salt '*' cmd.run 'w'
- 命令:salt
- 目标:'*'
- 模块:cmd.run,自带模块,也可以自己写模块
- 返回:执行后结果返回,Returnners组件
salt '*' test.ping
- 此处的ping并非ICMP的ping命令,
- 而是master向minion发送了一个包,minion收到了,返回一个True
指定目标(targeting)
- 在Master上,我们可以采用不同Target去管理不同的Minion
- 这些Target都是通过去管理和匹配Minion的ID来做一些集合
1、正则匹配
salt -E '10.123*' test.ping
salt '*nginx*' test.ping
2、列表匹配
salt -L zabbix,nginx01 test.ping
3、Grians匹配
salt -G 'os:CentOS' test.ping
4、组匹配
salt -N groups1 test.ping
- groups是我们在master配置文件中定义的组名称
[root@saltStack01 ~]# cat /etc/salt/master |grep -A 2 nodegroups
nodegroups:
group1: 'L@foo.domain.com,bar.domain.com,baz.domain.com and bl*.domain.com'
group2: 'G@os:Debian and foo.domain.com'
[root@saltStack01 ~]# systemctl restart salt-master
5、复合匹配
salt -C 'G@os:CentOS or L@nginx01' test.ping
6、Pillar值匹配
salt -I 'key:value' test.ping
7、CIDR匹配
salt -S '10.123.209.0/24' test.ping
Target 参数
参数 |
匹配模式 |
例子 |
L |
List of minions |
L@Minion,Minion1,Minion2 |
G |
Grains glob |
G@os:CentOS |
E |
PCRE minion ID |
E@Minion[1-3] |
P |
Grains PCRE |
P@os:(CentOSFedora) |
I |
Pillar glob |
I@key:value |
S |
Subnet/IP address |
S@10.123.209.0/24 or S@10.123.208.0/24 |
R |
Range cluster |
R@%foo.bar |
C |
compound |
G@os:CentOS or L@Minion1 |
执行模块
- 如果通过yum默认安装,salt所有模块存放路径 /usr/lib/python2.7/site-packages/salt/
查看所有module列表
salt '*salt*' sys.list_modules
查看指定module的所有function
salt '*salt*' sys.list_functions cmd
查看指定module用法
salt '*salt*' sys.doc cmd
例子:
salt '*' network.active_tcp # 列出所有主机运行的tcp连接
salt '*' network.arp # 列出所有主机arp
salt '*' service.available sshd # 列出所有主机sshd
salt '*' service.get_all # 列出所有主机的所有运行服务
salt '*' service.status sshd # 列出所有主机sshd运行状态
salt-cp '*' /etc/hosts /tmp/test # 将master上/etc/hosts文件拷贝到所有主机的/tmp/test
salt '*' state.show_top # 查看top
salt '*' state.single pkg.installed name=lsof # 所有主机安装lsof
返回程序
- SaltStack系统对执行Minion返回后的数据进行存储或者返回给其他程序
- 支持多种存储方式,如MySQL、MongoDB、Redis、Memcache等
- 通过Return可以对SaltStack的每次操作进行记录,对以后日志审计提供了数据来源
- 支持自定义的Return
查看所有return列表
salt '*salt*' sys.list_returners
1、将返回写入mysql库,是由minion直接写入mysql库
- 所有minion安装python mysql模块(两种方法)
salt '*' state.single pkg.installed name=MySQL-python
salt '*' cmd.run 'yum install MySQL-python -y'
CREATE DATABASE `salt`
DEFAULT CHARACTER SET utf8
DEFAULT COLLATE utf8_general_ci;
USE `salt`;
--
-- Table structure for table `jids`
DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (
`jid` varchar(255) NOT NULL,
`load` mediumtext NOT NULL,
UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX jid ON jids(jid) USING BTREE;
--
-- Table structure for table `salt_returns`
DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Table structure for table `salt_events`
DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
grant all on salt.* to salt@'%' identified by 'salt@pw';
FLUSH PRIVILEGES;
exit
mysql -h192.168.137.11 -usalt -psalt@pw salt
show tables;
vim /etc/salt/minion
mysql.host: '192.168.137.11'
mysql.user: 'salt'
mysql.pass: 'salt@pw'
mysql.db: 'salt'
mysql.port: 3306
systemctl restart salt-minion
salt '*' test.ping --return mysql
salt '*' cmd.run 'df -h' --return mysql
select * from salt_returns;
2、使用Redis作为Return存储方式
- minion安装redis python client模块
yum install -y python-redis
[root@Log-redis-nginx ~]# python -c 'import redis;print redis.VERSION'
(2, 10, 3)
vim /etc/salt/minion
redis.db: '0'
redis.host: '10.123.209.71'
redis.port: 6379
systemctl restart salt-minion
salt '*salt*' cmd.run 'hostname' --return redis
redis-cli monitor
编写执行模块
1、放置路径
mkdir -p /srv/salt/_modules
2、命名,文件名就是模块名
cat /srv/salt/_modules/my_disk.py
def list():
cmd = 'df -h'
ret = __salt__['cmd.run'](cmd)
return ret
3、刷新
salt '*salt*' saltutil.sync_modules
4、查看指定路径的/var/cache/salt/minion下
[root@saltStack01 ~]# tree /var/cache/salt/minion/extmods/modules
/var/cache/salt/minion/extmods/modules
└── my_disk.py
0 directories, 1 file
[root@saltStack01 ~]#
5、执行
[root@saltStack01 ~]# salt '*salt*' my_disk.list
saltStack01:
Filesystem Size Used Avail Use% Mounted on
/dev/xvda3 56G 1.3G 55G 3% /
devtmpfs 3.9G 0 3.9G 0% /dev
tmpfs 3.7G 16K 3.7G 1% /dev/shm
tmpfs 3.7G 8.4M 3.7G 1% /run
tmpfs 3.7G 0 3.7G 0% /sys/fs/cgroup
/dev/xvda1 197M 114M 83M 58% /boot
tmpfs 757M 0 757M 0% /run/user/0
[root@saltStack01 ~]#