用Jinja2配合Grains和Pillar動態(tài)下發(fā)配置文件
- 簡單級別下發(fā)模板的實現(xiàn)
簡單下發(fā):
## vim /srv/salt/template.sls
template_test:
file.managed:
- source: salt://test.j2
- name: /tmp/test.conf
- user: root
- group: root
- mode: 644
- template: jinja
## vim /srv/salt/test.j2
cpu_num= {{ grains['num_cpus'] }}
mem_total = {{ grains['mem_total'] }}
hostname = {{ grains['host'] }}
user = {{ pillar['user'][0] }} ======> 此處取user的第一個值,user值參照上一篇
## salt 192.168.184.133 state.sls template
## salt 192.168.184.133 cmd.run "cat /tmp/test.conf"
192.168.184.133:
cpu_num= 1
mem_total = 981
hostname = localhost
user = user01
在上述模板的基礎上,實現(xiàn)簡單的Jinja2配合Grains和Pillar動態(tài)下發(fā)配置文件
## vim /srv/salt/test.j2
{% if grains['num_cpus'] <= 8 %}
cpu_num= {{ grains['num_cpus'] }}
{% endif %}
{% if grains['mem_total'] <= 512 %}
mem_total <= 512
{% elif grains['mem_total'] >= 1024 %}
mem_total >= 1024
{% endif %}
hostname = {{ grains['host'] }}
{% for i in pillar['user'] %}
{{ i }}
{% endfor %}
## salt 192.168.184.133 cmd.run "cat /tmp/test.conf"
192.168.184.133:
cpu_num= 1
hostname = localhost
user01
user02
user03
- 實現(xiàn)sshd動態(tài)白名單部署
## vim /srv/salt/sshd.sls
ssh:
pkg:
- installed
- name: openssh-server ##如果分段寫赚楚,那么要用 - names
## - openssh-server
service.running:
- name: sshd ## 可改為 sshd:
- enable: True ## - enable: True
- watch: ## - watch:
- file: ssh ## - file: sshd
- pkg: ssh ## - pkg: sshd
file.managed:
- name: /etc/ssh/sshd_config
- source: salt://sshd_config
- template: jinja
## 在沒有指定pkg和file的- name選項時祖灰,默認- name用最開始的ID柑司,也就是ssh
## cat /srv/salt/sshd_conf ====>在前面加上jinja即可糟袁,即AllowUsers user01 user02 user03……
{% if pillar['user'] %}
{% for i in pillar['user'] %}
AllowUsers {{ i }}
{% endfor %}
{% endif %}
- 批量部署Nginx代理服務器
