欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  科技

Saltstack_使用指南05_数据系统-Pillar

程序员文章站 2022-05-29 12:24:26
1. 主机规划 Pillar文档 注意事项 2. Grains VS Pillar 3. Pillar基本信息 4. 显示系统自带的pillar 系统自带的pillar默认是不显示的 注意:看完之后还原回去,因为数据较多。和自定义数据杂在一起,不方便查看 4.1. 修改配置文件并重启服务 4.2. ......

 

1. 主机规划

Saltstack_使用指南05_数据系统-Pillar

 

pillar文档

https://docs.saltstack.com/en/latest/topics/pillar/index.html

 

注意事项

修改了master或者minion的配置文件,那么必须重启对应的服务。

 

2. grains vs pillar

Saltstack_使用指南05_数据系统-Pillar

 

3. pillar基本信息

 1 pillar
 2     pillar数据是动态的        给特定的minion指定特定的数据。
 3         只有指定的minion自己能够看到自己的数据  【所以必须要有top.sls】
 4         因此可以用于敏感数据
 5 
 6 pillar刷新:
 7 salt '*' saltutil.sync_all   # 可以使用但是不推荐  
 8 salt '*' saltutil.sync_pillar  有报错,适用于无master模式【masterless】  
 9 salt '*' saltutil.refresh_modules  刷新的是模块,所以不建议使用  
10 salt '*' saltutil.refresh_pillar  # 推荐使用 ★★★★★
11 
12 特别注意:
13     如果不执行salt '*' saltutil.refresh_pillar 直接使用 salt '*' pillar.items 查看信息,也可看见信息是最新的,
14     但是查看具体要更新项时却是旧信息,所以必须要执行pillar刷新命令。
15 
16 使用:
17 1、目标选择
18 2、配置管理
19 3、机密数据【敏感数据】

 

4. 显示系统自带的pillar

系统自带的pillar默认是不显示的

注意:看完之后还原回去,因为数据较多。和自定义数据杂在一起,不方便查看

 

4.1. 修改配置文件并重启服务

 1 [root@salt100 ~]# salt 'salt01' pillar.items  # 默认不显示pillar信息 
 2 salt01:
 3     ----------
 4 [root@salt100 ~]# vim /etc/salt/master  
 5 ………………
 6 # the pillar_opts option adds the master configuration file data to a dict in
 7 # the pillar called "master". this is used to set simple configurations in the
 8 # master config file that can then be used on minions.
 9 #pillar_opts: false
10 pillar_opts: true
11 ………………
12 [root@salt100 ~]# systemctl restart salt-master.service  # 修改了配置文件,重启服务

 

4.2. 显示pillar信息

  1 [root@salt100 ~]# salt 'salt01' pillar.items  # 显示系统pillar信息
  2 salt01:
  3     ----------
  4     master:
  5         ----------
  6         __cli:
  7             salt-master
  8         __role:
  9             master
 10         allow_minion_key_revoke:
 11             true
 12         archive_jobs:
 13             false
 14         auth_events:
 15             true
 16         auth_mode:
 17             1
 18         auto_accept:
 19             false
 20         azurefs_update_interval:
 21             60
 22         cache:
 23             localfs
 24         cache_sreqs:
 25             true
 26         cachedir:
 27             /var/cache/salt/master
 28         clean_dynamic_modules:
 29             true
 30         cli_summary:
 31             false
 32         client_acl_verify:
 33             true
 34         cluster_masters:
 35         cluster_mode:
 36             false
 37         con_cache:
 38             false
 39         conf_file:
 40             /etc/salt/master
 41         config_dir:
 42             /etc/salt
 43         cython_enable:
 44             false
 45         daemon:
 46             false
 47         decrypt_pillar:
 48         decrypt_pillar_default:
 49             gpg
 50         decrypt_pillar_delimiter:
 51             :
 52         decrypt_pillar_renderers:
 53             - gpg
 54         default_include:
 55             master.d/*.conf
 56         default_top:
 57             base
 58         discovery:
 59             false
 60         django_auth_path:
 61         django_auth_settings:
 62         drop_messages_signature_fail:
 63             false
 64         dummy_pub:
 65             false
 66         eauth_acl_module:
 67         eauth_tokens:
 68             localfs
 69         enable_gpu_grains:
 70             false
 71         enable_ssh_minions:
 72             false
 73         enforce_mine_cache:
 74             false
 75         engines:
 76         env_order:
 77         event_match_type:
 78             startswith
 79         event_return:
 80         event_return_blacklist:
 81         event_return_queue:
 82             0
 83         event_return_whitelist:
 84         ext_job_cache:
 85         ext_pillar:
 86         extension_modules:
 87             /var/cache/salt/master/extmods
 88         external_auth:
 89             ----------
 90         extmod_blacklist:
 91             ----------
 92         extmod_whitelist:
 93             ----------
 94         failhard:
 95             false
 96         file_buffer_size:
 97             1048576
 98         file_client:
 99             local
100         file_ignore_glob:
101         file_ignore_regex:
102         file_recv:
103             false
104         file_recv_max_size:
105             100
106         file_roots:
107             ----------
108             base:
109                 - /srv/salt
110         fileserver_backend:
111             - roots
112         fileserver_followsymlinks:
113             true
114         fileserver_ignoresymlinks:
115             false
116         fileserver_limit_traversal:
117             false
118         fileserver_verify_config:
119             true
120         gather_job_timeout:
121             10
122         git_pillar_base:
123             master
124         git_pillar_branch:
125             master
126         git_pillar_env:
127         git_pillar_global_lock:
128             true
129         git_pillar_includes:
130             true
131         git_pillar_insecure_auth:
132             false
133         git_pillar_passphrase:
134         git_pillar_password:
135         git_pillar_privkey:
136         git_pillar_pubkey:
137         git_pillar_refspecs:
138             - +refs/heads/*:refs/remotes/origin/*
139             - +refs/tags/*:refs/tags/*
140         git_pillar_root:
141         git_pillar_ssl_verify:
142             true
143         git_pillar_user:
144         git_pillar_verify_config:
145             true
146         gitfs_base:
147             master
148         gitfs_disable_saltenv_mapping:
149             false
150         gitfs_env_blacklist:
151         gitfs_env_whitelist:
152         gitfs_global_lock:
153             true
154         gitfs_insecure_auth:
155             false
156         gitfs_mountpoint:
157         gitfs_passphrase:
158         gitfs_password:
159         gitfs_privkey:
160         gitfs_pubkey:
161         gitfs_ref_types:
162             - branch
163             - tag
164             - sha
165         gitfs_refspecs:
166             - +refs/heads/*:refs/remotes/origin/*
167             - +refs/tags/*:refs/tags/*
168         gitfs_remotes:
169         gitfs_root:
170         gitfs_saltenv:
171         gitfs_saltenv_blacklist:
172         gitfs_saltenv_whitelist:
173         gitfs_ssl_verify:
174             true
175         gitfs_update_interval:
176             60
177         gitfs_user:
178         hash_type:
179             sha256
180         hgfs_base:
181             default
182         hgfs_branch_method:
183             branches
184         hgfs_env_blacklist:
185         hgfs_env_whitelist:
186         hgfs_mountpoint:
187         hgfs_remotes:
188         hgfs_root:
189         hgfs_saltenv_blacklist:
190         hgfs_saltenv_whitelist:
191         hgfs_update_interval:
192             60
193         http_max_body:
194             107374182400
195         http_request_timeout:
196             3600.0
197         id:
198             salt01
199         interface:
200             0.0.0.0
201         ioflo_console_logdir:
202         ioflo_period:
203             0.01
204         ioflo_realtime:
205             true
206         ioflo_verbose:
207             0
208         ipc_mode:
209             ipc
210         ipc_write_buffer:
211             0
212         ipv6:
213             false
214         jinja_env:
215             ----------
216         jinja_lstrip_blocks:
217             false
218         jinja_sls_env:
219             ----------
220         jinja_trim_blocks:
221             false
222         job_cache:
223             true
224         job_cache_store_endtime:
225             false
226         keep_acl_in_token:
227             false
228         keep_jobs:
229             24
230         key_cache:
231         key_logfile:
232             /var/log/salt/key
233         key_pass:
234             none
235         keysize:
236             2048
237         local:
238             true
239         lock_saltenv:
240             false
241         log_datefmt:
242             %h:%m:%s
243         log_datefmt_console:
244             %h:%m:%s
245         log_datefmt_logfile:
246             %y-%m-%d %h:%m:%s
247         log_file:
248             /var/log/salt/master
249         log_fmt_console:
250             [%(levelname)-8s] %(message)s
251         log_fmt_logfile:
252             %(asctime)s,%(msecs)03d [%(name)-17s:%(lineno)-4d][%(levelname)-8s][%(process)d] %(message)s
253         log_granular_levels:
254             ----------
255         log_level:
256             warning
257         log_level_logfile:
258             warning
259         log_rotate_backup_count:
260             0
261         log_rotate_max_bytes:
262             0
263         loop_interval:
264             60
265         maintenance_floscript:
266             /usr/lib/python2.7/site-packages/salt/daemons/flo/maint.flo
267         master_floscript:
268             /usr/lib/python2.7/site-packages/salt/daemons/flo/master.flo
269         master_job_cache:
270             local_cache
271         master_pubkey_signature:
272             master_pubkey_signature
273         master_roots:
274             ----------
275             base:
276                 - /srv/salt-master
277         master_sign_key_name:
278             master_sign
279         master_sign_pubkey:
280             false
281         master_stats:
282             false
283         master_stats_event_iter:
284             60
285         master_tops:
286             ----------
287         master_use_pubkey_signature:
288             false
289         max_event_size:
290             1048576
291         max_minions:
292             0
293         max_open_files:
294             100000
295         memcache_debug:
296             false
297         memcache_expire_seconds:
298             0
299         memcache_full_cleanup:
300             false
301         memcache_max_items:
302             1024
303         min_extra_mods:
304         minion_data_cache:
305             true
306         minion_data_cache_events:
307             true
308         minionfs_blacklist:
309         minionfs_env:
310             base
311         minionfs_mountpoint:
312         minionfs_update_interval:
313             60
314         minionfs_whitelist:
315         module_dirs:
316         nodegroups:
317             ----------
318         on_demand_ext_pillar:
319             - libvirt
320             - virtkey
321         open_mode:
322             false
323         optimization_order:
324             - 0
325             - 1
326             - 2
327         order_masters:
328             false
329         outputter_dirs:
330         peer:
331             ----------
332         permissive_acl:
333             false
334         permissive_pki_access:
335             false
336         pidfile:
337             /var/run/salt-master.pid
338         pillar_cache:
339             false
340         pillar_cache_backend:
341             disk
342         pillar_cache_ttl:
343             3600
344         pillar_includes_override_sls:
345             false
346         pillar_merge_lists:
347             false
348         pillar_opts:
349             true
350         pillar_roots:
351             ----------
352             base:
353                 - /srv/pillar
354                 - /srv/spm/pillar
355         pillar_safe_render_error:
356             true
357         pillar_source_merging_strategy:
358             smart
359         pillar_version:
360             2
361         pillarenv:
362             none
363         ping_on_rotate:
364             false
365         pki_dir:
366             /etc/salt/pki/master
367         preserve_minion_cache:
368             false
369         pub_hwm:
370             1000
371         publish_port:
372             4505
373         publish_session:
374             86400
375         publisher_acl:
376             ----------
377         publisher_acl_blacklist:
378             ----------
379         python2_bin:
380             python2
381         python3_bin:
382             python3
383         queue_dirs:
384         raet_alt_port:
385             4511
386         raet_clear_remote_masters:
387             true
388         raet_clear_remotes:
389             false
390         raet_lane_bufcnt:
391             100
392         raet_main:
393             true
394         raet_mutable:
395             false
396         raet_port:
397             4506
398         raet_road_bufcnt:
399             2
400         range_server:
401             range:80
402         reactor:
403         reactor_refresh_interval:
404             60
405         reactor_worker_hwm:
406             10000
407         reactor_worker_threads:
408             10
409         regen_thin:
410             false
411         renderer:
412             yaml_jinja
413         renderer_blacklist:
414         renderer_whitelist:
415         require_minion_sign_messages:
416             false
417         ret_port:
418             4506
419         root_dir:
420             /
421         roots_update_interval:
422             60
423         rotate_aes_key:
424             true
425         runner_dirs:
426         runner_returns:
427             true
428         s3fs_update_interval:
429             60
430         salt_cp_chunk_size:
431             98304
432         saltenv:
433             none
434         saltversion:
435             2018.3.3
436         schedule:
437             ----------
438         search:
439         serial:
440             msgpack
441         show_jid:
442             false
443         show_timeout:
444             true
445         sign_pub_messages:
446             true
447         signing_key_pass:
448             none
449         sock_dir:
450             /var/run/salt/master
451         sock_pool_size:
452             1
453         sqlite_queue_dir:
454             /var/cache/salt/master/queues
455         ssh_config_file:
456             /root/.ssh/config
457         ssh_identities_only:
458             false
459         ssh_list_nodegroups:
460             ----------
461         ssh_log_file:
462             /var/log/salt/ssh
463         ssh_passwd:
464         ssh_port:
465             22
466         ssh_scan_ports:
467             22
468         ssh_scan_timeout:
469             0.01
470         ssh_sudo:
471             false
472         ssh_sudo_user:
473         ssh_timeout:
474             60
475         ssh_use_home_key:
476             false
477         ssh_user:
478             root
479         ssl:
480             none
481         state_aggregate:
482             false
483         state_auto_order:
484             true
485         state_events:
486             false
487         state_output:
488             full
489         state_output_diff:
490             false
491         state_top:
492             salt://top.sls
493         state_top_saltenv:
494             none
495         state_verbose:
496             true
497         sudo_acl:
498             false
499         svnfs_branches:
500             branches
501         svnfs_env_blacklist:
502         svnfs_env_whitelist:
503         svnfs_mountpoint:
504         svnfs_remotes:
505         svnfs_root:
506         svnfs_saltenv_blacklist:
507         svnfs_saltenv_whitelist:
508         svnfs_tags:
509             tags
510         svnfs_trunk:
511             trunk
512         svnfs_update_interval:
513             60
514         syndic_dir:
515             /var/cache/salt/master/syndics
516         syndic_event_forward_timeout:
517             0.5
518         syndic_failover:
519             random
520         syndic_forward_all_events:
521             false
522         syndic_jid_forward_cache_hwm:
523             100
524         syndic_log_file:
525             /var/log/salt/syndic
526         syndic_master:
527             masterofmasters
528         syndic_pidfile:
529             /var/run/salt-syndic.pid
530         syndic_wait:
531             5
532         tcp_keepalive:
533             true
534         tcp_keepalive_cnt:
535             -1
536         tcp_keepalive_idle:
537             300
538         tcp_keepalive_intvl:
539             -1
540         tcp_master_pub_port:
541             4512
542         tcp_master_publish_pull:
543             4514
544         tcp_master_pull_port:
545             4513
546         tcp_master_workers:
547             4515
548         test:
549             false
550         thin_extra_mods:
551         thorium_interval:
552             0.5
553         thorium_roots:
554             ----------
555             base:
556                 - /srv/thorium
557         timeout:
558             5
559         token_dir:
560             /var/cache/salt/master/tokens
561         token_expire:
562             43200
563         token_expire_user_override:
564             false
565         top_file_merging_strategy:
566             merge
567         transport:
568             zeromq
569         unique_jid:
570             false
571         user:
572             root
573         utils_dirs:
574             - /var/cache/salt/master/extmods/utils
575         verify_env:
576             true
577         winrepo_branch:
578             master
579         winrepo_cachefile:
580             winrepo.p
581         winrepo_dir:
582             /srv/salt/win/repo
583         winrepo_dir_ng:
584             /srv/salt/win/repo-ng
585         winrepo_insecure_auth:
586             false
587         winrepo_passphrase:
588         winrepo_password:
589         winrepo_privkey:
590         winrepo_pubkey:
591         winrepo_refspecs:
592             - +refs/heads/*:refs/remotes/origin/*
593             - +refs/tags/*:refs/tags/*
594         winrepo_remotes:
595             - https://github.com/saltstack/salt-winrepo.git
596         winrepo_remotes_ng:
597             - https://github.com/saltstack/salt-winrepo-ng.git
598         winrepo_ssl_verify:
599             true
600         winrepo_user:
601         worker_floscript:
602             /usr/lib/python2.7/site-packages/salt/daemons/flo/worker.flo
603         worker_threads:
604             5
605         zmq_backlog:
606             1000
607         zmq_filtering:
608             false
609         zmq_monitor:
610             false

 

5. pillar文件存放位置

 1 [root@salt100 ~]# vim /etc/salt/master  # 存放默认路径即可,这样就不需要修改配置文件了 
 2 # salt pillars allow for the building of global data that can be made selectively
 3 # available to different minions based on minion grain filtering. the salt
 4 # pillar is laid out in the same fashion as the file server, with environments,
 5 # a top file and sls files. however, pillar data does not need to be in the
 6 # highstate format, and is generally just key/value pairs.
 7 #pillar_roots:
 8 #  base:
 9 #    - /srv/pillar  # pillar文件存放目录
10 #

 

6. 自定义pillar

6.1. pillar的sls文件编写

pillar sls文件中涉及一层grains情况

1 [root@salt100 web]# pwd  # 定义一个文件目录,方便后期维护
2 /srv/pillar/web_pillar
3 [root@salt100 web]# cat apache.sls 
4 {% if grains['os'] == 'centos' %}
5 apache: httpd
6 {% elif grains['os'] == 'redhat03' %}
7 apache: apache2
8 {% endif %}

 

pillar sls文件中涉及多层grains情况

并包含优先级和 or 或 and 的写法

 1 [root@salt100 web]# pwd  # 定义一个文件目录,方便后期维护
 2 /srv/pillar/web_pillar
 3 [root@salt100 pillar]# cat web_pillar/service_appoint.sls   # 注意写法:多层指定、包含优先级以及 or 或 and
 4 {% if (grains['ip4_interfaces']['eth0'][0] == '172.16.1.11' and grains['host'] == 'salt01') 
 5    or (grains['ip4_interfaces']['eth0'][0] == '172.16.1.12' and grains['host'] == 'salt02')
 6    or (grains['ip4_interfaces']['eth0'][0] == '172.16.1.13' and grains['host'] == 'salt03')
 7 %}
 8 service_appoint: www
 9 {% elif grains['ip4_interfaces']['eth0'][0] == '172.16.1.100' %}
10 service_appoint: mariadb
11 {% endif %}

 

6.2. pillar的top file编写【必须有top.sls】

将 pillar 信息指定给被选择的 minion;所以必须要有 top file 文件。

 1 [root@salt100 pillar]# pwd
 2 /srv/pillar
 3 [root@salt100 pillar]# cat top.sls 
 4 base:
 5   '*':
 6     - web_pillar.service_appoint
 7 
 8   # 使用通配符
 9   'salt0*':
10     - web_pillar.apache
11   # 指定具体minion
12   'salt03':
13     - web_pillar.apache

 

6.3. pillar信息刷新并查看

如果不执行salt '*' saltutil.refresh_pillar 直接使用 salt '*' pillar.items 查看信息,也可看见信息是最新的,但是查看具体更新项时却是旧信息,所以必须要执行pillar刷新命令。

 1 [root@salt100 pillar]# salt '*' saltutil.refresh_pillar  # 刷新
 2 salt100:
 3     true
 4 salt01:
 5     true
 6 salt02:
 7     true
 8 salt03:
 9     true
10 [root@salt100 pillar]# salt '*' pillar.item apache  # 查看具体想
11 salt100:
12     ----------
13     service_appoint:
14         mariadb
15 salt01:
16     ----------
17     apache:
18         apache3
19     service_appoint:
20         www
21 salt03:
22     ----------
23     apache:
24         httpd
25     service_appoint:
26         www
27 salt02:
28     ----------
29     apache:
30         httpd
31     service_appoint:
32         www

 

7. 层级关系编写

7.1. pillar的sls文件编写

 1 [root@salt100 pillar]# cat /srv/pillar/web_pillar/user.sls 
 2 level1:
 3   level2:
 4     {% if grains['os'] == 'centos' %}
 5     my_user: 
 6       - zhangsan01
 7       - zhangsan02
 8     {% elif grains['os'] == 'redhat03' %}
 9     my_user: lisi001
10     {% endif %}

 

7.2. pillar的top file编写【必须有top.sls】

 1 [root@salt100 pillar]# pwd
 2 /srv/pillar
 3 [root@salt100 pillar]# cat top.sls 
 4 # 以下内容直接使用即可,sls支持注释
 5 base:
 6   '*':
 7     - web_pillar.service_appoint
 8 
 9   # 使用通配符
10   'salt0*':
11     - web_pillar.apache
12     - web_pillar.user # 引用
13   # 指定具体minion
14   'salt03':
15     - web_pillar.apache
16     - web_pillar.user # 引用

 

7.3. pillar信息刷新并查看

 1 [root@salt100 pillar]# salt '*' saltutil.refresh_pillar  # 刷新pillar
 2 ………………
 3 [root@salt100 pillar]# salt '*' pillar.items  # 查看全部信息
 4 salt03:
 5     ----------
 6     apache:
 7         httpd
 8     level1:
 9         ----------   # 该行表示 一个层级
10         level2:
11             ----------
12             my_user:
13                 - zhangsan01
14                 - zhangsan02
15     service_appoint:
16         www
17 salt02:
18     ----------
19     apache:
20         httpd
21     level1:
22         ----------
23         level2:
24             ----------
25             my_user:
26                 - zhangsan01
27                 - zhangsan02
28     service_appoint:
29         www
30 salt01:
31     ----------
32     apache:
33         apache3
34     level1:
35         ----------
36         level2:
37             ----------
38             my_user:
39                 lisi001
40     service_appoint:
41         www
42 salt100:
43     ----------
44     service_appoint:
45         mariadb
46 [root@salt100 pillar]# salt '*' pillar.item level1  # 查看指定 level1 的信息 
47 salt03:
48     ----------
49     level1:
50         ----------
51         level2:
52             ----------
53             my_user:
54                 - zhangsan01
55                 - zhangsan02
56 salt02:
57     ----------
58     level1:
59         ----------
60         level2:
61             ----------
62             my_user:
63                 - zhangsan01
64                 - zhangsan02
65 salt01:
66     ----------
67     level1:
68         ----------
69         level2:
70             ----------
71             my_user:
72                 lisi001
73 salt100:
74     ----------
75     level1:

 

7.4. 多层级查看

 1 [root@salt100 pillar]# salt '*' pillar.item level1:level2  # 多层级访问 
 2 salt01:
 3     ----------
 4     level1:level2:
 5         ----------
 6         my_user:
 7             lisi001
 8 salt03:
 9     ----------
10     level1:level2:
11         ----------
12         my_user:
13             - zhangsan01
14             - zhangsan02
15 salt02:
16     ----------
17     level1:level2:
18         ----------
19         my_user:
20             - zhangsan01
21             - zhangsan02
22 salt100:
23     ----------
24     level1:level2:
25 [root@salt100 pillar]# salt '*' pillar.item level1:level2:my_user  # 多层级访问 
26 salt01:
27     ----------
28     level1:level2:my_user:
29         lisi001
30 salt03:
31     ----------
32     level1:level2:my_user:
33         - zhangsan01
34         - zhangsan02
35 salt02:
36     ----------
37     level1:level2:my_user:
38         - zhangsan01
39         - zhangsan02
40 salt100:
41     ----------
42     level1:level2:my_user:
43 [root@salt100 web_pillar]# salt '*' pillar.item level1:level2:my_user:0  # 取列表中的第一个值★★★★★
44 salt03:
45     ----------
46     level1:level2:my_user:0:
47         zhangsan01
48 salt01:
49     ----------
50     level1:level2:my_user:0:
51 salt02:
52     ----------
53     level1:level2:my_user:0:
54         zhangsan01
55 salt100:
56     ----------
57     level1:level2:my_user:0:

 

8. pillar使用方式

8.1. 查询pillar的指定信息

 1 [root@salt100 pillar]# salt 'salt0*' pillar.item apache  # 通配符匹配
 2 salt03:
 3     ----------
 4     apache:
 5         httpd
 6 salt02:
 7     ----------
 8     apache:
 9         httpd
10 salt01:
11     ----------
12     apache:
13         apache3
14 [root@salt100 pillar]# salt 'salt0*' pillar.item level1:level2:my_user  # 多层查询
15 salt01:
16     ----------
17     level1:level2:my_user:
18         lisi
19 salt02:
20     ----------
21     level1:level2:my_user:
22         zhangsan
23 salt03:
24     ----------
25     level1:level2:my_user:
26         zhangsan
27 [root@salt100 web_pillar]# salt '*' pillar.item level1:level2:my_user:0  # 取列表中的第一个值★★★★★
28 salt03:
29     ----------
30     level1:level2:my_user:0:
31         zhangsan01
32 salt01:
33     ----------
34     level1:level2:my_user:0:
35 salt02:
36     ----------
37     level1:level2:my_user:0:
38         zhangsan01
39 salt100:
40     ----------
41     level1:level2:my_user:0:

 

8.2. 通过pillar查询信息

1 [root@salt100 pillar]# salt -i 'apache:httpd' cmd.run 'echo "zhangliang $(date +%y)"'  # 通过pillar配置
2 salt02:
3     zhangliang 2018
4 salt03:
5     zhangliang 2018
6 [root@salt100 pillar]# salt -i 'level1:level2:my_user:lisi' cmd.run 'whoami'  # pillar多层级匹配 
7 salt01:
8     root

 

9. 在状态sls的top file中使用pillar

9.1. top.sls编写

1 [root@salt100 salt]# pwd
2 /srv/salt
3 [root@salt100 salt]# cat top.sls 
4 base:
5   # 使用pillar匹配,添加如下几行
6   'level1:level2:my_user':
7     - match: pillar
8     - web.apache

 

9.2. state.highstate执行

1 [root@salt100 salt]# salt 'salt01' state.highstate test=true # 预执行正常
2 [root@salt100 salt]# salt 'salt01' state.highstate           # 执行正常