: root
- - group: root
- - mode:
- php-config:
- file.managed:
- - name: /etc/php.ini
- - source: salt://web/files/php.ini
- - user: root
- - group: root
- - mode:
- lamp-service:
- service.running:
- - name: httpd
- - enable: True
- - reload: True #如果不加reload 默认会重启服务
- - watch: #增加
- - file: apache-config #监控上面的apache-config ID 所以说 一个ID在一个状态只能出现一次
- apache-conf:
- file.recurse:
- - name: /etc/httpd/conf.d
- - source: salt://web/files/apache-conf.d
另外一种watc_in写法,我们只需要掌握一种就可以
- ...
- lamp-service:
- service.running:
- - name: httpd
- - enable: True
- - reload: True
- - watch:
- - file: apache-config
- apache-conf:
- file.recurse:
- - name: /etc/httpd/conf.d
- - source: salt://web/files/apache-conf.d
- - watch_in:
- - service: lamp-service
- ...
修改一下配置文件进行验证成功
- [root@linux-node1 files]# salt "*" state.highstate
- linux-node1.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::08.336027
- Duration: 733.712 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf updated
- Started: ::09.071795
- Duration: 13.576 ms
- Changes:
- ----------
- diff:
- ---
- +++
- @@ -, +, @@
- # same ServerRoot for multiple httpd daemons, you will need to change at
- # least PidFile.
- #
- +
- ServerRoot "/etc/httpd"
- #
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::09.085478
- Duration: 3.597 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service reloaded
- Started: ::09.337223
- Duration: 253.101 ms
- Changes:
- ----------
- httpd:
- True
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: True
- Comment: The directory /etc/httpd/conf.d is in the correct state
- Started: ::09.590622
- Duration: 25.654 ms
- Changes:
- Summary
- ------------
- Succeeded: (changed=)
- Failed:
- ------------
- Total states run:
- linux-node2.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::08.904921
- Duration: 735.305 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf updated
- Started: ::09.643019
- Duration: 16.038 ms
- Changes:
- ----------
- diff:
- ---
- +++
- @@ -, +, @@
- # same ServerRoot for multiple httpd daemons, you will need to change at
- # least PidFile.
- #
- +
- ServerRoot "/etc/httpd"
- #
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::09.659260
- Duration: 3.724 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service reloaded
- Started: ::09.900780
- Duration: 255.082 ms
- Changes:
- ----------
- httpd:
- True
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: True
- Comment: The directory /etc/httpd/conf.d is in the correct state
- Started: ::10.156119
- Duration: 165.767 ms
- Changes:
- Summary
- ------------
- Succeeded: (changed=)
- Failed:
- ------------
- Total states run:
使用require可以让各ID之间产生依赖关系,避免无效执行
比如执行apache-config ID之前要确保 lamp-install ID已经成功的完成了 添加下面红色字体部分
- lamp-install:
- pkg.installed:
- - pkgs:
- - httpd
- - php
- - php-pdo
- - php-mysql
- apache-config:
- file.managed:
- - name: /etc/httpd/conf/httpd.conf
- - source: salt://web/files/httpd.conf
- - user: root
- - group: root
- - mode:
- - require:
- - pkg: lamp-install
测试apache php环境工作是否正常,在2个节点上的apache工作目录下创建phpinfo文件
- [root@linux-node2 conf.d]# cd /var/www/html/
- [root@linux-node2 html]# mkdir admin
- [root@linux-node2 html]# cd admin/
- [root@linux-node2 admin]# vi info.php
- [root@linux-node2 admin]# cat info.php
- <?php
- phpinfo()
- ?>
可以正常打开
现在使用salt添加访问phpinfo需要账号密码
在salt的apache的配置管理文件里面添加验证 如下红色字体部分
[root@linux-node1 files]# pwd
/srv/salt/base/web/files
[root@linux-node1 files]#
[root@linux-node1 files]# tail -15 httpd.conf
#EnableMMAP off
EnableSendfile on
<Directory "/var/www/html/admin">
AllowOverride All
Order allow,deny
Allow from All
AuthUserFile /etc/httpd/conf/htpasswd_file
AuthName "hehe"
AuthType Basic
Require user admin
</Directory>
# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
在lamp.sls 里面添加一个名为apache-auth 状态ID并使用require指定依赖关系
- [root@linux-node1 web]# pwd
- /srv/salt/base/web
- [root@linux-node1 web]# ls
- apache.sls files lamp.sls
- [root@linux-node1 web]# tail - lamp.sls
- - name: /etc/httpd/conf.d
- - source: salt://web/files/apache-conf.d
- apache-auth:
- pkg.installed:
- - name: httpd-tools
- - require_in:
- - cmd: apache-auth #如果没有这个rpm包下面的cmd.run就不运行,指定依赖关系
- cmd.run:
- - name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin #创建 账号为admin 密码为admin的密码文件
执行状态模块,验证没有报错
- [root@linux-node1 web]# salt "*" state.highstate
- linux-node1.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::36.171081
- Duration: 760.101 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::36.936510
- Duration: 12.034 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::36.948778
- Duration: 5.661 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::36.955341
- Duration: 335.213 ms
- Changes:
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: True
- Comment: The directory /etc/httpd/conf.d is in the correct state
- Started: ::37.290804
- Duration: 26.826 ms
- Changes:
- ----------
- ID: apache-auth
- Function: pkg.installed
- Name: httpd-tools
- Result: True
- Comment: Package httpd-tools is already installed.
- Started: ::37.317767
- Duration: 0.518 ms
- Changes:
- ----------
- ID: apache-auth
- Function: cmd.run
- Name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- Result: True
- Comment: Command "htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin" run
- Started: ::37.319460
- Duration: 17.893 ms
- Changes:
- ----------
- pid:
- retcode:
- stderr:
- Adding password for user admin
- stdout:
- Summary
- ------------
- Succeeded: (changed=)
- Failed:
- ------------
- Total states run:
- linux-node2.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::36.819001
- Duration: 801.418 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::37.625380
- Duration: 5.27 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::37.630775
- Duration: 5.974 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::37.637798
- Duration: 276.924 ms
- Changes:
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: True
- Comment: The directory /etc/httpd/conf.d is in the correct state
- Started: ::37.914890
- Duration: 114.468 ms
- Changes:
- ----------
- ID: apache-auth
- Function: pkg.installed
- Name: httpd-tools
- Result: True
- Comment: Package httpd-tools is already installed.
- Started: ::38.029465
- Duration: 0.858 ms
- Changes:
- ----------
- ID: apache-auth
- Function: cmd.run
- Name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- Result: True
- Comment: Command "htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin" run
- Started: ::38.031904
- Duration: 24.688 ms
- Changes:
- ----------
- pid:
- retcode:
- stderr:
- Adding password for user admin
- stdout:
- Summary
- ------------
- Succeeded: (changed=)
- Failed:
- ------------
- Total states run:
再次访问phpinfo就有验证了
但是上面有些小问题
当多次执行apache-auth状态模块的时候,密码文件会被重新创建并覆盖
解决办法:我们可以使用unless进行判断,unless 如果条件为真就执行,为假就不执行
修改apache-auth状态模块如下
- [root@linux-node1 web]# tail - lamp.sls
- apache-auth:
- pkg.installed:
- - name: httpd-tools
- - require_in:
- - cmd: apache-auth #如果没有这个rpm包下面的cmd.run就不运行,解决依赖关系
- cmd.run:
- - name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- - unless: test -f /etc/httpd/conf/htpasswd_file #unless 不只限于用test 支持脚本等任何命令 只要判断 期返回结果0 或者1 0为真 1为假 就可以
再次执行lamp.sls状态模块,就解决了上面的问题
- [root@linux-node1 web]# salt "*" state.highstate
- linux-node2.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::08.415429
- Duration: 739.009 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::09.158151
- Duration: 4.038 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::09.162303
- Duration: 4.511 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::09.167489
- Duration: 260.979 ms
- Changes:
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: True
- Comment: The directory /etc/httpd/conf.d is in the correct state
- Started: ::09.428715
- Duration: 27.714 ms
- Changes:
- ----------
- ID: apache-auth
- Function: pkg.installed
- Name: httpd-tools
- Result: True
- Comment: Package httpd-tools is already installed.
- Started: ::09.456576
- Duration: 0.529 ms
- Changes:
- ----------
- ID: apache-auth
- Function: cmd.run
- Name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- Result: True
- Comment: unless execution succeeded
- Started: ::09.458220
- Duration: 7.17 ms
- Changes:
- Summary
- ------------
- Succeeded:
- Failed:
- ------------
- Total states run:
- linux-node1.example.com:
- ----------
- ID: lamp-install
- Function: pkg.installed
- Result: True
- Comment: All specified packages are already installed.
- Started: ::08.069936
- Duration: 769.874 ms
- Changes:
- ----------
- ID: apache-config
- Function: file.managed
- Name: /etc/httpd/conf/httpd.conf
- Result: True
- Comment: File /etc/httpd/conf/httpd.conf is in the correct state
- Started: ::08.842186
- Duration: 4.2 ms
- Changes:
- ----------
- ID: php-config
- Function: file.managed
- Name: /etc/php.ini
- Result: True
- Comment: File /etc/php.ini is in the correct state
- Started: ::08.846533
- Duration: 4.393 ms
- Changes:
- ----------
- ID: lamp-service
- Function: service.running
- Name: httpd
- Result: True
- Comment: Service httpd is already enabled, and is in the desired state
- Started: ::08.851964
- Duration: 244.197 ms
- Changes:
- ----------
- ID: apache-conf
- Function: file.recurse
- Name: /etc/httpd/conf.d
- Result: True
- Comment: The directory /etc/httpd/conf.d is in the correct state
- Started: ::09.096343
- Duration: 20.85 ms
- Changes:
- ----------
- ID: apache-auth
- Function: pkg.installed
- Name: httpd-tools
- Result: True
- Comment: Package httpd-tools is already installed.
- Started: ::09.117331
- Duration: 0.53 ms
- Changes:
- ----------
- ID: apache-auth
- Function: cmd.run
- Name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- Result: True
- Comment: unless execution succeeded
- Started: ::09.119400
- Duration: 6.484 ms
- Changes:
- Summary
- ------------
- Succeeded:
- Failed:
- ------------
- Total states run:
base的目录结构如下
- [root@linux-node1 salt]# tree base
- base
- ├── fileappend.sls
- ├── top.sls
- └── web
- ├── apache.sls
- ├── files
- │ ├── apache-conf.d
- │ │ ├── autoindex.conf
- │ │ ├── php.conf
- │ │ ├── README
- │ │ ├── userdir.conf
- │ │ └── welcome.conf
- │ ├── httpd.conf
- │ └── php.ini
- └── lamp.sls
- directories, files
cat lamp.sls
- [root@linux-node1 base]# cat web/lamp.sls
- lamp-install:
- pkg.installed:
- - pkgs:
- - httpd
- - php
- - php-pdo
- - php-mysql
- apache-config:
- file.managed:
- - name: /etc/httpd/conf/httpd.conf
- - source: salt://web/files/httpd.conf
- - user: root
- - group: root
- - mode:
- - require:
- - pkg: lamp-install
- php-config:
- file.managed:
- - name: /etc/php.ini
- - source: salt://web/files/php.ini
- - user: root
- - group: root
- - mode:
- lamp-service:
- service.running:
- - name: httpd
- - enable: True
- - reload: True
- - watch:
- - file: apache-config
- apache-conf:
- file.recurse:
- - name: /etc/httpd/conf.d
- - source: salt://web/files/apache-conf.d
- apache-auth:
- pkg.installed:
- - name: httpd-tools
- - require_in:
- - cmd: apache-auth #如果没有这个rpm包下面的cmd.run就不运行,解决依赖关系
- cmd.run:
- - name: htpasswd -bc /etc/httpd/conf/htpasswd_file admin admin
- - unless: test -f /etc/httpd/conf/htpasswd_file
至此apache和php测试已完成
这里补充一个file模块的append方法
[root@linux-node1 base]# pwd
/srv/salt/base
[root@linux-node1 base]# cat fileappend.sls
/etc/profile: #这里是ID的另一种用法,可以直接用文件的路径
file.append:
- text:
- "#xiewneming test" #注意如果添加的内容里面有特殊符合,需要加上引号
执行状态模块,添加成功
- [root@linux-node1 base]# salt "linux-node1*" state.sls fileappend
- linux-node1.example.com:
- ----------
- ID: /etc/profile
- Function: file.append
- Result: True
- Comment: Appended lines
- Started: ::02.877027
- Duration: 7.669 ms
- Changes:
- ----------
- diff:
- ---
- +++
- @@ -, +, @@
- unset i
- unset -f pathmunge
- None
- +#xiewneming test
- Summary
- ------------
- Succeeded: (changed=)
- Failed:
- ------------
- Total states run:
总结
1.添加状态模块的时候,应该自己得先在别的机器上面跑一遍流程在添加
2.状态模块中- source: salt://web/files/apache-conf.d #支持ftp或者http上面 base环境的路径
3.使用的时候要先测试 test=True
4.ID 有不同表示方式
5.状态模块需要执行模块执行才能生效
6.相同的业务用目录进行分类管理
7.sls文件是从上往下按照顺序执行
8.一个ID下面一个状态只能出现一次
9.pkg是虚拟的包管理,在不同系统下面包的安装命令不同 比如 CentOS 和Ubuntu
10.watch 和watch_in require和require_in 在状态模块中可以统一用其中的一种
11.salt默认是有缓存的,可以无关紧要的配置重启进程刷新缓存
salt任务执行过程中不删除缓存目录里面的文件 缓存目录默认为/var/cache/salt
附 赵班长的 GitHub saltbook-code网址
https://github.com/unixhot/saltbook-code/tree/master
SaltStack部署服务及配置管理apache+php-第二篇的更多相关文章
- Autofac 组件、服务、自动装配 《第二篇》
一.组件 创建出来的对象需要从组件中来获取,组件的创建有如下4种(延续第一篇的Demo,仅仅变动所贴出的代码)方式: 1.类型创建RegisterType AutoFac能够通过反射检查一个类型,选择 ...
- Apache nifi 第二篇(小白初试) nifi数据对接流程初次尝试
一.准备工作 1.官网下载nifi 2.上传到linux随便哪里把,因为nifi是用java写的,所以首先要保证你的linux装了jdk 其次保证系统在装了zookeeper,因为nifi是一个分布 ...
- 使用docker-compose 大杀器来部署服务 上
使用docker-compose 大杀器来部署服务 上 我们都听过或者用过 docker,然而使用方式却是仅仅用手动的方式,这样去操作 docker 还是很原始. 好吧,可能在小白的眼中噼里啪啦的对着 ...
- salt-stack部署
saltstack部署 环境准备 [root@server elasticsearch]# cat /etc/redhat-release CentOS release 6.6 (Final)[r ...
- 使用docker-compose 大杀器来部署服务 上(转)
使用docker-compose 大杀器来部署服务 上 我们都听过或者用过 docker,然而使用方式却是仅仅用手动的方式,这样去操作 docker 还是很原始. 好吧,可能在小白的眼中噼里啪啦的对着 ...
- redis安装,windows,linux版本并部署服务
一.使用场景 项目中采用数据库访问量过大或访问过于频繁,将会对数据库带来很大的压力.redis数据库是以非关系数据库的出现,后来redis的迭代版本支持了缓存数据.登录session状 ...
- [转]使用docker-compose 大杀器来部署服务 上
本文转自:https://www.cnblogs.com/neptunemoon/p/6512121.html 使用docker-compose 大杀器来部署服务 上 我们都听过或者用过 docker ...
- docker swarm英文文档学习-8-在集群中部署服务
Deploy services to a swarm在集群中部署服务 集群服务使用声明式模型,这意味着你需要定义服务的所需状态,并依赖Docker来维护该状态.该状态包括以下信息(但不限于): 应该运 ...
- 使用docker-compose 大杀器来部署服务
使用docker-compose 大杀器来部署服务 上 我们都听过或者用过 docker,然而使用方式却是仅仅用手动的方式,这样去操作 docker 还是很原始. 好吧,可能在小白的眼中噼里啪啦的对着 ...
随机推荐
- HDU 4605 Magic Ball Game(可持续化线段树,树状数组,离散化)
Magic Ball Game Time Limit: 10000/5000 MS (Java/Others) Memory Limit: 65536/65536 K (Java/Others) ...
- 转!!mybatis xml 传值 if test判断
当mapper方法传参数 为 String时,且xml中药进行参数比较 比如 是不是等于1 或者等于2 方式1. 方式2. 转自:https://blog.csdn.net/chenaini119/a ...
- git学习------>如何修改git已提交的记录中的Author和Email?
一.背景 最近搭建好GitLab后,准备陆陆续续的将之前在SVN仓库中保存的代码迁移到GitLab上,昨天顺利将三个Android组件的代码迁移到GitLab后,其他同事发现迁移是成功了,但是pull ...
- jupter nootbok 快捷键、NumPy模块、Pandas模块初识
jupter nootbok 快捷键 插入cell:a b 删除cell:x cell模式的切换:m:Markdown模式 y:code模式 运行cell:shift+enter tab:补全 shi ...
- python 字符串的格式化
python字符串的格式化分为两种:1)% 方式 2)str.format() 方式. str.format() 是比 % 较新的方式, 大多数的 Python 代码仍然使用 % 操作符.但最 ...
- Oracle中to_number()函数的用法
to_number()函数是oracle中常用的类型转换函数之一,是将一些处理过的按一定格式编排过的字符串变回数值型的格式. 1.to_number()函数可以将char或varchar2类型的str ...
- java 多线程 day14 Semaphore 线程信号灯
import java.util.concurrent.ExecutorService;import java.util.concurrent.Executors;import java.util.c ...
- 记录:正确率、召回率、F值
因为不理解召回率,所以去查看了一些资料.特此记录一下自己的理解,以便以后查看. 说明 正确率=查出来正确的样本数/全部查出来的样本数 (也可以理解为查准率) 召回率=查出来正确的样本数/数据集里全部正 ...
- 设置 Quick-Cocos2d-x 在 Windows 下的编译环境
http://cn.cocos2d-x.org/tutorial/show?id=1304 设置 Quick-Cocos2d-x 在 Windows 下的编译环境 Liao Yulei2014-08- ...
- centos7命令1
ls 查看当前路径下的文件或文件夹 pwd 查看当前路径,例如/home/python 表示根目录下的home文件夹下的python文件夹 clear清空屏幕 /斜杠 \反斜杠 |竖杠 _下划线 ...