grains是Saltstack最重要的组件之一,grains的作用是收集被控主机的基本信息,这些信息通常都是一些静态的数据,包括CPU、内核、操作系统、虚拟化等,在服务器端可以根据这些信息进行灵活定制,管理员可以利用这新信息对不同业务进行个性化配置。
官网提供的用来区分不同操作系统的示例如下(采用jinja模板):
{% if grains['os'] == 'Ubuntu' %}
host: {{ grains['host'] }}
{% elif grains['os'] == 'CentOS' %}
host: {{ grains['fqdn'] }}
{% endif %}
示例中CentOS发行版主机将被 "host: {{ grains['fqdn'] }}"匹配,以主机SN100-128(centOS6.4)为例,最终得到"host:SN100-128"。同时,命令行的匹配操作系统发行版本为CentOS的被控端可以通过-G参数来过滤,如salt -G 'os:CentOS' test.ping。
[root@localhost~]# salt -G 'os:CentOS' test.ping
SN100-128:
True
SN100-129:
True
SN100-130:
True
(1) grains常用操作命令:
#获取主机的grains项信息:
[root@localhost~]# salt 'SN100-128' grains.ls
SN100-128:
- SSDs
- biosreleasedate
- biosversion
- cpu_flags
- cpu_model
- cpuarch
- domain
- fqdn
- fqdn_ip4
- fqdn_ip6
- gpus
- host
- hwaddr_interfaces
- id
- init
- ip4_interfaces
- ip6_interfaces
- ip_interfaces
- ipv4
- ipv6
- kernel
- kernelrelease
- locale_info
- localhost
- lsb_distrib_codename
- lsb_distrib_id
- lsb_distrib_release
- machine_id
- manufacturer
- master
- mdadm
- mem_total
- nodename
- num_cpus
- num_gpus
- os
- os_family
- osarch
- oscodename
- osfinger
- osfullname
- osmajorrelease
- osrelease
- osrelease_info
- path
- productname
- ps
- pythonexecutable
- pythonpath
- pythonversion
- saltpath
- saltversion
- saltversioninfo
- selinux
- serialnumber
- server_id
- shell
- virtual
- zmqversion
获取主机单项grains数据:
#获取操作系统发行版本.
[root@localhost~]# salt 'SN100-128' grains.item os
SN100-128:
----------
os:
CentOS
#获取操作系统的内核信息.
[root@localhost~]# salt 'SN100-128' grains.item kernel
SN100-128:
----------
kernel:
Linux #获取操作系统的selinux信息
[root@localhost~]# salt 'SN100-128' grains.item selinux
SN100-128:
----------
selinux:
----------
enabled:
False
enforced:
Disabled
#salt '*' grains.item os //返回键值对
#salt '*' grains.get os //返回值
获取主机id为'SN100-128'的所有grains键及值信息。
[root@localhost~]# salt 'SN100-128' grains.items
SN100-128:
----------
SSDs:
biosreleasedate:
04/14/2014
biosversion:
6.00
cpu_flags:
- fpu - vme - de - pse - tsc - msr - pae - mce - cx8 - apic - sep - mtrr - pge - mca - cmov - pat - pse36
cpu_model:
Intel(R) Xeon(R) CPU E5-2650 v3 @ 2.30GHz
cpuarch:
x86_64
domain:
fqdn:
TestOnlyMPAPP
fqdn_ip4:
- 10.10.100.128
- 127.0.0.1
fqdn_ip6:
gpus:
|_
----------
model:
SVGA II Adapter
vendor:
unknown
host:
TestOnlyMPAPP
hwaddr_interfaces:
----------
eth1:
00:50:56:87:b1:54
lo:
00:00:00:00:00:00
id:
SN100-128
init:
upstart
ip4_interfaces:
----------
eth1:
- 10.10.100.128
lo:
- 127.0.0.1
ip6_interfaces:
----------
eth1:
- fe80::250:56ff:fe87:b154
lo:
- ::1
ip_interfaces:
----------
eth1:
- 10.10.100.128
- fe80::250:56ff:fe87:b154
lo:
- 127.0.0.1
- ::1
ipv4:
- 10.10.100.128
- 127.0.0.1
ipv6:
- ::1
- fe80::250:56ff:fe87:b154
kernel:
Linux
kernelrelease:
2.6.32-431.el6.x86_64
locale_info:
----------
defaultencoding:
UTF8
defaultlanguage:
zh_CN
detectedencoding:
UTF-8
localhost:
TestOnlyMPAPP
lsb_distrib_codename:
Final
lsb_distrib_id:
CentOS
lsb_distrib_release:
6.5
machine_id:
bcc4f9ad2d40506966ce2b1400000014
manufacturer:
VMware, Inc.
master:
10.10.100.127
mdadm:
mem_total:
8001
nodename:
TestOnlyMPAPP
num_cpus:
2
num_gpus:
1
os:
CentOS
os_family:
RedHat
osarch:
x86_64
oscodename:
Final
osfinger:
CentOS-6
osfullname:
CentOS
osmajorrelease:
6
osrelease:
6.5
osrelease_info:
- 6
- 5
path:
/sbin:/usr/sbin:/bin:/usr/bin
productname:
VMware Virtual Platform
ps:
ps -efH
pythonexecutable:
/usr/bin/python2.6
pythonpath:
- /usr/bin
- /usr/lib64/python26.zip
- /usr/lib64/python2.6
- /usr/lib64/python2.6/plat-linux2
- /usr/lib64/python2.6/lib-tk
- /usr/lib64/python2.6/lib-old
- /usr/lib64/python2.6/lib-dynload
- /usr/lib64/python2.6/site-packages
- /usr/lib64/python2.6/site-packages/gst-0.10
- /usr/lib64/python2.6/site-packages/gtk-2.0
- /usr/lib64/python2.6/site-packages/webkit-1.0
- /usr/lib/python2.6/site-packages
- /usr/lib/python2.6/site-packages/setuptools-0.6c11-py2.6.egg-info
pythonversion:
- 2
- 6
- 6
- final
- 0
saltpath:
/usr/lib/python2.6/site-packages/salt
saltversion:
2015.5.8
saltversioninfo:
- 2015
- 5
- 8
- 0
selinux:
----------
enabled:
False
enforced:
Disabled
serialnumber:
VMware-42 07 95 36 bc 00 ee bd-bc 79 77 5c 81 14 35 b5
server_id:
295812205
shell:
/bin/sh
virtual:
VMware
zmqversion:
3.2.5
(2) 定义grains数据:
定义grains数据的方法有两种,其中一种为在被控端主机定制配置文件,另一种是通过主控端扩展模块API实现,区别是模块更灵活,可以通过python编程动态定义,而配置文件只适合相对固定的键与值。下面分别举例说明。
1.被控端主机定制grains数据
SSH登录一台被控主机,如SN100-128,配置文件定制的路径为/etc/salt/minion,参数为default_include: minion.d/*.conf,具体操作如下:
【/etc/salt/minion.d/hostinfo.conf】
grains:
roles:
- webserver
- memcache
deployment: datacenter4
cabinet: 13
重启被控主机salt-minion服务,使之生效:service salt-minion restart。验证结果在主控端主机运行:salt 'SN100-128' grains.item roles deployment cabinet,观察配置的键与值,如下所示。
[root@localhost~]# salt 'SN100-128' grains.item roles deployment cabinet
SN100-128:
----------
cabinet:
13
deployment:
datacenter4
roles:
- webserver
- memcache
或者也可以这样定义
vim /etc/salt/grains cloud: openstack
test: salt /etc/init.d/salt-minion restart 或者执行同步 salt '*' saltutil.sync_grains salt -G 'cloud:openstack' test.ping
2.主控端扩展模块定制grains数据
首先在主控端编写python代码,然后将该python文件同步到被控主机,最后刷新生效(即编译python源码文件生成字节码pyc)。在主控端bash目录(见/etc/salt/master配置文件的file_roots项,默认的bash配置在/srv/salt)下生成_grains目录,执行install -d /srv/salt/_grains开始编写代码,实现获取被控主机系统允许最大打开文件数(ulimit -n)的grains数据。
【/srv/salt/_grains/sysprocess.py】
#!/usr/bin/env python
#coding:utf-8 import os,sys,commands
def Granins_openfile():
"""
os max open file of grains value
"""
grains = {}
#init default value
_open_file=65535
try:
getulimit=commands.getstatusoutput('source /etc/profile;ulimit -n')
except Exception,e:
pass
if getulimit[0] == 0:
_open_file=int(getulimit[1])
grains['max_open_file'] = _open_file
return grains
Granins_openfile()
上面代码的说明如下。
grains_openfile()定义一个获取最大打开文件数的函数,函数名称没有要求,符合python的函数命名规则即可;
grains = {} 初始化一个grains字典,变量名一定要用grains,以便Saltstack识别;
grains['max_open_file'] = _open_file 将获取的linux ulimit -n 的结果值赋予grains['max_open_file'],其中"max_open_file"就是grains的项,_open_file就是grains的值。
最后同步模块到指定被控端主机并刷新生效,因为grains比较合适采集静态类的数据,比如硬件,内核信息等。当有动态类的功能需求时,需要提行刷新,具体操作如下:
同步模块 salt 'SN100-128' saltutil.sync_all ,看看 "SN100-128"主机发生了什么?文件已经同步到minion cache目录中,如下:
/var/cache/salt/minion/extmods/grains/sysprocess.py
/var/cache/salt/minion/files/base/_grains/sysprocess.py
/var/cache/salt/minion/extmods/grains/为扩展模块文件最终存放位置,刷新模块后将在同路径下生成字节码pyc;
/var/cache/salt/minion/files/base/_grains/为临时存放位置。
刷新模块salt 'SN100-128' sys.reload_modules,再看看主机发生了什么变化?在/var/cache/salt/minion/extmods/grains/位置多了一个编译后的字节码文件sysprocess.pyc文件,为python可执行的格式。
/var/cache/salt/minion/extmods/grains/sysprocess.py
/var/cache/salt/minion/extmods/grains/sysprocess.pyc
/var/cache/salt/minion/files/base/_grains/sysprocess.py
效验结果为可以在主控端查看grains信息,执行 salt 'SN100-128' grains.item max_open_file,结果显示"max_open_file:1024",这就是前面定制的主机grains信息。
[root@localhost~]# salt 'SN100-128' grains.item max_open_file
SN100-128:
----------
max_open_file:
1024
grains在top.sls中的使用:
'roles: nginx':
- match:grain //声明使用grain
- init.pkg //执行init.pkg模块