zoukankan      html  css  js  c++  java
  • 006-saltstack之远程执行

    1.目标 
    2.执行模块 
    3.返回

    salt    ‘*’    cmd.run    ‘uptime’
    命令    目标    执行模块    执行模块参数

    1、SlatStack远程执行–目标

    执行目标:https://docs.saltstack.com/en/latest/topics/targeting/index.html#advanced-targeting-methods

    • (1)和Minion ID相关的目标匹配方式
    复制代码
    1、MinionID匹配
    [root@linux-node1 ~]# salt 'linux-node1.example.com' service.status sshd
    linux-node1.example.com:
        True
    
    2、通配符* ? [1-2]等匹配
    [root@linux-node1 ~]# salt 'linux*' service.status sshd
    linux-node2.example.com:
        True
    linux-node1.example.com:
        True
    [root@linux-node1 ~]# salt 'linux-node?.example.com' service.status sshd
    linux-node2.example.com:
        True
    linux-node1.example.com:
        True
    [root@linux-node1 ~]# salt 'linux-node[1-2].example.com' service.status sshd
    linux-node2.example.com:
        True
    linux-node1.example.com:
        True
    
    3、列表匹配
    [root@linux-node1 ~]# salt -L 'linux-node1.example.com,linux-node2.example.com' test.ping
    linux-node2.example.com:
        True
    linux-node1.example.com:
        True
    
    4、正则表达式匹配
    [root@linux-node1 ~]# salt -E 'linux-(node1|node2)*' test.ping
    linux-node2.example.com:
        True
    linux-node1.example.com:
        True
    复制代码
    • (2)和Minion无关匹配
      复制代码
      1、Grains匹配
      [root@linux-node1 ~]# salt -G 'os:CentOS' test.ping
      linux-node2.example.com:
          True
      linux-node1.example.com:
          True
      
      2、子网、IP地址匹配
      [root@linux-node1 ~]# salt -S '192.168.56.0/24' test.ping
      linux-node1.example.com:
          True
      linux-node2.example.com:
          True
      
      3、Pillar匹配
      #这里目标key:value,是在pillar系统中定义
      [root@linux-node1 ~]# salt -I 'apache:httpd' test.ping
      linux-node2.example.com:
          True
      linux-node1.example.com:
          True
      复制代码
    • (3)混合匹配(少用)
    • (4)Node Groups匹配
      复制代码
      #在master配置文件进行定义node-groups
      [root@linux-node1 ~]# vim /etc/salt/master
      nodegroups:
        web-group: 'L@linux-node1.example.com,linux-node2.example.com'
      [root@linux-node1 ~]# systemctl restart salt-master
      [root@linux-node1 ~]# salt -N web-group test.ping
      linux-node2.example.com:
          True
      linux-node1.example.com:
          True
      复制代码
    • (5)批处理执行–Batch size
      复制代码
      #先执行1台完成后再执行一台,按比例去执行
      [root@linux-node1 ~]# salt '*' -b 1 test.ping
      
      Executing run on ['linux-node2.example.com']
      
      jid:
          20180117172632455823
      linux-node2.example.com:
          True
      retcode:
          0
      
      Executing run on ['linux-node1.example.com']
      
      jid:
          20180117172632650981
      linux-node1.example.com:
          True
      retcode:
          0
      
      #按比例匹配执行,好比在重启服务器时,为了不影响业务,可以先重启一部分,再重启后面一部分
      [root@linux-node1 ~]# salt -G 'os:CentOS' --batch-size 50% test.ping
      
      Executing run on ['linux-node2.example.com']
      
      jid:
          20180117172759207757
      linux-node2.example.com:
          True
      retcode:
          0
      
      Executing run on ['linux-node1.example.com']
      
      jid:
          20180117172759402383
      linux-node1.example.com:
          True
      retcode:
          0
      复制代码

    2、SlatStack远程执行–执行模块

    执行模块:https://docs.saltstack.com/en/latest/ref/modules/all/index.html#all-salt-modules

    3、SlatStack远程执行–返回

    返回模块:https://docs.saltstack.com/en/latest/ref/returners/index.html 
    Return组件可以理解为SaltStack系统对执行Minion返回后的数据进行存储或者返回给其他程序,它支持多种存储方式,如MySQL、Redis、ELK、zabbix,通过Return我们可以对SaltStack的每次操作进行记录,对以后的日志审计提供了数据来源。 
    Return是在Master端触发任务,然后Minion接受处理任务直接与Return存储服务器建立链接,然后把数据存储到服务器。 
    返回是minion直接将命令执行结果写入到MySQL,需要的依赖包:MySQL-python

    • (1)SATL.RETURNERS.MYSQL(minion返回MySQL)
      复制代码
      (1)所有minion需要安装MySQL-python
      [root@linux-node1 ~]# salt '*' cmd.run 'yum install -y MySQL-python'
      [root@linux-node1 ~]# salt '*' pkg.install MySQL-python    #使用pkg模块安装MySQL-python
      
      (2)安装mariadb数据库
      [root@linux-node1 ~]# yum install -y mariadb-server
      [root@linux-node1 ~]# systemctl start mariadb
      
      (3)创建salt库,创建jid、salt_returns、salt_events表,授权
      [root@linux-node1 ~]# mysql -uroot -p
      Enter password: 
      MariaDB [(none)]> CREATE DATABASE  `salt`
          ->   DEFAULT CHARACTER SET utf8
          ->   DEFAULT COLLATE utf8_general_ci;
      Query OK, 1 row affected (0.00 sec)
      
      MariaDB [(none)]> USE `salt`;
      Database changed
      
      MariaDB [salt]> CREATE TABLE `jids` (
          ->   `jid` varchar(255) NOT NULL,
          ->   `load` mediumtext NOT NULL,
          ->   UNIQUE KEY `jid` (`jid`)
          -> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
      Query OK, 0 rows affected (0.00 sec)
      
      MariaDB [salt]> CREATE TABLE `salt_returns` (
          ->   `fun` varchar(50) NOT NULL,
          ->   `jid` varchar(255) NOT NULL,
          ->   `return` mediumtext NOT NULL,
          ->   `id` varchar(255) NOT NULL,
          ->   `success` varchar(10) NOT NULL,
          ->   `full_ret` mediumtext NOT NULL,
          ->   `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
          ->   KEY `id` (`id`),
          ->   KEY `jid` (`jid`),
          ->   KEY `fun` (`fun`)
          -> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
      Query OK, 0 rows affected (0.03 sec)
      
      MariaDB [salt]> CREATE TABLE `salt_events` (
          -> `id` BIGINT NOT NULL AUTO_INCREMENT,
          -> `tag` varchar(255) NOT NULL,
          -> `data` mediumtext NOT NULL,
          -> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
          -> `master_id` varchar(255) NOT NULL,
          -> PRIMARY KEY (`id`),
          -> KEY `tag` (`tag`)
          -> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
      Query OK, 0 rows affected (0.02 sec)
      
      MariaDB [salt]> show tables;
      +----------------+
      | Tables_in_salt |
      +----------------+
      | jids           |
      | salt_events    |
      | salt_returns   |
      +----------------+
      3 rows in set (0.00 sec)
      
      MariaDB [salt]> grant all on salt.* to salt@'%' identified by 'salt';
      Query OK, 0 rows affected (0.00 sec)
      
      (4)修改salt-minion,配置MySQL链接
      [root@linux-node2 ~]# vim /etc/salt/minion
      ######      Returner  settings        ######
      ############################################
      mysql.host: '192.168.56.11'
      mysql.user: 'salt'
      mysql.pass: 'salt'
      mysql.db: 'salt'
      mysql.port: 3306
      [root@linux-node2 ~]# systemctl restart salt-minion
      [root@linux-node1 ~]# vim /etc/salt/minion
      ######      Returner  settings        ######
      ############################################
      mysql.host: '192.168.56.11'
      mysql.user: 'salt'
      mysql.pass: 'salt'
      mysql.db: 'salt'
      mysql.port: 3306
      [root@linux-node1 ~]# systemctl restart salt-minion
      
      (5)测试,并在数据库查看返回结果
      [root@linux-node1 ~]# salt '*' test.ping --return mysql
      linux-node2.example.com:
          True
      linux-node1.example.com:
          True
      MariaDB [salt]> select * from salt_returns;
      +-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
      | fun       | jid                  | return | id                      | success | full_ret                                                                                                                                            | alter_time          |
      +-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
      | test.ping | 20180118093222060862 | true   | linux-node2.example.com | 1       | {"fun_args": [], "jid": "20180118093222060862", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "linux-node2.example.com"} | 2018-01-18 09:32:22 |
      | test.ping | 20180118093222060862 | true   | linux-node1.example.com | 1       | {"fun_args": [], "jid": "20180118093222060862", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "linux-node1.example.com"} | 2018-01-18 09:32:24 |
      +-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
      2 rows in set (0.00 sec)
      复制代码
    • 使用salt的job_cache机制将命令写入mysql(常用方法)
    • 执行的所有命令都会写入mysql,不用使用return,把cache写在mysql
      复制代码
      [root@linux-node1 ~]# vim /etc/salt/master
      master_job_cache: mysql
      mysql.host: '192.168.56.11'
      mysql.user: 'salt'
      mysql.pass: 'salt'
      mysql.db: 'salt'
      mysql.port: 3306
      [root@linux-node1 ~]# systemctl restart salt-master
      [root@linux-node1 ~]# salt '*' cmd.run 'w'
      [root@linux-node1 ~]# mysql -uroot -p123456 -e "select * from salt.salt_returns;"
      
      #加上-v参数可以看到jid,并且通过jid可以查看运行的结果
      [root@linux-node1 ~]# salt '*' cmd.run 'uptime' -v
      Executing job with jid 20180118095000725560
      -------------------------------------------
      
      linux-node2.example.com:
           09:50:00 up 14 days,  4:24,  2 users,  load average: 0.00, 0.01, 0.05
      linux-node1.example.com:
           09:50:00 up 23 days,  3:56,  2 users,  load average: 0.00, 0.06, 0.18
      [root@linux-node1 ~]# salt-run jobs.lookup_jid 20180118095000725560
      linux-node1.example.com:
           09:50:00 up 23 days,  3:56,  2 users,  load average: 0.00, 0.06, 0.18
      linux-node2.example.com:
           09:50:00 up 14 days,  4:24,  2 users,  load average: 0.00, 0.01, 0.05
      复制代码
  • 相关阅读:
    (转) tcp的注册端口
    [转] Android中C&C++源码库的初步研究
    (转)vim7.3中文乱码解决方法
    {转} Eclipse 高亮显示选中的相同变量
    libcurl 一个实现了client请求http,ftp的库
    c#操作文件夹
    OutputCache祥解
    非静态的字段、方法或属性“System.Web.UI.Page.ClientScript.get”要求对象引用
    IXMLDOMDocument 成員
    关于中日文和UNICODE之间编码的转换(2008725 15:05:00)
  • 原文地址:https://www.cnblogs.com/xuefy/p/11576771.html
Copyright © 2011-2022 走看看