1. 主機規劃 Pillar文檔 註意事項 2. Grains VS Pillar 3. Pillar基本信息 4. 顯示系統自帶的pillar 系統自帶的pillar預設是不顯示的 註意:看完之後還原回去,因為數據較多。和自定義數據雜在一起,不方便查看 4.1. 修改配置文件並重啟服務 4.2. ...
1. 主機規劃
Pillar文檔
https://docs.saltstack.com/en/latest/topics/pillar/index.html
註意事項
修改了master或者minion的配置文件,那麼必須重啟對應的服務。
2. Grains VS Pillar
3. Pillar基本信息
1 Pillar 2 Pillar數據是動態的 給特定的minion指定特定的數據。 3 只有指定的minion自己能夠看到自己的數據 【所以必須要有top.sls】 4 因此可以用於敏感數據 5 6 Pillar刷新: 7 salt '*' saltutil.sync_all # 可以使用但是不推薦 8 salt '*' saltutil.sync_pillar 有報錯,適用於無master模式【masterless】 9 salt '*' saltutil.refresh_modules 刷新的是模塊,所以不建議使用 10 salt '*' saltutil.refresh_pillar # 推薦使用 ★★★★★ 11 12 特別註意: 13 如果不執行salt '*' saltutil.refresh_pillar 直接使用 salt '*' pillar.items 查看信息,也可看見信息是最新的, 14 但是查看具體要更新項時卻是舊信息,所以必須要執行pillar刷新命令。 15 16 使用: 17 1、目標選擇 18 2、配置管理 19 3、機密數據【敏感數據】
4. 顯示系統自帶的pillar
系統自帶的pillar預設是不顯示的
註意:看完之後還原回去,因為數據較多。和自定義數據雜在一起,不方便查看
4.1. 修改配置文件並重啟服務
1 [root@salt100 ~]# salt 'salt01' pillar.items # 預設不顯示pillar信息 2 salt01: 3 ---------- 4 [root@salt100 ~]# vim /etc/salt/master 5 ……………… 6 # The pillar_opts option adds the master configuration file data to a dict in 7 # the pillar called "master". This is used to set simple configurations in the 8 # master config file that can then be used on minions. 9 #pillar_opts: False 10 pillar_opts: True 11 ……………… 12 [root@salt100 ~]# systemctl restart salt-master.service # 修改了配置文件,重啟服務
4.2. 顯示pillar信息
1 [root@salt100 ~]# salt 'salt01' pillar.items # 顯示系統pillar信息 2 salt01: 3 ---------- 4 master: 5 ---------- 6 __cli: 7 salt-master 8 __role: 9 master 10 allow_minion_key_revoke: 11 True 12 archive_jobs: 13 False 14 auth_events: 15 True 16 auth_mode: 17 1 18 auto_accept: 19 False 20 azurefs_update_interval: 21 60 22 cache: 23 localfs 24 cache_sreqs: 25 True 26 cachedir: 27 /var/cache/salt/master 28 clean_dynamic_modules: 29 True 30 cli_summary: 31 False 32 client_acl_verify: 33 True 34 cluster_masters: 35 cluster_mode: 36 False 37 con_cache: 38 False 39 conf_file: 40 /etc/salt/master 41 config_dir: 42 /etc/salt 43 cython_enable: 44 False 45 daemon: 46 False 47 decrypt_pillar: 48 decrypt_pillar_default: 49 gpg 50 decrypt_pillar_delimiter: 51 : 52 decrypt_pillar_renderers: 53 - gpg 54 default_include: 55 master.d/*.conf 56 default_top: 57 base 58 discovery: 59 False 60 django_auth_path: 61 django_auth_settings: 62 drop_messages_signature_fail: 63 False 64 dummy_pub: 65 False 66 eauth_acl_module: 67 eauth_tokens: 68 localfs 69 enable_gpu_grains: 70 False 71 enable_ssh_minions: 72 False 73 enforce_mine_cache: 74 False 75 engines: 76 env_order: 77 event_match_type: 78 startswith 79 event_return: 80 event_return_blacklist: 81 event_return_queue: 82 0 83 event_return_whitelist: 84 ext_job_cache: 85 ext_pillar: 86 extension_modules: 87 /var/cache/salt/master/extmods 88 external_auth: 89 ---------- 90 extmod_blacklist: 91 ---------- 92 extmod_whitelist: 93 ---------- 94 failhard: 95 False 96 file_buffer_size: 97 1048576 98 file_client: 99 local 100 file_ignore_glob: 101 file_ignore_regex: 102 file_recv: 103 False 104 file_recv_max_size: 105 100 106 file_roots: 107 ---------- 108 base: 109 - /srv/salt 110 fileserver_backend: 111 - roots 112 fileserver_followsymlinks: 113 True 114 fileserver_ignoresymlinks: 115 False 116 fileserver_limit_traversal: 117 False 118 fileserver_verify_config: 119 True 120 gather_job_timeout: 121 10 122 git_pillar_base: 123 master 124 git_pillar_branch: 125 master 126 git_pillar_env: 127 git_pillar_global_lock: 128 True 129 git_pillar_includes: 130 True 131 git_pillar_insecure_auth: 132 False 133 git_pillar_passphrase: 134 git_pillar_password: 135 git_pillar_privkey: 136 git_pillar_pubkey: 137 git_pillar_refspecs: 138 - +refs/heads/*:refs/remotes/origin/* 139 - +refs/tags/*:refs/tags/* 140 git_pillar_root: 141 git_pillar_ssl_verify: 142 True 143 git_pillar_user: 144 git_pillar_verify_config: 145 True 146 gitfs_base: 147 master 148 gitfs_disable_saltenv_mapping: 149 False 150 gitfs_env_blacklist: 151 gitfs_env_whitelist: 152 gitfs_global_lock: 153 True 154 gitfs_insecure_auth: 155 False 156 gitfs_mountpoint: 157 gitfs_passphrase: 158 gitfs_password: 159 gitfs_privkey: 160 gitfs_pubkey: 161 gitfs_ref_types: 162 - branch 163 - tag 164 - sha 165 gitfs_refspecs: 166 - +refs/heads/*:refs/remotes/origin/* 167 - +refs/tags/*:refs/tags/* 168 gitfs_remotes: 169 gitfs_root: 170 gitfs_saltenv: 171 gitfs_saltenv_blacklist: 172 gitfs_saltenv_whitelist: 173 gitfs_ssl_verify: 174 True 175 gitfs_update_interval: 176 60 177 gitfs_user: 178 hash_type: 179 sha256 180 hgfs_base: 181 default 182 hgfs_branch_method: 183 branches 184 hgfs_env_blacklist: 185 hgfs_env_whitelist: 186 hgfs_mountpoint: 187 hgfs_remotes: 188 hgfs_root: 189 hgfs_saltenv_blacklist: 190 hgfs_saltenv_whitelist: 191 hgfs_update_interval: 192 60 193 http_max_body: 194 107374182400 195 http_request_timeout: 196 3600.0 197 id: 198 salt01 199 interface: 200 0.0.0.0 201 ioflo_console_logdir: 202 ioflo_period: 203 0.01 204 ioflo_realtime: 205 True 206 ioflo_verbose: 207 0 208 ipc_mode: 209 ipc 210 ipc_write_buffer: 211 0 212 ipv6: 213 False 214 jinja_env: 215 ---------- 216 jinja_lstrip_blocks: 217 False 218 jinja_sls_env: 219 ---------- 220 jinja_trim_blocks: 221 False 222 job_cache: 223 True 224 job_cache_store_endtime: 225 False 226 keep_acl_in_token: 227 False 228 keep_jobs: 229 24 230 key_cache: 231 key_logfile: 232 /var/log/salt/key 233 key_pass: 234 None 235 keysize: 236 2048 237 local: 238 True 239 lock_saltenv: 240 False 241 log_datefmt: 242 %H:%M:%S 243 log_datefmt_console: 244 %H:%M:%S 245 log_datefmt_logfile: 246 %Y-%m-%d %H:%M:%S 247 log_file: 248 /var/log/salt/master 249 log_fmt_console: 250 [%(levelname)-8s] %(message)s 251 log_fmt_logfile: 252 %(asctime)s,%(msecs)03d [%(name)-17s:%(lineno)-4d][%(levelname)-8s][%(process)d] %(message)s 253 log_granular_levels: 254 ---------- 255 log_level: 256 warning 257 log_level_logfile: 258 warning 259 log_rotate_backup_count: 260 0 261 log_rotate_max_bytes: 262 0 263 loop_interval: 264 60 265 maintenance_floscript: 266 /usr/lib/python2.7/site-packages/salt/daemons/flo/maint.flo 267 master_floscript: 268 /usr/lib/python2.7/site-packages/salt/daemons/flo/master.flo 269 master_job_cache: 270 local_cache 271 master_pubkey_signature: 272 master_pubkey_signature 273 master_roots: 274 ---------- 275 base: 276 - /srv/salt-master 277 master_sign_key_name: 278 master_sign 279 master_sign_pubkey: 280 False 281 master_stats: 282 False 283 master_stats_event_iter: 284 60 285 master_tops: 286 ---------- 287 master_use_pubkey_signature: 288 False 289 max_event_size: 290 1048576 291 max_minions: 292 0 293 max_open_files: 294 100000 295 memcache_debug: 296 False 297 memcache_expire_seconds: 298 0 299 memcache_full_cleanup: 300 False 301 memcache_max_items: 302 1024 303 min_extra_mods: 304 minion_data_cache: 305 True 306 minion_data_cache_events: 307 True 308 minionfs_blacklist: 309 minionfs_env: 310 base 311 minionfs_mountpoint: 312 minionfs_update_interval: 313 60 314 minionfs_whitelist: 315 module_dirs: 316 nodegroups: 317 ---------- 318 on_demand_ext_pillar: 319 - libvirt 320 - virtkey 321 open_mode: 322 False 323 optimization_order: 324 - 0 325 - 1 326 - 2 327 order_masters: 328 False 329 outputter_dirs: 330 peer: 331 ---------- 332 permissive_acl: 333 False 334 permissive_pki_access: 335 False 336 pidfile: 337 /var/run/salt-master.pid 338 pillar_cache: 339 False 340 pillar_cache_backend: 341 disk 342 pillar_cache_ttl: 343 3600 344 pillar_includes_override_sls: 345 False 346 pillar_merge_lists: 347 False 348 pillar_opts: 349 True 350 pillar_roots: 351 ---------- 352 base: 353 - /srv/pillar 354 - /srv/spm/pillar 355 pillar_safe_render_error: 356 True 357 pillar_source_merging_strategy: 358 smart 359 pillar_version: 360 2 361 pillarenv: 362 None 363 ping_on_rotate: 364 False 365 pki_dir: 366 /etc/salt/pki/master 367 preserve_minion_cache: 368 False 369 pub_hwm: 370 1000 371 publish_port: 372 4505 373 publish_session: 374 86400 375 publisher_acl: 376 ---------- 377 publisher_acl_blacklist: 378 ---------- 379 python2_bin: 380 python2 381 python3_bin: 382 python3 383 queue_dirs: 384 raet_alt_port: 385 4511 386 raet_clear_remote_masters: 387 True 388 raet_clear_remotes: 389 False 390 raet_lane_bufcnt: 391 100 392 raet_main: 393 True 394 raet_mutable: 395 False 396 raet_port: 397 4506 398 raet_road_bufcnt: 399 2 400 range_server: 401 range:80 402 reactor: 403 reactor_refresh_interval: 404 60 405 reactor_worker_hwm: 406 10000 407 reactor_worker_threads: 408 10 409 regen_thin: 410 False 411 renderer: 412 yaml_jinja 413 renderer_blacklist: 414 renderer_whitelist: 415 require_minion_sign_messages: 416 False 417 ret_port: 418 4506 419 root_dir: 420 / 421 roots_update_interval: 422 60 423 rotate_aes_key: 424 True 425 runner_dirs: 426 runner_returns: 427 True 428 s3fs_update_interval: 429 60 430 salt_cp_chunk_size: 431 98304 432 saltenv: 433 None 434 saltversion: 435 2018.3.3 436 schedule: 437 ---------- 438 search: 439 serial: 440 msgpack 441 show_jid: 442 False 443 show_timeout: 444 True 445 sign_pub_messages: 446 True 447 signing_key_pass: 448 None 449 sock_dir: 450 /var/run/salt/master 451 sock_pool_size: 452 1 453 sqlite_queue_dir: 454 /var/cache/salt/master/queues 455 ssh_config_file: 456 /root/.ssh/config 457 ssh_identities_only: 458 False 459 ssh_list_nodegroups: 460 ---------- 461 ssh_log_file: 462 /var/log/salt/ssh 463 ssh_passwd: 464 ssh_port: 465 22 466 ssh_scan_ports: 467 22 468 ssh_scan_timeout: 469 0.01 470 ssh_sudo: 471 False 472 ssh_sudo_user: 473 ssh_timeout: 474 60 475 ssh_use_home_key: 476 False 477 ssh_user: 478 root 479 ssl: 480 None 481 state_aggregate: 482 False 483 state_auto_order: 484 True 485 state_events: 486 False 487 state_output: 488 full 489 state_output_diff: 490 False 491 state_top: 492 salt://top.sls 493 state_top_saltenv: 494 None 495 state_verbose: 496 True 497 sudo_acl: 498 False 499 svnfs_branches: 500 branches 501 svnfs_env_blacklist: 502 svnfs_env_whitelist: 503 svnfs_mountpoint: 504 svnfs_remotes: 505 svnfs_root: 506 svnfs_saltenv_blacklist: 507 svnfs_saltenv_whitelist: 508 svnfs_tags: 509 tags 510 svnfs_trunk: 511 trunk 512 svnfs_update_interval: 513 60 514 syndic_dir: 515 /var/cache/salt/master/syndics 516 syndic_event_forward_timeout: 517 0.5 518 syndic_failover: 519 random 520 syndic_forward_all_events: 521 False 522 syndic_jid_forward_cache_hwm: 523 100 524 syndic_log_file: 525 /var/log/salt/syndic 526 syndic_master: 527 masterofmasters 528 syndic_pidfile: 529 /var/run/salt-syndic.pid 530 syndic_wait: 531 5 532 tcp_keepalive: 533 True 534 tcp_keepalive_cnt: 535 -1 536 tcp_keepalive_idle: 537 300 538 tcp_keepalive_intvl: 539 -1 540 tcp_master_pub_port: 541 4512 542 tcp_master_publish_pull: 543 4514 544 tcp_master_pull_port: 545 4513 546 tcp_master_workers: 547 4515 548 test: 549 False 550 thin_extra_mods: 551 thorium_interval: 552 0.5 553 thorium_roots: 554 ---------- 555 base: 556 - /srv/thorium 557 timeout: 558 5 559 token_dir: 560 /var/cache/salt/master/tokens 561 token_expire: 562 43200 563 token_expire_user_override: 564 False 565 top_file_merging_strategy: 566 merge 567 transport: 568 zeromq 569 unique_jid: 570 False 571 user: 572 root 573 utils_dirs: 574 - /var/cache/salt/master/extmods/utils 575 verify_env: 576 True 577 winrepo_branch: 578 master 579 winrepo_cachefile: 580
