saltstack自动化运维系列③之saltstack的常用模块使用
saltstack自动化运维系列③之saltstack的常用模块使用1.命令的常用方法:
指定主机运行命令
# salt 'mini1' cmd.run 'date'
mini1:
Fri Apr7 14:18:13 CST 2017
指定IP执行命令
# salt -S '192.168.3.19' test.ping
node2.chinasoft.com:
True
# salt -C 'S@192.168.3.19 or G@web:nginx' test.ping
mini1:
True
node2.chinasoft.com:
True
2.服务的管理
# salt '*' service.available sshd
node2.chinasoft.com:
True
mini1:
True
# salt '*' service.get_all
服务的管理:
可参考
https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.service.html#module-salt.modules.service
# salt '*' service.status httpd
node2.chinasoft.com:
True
mini1:
True
# salt '*' service.stop httpd
node2.chinasoft.com:
True
mini1:
True
# salt '*' service.status httpd
mini1:
False
node2.chinasoft.com:
False
3.权限控制模块:
可参考:https://docs.saltstack.com/en/latest/ref/publisheracl.html
修改目录权限
# chmod 755 /var/cache/salt /var/cache/salt/master /var/cache/salt/master/jobs /var/run/salt /var/run/salt/master
修改日志权限
# chmod 777 -R /var/log/salt/
# vim /etc/salt/master
client_acl:
jack:
- test.ping
- network.*
tom:
- mini*:
- test.ping
# useradd jack
# useradd tom
可以看到当切换到tom这个用户的时候可以在mini*开头的机器上执行test.ping
su - tom
$ salt 'mini*' test.ping
Failed to authenticate! This is most likely because this user is not permitted to execute commands, but there is a small possibility that a disk error occurred (check disk/inode usage).
$ salt 'mini*' test.ping
mini1:
True
$ salt 'mini*' 'w'
Failed to authenticate! This is most likely because this user is not permitted to execute commands, but there is a small possibility that a disk error occurred (check disk/inode usage).
切换到jack用户时可以执行test.ping
# su - jack
$ salt '*' test.ping
mini1:
True
node2.chinasoft.com:
True
页:
[1]