使用分组
修改minon的ID,做一个标识
[root@node2 ~]# vim /etc/salt/minion
master: 172.25.254.130 id: web1 #node2
[root@node2 ~]# systemctl restart salt-minion [root@node3 ~]# vim /etc/salt/minion
master: 172.25.254.130 id: web2 #node3 [root@node3 ~]# vim /etc/salt/minion
[root@node4 ~]# systemctl restart salt-minion
master: 172.25.254.130 id: web3 #node3
[root@node4 ~]# systemctl restart salt-minion [root@node5 ~]# vim /etc/salt/minion
master: 172.25.254.130 id: db1 #node4
[root@node5 ~]# systemctl restart salt-minion [root@node6 ~]# vim /etc/salt/minion
master: 172.25.254.130 id: db2 #node5
[root@node6 ~]# systemctl restart salt-minion
master重新添加秘钥
[root@node1 ~]# salt-key -D
[root@node1 ~]# salt-key -A
[root@node1 ~]# salt-key -L
Accepted Keys:
db1
db2
web1
web2
web3
Denied Keys:
Unaccepted Keys:
Rejected Keys:
测试连通性
[root@node1 ~]# salt '*' test.ping web2: True web3: True db1: True db2: True web1: True [root@node1 ~]# salt '*' cmd.run 'date' db2: Wed Apr 3 08:31:03 CST 2019 web3: Wed Apr 3 08:31:04 CST 2019 web2: Wed Apr 3 08:31:05 CST 2019 db1: Wed Apr 3 08:31:04 CST 2019 web1: Wed Apr 3 08:31:06 CST 2019 [root@node1 ~]# salt -E "webd" test.ping #d 匹配一个数字 d+ 匹配 1..n 个数字 web2: True web3: True web1: True [root@node1 ~]# salt -L "web1,web2,db2" test.ping #L 列表 后面跟随主机的名称,用 “,”分割 web2: True web1: True db2: True
分组
[root@node1 ~]# vim /etc/salt/master
nodegroups: group1: "L@web1,web2,db2" groupweb: "L@web1,web2,web3" groupdb: "L@db1,db2"
[root@node1 ~]# systemctl restart salt-master
测试组
[root@node1 ~]# salt -S "172.25.254.0/24" test.ping web2: True web3: True web1: True db1: True db2: True [root@node1 ~]# salt -N group1 test.ping web2: True web1: True db2: True [root@node1 ~]# salt -N groupweb test.ping web2: True web1: True web3: True [root@node1 ~]# salt -N groupdb test.ping db2: True db1: True
发送文件和文件夹
[root@node1 ~]# mkdir -p /srv/salt/files
[root@node1 ~]# cd /srv/salt/files
[root@node1 files]# echo testfile >> testfile
[root@node1 files]# salt -N groupweb cp.get_file salt://files/testfile /var/tmp/f1
检测
[root@node1 files]# salt -N groupweb cmd.run 'md5sum /var/tmp/f1'
源文件对比
[root@node1 files]# md5sum testfile
e9409172a4036cc688f169c72131e921 testfile
查看内容
[root@node1 files]# salt -N groupweb cmd.run 'cat /var/tmp/f1'
修改文件内容传递,内容覆盖
[root@node1 files]# echo 11111111 >>testfile [root@node1 files]# salt -N groupweb cp.get_file salt://files/testfile /var/tmp/f1 web3: /var/tmp/f1 web1: /var/tmp/f1 web2: /var/tmp/f1 [root@node1 files]# salt -N groupweb cmd.run 'cat /var/tmp/f1' web3: testfile 11111111 web2: testfile 11111111 web1: testfile 11111111
传输文件夹
[root@node1 files]# cd ..
[root@node1 salt]# salt -N groupweb cp.get_dir salt://files /var/tmp/testdir
检测:
[root@node1 salt]# salt -N groupweb cmd.run 'cat /var/tmp/testdir/files/testfile'
查看模块,功能和使用方法
[root@node1 salt]# salt 'web1' sys.list_modules
web1: - acl - aliases - alternatives - archive - artifactory - beacons - bigip - blockdev - btrfs - buildout - cloud - cmd - composer - config - consul - container_resource - cp - cron - data - defaults - devmap - disk - django - dnsmasq - dnsutil - drbd - elasticsearch - environ - etcd - ethtool - event - extfs - file - firewalld - gem - genesis - gnome - grains - group - hashutil - hipchat - hosts - http - img - incron - infoblox - ini - inspector - introspect - ip - ipset - iptables - jboss7 - jboss7_cli - k8s - key - keyboard - kmod - locale - locate - logrotate - lowpkg - lvm - match - mine - minion - modjk - mount - nagios_rpc - network - nova - nspawn - openscap - openstack_config - pagerduty - pagerduty_util - pam - partition - pillar - pip - pkg - pkg_resource - postfix - publish - pushover - pyenv - random - random_org - rbenv - rest_sample_utils - ret - rvm - s3 - s6 - salt_proxy - saltutil - schedule - scsi - sdb - seed - serverdensity_device - service - shadow - slack - slsutil - smbios - smtp - sqlite3 - ssh - state - status - supervisord - sys - sysctl - sysfs - syslog_ng - system - telemetry - temp - test - timezone - tuned - udev - uptime - user - vbox_guest - virtualenv - xfs - zenoss
[root@node1 salt]# salt 'web1' sys.list_functions test
web1: - test.arg - test.arg_repr - test.arg_type - test.assertion - test.attr_call - test.collatz - test.conf_test - test.cross_test - test.echo - test.exception - test.false - test.fib - test.get_opts - test.kwarg - test.module_report - test.not_loaded - test.opts_pkg - test.outputter - test.ping - test.provider - test.providers - test.rand_sleep - test.rand_str - test.retcode - test.sleep - test.stack - test.true - test.try_ - test.tty - test.version - test.versions - test.versions_information - test.versions_report
[root@node1 salt]# salt web1 sys.doc test
test.arg: Print out the data passed into the function ``*args`` and ```kwargs``, this is used to both test the publication data and cli argument passing, but also to display the information available within the publication data. Returns {"args": args, "kwargs": kwargs}. CLI Example: salt '*' test.arg 1 "two" 3.1 txt="hello" wow='{a: 1, b: "hello"}' test.arg_repr: Print out the data passed into the function ``*args`` and ```kwargs``, this is used to both test the publication data and cli argument passing, but also to display the information available within the publication data. Returns {"args": repr(args), "kwargs": repr(kwargs)}. CLI Example: salt '*' test.arg_repr 1 "two" 3.1 txt="hello" wow='{a: 1, b: "hello"}' test.arg_type: Print out the types of the args and kwargs. This is used to test the types of the args and kwargs passed down to the minion CLI Example: salt '*' test.arg_type 1 'int' test.assertion: Assert the given argument CLI Example: salt '*' test.assertion False test.attr_call: Call grains.items via the attribute CLI Example: salt '*' test.attr_call test.collatz: Execute the collatz conjecture from the passed starting number, returns the sequence and the time it took to compute. Used for performance tests. CLI Example: salt '*' test.collatz 3 test.conf_test: Return the value for test.foo in the minion configuration file, or return the default value CLI Example: salt '*' test.conf_test test.cross_test: Execute a minion function via the __salt__ object in the test module, used to verify that the minion functions can be called via the __salt__ module. CLI Example: salt '*' test.cross_test file.gid_to_group 0 test.echo: Return a string - used for testing the connection CLI Example: salt '*' test.echo 'foo bar baz quo qux' test.exception: Raise an exception Optionally provide an error message or output the full stack. CLI Example: salt '*' test.exception 'Oh noes!' test.false: Always return False CLI Example: salt '*' test.false test.fib: Return the num-th Fibonacci number, and the time it took to compute in seconds. Used for performance tests. This function is designed to have terrible performance. CLI Example: salt '*' test.fib 3 test.get_opts: Return the configuration options passed to this minion CLI Example: salt '*' test.get_opts test.kwarg: Print out the data passed into the function ``**kwargs``, this is used to both test the publication data and cli kwarg passing, but also to display the information available within the publication data. CLI Example: salt '*' test.kwarg num=1 txt="two" env='{a: 1, b: "hello"}' test.module_report: Return a dict containing all of the execution modules with a report on the overall availability via different references CLI Example: salt '*' test.module_report test.not_loaded: List the modules that were not loaded by the salt loader system CLI Example: salt '*' test.not_loaded test.opts_pkg: Return an opts package with the grains and opts for this minion. This is primarily used to create the options used for master side state compiling routines CLI Example: salt '*' test.opts_pkg test.outputter: Test the outputter, pass in data to return CLI Example: salt '*' test.outputter foobar test.ping: Used to make sure the minion is up and responding. Not an ICMP ping. Returns ``True``. CLI Example: salt '*' test.ping test.provider: Pass in a function name to discover what provider is being used CLI Example: salt '*' test.provider service test.providers: Return a dict of the provider names and the files that provided them CLI Example: salt '*' test.providers test.rand_sleep: Sleep for a random number of seconds, used to test long-running commands and minions returning at differing intervals CLI Example: salt '*' test.rand_sleep 60 test.rand_str: Return a random string size size of the string to generate hash_type hash type to use New in version 2015.5.2 CLI Example: salt '*' test.rand_str test.retcode: Test that the returncode system is functioning correctly CLI Example: salt '*' test.retcode 42 test.sleep: Instruct the minion to initiate a process that will sleep for a given period of time. CLI Example: salt '*' test.sleep 20 test.stack: Return the current stack trace CLI Example: salt '*' test.stack test.true: Always return True CLI Example: salt '*' test.true test.try_: Try to run a module command. On an exception return None. If `return_try_exception` is set True return the exception. This can be helpful in templates where running a module might fail as expected. CLI Example: <pre> {% for i in range(0,230) %} {{ salt['test.try'](module='ipmi.get_users', bmc_host='172.2.2.'+i)|yaml(False) }} {% endfor %} </pre> test.tty: Deprecated! Moved to cmdmod. CLI Example: salt '*' test.tty tty0 'This is a test' salt '*' test.tty pts3 'This is a test' test.version: Return the version of salt on the minion CLI Example: salt '*' test.version test.versions: This function is an alias of ``versions_report``. Returns versions of components used by salt CLI Example: salt '*' test.versions_report test.versions_information: Report the versions of dependent and system software CLI Example: salt '*' test.versions_information test.versions_report: Returns versions of components used by salt CLI Example: salt '*' test.versions_report
拷贝文件
相当于 ssh 到目的主机执行 cp
[root@node1 salt]# salt -N groupweb file.copy /etc/passwd /var/tmp/passwd web3: True web1: True web2: True [root@node1 salt]# salt -N groupweb cmd.run 'ls /var/tmp/passwd' web2: /var/tmp/passwd web3: /var/tmp/passwd web1: /var/tmp/passwd
grains 模块
查看 节点 grains 的所有信息
[root@node1 salt]# salt 'web1' grains.items
web1: ---------- SSDs: biosreleasedate: 04/13/2018 biosversion: 6.00 cpu_flags: - fpu - vme - de - pse - tsc - msr - pae - mce - cx8 - apic - sep - mtrr - pge - mca - cmov - pat - pse36 - clflush - mmx - fxsr - sse - sse2 - ss - ht - syscall - nx - pdpe1gb - rdtscp - lm - constant_tsc - arch_perfmon - nopl - xtopology - tsc_reliable - nonstop_tsc - eagerfpu - pni - pclmulqdq - ssse3 - fma - cx16 - pcid - sse4_1 - sse4_2 - x2apic - movbe - popcnt - tsc_deadline_timer - aes - xsave - avx - f16c - rdrand - hypervisor - lahf_lm - abm - fsgsbase - tsc_adjust - bmi1 - avx2 - smep - bmi2 - invpcid - xsaveopt - arat cpu_model: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz cpuarch: x86_64 disks: - sda - sdb - sdc - sdd - sr0 - dm-0 - dm-1 dns: ---------- domain: ip4_nameservers: - 172.25.254.2 ip6_nameservers: nameservers: - 172.25.254.2 options: search: - localdomain sortlist: domain: fqdn: node2 fqdn_ip4: - 172.25.254.131 fqdn_ip6: - fe80::8068:96e2:b57b:be1d gid: 0 gpus: |_ ---------- model: SVGA II Adapter vendor: unknown groupname: root host: node2 hwaddr_interfaces: ---------- ens33: 00:0c:29:12:2e:59 ens34: 00:0c:29:12:2e:63 lo: 00:00:00:00:00:00 id: web1 init: systemd ip4_interfaces: ---------- ens33: - 172.25.254.131 ens34: lo: - 127.0.0.1 ip6_interfaces: ---------- ens33: - fe80::8068:96e2:b57b:be1d ens34: lo: - ::1 ip_interfaces: ---------- ens33: - 172.25.254.131 - fe80::8068:96e2:b57b:be1d ens34: lo: - 127.0.0.1 - ::1 ipv4: - 127.0.0.1 - 172.25.254.131 ipv6: - ::1 - fe80::8068:96e2:b57b:be1d kernel: Linux kernelrelease: 3.10.0-693.el7.x86_64 locale_info: ---------- defaultencoding: UTF-8 defaultlanguage: en_US detectedencoding: UTF-8 localhost: node2 lsb_distrib_codename: CentOS Linux 7 (Core) lsb_distrib_id: CentOS Linux machine_id: 8ebd8732ba9148f79a787d6901b7e2a9 manufacturer: VMware, Inc. master: 172.25.254.130 mdadm: mem_total: 3774 nodename: node2 num_cpus: 2 num_gpus: 1 os: CentOS os_family: RedHat osarch: x86_64 oscodename: CentOS Linux 7 (Core) osfinger: CentOS Linux-7 osfullname: CentOS Linux osmajorrelease: 7 osrelease: 7.4.1708 osrelease_info: - 7 - 4 - 1708 path: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/bin:/sbin pid: 8751 productname: VMware Virtual Platform ps: ps -efH pythonexecutable: /usr/bin/python pythonpath: - /usr/bin - /usr/lib64/python27.zip - /usr/lib64/python2.7 - /usr/lib64/python2.7/plat-linux2 - /usr/lib64/python2.7/lib-tk - /usr/lib64/python2.7/lib-old - /usr/lib64/python2.7/lib-dynload - /usr/lib64/python2.7/site-packages - /usr/lib/python2.7/site-packages pythonversion: - 2 - 7 - 5 - final - 0 saltpath: /usr/lib/python2.7/site-packages/salt saltversion: 2016.11.6 saltversioninfo: - 2016 - 11 - 6 - 0 selinux: ---------- enabled: True enforced: Enforcing serialnumber: VMware-56 4d 8c fc 74 72 c0 88-77 fd ee 60 97 12 2e 59 server_id: 967878355 shell: /bin/sh systemd: ---------- features: +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN version: 219 uid: 0 username: root uuid: fc8c4d56-7274-88c0-77fd-ee6097122e59 virtual: VMware zmqversion: 4.1.4
查看网卡信息
[root@node1 salt]# salt 'web1' grains.item ip4_interfaces
web1: ---------- ip4_interfaces: ---------- ens33: - 172.25.254.131 ens34: lo: - 127.0.0.1
查询主机名
[root@node1 salt]# salt 'web1' grains.item fqdn
web1: ---------- fqdn: node2