saltstack日常应用
客户端/etc/init.d/salt-minion start 日志文件默认是这个/var/log/salt/minion服务端/etc/init.d/salt-master start 日志文件默认是这个/var/log/salt/master
# salt-key -L
Accepted Keys:
server.hadoop.com
Unaccepted Keys:
localhost
Rejected Keys:
查看你的key情况
同意加入localhost
# salt-key -L
Accepted Keys:
server.hadoop.com
Unaccepted Keys:
localhost
Rejected Keys:
# salt-key -a localhost
Key for minion localhost accepted.
# salt-key -L
Accepted Keys:
localhost
server.hadoop.com
Unaccepted Keys:
Rejected Keys:
查看一下网络连接情况(也就是看看能否连接客户端)
# salt '*' test.ping
localhost:
True
server.hadoop.com:
True
先前使用*代表所有机器,如果想单独的话,可以使用
# salt 'localhost' cmd.run hostname
localhost:
centos
如果想运行多个的话,可以使用-L
# salt -L 'server.hadoop.com,localhost' cmd.run hostname
server.hadoop.com:
server.hadoop.com
localhost:
centos
还可以使用正则
# salt -E 'server*' cmd.run hostname
server.hadoop.com:
server.hadoop.com
-G 这个参数很强大会根据默认的grain的结果来指定最新 grain这个东西就像puppet里面的facter这个东西
# salt -G 'os:Centos' test.ping
localhost:
True
# salt -G 'os:Ubuntu' test.ping
server.hadoop.com:
True
如果想查看哪个项的话
# salt '*' grains.item os
server.hadoop.com:
os: Ubuntu
localhost:
os: CentOS
执行python代码
# salt '*' cmd.exec_code python 'import sys;print sys.version'
localhost:
2.6.6 (r266:84292, Feb 22 2013, 00:00:18)
server.hadoop.com:
2.7.3 (default, Aug1 2012, 05:14:39)
分组操作
在master里配置
nodegroups:
group1: 'localhost'
group2: 'server.hadoop.com'
可以把localhost分给group1,server.hadoop.com分给group2
然后重启salt-master
# salt -N group1 test.ping
localhost:
True
# salt -N group2 test.ping
server.hadoop.com:
True
查看网卡ip
# salt 'localhost' network.interfaces
下面是我的测试
# salt -C 'G@os:ubuntu' test.ping
server.hadoop.com:
True
# salt -C 'E@server.\w+' test.ping
server.hadoop.com:
True
# salt -C 'P@os:(centos)' test.ping
localhost:
True
# salt -C 'P@os:(centos|ubuntu)' test.ping
server.hadoop.com:
True
localhost:
True
# salt -C 'L@localhost,server.hadoop.com' test.ping
server.hadoop.com:
True
localhost:
True
# salt -C 'S@192.168.56.0/24' test.ping
server.hadoop.com:
True
localhost:
True
查看磁盘空间
# salt 'localhost' disk.usage
# df -h
如果想查看所有minion的连接情况,可以使用salt-run manage.status
# salt '*' test.ping
server.hadoop.com:
True
localhost:
True
# salt-run manage.status
down:
- 230
up:
- localhost
- server.hadoop.com
如果想安装软件可以使用pkg.install
# salt 'localhost' pkg.install dos2unix
Loaded plugins: fastestmirror
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.esocc.com
* epel: mirrors.vinahost.vn
* extras: mirror.esocc.com
* rpmforge: mirror1.hs-esslingen.de
* updates: centosc6.centos.org
Running rpm_check_debug
Loaded plugins: fastestmirror
localhost:
----------
dos2unix:
----------
new:
3.1-37.el6
old:
# rpm -qa|grep dos2unix
dos2unix-3.1-37.el6.x86_64
查看你已经安装的包
salt 'localhost' pkg.list_pkgs
删除包
bc. # salt 'localhost' pkg.remove echoping
Loaded plugins: fastestmirror
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.esocc.com
* epel: mirror.neu.edu.cn
* extras: mirror.esocc.com
* rpmforge: mirrors.neusoft.edu.cn
* updates: mirror.esocc.com
Running rpm_check_debug
Loaded plugins: fastestmirror
localhost:
- echoping
# rpm -qa|grep echoping
查看你repos(由于内容过多,我就只列出命令了)
salt 'localhost' pkg.list_repos
配置类似puppet操作
由于我的master上的存放信息目录是在/var/salt上
file_roots:
base:
- /var/salt/
所以进入换个目录
下面是我的配置
# cat top.sls
base:
'*': #对象名,我使用*代表所有
- vim #资源文件名
如果你的资源文件存放在一个目录里,比如在/var/salt/apache/vim.sls,
那么可以写为
-apache.vim
代表apache目录下的vim.sls
下面测试
Top里内容为
# cat top.sls
base:
'localhost':
- echoping.echoping#代表echoping目录下的echoping.sls文件
# pwd
/var/salt/echoping
# cat echoping.sls
echoping: #id宣告
pkg:#安装包管理
- name: echoping #安装哪个软件
- installed #要求是安装
service: #服务管理
- name: httpd #指定服务
- running #服务运行状态
-> - watch: #如果下面文件发生变化,就重启
- file: /tmp/test_echoping.conf #监控的文件地址
/tmp/test_echoping.conf: #宣告
file.managed: #文件管理
- source: salt://echoping/test_echoping.conf #源数据在哪里
- user: root #用户
- group: root #组
- mode: 644 #权限
- backup: minion #备份一份
运行的话,可以使用salt 'localhost' state.highstate
注意,如果需要把服务设置为开机启动可以使用- enable:True
由于我设置的是有变化就重启http,所以先查看http的状态
# ps -ef|grep httpd
root 1430 10 17:03 ? 00:00:00 /usr/sbin/httpd
apache 143614300 17:03 ? 00:00:00 /usr/sbin/httpd
apache 146914300 17:03 ? 00:00:00 /usr/sbin/httpd
apache 147014300 17:03 ? 00:00:00 /usr/sbin/httpd
apache 147114300 17:03 ? 00:00:00 /usr/sbin/httpd
apache 147214300 17:03 ? 00:00:00 /usr/sbin/httpd
apache 147314300 17:03 ? 00:00:00 /usr/sbin/httpd
apache 147414300 17:03 ? 00:00:00 /usr/sbin/httpd
apache 147514300 17:03 ? 00:00:00 /usr/sbin/httpd
apache 147614300 17:03 ? 00:00:00 /usr/sbin/httpd
root 188617820 17:04 pts/0 00:00:00 grep httpd
# date
Fri Aug9 17:04:54 CST 2013
在17:04启动,然后在运行salt 'localhost' state.highstate
# salt 'localhost' state.highstate
Info: Running a benchmark to measure system clock frequency...
Info: Finished RDTSC test. To prevent the startup delay from this benchmark, set the environment variable RDTSC_FREQUENCY to 2495 on
this system. This value is dependent upon the CPU clock speed and architecture and should be determined separately for each server.
localhost:
----------
State: - file
Name: /tmp/test_echoping.conf
Function:managed
Result: True
Comment: File /tmp/test_echoping.conf updated
Changes: diff: New file
----------
State: - pkg
Name: echoping
Function:installed
Result: True
Comment: The following packages were installed/updated: echoping.
Changes: echoping: { new : 5.2.0-1.2.el6.rf
old :
}
----------
State: - service
Name: httpd
Function:running
Result: True
Comment: Service restarted
Changes: httpd: True
可以看到已经安装了echoping,并且更新了/tmp/test_echoping.conf
在查看一下httpd情况
# ps -ef|grep httpd
root 2025 10 17:06 ? 00:00:00 /usr/sbin/httpd
apache 202820250 17:06 ? 00:00:00 /usr/sbin/httpd
apache 203120250 17:06 ? 00:00:00 /usr/sbin/httpd
apache 203220250 17:06 ? 00:00:00 /usr/sbin/httpd
apache 203320250 17:06 ? 00:00:00 /usr/sbin/httpd
apache 203420250 17:06 ? 00:00:00 /usr/sbin/httpd
apache 203520250 17:06 ? 00:00:00 /usr/sbin/httpd
apache 203620250 17:06 ? 00:00:00 /usr/sbin/httpd
apache 203720250 17:06 ? 00:00:00 /usr/sbin/httpd
apache 203820250 17:06 ? 00:00:00 /usr/sbin/httpd
root 204317823 17:06 pts/0 00:00:00 grep httpd
# date
Fri Aug9 17:06:57 CST 2013
可以看到已经重启了。
在查看一下文件传输情况
源文件
# cat /var/salt/echoping/test_echoping.conf
this is test echoping
this twice test
生成的文件
# cat /tmp/test_echoping.conf
this is test echoping
this twice test
查看echoping是否安装
# rpm -qa|grep echoping
echoping-5.2.0-1.2.el6.rf.x86_64
已经安装了
在看看下面的用户与权限
# ll /tmp/test_echoping.conf
-rw-r--r-- 1 root root 38 Aug9 17:05 /tmp/test_echoping.conf
也是我们定义的
如果在给/var/salt/echoping/test_echoping.conf修改了,在运行
# salt 'localhost' state.highstate
localhost:
----------
State: - file
Name: /tmp/test_echoping.conf
Function:managed
Result: True
Comment: File /tmp/test_echoping.conf updated
Changes: diff: ---
+++
@@ -1,2 +1,3 @@
this is test echoping
this twice test
+this is 3
----------
State: - service
Name: httpd
Function:running
Result: True
Comment: Service restarted
Changes: httpd: True
然后服务也重启了
# ps -ef|grep httpd
root 2352 10 17:21 ? 00:00:00 /usr/sbin/httpd
apache 235423520 17:21 ? 00:00:00 /usr/sbin/httpd
apache 235523520 17:21 ? 00:00:00 /usr/sbin/httpd
apache 235623520 17:21 ? 00:00:00 /usr/sbin/httpd
apache 235723520 17:21 ? 00:00:00 /usr/sbin/httpd
apache 235823520 17:21 ? 00:00:00 /usr/sbin/httpd
apache 235923520 17:21 ? 00:00:00 /usr/sbin/httpd
apache 236023520 17:21 ? 00:00:00 /usr/sbin/httpd
apache 236123520 17:21 ? 00:00:00 /usr/sbin/httpd
apache 236223520 17:21 ? 00:00:00 /usr/sbin/httpd
root 237221830 17:22 pts/1 00:00:00 grep httpd
# date
Fri Aug9 17:23:01 CST 2013
如果想让salt能想puppet那样定时自动的获取配置,可以在/etc/salt/minion里配置
schedule:
highstate:
function: state.highstate
minutes: 60
然后重启salt-minion
请注意,在服务端可以使用salt 'localhost' state.highstate,在客户端的话,使用salt-callstate.highstate
如果使用grains来区分不同的系统安装不同的东东,可以使用下面(比如安装apache,在centos里安装httpd,在ubuntu里安装apache2)
# cat apache.sls
apache:
pkg:
{% if grains['os'] == 'CentOS'%}
- name: httpd
{% elif grains['os'] == 'Ubuntu'%}
- name: apache2
{% endif %}
- installed
service:
{% if grains['os'] == 'CentOS'%}
- name: httpd
{% elif grains['os'] == 'Ubuntu'%}
- name: apache2
{% endif %}
- running
-> - watch:
- pkg: apache
- file: /tmp/test.conf
/tmp/test.conf:
file.managed:
- source: salt://apache/test.conf
- user: root
- group: root
- mode: 644
# cat test.conf
this is test apache
this is 2
然后运行更新
# salt 'server.hadoop.com' state.highstate
server.hadoop.com:
----------
State: - file
Name: /tmp/test.conf
Function:managed
Result: True
Comment: File /tmp/test.conf updated
Changes: diff: New file
----------
State: - pkg
Name: apache2
Function:installed
Result: True
Comment: Package apache2 is already installed
Changes:
----------
State: - service
Name: apache2
Function:running
Result: True
Comment: Service restarted
Changes: apache2: True
注意,如果你想使用命令的话,可以使用cmd.wait
echo-msg:
cmd.wait:
- name: echo 'this is test' >/tmp/echo-msg
- user: root
- watch:
- pkg: apache
自定义模块
查看你master上的file_root路径,比如我的为
file_roots:
base:
- /var/salt/
所以在/var/salt里创建个_modules
mkdir /var/salt/_modules
然后进入目录编写模块
cd /var/salt/_modules
# cat dl.py
def msg():
msg='this is test message'
return msg
def time():
import time
a=time.asctime()
return a
必须以.py结尾
然后同步到minion里(使用saltutil.sync_all)
# salt '*' saltutil.sync_all
server.hadoop.com:
|_
- modules.dl
|_
|_
|_
|_
|_
localhost:
|_
- modules.dl
|_
|_
|_
|_
|_
下面测试
# salt '*' dl.msg
localhost:
this is test message
server.hadoop.com:
this is test message
# salt '*' dl.time
server.hadoop.com:
Tue Aug 13 15:25:32 2013
localhost:
Tue Aug 13 15:25:29 2013
当然还可以直接调用salt的模块
调用先有的module来显现自定义module中需要的功能saltsalt内置的一个字典,包含了所有的salt的moudle
def cmd(cmd):
return __salt__['cmd.run'](cmd)
同步
之后测试
#salt '*' saltutil.sync_all
server.hadoop.com:
|_
|_
|_
|_
|_
|_
localhost:
|_
- modules.dl
|_
|_
|_
|_
|_
# salt 'localhost' dl.cmd ls
localhost:
1.log
1.py
111.py
1111.log
2.log
3.log
anaconda-ks.cfg
install.log
install.log.syslog
install_openstack.sh
install_zabbix_agent.sh
svn_install.sh
test
test5
test7.py
zatree
# salt 'localhost' dl.cmd hostname
localhost:
centos
下面是一些关于client的描述
Python client API
Salt is written to be completely API centric, Salt minions and master can be built directly into third party applications as a
communication layer. The Salt client API is very straightforward.
运行单个命令
>>> import salt.client
>>> a=salt.client.LocalClient()
>>> a
<salt.client.LocalClient object at 0x1ad8f10>
>>> a.cmd("localhost","test.ping")
{'localhost': True}
>>> a.cmd("*","test.ping")
{'server.hadoop.com': True, 'localhost': True}
>>> a.cmd("*","dl.time")
{'server.hadoop.com': 'Wed Aug 14 09:53:22 2013', 'localhost': 'Wed Aug 14 09:53:22 2013'}
运行多个命令
>>> a.cmd('*',['cmd.run','test.ping','dl.time'],[['hostname'],[],[]])
{'server.hadoop.com': {'test.ping': True, 'dl.time': 'Wed Aug 14 10:01:35 2013', 'cmd.run': 'server.hadoop.com'}, 'localhost':
{'test.ping': True, 'dl.time': 'Wed Aug 14 10:01:35 2013', 'cmd.run': 'centos'}}
页:
[1]