<code>http:</code><code>//docs</code><code>.saltstack.com</code><code>/en/latest/</code>
<code>SaltStack</code>
<code>Salt, a new approach to infrastructure management, is easy enough to get running </code><code>in</code> <code>minutes, scalable enough to manage tens of thousands of servers, and fast enough to communicate with those servers </code><code>in</code> <code>seconds.</code>
<code>Salt delivers a dynamic communication bus </code><code>for</code> <code>infrastructures that can be used </code><code>for</code> <code>orchestration, remote execution, configuration management and much </code><code>more</code><code>.</code>
<code>Getting Started</code>
<code>通過執行個體來迅速了解salt:</code>
<code>Official Salt Walkthrough http:</code><code>//docs</code><code>.saltstack.com</code><code>/en/latest/topics/tutorials/walkthrough</code><code>.html</code>
<code>1. minion的</code><code>id</code>
<code>minion啟動時,能自動生成一個</code><code>id</code><code>,也可以在配置檔案中手動指定</code>
<code>2. 接受minion的key之前,安全起見,可以列印minion's public key的指紋</code>
<code>salt-key -f minion-</code><code>id</code>
<code>On the master:</code>
<code># salt-key -f foo.domain.com</code>
<code>Unaccepted Keys:</code>
<code>foo.domain.com: 39:f9:e4:8a:aa:74:8d:52:1a:ec:92:03:82:09:c8:f9</code>
<code>On the minion:</code>
<code># salt-call key.finger --local</code>
<code>local</code><code>:</code>
<code> </code><code>39:f9:e4:8a:aa:74:8d:52:1a:ec:92:03:82:09:c8:f9</code>
<code>If they match, approve the key with salt-key -a foo.domain.com</code>
<code>3. 第一個指令</code>
<code>salt </code><code>'*'</code> <code>test</code><code>.</code><code>ping</code>
<code>The * is the target, </code><code>which</code> <code>specifies all minions.</code>
<code>test</code><code>.</code><code>ping</code> <code>tells the minion to run the </code><code>test</code><code>.</code><code>ping</code> <code>function</code><code>.</code>
<code>In the </code><code>case</code> <code>of </code><code>test</code><code>.</code><code>ping</code><code>, </code><code>test</code> <code>refers to a execution module. </code><code>ping</code> <code>refers to the </code><code>ping</code> <code>function</code> <code>contained </code><code>in</code> <code>the aforementioned </code><code>test</code> <code>module.</code>
<code>test</code><code>是一個module,</code><code>ping</code><code>是這個module中的一個</code><code>function</code>
<code>類似的,還有一堆的module</code>
<code>Module documentation is also available on the web.</code>
<code>Full list of </code><code>builtin</code> <code>execution modules http:</code><code>//docs</code><code>.saltstack.com</code><code>/en/latest/ref/modules/all/index</code><code>.html</code>
<code>4. Helpful Functions to Know</code>
<code>salt </code><code>'*'</code> <code>cmd.run </code><code>'ls -l /usr'</code>
<code>test230:</code>
<code> </code><code>total 212</code>
<code> </code><code>dr-xr-xr-x. 2 root root 69632 Feb 11 04:49 bin</code>
<code> </code><code>drwxr-xr-x. 2 root root 4096 Nov 1 2011 etc</code>
<code> </code><code>drwxr-xr-x. 2 root root 4096 Nov 1 2011 games</code>
<code> </code><code>drwxr-xr-x. 66 root root 12288 Feb 11 14:34 include</code>
<code> </code><code>dr-xr-xr-x. 30 root root 4096 Oct 14 14:32 lib</code>
<code> </code><code>dr-xr-xr-x. 107 root root 77824 Feb 11 13:35 lib64</code>
<code> </code><code>drwxr-xr-x. 23 root root 12288 Dec 27 03:12 libexec</code>
<code> </code><code>drwxr-xr-x. 26 root root 4096 Feb 11 11:31 </code><code>local</code>
<code> </code><code>dr-xr-xr-x. 2 root root 12288 Dec 27 03:12 sbin</code>
<code> </code><code>drwxr-xr-x. 213 root root 4096 Dec 26 14:28 share</code>
<code> </code><code>drwxr-xr-x. 4 root root 4096 Jul 30 2014 src</code>
<code> </code><code>lrwxrwxrwx. 1 root root 10 Mar 6 2014 tmp -> ..</code><code>/var/tmp</code>
<code> </code>
<code>salt </code><code>'*'</code> <code>pkg.</code><code>install</code> <code>ruby</code>
<code> </code><code>----------</code>
<code> </code><code>compat-readline5:</code>
<code> </code><code>----------</code>
<code> </code><code>new:</code>
<code> </code><code>5.2-17.1.el6</code>
<code> </code><code>old:</code>
<code> </code>
<code> </code><code>ruby:</code>
<code> </code><code>1.8.7.374-3.el6_6</code>
<code> </code><code>ruby-libs:</code>
<code>[root@svr200-21 ~]</code><code># salt '*' cmd.run 'tail /var/log/messages -n 3'</code>
<code> </code><code>Feb 11 15:10:50 test230 yum[11828]: Installed: compat-readline5-5.2-17.1.el6.x86_64</code>
<code> </code><code>Feb 11 15:10:51 test230 yum[11828]: Installed: ruby-libs-1.8.7.374-3.el6_6.x86_64</code>
<code> </code><code>Feb 11 15:10:52 test230 yum[11828]: Installed: ruby-1.8.7.374-3.el6_6.x86_64</code>
<code>[root@svr200-21 ~]</code><code># salt '*' network.interfaces</code>
<code> </code><code>eth0:</code>
<code> </code><code>hwaddr:</code>
<code> </code><code>d4:3d:7e:32:17:d1</code>
<code> </code><code>inet:</code>
<code> </code><code>|_</code>
<code> </code><code>----------</code>
<code> </code><code>address:</code>
<code> </code><code>192.168.1.230</code>
<code> </code><code>broadcast:</code>
<code> </code><code>192.168.1.255</code>
<code> </code><code>label:</code>
<code> </code><code>eth0</code>
<code> </code><code>netmask:</code>
<code> </code><code>255.255.255.0</code>
<code> </code><code>inet6:</code>
<code> </code><code>fe80::d63d:7eff:fe32:17d1</code>
<code> </code><code>prefixlen:</code>
<code> </code><code>64</code>
<code> </code><code>secondary:</code>
<code> </code><code>192.168.1.249</code>
<code> </code><code>None</code>
<code> </code><code>type</code><code>:</code>
<code> </code><code>inet</code>
<code> </code><code>up:</code>
<code> </code><code>True</code>
<code> </code><code>lo:</code>
<code> </code><code>00:00:00:00:00:00</code>
<code> </code><code>127.0.0.1</code>
<code> </code><code>lo</code>
<code> </code><code>255.0.0.0</code>
<code> </code><code>192.168.1.130</code>
<code> </code><code>lo:0</code>
<code> </code><code>255.255.255.255</code>
<code> </code><code>::1</code>
<code> </code><code>128</code>
<code>5. Grains</code>
<code>Salt uses a system called Grains to build up static data about minions. This data includes information about the operating system that is running, CPU architecture and much </code><code>more</code><code>. The grains system is used throughout Salt to deliver platform data to many components and to </code><code>users</code><code>.</code>
<code>Grains can also be statically </code><code>set</code><code>, this makes it easy to assign values to minions </code><code>for</code> <code>grouping and managing.</code>
<code>A common practice is to assign grains to minions to specify what the role or roles a minion might be. These static grains can be </code><code>set</code> <code>in</code> <code>the minion configuration </code><code>file</code> <code>or via the grains.setval </code><code>function</code><code>.</code>
<code>6. Targeting</code>
<code>Salt allows </code><code>for</code> <code>minions to be targeted based on a wide range of criteria. The default targeting system uses globular expressions to match minions, hence </code><code>if</code> <code>there are minions named larry1, larry2, curly1, and curly2, a glob of larry* will match larry1 and larry2, and a glob of *1 will match larry1 and curly1.</code>
<code>Many other targeting systems can be used other than globs, these systems include:</code>
<code>Regular Expressions</code>
<code>Target using PCRE-compliant regular expressions</code>
<code>Grains</code>
<code>Target based on grains data: Targeting with Grains</code>
<code>Pillar</code>
<code>Target based on pillar data: Targeting with Pillar</code>
<code>IP</code>
<code>Target based on IP address</code><code>/subnet/range</code>
<code>Compound</code>
<code>Create logic to target based on multiple targets: Targeting with Compound</code>
<code>Nodegroup</code>
<code>Target with nodegroups: Targeting with Nodegroup</code>
<code>7. SALT STATES</code>
<code>Salt States, or the State System is the component of Salt made </code><code>for</code> <code>configuration management.</code>
<code>The state system is built on SLS formulas. These formulas are built out </code><code>in</code> <code>files on Salt's </code><code>file</code> <code>server. To </code><code>make</code> <code>a very basic SLS formula </code><code>open</code> <code>up a </code><code>file</code> <code>under </code><code>/srv/salt</code> <code>named vim.sls. The following state ensures that vim is installed on a system to </code><code>which</code> <code>that state has been applied.</code>
<code>建立一個檔案:</code>
<code>/srv/salt/vim</code><code>.sls:</code>
<code>内容是:</code>
<code>[root@svr200-21 salt]</code><code># cat vim.sls</code>
<code>vim-enhanced:</code>
<code> </code><code>pkg.installed</code>
<code>Now </code><code>install</code> <code>vim on the minions by calling the SLS directly:</code>
<code>安裝vim:</code>
<code>[root@svr200-21 salt]</code><code># salt '*' state.sls vim</code>
<code>----------</code>
<code> </code><code>ID: vim-enhanced</code>
<code> </code><code>Function: pkg.installed</code>
<code> </code><code>Result: True</code>
<code> </code><code>Comment: Package vim-enhanced is already installed.</code>
<code> </code><code>Started: 10:05:53.851780</code>
<code> </code><code>Duration: 1044.131 ms</code>
<code> </code><code>Changes: </code>
<code>Summary</code>
<code>------------</code>
<code>Succeeded: 1</code>
<code>Failed: 0</code>
<code>Total states run: 1</code>
<code>This </code><code>command</code> <code>will invoke the state system and run the vim SLS.</code>
<code>這個指令會調入state system并執行對應的vim這個sls檔案</code>
<code>Now, to beef up the vim SLS formula, a vimrc can be added:</code>
<code>增強一下,增加一個自定義的配置檔案</code>
<code>[root@svr200-21 salt]</code><code># cat /srv/salt/vim.sls:</code>
<code> </code><code>pkg.installed: []</code>
<code>/root/</code><code>.vimrc:</code>
<code> </code><code>file</code><code>.managed:</code>
<code> </code><code>- </code><code>source</code><code>: salt:</code><code>//files/vim/vimrc</code>
<code> </code><code>- mode: 644</code>
<code> </code><code>- uesr: root</code>
<code> </code><code>- group: root</code>
<code>執行:</code>
<code> </code><code>Started: 10:08:52.457087</code>
<code> </code><code>Duration: 1041.624 ms</code>
<code> </code><code>ID: </code><code>/root/</code><code>.vimrc</code>
<code> </code><code>Function: </code><code>file</code><code>.managed</code>
<code> </code><code>Comment: File </code><code>/root/</code><code>.vimrc updated</code>
<code> </code><code>Started: 10:08:53.498852</code>
<code> </code><code>Duration: 165.523 ms</code>
<code> </code><code>diff</code><code>:</code>
<code> </code><code>New </code><code>file</code>
<code> </code><code>mode:</code>
<code> </code><code>0644</code>
<code>Succeeded: 2 (changed=1)</code>
<code>Total states run: 2</code>
<code>8. Adding Some Depth</code>
<code>顯然在</code><code>file</code> <code>server的根目錄(</code><code>/srv/salt/</code><code>)下維護所有的sls檔案擴充性不好,讓我們增加一點目錄層級的深度。</code>
<code>Obviously maintaining SLS formulas right </code><code>in</code> <code>a single directory at the root of the </code><code>file</code> <code>server will not scale out to reasonably sized deployments. This is why </code><code>more</code> <code>depth is required. </code>
<code>以安裝nginx為例</code>
<code>Start by making an nginx formula a better way, </code><code>make</code> <code>an nginx subdirectory and add an init.sls </code><code>file</code><code>:</code>
<code>/srv/salt/nginx/init</code><code>.sls:</code>
<code>[root@svr200-21 salt]</code><code># cat nginx/init.sls </code>
<code>nginx:</code>
<code> </code><code>service.running:</code>
<code> </code><code>- require:</code>
<code> </code><code>- pkg: nginx</code>
<code>A few concepts are introduced </code><code>in</code> <code>this SLS formula.</code>
<code>First is the service statement </code><code>which</code> <code>ensures that the nginx service is running.</code>
<code>service這個文法,保障nginx服務是running狀态的</code>
<code>Of course, the nginx service can't be started unless the package is installed -- hence the require statement </code><code>which</code> <code>sets up a dependency between the two.</code>
<code>The require statement makes sure that the required component is executed before and that it results </code><code>in</code> <code>success.</code>
<code>當然,隻有安裝了nginx服務的包,才能啟動nginx服務呀,是以,require文法保障了這樣一個依賴關系,確定required的元件在之前已經被執行成功,這樣才能去start這個服務。</code>
<code>Note</code>
<code>The require option belongs to a family of options called requisites. Requisites are a powerful component of Salt States, </code><code>for</code> <code>more</code> <code>information on how requisites work and what is available see: Requisites</code>
<code>http:</code><code>//docs</code><code>.saltstack.com</code><code>/en/latest/ref/states/requisites</code><code>.html</code>
<code>Also evaluation ordering is available </code><code>in</code> <code>Salt as well: Ordering States</code>
<code>http:</code><code>//docs</code><code>.saltstack.com</code><code>/en/latest/ref/states/ordering</code><code>.html</code>
<code>This new sls formula has a special name -- init.sls. When an SLS formula is named init.sls it inherits the name of the directory path that contains it. This formula can be referenced via the following </code><code>command</code><code>:</code>
<code>新的sls公司有一個特殊的名稱“init.sls”,這樣的一個sls會繼承目前目錄的名稱,用這樣的一個指令來關聯起來,試一試:</code>
<code>salt </code><code>'*'</code> <code>state.sls nginx</code>
<code>[root@svr200-21 salt]</code><code># salt '*' state.sls nginx</code>
<code> </code><code>ID: nginx</code>
<code> </code><code>Comment: The following packages were installed</code><code>/updated</code><code>: nginx.</code>
<code> </code><code>Started: 11:37:04.182413</code>
<code> </code><code>Duration: 187110.65 ms</code>
<code> </code><code>gd:</code>
<code> </code><code>----------</code>
<code> </code><code>new:</code>
<code> </code><code>2.0.35-11.el6</code>
<code> </code><code>old:</code>
<code> </code>
<code> </code><code>nginx:</code>
<code> </code><code>1.0.15-11.el6</code>
<code> </code><code>nginx-filesystem:</code>
<code> </code><code>Function: service.running</code>
<code> </code><code>Comment: The service nginx is already running</code>
<code> </code><code>Started: 11:40:11.293241</code>
<code> </code><code>Duration: 59.986 ms</code>
<code>Reminder!</code>
<code>Just as one could call the </code><code>test</code><code>.</code><code>ping</code> <code>or disk.usage execution modules, state.sls is simply another execution module. It simply takes the name of an SLS </code><code>file</code> <code>as an argument.</code>
<code>就像可以調用</code><code>test</code><code>.</code><code>ping</code> <code>or disk.usage這兩個執行子產品一樣,state.sls也是另一個執行子產品,,後邊跟着的參數就是要執行的sls配置檔案的名稱(例如vim,nginx這些)。</code>
<code>現在,繼續用子目錄來管理,調整下vim的配置:</code>
<code>Now that subdirectories can be used, the vim.sls formula can be cleaned up. To </code><code>make</code> <code>things </code><code>more</code> <code>flexible, move the vim.sls and vimrc into a new subdirectory called edit and change the vim.sls </code><code>file</code> <code>to reflect the change:</code>
<code>/srv/salt/edit/vim</code><code>.sls:</code>
<code>vim:</code>
<code>/etc/vimrc</code><code>:</code>
<code> </code><code>- </code><code>source</code><code>: salt:</code><code>//edit/vimrc</code>
<code> </code><code>- user: root</code>
<code>Only the </code><code>source</code> <code>path to the vimrc </code><code>file</code> <code>has changed. Now the formula is referenced as edit.vim because it resides </code><code>in</code> <code>the edit subdirectory. Now the edit subdirectory can contain formulas </code><code>for</code> <code>emacs, nano, joe or any other editor that may need to be deployed.</code>
<code>執行方式變成了salt </code><code>'*'</code> <code>state.sls edit.vim</code>
<code>[root@svr200-21 salt]</code><code># salt '*' state.sls edit.vim</code>
<code> </code><code>Started: 11:53:52.288936</code>
<code> </code><code>Duration: 1039.998 ms</code>
<code> </code><code>Comment: File </code><code>/root/</code><code>.vimrc is </code><code>in</code> <code>the correct state</code>
<code> </code><code>Started: 11:53:53.329085</code>
<code> </code><code>Duration: 161.691 ms</code>
<code>Succeeded: 2</code>
本文轉自 pcnk 51CTO部落格,原文連結:http://blog.51cto.com/nosmoking/1614552,如需轉載請自行聯系原作者
![Web Service開發實戰[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)