This is the 22nd day of my participation in the August More Text Challenge
A lifelong learner, practitioner and sharer committed to the path of technology, a busy and occasionally lazy original blogger, an occasionally boring and occasionally humorous teenager.
Welcome to dig friends wechat search “Jie Ge’s IT journey” attention!
How do I define any data related to a controlled host through the Saltstack Pillar component?
The Saltstack Pillar component defines any data associated with the controlled host
1.1 What is a pillar?
Pillar is also one of the most important components in the Saltstack. It defines any data related to the controlled host. The defined data can be used by other components, such as templates, states, and apis. The data defined in Pillar is associated with the controlled hosts with different business characteristics, so that different controlled hosts can only see their own matched data. Therefore, Pillar has high security and is suitable for some sensitive data, which is also the most critical point different from Grains. For example, the user ID, group ID, read/write permission, and program package information of hosts in different service groups are defined in the Python dictionary format, that is, the key/value. The uppermost key is usually the host ID or group name.
1.2 Pillar Defines the main configuration file
By default, the Saltstack defines all data in the configuration file of the main control end to the pillar, which is open to all controlled hosts. You can modify the /etc/salt/master configuration to define whether to enable or disable this function.
[root@saltstack-master _grains]# vim /etc/salt/master pillar_opts: True [root@saltstack-master _grains]# /etc/init.d/salt-master restart Stopping salt-master daemon: [confirm] Starting salt-master daemon:Copy the codeAfter modification, execute the command to observe the effect:
[root@saltstack-master _grains]# salt 'saltstack_web1group_1' pillar.data saltstack_web1group_1: ---------- master: ---------- __role: master auth_mode: 1 auto_accept: True cache_sreqs: True cachedir: / var/cache/salt/master cli_summary: False -- -- -- -- -- -- -- -- -- -- -- -- -- -- ignore part -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --Copy the code1.3 SLS File Definition
Pillar supports defining data in AN SLS file in a format that conforms to the YAML specification, much like the State component of Saltstack, which has the same configuration format and entry file top.sls. The following describes how to configure pillar using SLS.
1.3.1 Defining the main directory of pillar
Change the pillar_roots parameter in the /etc/salt/master configuration file to define the main directory of pillar in the following format:
[root@saltstack-master _grains]# vim /etc/salt/master pillar_roots: base: - /srv/pillar [root@saltstack-master _grains]# /etc/init.d/salt-master restart Stopping salt-master daemon: [confirm] Starting salt-master daemon:Copy the codeTo create a pillar directory, run the install -d/SRV /pillar command
[root@saltstack-master _grains]# install -d /srv/pillar
Copy the code1.3.2 Defining the entry file top.sls
The entry file usually defines the effective range of a pillar’s data to cover the controlled host. “*” represents any host and includes a data. SLS file.
[root@saltstack-master _grains]# vim /srv/pillar/top.sls
base:
'*':
- data
[root@saltstack-master _grains]# vim /srv/pillar/data.sls
appname: website
flow:
maxconn:30000
maxmen:6G
Copy the code1.3.3 efficacy pillar
By looking at the pillar data of “saltstack_web1group_1” host, you can see that there is an extra data. SLS data item because we defined top. SLS with “*” overwriting all hosts. If the result is not as expected, you can try to refresh the controlled host’s pillar data by running salt ‘*’ saltutil.refresh_pillar.
[root@saltstack-master _grains]# salt 'saltstack_web1group_1' pillar.data appname flow
saltstack_web1group_1:
----------
appname:
website
flow:
maxconn:30000 maxmen:6G
Copy the code1.4 Use of Pillar
After the Pillar configuration is complete, this section describes how to use pillar. We can refer to the state and template files as “{{pillar variable}}”.
{{pillar [' appname]}} (level 1 dictionary) {{pillar [' flow '] [' maxconn]}} (secondary dictionary) or {{salt [' pillar. Get] (' flow: 'maxconn'}}, {})Copy the codePython API format:
pillar['flow']['maxconn']
pillar.get('flow:appname',{})
Copy the code1.4.1 Operating the Target Host
Use the -i option to use pillar to match the controlled host
[root@saltstack_master ~]# salt -I 'appname:website' test.ping
saltstack_web1group_1:
True
Copy the code1.4.2 Handle data differences in combination with Grains
Firstly, the MAXCPU values of different ids are distinguished by combining the ID information of Grains. Secondly, the matching information is referenced and observed. Change data. SLS to the following form, where “if… else… Endfi “is the template syntax for Jinja2.
appname: website
flow:
maxconn:30000
maxmen:6G
{% if grains['id'] == 'SN100-128' %}
maxcpu: 8
{% else %}
maxcpu: 4
{% endif %}
Copy the codeView pillar data of the controlled host
salt 'saltstack_web1group_1' pillar.data appname flow
Copy the codePillar in top. SLS
Open pillar_root in the master configuration file
pillar_roots: base: - /etc/salt/pillar mkdir /etc/salt/pillar mkdir /etc/salt/pillar/init Restart /etc/init.d/salt-master restart vim /etc/salt/pillar/top.sls base: '*': - init.rsyslog vim /etc/salt/pillar/init/rsyslog.sls {% if grains['osfinger'] == 'CentOS-6' %} syslog:rsyslog {% elif Grains ['osfinger'] == 'centos-5' %} syslog: syslog {% endif %} salt '*' saltutil.refresh_pillar // refreshCopy the codeRecommended reading
Saltstack centralized management platform installation
Execute commands remotely using Saltstack
Follow me to learn Saltstack common modules and apis
How to collect information about a controlled host in the Saltstack component?
In this paper, to the end.
Original is not easy, if you think this article is useful to you, please kindly like, comment or forward this article, because this will be my power to output more high-quality articles, thank you!
By the way, please give me some free attention! In case you get lost and don’t find me next time.
See you next time!