目录规划如下:
- [root@linux-node1 /srv]# tree
- .
- ├── pillar
- │ ├── base
- │ │ ├── top.sls
- │ │ └── zabbix
- │ │ └── agent.sls
- │ └── prod
- └── salt
- ├── base
- │ ├── init
- │ │ ├── audit.sls
- │ │ ├── dns.sls
- │ │ ├── env_init.sls
- │ │ ├── epel.sls
- │ │ ├── files
- │ │ │ ├── resolv.conf
- │ │ │ └── zabbix_agentd.conf
- │ │ ├── history.sls
- │ │ ├── sysctl.sls
- │ │ └── zabbix_agent.sls
- │ └── top.sls
- └── prod
- 9 directories, 12 files
1、修改 salt-master 配置文件,重启 master,创建相应的目录!
- [root@linux-node1 ~]# egrep -A 4 ^file_roots /etc/salt/master
- file_roots:
- base:
- - /srv/salt/base
- prod:
- - /srv/salt/prod
- [root@linux-node1 ~]# grep -EA 4 ^pillar_roots /etc/salt/master
- pillar_roots:
- base:
- - /srv/pillar/base
- prod:
- - /srv/pillar/prod
- mkdir -p /srv/salt/base
- mkdir -p /srv/salt/prod
- mkdir -p /srv/pillar/base
- mkdir -p /srv/pillar/prod
2、base 环境的 sls 状态文件的配置
- [root@linux-node1 ~]# cd /srv/salt/base/
- [root@linux-node1 /srv/salt/base]# tree
- .
- ├── init#系统初始化模块
- │ ├── audit.sls#记录命令操作到:/var/log/messages
- │ ├── dns.sls#本地DNS解析文件:/etc/resolv.conf
- │ ├── env_init.sls#将其它的sls包括在一个文件里
- │ ├── epel.sls#配置epel源
- │ ├── files#此目录存放相应的文件
- │ │ ├── resolv.conf
- │ │ └── zabbix_agentd.conf
- │ ├── history.sls#命令历史记录格式的调整
- │ ├── sysctl.sls#内核参数优化
- │ └── zabbix_agent.sls#zabbix-agent
- └── top.sls
- 2 directories, 10 files
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat init/audit.sls
- /etc/bashrc:
- file.append:
- - text:
- - export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat init/dns.sls
- /etc/resolv.conf:
- file.managed:
- - source: salt://init/files/resolv.conf
- - user: root
- - group: root
- - mode: 644
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat init/epel.sls
- yum_repo_release:
- pkg.installed:
- - sources:
- - epel-release: http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm
- - zabbix-release: http://repo.zabbix.com/zabbix/3.0/rhel/7/x86_64/zabbix-release-3.0-1.el7.noarch.rpm
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat init/history.sls
- /etc/profile:
- file.append:
- - text:
- - export HISTTIMEFORMAT="%F %T `whoami` "
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat init/sysctl.sls
- net.ipv4.ip_local_port_range:
- sysctl.present:
- - value: 10000 65000
- fs.file-max:
- sysctl.present:
- - value: 2000000
- net.ipv4.ip_forward:
- sysctl.present:
- - value: 1
- vm.swappiness:
- sysctl.present:
- - value: 0
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat init/zabbix_agent.sls
- zabbix-agent:
- pkg.installed:
- - name: zabbix-agent
- file.managed:
- - name: /etc/zabbix/zabbix_agentd.conf
- - source: salt://init/files/zabbix_agentd.conf
- - template: jinja
- - defaults:
- Server: {{ pillar['Zabbix_Server'] }}
- - require:
- - pkg: zabbix-agent
- service.running:
- - enable: True
- - watch:
- - pkg: zabbix-agent
- - file: zabbix-agent
- zabbix_agentd.conf.d:
- file.directory:
- - name: /etc/zabbix/zabbix_agentd.d
- - watch_in:
- - service: zabbix-agent
- - require:
- - pkg: zabbix-agent
- - file: zabbix-agent
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat init/env_init.sls
- include:
- - init.audit
- - init.dns
- - init.epel
- - init.history
- - init.sysctl
- - init.zabbix_agent
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat init/files/resolv.conf
- # Generated by NetworkManager
- search oldboyedu.com
- nameserver 114.114.114.114
- nameserver 8.8.8.8
##########################################################################################
- [root@linux - node1 / srv / salt / base]# grep - E ^ Server = init / files / zabbix_agentd.conf Server = {
- { Server
- }
- }
##########################################################################################
- [root@linux-node1 /srv/salt/base]# cat top.sls
- base:
- '*':
- - init.env_init
##########################################################################################
3、pillar 的配置
- [root@linux-node1 /srv/salt/base]# cd /srv/pillar/base/
- [root@linux-node1 /srv/pillar/base]# tree
- .
- ├── top.sls
- └── zabbix
- └── agent.sls
- 1 directory, 2 files
##########################################################################################
- [root@linux-node1 /srv/pillar/base]# cat top.sls
- base:
- '*':
- - zabbix.agent
##########################################################################################
- [root@linux-node1 srv/pillar/base]# cat zabbix/agent.sls
- Zabbix_Server: 192.168.56.11
4、验证:执行高级状态
- salt '*' state.highstate
来源: