Jusene's Blog

Saltstack 学习笔记(三)

saltstack
字数统计: 697阅读时长: 3 min
2018/04/25 Share

salt job管理

salt每次发布一个任务都会为该服务创建一个j。obid,不同的jobid对应一个独立的操作任务,master默认会缓存24小时的所有job的详细操作。

minion-one:

1
~]# ls /var/cache/salt/minion/

在salt-master上执行一个长任务,salt-minion上就会产生一个jobid。

可以通过以下命令来查看相光的job信息:

1
salt "*" saltutil.find_job jobid

kill 指定job

1
salt "*" saltutil.kill_job jobid

查看master上cache的所有job

1
salt "*" saltutil.runner jobs.list_jobs

salt api

安装salt-api

1
~]# yum install -y salt-api
2
~]# sed -i 's/#default_include: master.d/*.conf/default_include: master.d/*.conf/g' /etc/salt/master
3
~]# mkdir /etc/salt/master.d
4
~]# vim /etc/salt/master.d/salt-api.conf
5
external_auth:
6
  pam:
7
     salttest:
8
        - .*
9
10
rest_cherrypy:
11
  port: 8080
12
  host: 0.0.0.0
13
  disable_ssl: True
14
  ssl_crt: conf/cert.pem
15
  ssl_key: conf/key.pem
16
~]# useradd salttest
17
~]# yum install pyOpenSSL && salt-call tls.create_self_signed_cert   #快速生成证书
18
~]# systemctl restart salt-master salt-api

salt-api的使用

获取token

1
~]# curl -k http://10.211.55.16:8080/login -H "Accept: application/json" -d username="salttest" -d password="123456" -d eauth="pam"
2
{"return": [{"perms": [".*"], "start": 1524567092.304983, "token": "9e57759e86dcb7a2c6228a3c1a43b640a91fc704", "expire": 1524610292.304983, "user": "salttest", "eauth": "pam"}]}

测试minion端的连通性: salt “*” test.ping

1
~]#  curl -k http://127.0.0.1:8080 -H "Accept: application/json" -H "X-Auth-Token: 9e57759e86dcb7a2c6228a3c1a43b640a91fc704" -d client='local' -d tgt='*' -d fun='test.ping'
2
{"return": [{"myhost": true}]}

cmd.run模块使用: salt “*” cmd.run ‘ls /‘

1
~]# curl -k http://127.0.0.1:8080 -H "Accept: application/json" -H "X-Auth-Token: 9e57759e86dcb7a2c6228a3c1a43b640a91fc704" -d client='local' -d tgt='*' -d fun='cmd.run' -d arg='ls /'
2
{"return": [{"myhost": "bin\nboot\ndata\ndev\netc\nhome\nlib\nlib64\nmedia\nmnt\nopt\nproc\nroot\nrun\nsbin\nsrv\nsys\ntmp\nusr\nvar"}]}

state.sls使用: salt “*” state.sls ip

1
~]# curl -k http://127.0.0.1:8080 -H "Accept: application/json" -H "X-Auth-Token: 675ae0d272990e2cf7c412a2596f8d3c679fdb6f" -d client='local' -d tgt='*' -d fun='state.sls' -d arg='ip'

使用target: salt -L “10.211.55.16,10.211.55.17” test.ping

1
~]# curl -k http://127.0.0.1:8080 -H "Accept: application/json" -H "X-Auth-Token: 9e57759e86dcb7a2c6228a3c1a43b640a91fc704" -d client='local' -d tgt='10.211.55.16,10.211.55.17' -d expr_form='list' -d fun='test.ping'

salt -E “10.211.*” test.ping

1
~]# curl -k http://127.0.0.1:8080 -H "Accept: application/json" -H "X-Auth-Token: 9e57759e86dcb7a2c6228a3c1a43b640a91fc704" -d client='local' -d tgt='10\.211.*' -d expr_form='pcre' -d fun='test.ping'

python实现

1
import requests
2
3
class SaltApi(object):
4
    def __init__(self, salturl, saltname, saltpassword):
5
        self.__salturl = salturl
6
        self.__saltname = saltname
7
        self.__password = saltpassword
8
9
    def token(self,prefix='login'):
10
        json_body = {"eauth": "pam", "username": self.__saltname, "password": self.__password}
11
        resp = requests.post('/'.join((self.__salturl, prefix)), json=json_body)
12
        try:
13
            self.__token = resp.json()['return'][0]['token']
14
        except KeyError  as e:
15
            logger.exception('KeyError')
16
            sys.exit(2)
17
    def postrequest(self, json_body):
18
        self.token()
19
        header = {"X-Auth-Token":self.__token}
20
        resp = requests.post(self.__salturl, headers=header, json=json_body)
21
        return resp.json()
22
23
    def remote_execute(self, tgt, arg=None, fun='cmd.run'):
24
        self.token()
25
        header = {"X-Auth-Token": self.__token}
26
        print(header)
27
        json_body = {"client": "local", "tgt": tgt, "fun": fun, "arg": arg}
28
        print(self.__salturl)
29
        resp = requests.post(self.__salturl, headers=header, json=json_body)
30
        try:
31
            return resp.json()
32
        except KeyError:
33
            logger.exception('{0}执行出错,请检查minion是否正常!'.format(tgt))
34
            sys.exit(2)

原文作者:Zhang Jusene

原文链接:http://jusene.github.io/2018/04/25/saltstack-2/

发表日期:April 25th 2018, 10:47:58 pm

更新日期:November 30th 2019, 1:54:24 am

版权声明:本文采用知识共享署名-非商业性使用 4.0 国际许可协议进行许可

CATALOG
  1. 1. salt job管理
  2. 2. salt api
    1. 2.1. 安装salt-api
    2. 2.2. salt-api的使用
    3. 2.3. python实现
Total : 190
2020
2019
2018
2017
python boot troubshooting docker drbd ssh web ELK kubernetes Kubernetes git ansible tools dns corosync consul Django etcd security ftp Go bash bigdata grub heartbeat Java kickstart kvm lvs mongodb mysql mesh nc nfs mogilefs openresty upgrade puppet rabbitmq saltstack rsync screen socat svn tcpdump fastdfs haproxy iscsi keepalived cache openssl vpn optimization prometheus redis RPM cncf supervisord kernel JAVA
python Linux troubshooting Docker docker storage nginx Nosql kubernetes Flask Kubernetes ansible Shell cluster Django Go bigdata boot Java hypervisor mysql mesh tools openresty puppet rabbitmq saltstack optimization cncf varnish tomcat JAVA