1. 主机规划
Pillar文档
代码语言:javascript复制https://docs.saltstack.com/en/latest/topics/pillar/index.html注意事项
代码语言:javascript复制修改了master或者minion的配置文件,那么必须重启对应的服务。2. Grains VS Pillar
3. Pillar基本信息
代码语言:javascript复制 1 Pillar
2 Pillar数据是动态的 给特定的minion指定特定的数据。
3 只有指定的minion自己能够看到自己的数据 【所以必须要有top.sls】
4 因此可以用于敏感数据
5
6 Pillar刷新:
7 salt '*' saltutil.sync_all # 可以使用但是不推荐
8 salt '*' saltutil.sync_pillar 有报错,适用于无master模式【masterless】
9 salt '*' saltutil.refresh_modules 刷新的是模块,所以不建议使用
10 salt '*' saltutil.refresh_pillar # 推荐使用 ★★★★★
11
12 特别注意:
13 如果不执行salt '*' saltutil.refresh_pillar 直接使用 salt '*' pillar.items 查看信息,也可看见信息是最新的,
14 但是查看具体要更新项时却是旧信息,所以必须要执行pillar刷新命令。
15
16 使用:
17 1、目标选择
18 2、配置管理
19 3、机密数据【敏感数据】4. 显示系统自带的pillar
系统自带的pillar默认是不显示的
注意:看完之后还原回去,因为数据较多。和自定义数据杂在一起,不方便查看
4.1. 修改配置文件并重启服务
代码语言:javascript复制 1 [root@salt100 ~]# salt 'salt01' pillar.items # 默认不显示pillar信息
2 salt01:
3 ----------
4 [root@salt100 ~]# vim /etc/salt/master
5 ………………
6 # The pillar_opts option adds the master configuration file data to a dict in
7 # the pillar called "master". This is used to set simple configurations in the
8 # master config file that can then be used on minions.
9 #pillar_opts: False
10 pillar_opts: True
11 ………………
12 [root@salt100 ~]# systemctl restart salt-master.service # 修改了配置文件,重启服务4.2. 显示pillar信息
代码语言:javascript复制 1 [root@salt100 ~]# salt 'salt01' pillar.items # 显示系统pillar信息
2 salt01:
3 ----------
4 master:
5 ----------
6 __cli:
7 salt-master
8 __role:
9 master
10 allow_minion_key_revoke:
11 True
12 archive_jobs:
13 False
14 auth_events:
15 True
16 auth_mode:
17 1
18 auto_accept:
19 False
20 azurefs_update_interval:
21 60
22 cache:
23 localfs
24 cache_sreqs:
25 True
26 cachedir:
27 /var/cache/salt/master
28 clean_dynamic_modules:
29 True
30 cli_summary:
31 False
32 client_acl_verify:
33 True
34 cluster_masters:
35 cluster_mode:
36 False
37 con_cache:
38 False
39 conf_file:
40 /etc/salt/master
41 config_dir:
42 /etc/salt
43 cython_enable:
44 False
45 daemon:
46 False
47 decrypt_pillar:
48 decrypt_pillar_default:
49 gpg
50 decrypt_pillar_delimiter:
51 :
52 decrypt_pillar_renderers:
53 - gpg
54 default_include:
55 master.d/*.conf
56 default_top:
57 base
58 discovery:
59 False
60 django_auth_path:
61 django_auth_settings:
62 drop_messages_signature_fail:
63 False
64 dummy_pub:
65 False
66 eauth_acl_module:
67 eauth_tokens:
68 localfs
69 enable_gpu_grains:
70 False
71 enable_ssh_minions:
72 False
73 enforce_mine_cache:
74 False
75 engines:
76 env_order:
77 event_match_type:
78 startswith
79 event_return:
80 event_return_blacklist:
81 event_return_queue:
82 0
83 event_return_whitelist:
84 ext_job_cache:
85 ext_pillar:
86 extension_modules:
87 /var/cache/salt/master/extmods
88 external_auth:
89 ----------
90 extmod_blacklist:
91 ----------
92 extmod_whitelist:
93 ----------
94 failhard:
95 False
96 file_buffer_size:
97 1048576
98 file_client:
99 local
100 file_ignore_glob:
101 file_ignore_regex:
102 file_recv:
103 False
104 file_recv_max_size:
105 100
106 file_roots:
107 ----------
108 base:
109 - /srv/salt
110 fileserver_backend:
111 - roots
112 fileserver_followsymlinks:
113 True
114 fileserver_ignoresymlinks:
115 False
116 fileserver_limit_traversal:
117 False
118 fileserver_verify_config:
119 True
120 gather_job_timeout:
121 10
122 git_pillar_base:
123 master
124 git_pillar_branch:
125 master
126 git_pillar_env:
127 git_pillar_global_lock:
128 True
129 git_pillar_includes:
130 True
131 git_pillar_insecure_auth:
132 False
133 git_pillar_passphrase:
134 git_pillar_password:
135 git_pillar_privkey:
136 git_pillar_pubkey:
137 git_pillar_refspecs:
138 - refs/heads/*:refs/remotes/origin/*
139 - refs/tags/*:refs/tags/*
140 git_pillar_root:
141 git_pillar_ssl_verify:
142 True
143 git_pillar_user:
144 git_pillar_verify_config:
145 True
146 gitfs_base:
147 master
148 gitfs_disable_saltenv_mapping:
149 False
150 gitfs_env_blacklist:
151 gitfs_env_whitelist:
152 gitfs_global_lock:
153 True
154 gitfs_insecure_auth:
155 False
156 gitfs_mountpoint:
157 gitfs_passphrase:
158 gitfs_password:
159 gitfs_privkey:
160 gitfs_pubkey:
161 gitfs_ref_types:
162 - branch
163 - tag
164 - sha
165 gitfs_refspecs:
166 - refs/heads/*:refs/remotes/origin/*
167 - refs/tags/*:refs/tags/*
168 gitfs_remotes:
169 gitfs_root:
170 gitfs_saltenv:
171 gitfs_saltenv_blacklist:
172 gitfs_saltenv_whitelist:
173 gitfs_ssl_verify:
174 True
175 gitfs_update_interval:
176 60
177 gitfs_user:
178 hash_type:
179 sha256
180 hgfs_base:
181 default
182 hgfs_branch_method:
183 branches
184 hgfs_env_blacklist:
185 hgfs_env_whitelist:
186 hgfs_mountpoint:
187 hgfs_remotes:
188 hgfs_root:
189 hgfs_saltenv_blacklist:
190 hgfs_saltenv_whitelist:
191 hgfs_update_interval:
192 60
193 http_max_body:
194 107374182400
195 http_request_timeout:
196 3600.0
197 id:
198 salt01
199 interface:
200 0.0.0.0
201 ioflo_console_logdir:
202 ioflo_period:
203 0.01
204 ioflo_realtime:
205 True
206 ioflo_verbose:
207 0
208 ipc_mode:
209 ipc
210 ipc_write_buffer:
211 0
212 ipv6:
213 False
214 jinja_env:
215 ----------
216 jinja_lstrip_blocks:
217 False
218 jinja_sls_env:
219 ----------
220 jinja_trim_blocks:
221 False
222 job_cache:
223 True
224 job_cache_store_endtime:
225 False
226 keep_acl_in_token:
227 False
228 keep_jobs:
229 24
230 key_cache:
231 key_logfile:
232 /var/log/salt/key
233 key_pass:
234 None
235 keysize:
236 2048
237 local:
238 True
239 lock_saltenv:
240 False
241 log_datefmt:
242 %H:%M:%S
243 log_datefmt_console:
244 %H:%M:%S
245 log_datefmt_logfile:
246 %Y-%m-%d %H:%M:%S
247 log_file:
248 /var/log/salt/master
249 log_fmt_console:
250 [%(levelname)-8s] %(message)s
251 log_fmt_logfile:
252 %(asctime)s,%(msecs)03d [%(name)-17s:%(lineno)-4d][%(levelname)-8s][%(process)d] %(message)s
253 log_granular_levels:
254 ----------
255 log_level:
256 warning
257 log_level_logfile:
258 warning
259 log_rotate_backup_count:
260 0
261 log_rotate_max_bytes:
262 0
263 loop_interval:
264 60
265 maintenance_floscript:
266 /usr/lib/python2.7/site-packages/salt/daemons/flo/maint.flo
267 master_floscript:
268 /usr/lib/python2.7/site-packages/salt/daemons/flo/master.flo
269 master_job_cache:
270 local_cache
271 master_pubkey_signature:
272 master_pubkey_signature
273 master_roots:
274 ----------
275 base:
276 - /srv/salt-master
277 master_sign_key_name:
278 master_sign
279 master_sign_pubkey:
280 False
281 master_stats:
282 False
283 master_stats_event_iter:
284 60
285 master_tops:
286 ----------
287 master_use_pubkey_signature:
288 False
289 max_event_size:
290 1048576
291 max_minions:
292 0
293 max_open_files:
294 100000
295 memcache_debug:
296 False
297 memcache_expire_seconds:
298 0
299 memcache_full_cleanup:
300 False
301 memcache_max_items:
302 1024
303 min_extra_mods:
304 minion_data_cache:
305 True
306 minion_data_cache_events:
307 True
308 minionfs_blacklist:
309 minionfs_env:
310 base
311 minionfs_mountpoint:
312 minionfs_update_interval:
313 60
314 minionfs_whitelist:
315 module_dirs:
316 nodegroups:
317 ----------
318 on_demand_ext_pillar:
319 - libvirt
320 - virtkey
321 open_mode:
322 False
323 optimization_order:
324 - 0
325 - 1
326 - 2
327 order_masters:
328 False
329 outputter_dirs:
330 peer:
331 ----------
332 permissive_acl:
333 False
334 permissive_pki_access:
335 False
336 pidfile:
337 /var/run/salt-master.pid
338 pillar_cache:
339 False
340 pillar_cache_backend:
341 disk
342 pillar_cache_ttl:
343 3600
344 pillar_includes_override_sls:
345 False
346 pillar_merge_lists:
347 False
348 pillar_opts:
349 True
350 pillar_roots:
351 ----------
352 base:
353 - /srv/pillar
354 - /srv/spm/pillar
355 pillar_safe_render_error:
356 True
357 pillar_source_merging_strategy:
358 smart
359 pillar_version:
360 2
361 pillarenv:
362 None
363 ping_on_rotate:
364 False
365 pki_dir:
366 /etc/salt/pki/master
367 preserve_minion_cache:
368 False
369 pub_hwm:
370 1000
371 publish_port:
372 4505
373 publish_session:
374 86400
375 publisher_acl:
376 ----------
377 publisher_acl_blacklist:
378 ----------
379 python2_bin:
380 python2
381 python3_bin:
382 python3
383 queue_dirs:
384 raet_alt_port:
385 4511
386 raet_clear_remote_masters:
387 True
388 raet_clear_remotes:
389 False
390 raet_lane_bufcnt:
391 100
392 raet_main:
393 True
394 raet_mutable:
395 False
396 raet_port:
397 4506
398 raet_road_bufcnt:
399 2
400 range_server:
401 range:80
402 reactor:
403 reactor_refresh_interval:
404 60
405 reactor_worker_hwm:
406 10000
407 reactor_worker_threads:
408 10
409 regen_thin:
410 False
411 renderer:
412 yaml_jinja
413 renderer_blacklist:
414 renderer_whitelist:
415 require_minion_sign_messages:
416 False
417 ret_port:
418 4506
419 root_dir:
420 /
421 roots_update_interval:
422 60
423 rotate_aes_key:
424 True
425 runner_dirs:
426 runner_returns:
427 True
428 s3fs_update_interval:
429 60
430 salt_cp_chunk_size:
431 98304
432 saltenv:
433 None
434 saltversion:
435 2018.3.3
436 schedule:
437 ----------
438 search:
439 serial:
440 msgpack
441 show_jid:
442 False
443 show_timeout:
444 True
445 sign_pub_messages:
446 True
447 signing_key_pass:
448 None
449 sock_dir:
450 /var/run/salt/master
451 sock_pool_size:
452 1
453 sqlite_queue_dir:
454 /var/cache/salt/master/queues
455 ssh_config_file:
456 /root/.ssh/config
457 ssh_identities_only:
458 False
459 ssh_list_nodegroups:
460 ----------
461 ssh_log_file:
462 /var/log/salt/ssh
463 ssh_passwd:
464 ssh_port:
465 22
466 ssh_scan_ports:
467 22
468 ssh_scan_timeout:
469 0.01
470 ssh_sudo:
471 False
472 ssh_sudo_user:
473 ssh_timeout:
474 60
475 ssh_use_home_key:
476 False
477 ssh_user:
478 root
479 ssl:
480 None
481 state_aggregate:
482 False
483 state_auto_order:
484 True
485 state_events:
486 False
487 state_output:
488 full
489 state_output_diff:
490 False
491 state_top:
492 salt://top.sls
493 state_top_saltenv:
494 None
495 state_verbose:
496 True
497 sudo_acl:
498 False
499 svnfs_branches:
500 branches
501 svnfs_env_blacklist:
502 svnfs_env_whitelist:
503 svnfs_mountpoint:
504 svnfs_remotes:
505 svnfs_root:
506 svnfs_saltenv_blacklist:
507 svnfs_saltenv_whitelist:
508 svnfs_tags:
509 tags
510 svnfs_trunk:
511 trunk
512 svnfs_update_interval:
513 60
514 syndic_dir:
515 /var/cache/salt/master/syndics
516 syndic_event_forward_timeout:
517 0.5
518 syndic_failover:
519 random
520 syndic_forward_all_events:
521 False
522 syndic_jid_forward_cache_hwm:
523 100
524 syndic_log_file:
525 /var/log/salt/syndic
526 syndic_master:
527 masterofmasters
528 syndic_pidfile:
529 /var/run/salt-syndic.pid
530 syndic_wait:
531 5
532 tcp_keepalive:
533 True
534 tcp_keepalive_cnt:
535 -1
536 tcp_keepalive_idle:
537 300
538 tcp_keepalive_intvl:
539 -1
540 tcp_master_pub_port:
541 4512
542 tcp_master_publish_pull:
543 4514
544 tcp_master_pull_port:
545 4513
546 tcp_master_workers:
547 4515
548 test:
549 False
550 thin_extra_mods:
551 thorium_interval:
552 0.5
553 thorium_roots:
554 ----------
555 base:
556 - /srv/thorium
557 timeout:
558 5
559 token_dir:
560 /var/cache/salt/master/tokens
561 token_expire:
562 43200
563 token_expire_user_override:
564 False
565 top_file_merging_strategy:
566 merge
567 transport:
568 zeromq
569 unique_jid:
570 False
571 user:
572 root
573 utils_dirs:
574 - /var/cache/salt/master/extmods/utils
575 verify_env:
576 True
577 winrepo_branch:
578 master
579 winrepo_cachefile:
580 winrepo.p
581 winrepo_dir:
582 /srv/salt/win/repo
583 winrepo_dir_ng:
584 /srv/salt/win/repo-ng
585 winrepo_insecure_auth:
586 False
587 winrepo_passphrase:
588 winrepo_password:
589 winrepo_privkey:
590 winrepo_pubkey:
591 winrepo_refspecs:
592 - refs/heads/*:refs/remotes/origin/*
593 - refs/tags/*:refs/tags/*
594 winrepo_remotes:
595 - https://github.com/saltstack/salt-winrepo.git
596 winrepo_remotes_ng:
597 - https://github.com/saltstack/salt-winrepo-ng.git
598 winrepo_ssl_verify:
599 True
600 winrepo_user:
601 worker_floscript:
602 /usr/lib/python2.7/site-packages/salt/daemons/flo/worker.flo
603 worker_threads:
604 5
605 zmq_backlog:
606 1000
607 zmq_filtering:
608 False
609 zmq_monitor:
610 False5. pillar文件存放位置
代码语言:javascript复制 1 [root@salt100 ~]# vim /etc/salt/master # 存放默认路径即可,这样就不需要修改配置文件了
2 # Salt Pillars allow for the building of global data that can be made selectively
3 # available to different minions based on minion grain filtering. The Salt
4 # Pillar is laid out in the same fashion as the file server, with environments,
5 # a top file and sls files. However, pillar data does not need to be in the
6 # highstate format, and is generally just key/value pairs.
7 #pillar_roots:
8 # base:
9 # - /srv/pillar # pillar文件存放目录
10 #6. 自定义Pillar
6.1. pillar的sls文件编写
pillar SLS文件中涉及一层grains情况
代码语言:javascript复制1 [root@salt100 web]# pwd # 定义一个文件目录,方便后期维护
2 /srv/pillar/web_pillar
3 [root@salt100 web]# cat apache.sls
4 {% if grains['os'] == 'CentOS' %}
5 apache: httpd
6 {% elif grains['os'] == 'redhat03' %}
7 apache: apache2
8 {% endif %}pillar SLS文件中涉及多层grains情况
并包含优先级和 or 或 and 的写法
代码语言:javascript复制 1 [root@salt100 web]# pwd # 定义一个文件目录,方便后期维护
2 /srv/pillar/web_pillar
3 [root@salt100 pillar]# cat web_pillar/service_appoint.sls # 注意写法:多层指定、包含优先级以及 or 或 and
4 {% if (grains['ip4_interfaces']['eth0'][0] == '172.16.1.11' and grains['host'] == 'salt01')
5 or (grains['ip4_interfaces']['eth0'][0] == '172.16.1.12' and grains['host'] == 'salt02')
6 or (grains['ip4_interfaces']['eth0'][0] == '172.16.1.13' and grains['host'] == 'salt03')
7 %}
8 service_appoint: www
9 {% elif grains['ip4_interfaces']['eth0'][0] == '172.16.1.100' %}
10 service_appoint: mariadb
11 {% endif %}6.2. pillar的top file编写【必须有top.sls】
将 pillar 信息指定给被选择的 minion;所以必须要有 top file 文件。
代码语言:javascript复制 1 [root@salt100 pillar]# pwd
2 /srv/pillar
3 [root@salt100 pillar]# cat top.sls
4 base:
5 '*':
6 - web_pillar.service_appoint
7
8 # 使用通配符
9 'salt0*':
10 - web_pillar.apache
11 # 指定具体minion
12 'salt03':
13 - web_pillar.apache6.3. pillar信息刷新并查看
如果不执行salt '*' saltutil.refresh_pillar 直接使用 salt '*' pillar.items 查看信息,也可看见信息是最新的,但是查看具体更新项时却是旧信息,所以必须要执行pillar刷新命令。
代码语言:javascript复制 1 [root@salt100 pillar]# salt '*' saltutil.refresh_pillar # 刷新
2 salt100:
3 True
4 salt01:
5 True
6 salt02:
7 True
8 salt03:
9 True
10 [root@salt100 pillar]# salt '*' pillar.item apache # 查看具体想
11 salt100:
12 ----------
13 service_appoint:
14 mariadb
15 salt01:
16 ----------
17 apache:
18 apache3
19 service_appoint:
20 www
21 salt03:
22 ----------
23 apache:
24 httpd
25 service_appoint:
26 www
27 salt02:
28 ----------
29 apache:
30 httpd
31 service_appoint:
32 www7. 层级关系编写
7.1. pillar的sls文件编写
代码语言:javascript复制 1 [root@salt100 pillar]# cat /srv/pillar/web_pillar/user.sls
2 level1:
3 level2:
4 {% if grains['os'] == 'CentOS' %}
5 my_user:
6 - zhangsan01
7 - zhangsan02
8 {% elif grains['os'] == 'redhat03' %}
9 my_user: lisi001
10 {% endif %}7.2. pillar的top file编写【必须有top.sls】
代码语言:javascript复制 1 [root@salt100 pillar]# pwd
2 /srv/pillar
3 [root@salt100 pillar]# cat top.sls
4 # 以下内容直接使用即可,sls支持注释
5 base:
6 '*':
7 - web_pillar.service_appoint
8
9 # 使用通配符
10 'salt0*':
11 - web_pillar.apache
12 - web_pillar.user # 引用
13 # 指定具体minion
14 'salt03':
15 - web_pillar.apache
16 - web_pillar.user # 引用7.3. pillar信息刷新并查看
代码语言:javascript复制 1 [root@salt100 pillar]# salt '*' saltutil.refresh_pillar # 刷新pillar
2 ………………
3 [root@salt100 pillar]# salt '*' pillar.items # 查看全部信息
4 salt03:
5 ----------
6 apache:
7 httpd
8 level1:
9 ---------- # 该行表示 一个层级
10 level2:
11 ----------
12 my_user:
13 - zhangsan01
14 - zhangsan02
15 service_appoint:
16 www
17 salt02:
18 ----------
19 apache:
20 httpd
21 level1:
22 ----------
23 level2:
24 ----------
25 my_user:
26 - zhangsan01
27 - zhangsan02
28 service_appoint:
29 www
30 salt01:
31 ----------
32 apache:
33 apache3
34 level1:
35 ----------
36 level2:
37 ----------
38 my_user:
39 lisi001
40 service_appoint:
41 www
42 salt100:
43 ----------
44 service_appoint:
45 mariadb
46 [root@salt100 pillar]# salt '*' pillar.item level1 # 查看指定 level1 的信息
47 salt03:
48 ----------
49 level1:
50 ----------
51 level2:
52 ----------
53 my_user:
54 - zhangsan01
55 - zhangsan02
56 salt02:
57 ----------
58 level1:
59 ----------
60 level2:
61 ----------
62 my_user:
63 - zhangsan01
64 - zhangsan02
65 salt01:
66 ----------
67 level1:
68 ----------
69 level2:
70 ----------
71 my_user:
72 lisi001
73 salt100:
74 ----------
75 level1:7.4. 多层级查看
代码语言:javascript复制 1 [root@salt100 pillar]# salt '*' pillar.item level1:level2 # 多层级访问
2 salt01:
3 ----------
4 level1:level2:
5 ----------
6 my_user:
7 lisi001
8 salt03:
9 ----------
10 level1:level2:
11 ----------
12 my_user:
13 - zhangsan01
14 - zhangsan02
15 salt02:
16 ----------
17 level1:level2:
18 ----------
19 my_user:
20 - zhangsan01
21 - zhangsan02
22 salt100:
23 ----------
24 level1:level2:
25 [root@salt100 pillar]# salt '*' pillar.item level1:level2:my_user # 多层级访问
26 salt01:
27 ----------
28 level1:level2:my_user:
29 lisi001
30 salt03:
31 ----------
32 level1:level2:my_user:
33 - zhangsan01
34 - zhangsan02
35 salt02:
36 ----------
37 level1:level2:my_user:
38 - zhangsan01
39 - zhangsan02
40 salt100:
41 ----------
42 level1:level2:my_user:
43 [root@salt100 web_pillar]# salt '*' pillar.item level1:level2:my_user:0 # 取列表中的第一个值★★★★★
44 salt03:
45 ----------
46 level1:level2:my_user:0:
47 zhangsan01
48 salt01:
49 ----------
50 level1:level2:my_user:0:
51 salt02:
52 ----------
53 level1:level2:my_user:0:
54 zhangsan01
55 salt100:
56 ----------
57 level1:level2:my_user:0:8. Pillar使用方式
8.1. 查询pillar的指定信息
代码语言:javascript复制 1 [root@salt100 pillar]# salt 'salt0*' pillar.item apache # 通配符匹配
2 salt03:
3 ----------
4 apache:
5 httpd
6 salt02:
7 ----------
8 apache:
9 httpd
10 salt01:
11 ----------
12 apache:
13 apache3
14 [root@salt100 pillar]# salt 'salt0*' pillar.item level1:level2:my_user # 多层查询
15 salt01:
16 ----------
17 level1:level2:my_user:
18 lisi
19 salt02:
20 ----------
21 level1:level2:my_user:
22 zhangsan
23 salt03:
24 ----------
25 level1:level2:my_user:
26 zhangsan
27 [root@salt100 web_pillar]# salt '*' pillar.item level1:level2:my_user:0 # 取列表中的第一个值★★★★★
28 salt03:
29 ----------
30 level1:level2:my_user:0:
31 zhangsan01
32 salt01:
33 ----------
34 level1:level2:my_user:0:
35 salt02:
36 ----------
37 level1:level2:my_user:0:
38 zhangsan01
39 salt100:
40 ----------
41 level1:level2:my_user:0:8.2. 通过pillar查询信息
代码语言:javascript复制1 [root@salt100 pillar]# salt -I 'apache:httpd' cmd.run 'echo "zhangliang $(date %Y)"' # 通过pillar配置
2 salt02:
3 zhangliang 2018
4 salt03:
5 zhangliang 2018
6 [root@salt100 pillar]# salt -I 'level1:level2:my_user:lisi' cmd.run 'whoami' # pillar多层级匹配
7 salt01:
8 root9. 在状态SLS的top file中使用pillar
9.1. top.sls编写
代码语言:javascript复制1 [root@salt100 salt]# pwd
2 /srv/salt
3 [root@salt100 salt]# cat top.sls
4 base:
5 # 使用pillar匹配,添加如下几行
6 'level1:level2:my_user':
7 - match: pillar
8 - web.apache9.2. state.highstate执行
代码语言:javascript复制1 [root@salt100 salt]# salt 'salt01' state.highstate test=True # 预执行正常
2 [root@salt100 salt]# salt 'salt01' state.highstate # 执行正常
