|
|
深入理解SaltStack远程执行
1.目标
2.执行模块
3.返回
salt '*' cmd.run 'uptime'
命令 目标 执行模块 执行模块参数
1、SlatStack远程执行--目标
执行目标:https://docs.saltstack.com/en/la ... d-targeting-methods
(1)和Minion ID相关的目标匹配方式
1、MinionID匹配
[iyunv@linux-node1 ~]# salt 'linux-node1.example.com' service.status sshd
linux-node1.example.com:
True
2、通配符* ? [1-2]等匹配
[iyunv@linux-node1 ~]# salt 'linux*' service.status sshd
linux-node2.example.com:
True
linux-node1.example.com:
True
[iyunv@linux-node1 ~]# salt 'linux-node?.example.com' service.status sshd
linux-node2.example.com:
True
linux-node1.example.com:
True
[iyunv@linux-node1 ~]# salt 'linux-node[1-2].example.com' service.status sshd
linux-node2.example.com:
True
linux-node1.example.com:
True
3、列表匹配
[iyunv@linux-node1 ~]# salt -L 'linux-node1.example.com,linux-node2.example.com' test.ping
linux-node2.example.com:
True
linux-node1.example.com:
True
4、正则表达式匹配
[iyunv@linux-node1 ~]# salt -E 'linux-(node1|node2)*' test.ping
linux-node2.example.com:
True
linux-node1.example.com:
True
(2)和Minion无关匹配
1、Grains匹配
[iyunv@linux-node1 ~]# salt -G 'os:CentOS' test.ping
linux-node2.example.com:
True
linux-node1.example.com:
True
2、子网、IP地址匹配
[iyunv@linux-node1 ~]# salt -S '192.168.56.0/24' test.ping
linux-node1.example.com:
True
linux-node2.example.com:
True
3、Pillar匹配
[iyunv@linux-node1 ~]# salt -I 'apache:httpd' test.ping
linux-node2.example.com:
True
linux-node1.example.com:
True
(3)混合匹配(少用)
(4)Node Groups匹配
#在master配置文件进行定义node-groups
[iyunv@linux-node1 ~]# vim /etc/salt/master
nodegroups:
web-group: 'L@linux-node1.example.com,linux-node2.example.com'
[iyunv@linux-node1 ~]# systemctl restart salt-master
[iyunv@linux-node1 ~]# salt -N web-group test.ping
linux-node2.example.com:
True
linux-node1.example.com:
True
(5)批处理执行--Batch size
#先执行1台完成后再执行一台,按比例去执行
[iyunv@linux-node1 ~]# salt '*' -b 1 test.ping
Executing run on ['linux-node2.example.com']
jid:
20180117172632455823
linux-node2.example.com:
True
retcode:
0
Executing run on ['linux-node1.example.com']
jid:
20180117172632650981
linux-node1.example.com:
True
retcode:
0
#按比例匹配执行,好比在重启服务器时,为了不影响业务,可以先重启一部分,再重启后面一部分
[iyunv@linux-node1 ~]# salt -G 'os:CentOS' --batch-size 50% test.ping
Executing run on ['linux-node2.example.com']
jid:
20180117172759207757
linux-node2.example.com:
True
retcode:
0
Executing run on ['linux-node1.example.com']
jid:
20180117172759402383
linux-node1.example.com:
True
retcode:
0
2、SlatStack远程执行--执行模块
执行模块:https://docs.saltstack.com/en/la ... ml#all-salt-modules
3、SlatStack远程执行--返回
返回模块:https://docs.saltstack.com/en/latest/ref/returners/index.html
官方文档上有多种返回的方式,如MySQL、Redis、ELK、zabbix
返回是minion直接将命令执行结果写入到MySQL,需要的依赖包:MySQL-python
(1)SATL.RETURNERS.MYSQL(minion返回MySQL)
(1)所有minion需要安装MySQL-python
[iyunv@linux-node1 ~]# salt '*' cmd.run 'yum install -y MySQL-python'
[iyunv@linux-node1 ~]# salt '*' pkg.install MySQL-python #使用pkg模块安装MySQL-python
(2)安装mariadb
[iyunv@linux-node1 ~]# yum install -y mariadb-server
[iyunv@linux-node1 ~]# systemctl start mariadb
(3)创建salt库,创建jid、salt_returns、salt_events表,授权
[iyunv@linux-node1 ~]# mysql -uroot -p
Enter password:
MariaDB [(none)]> CREATE DATABASE `salt`
-> DEFAULT CHARACTER SET utf8
-> DEFAULT COLLATE utf8_general_ci;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> USE `salt`;
Database changed
MariaDB [salt]> CREATE TABLE `jids` (
-> `jid` varchar(255) NOT NULL,
-> `load` mediumtext NOT NULL,
-> UNIQUE KEY `jid` (`jid`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.00 sec)
MariaDB [salt]> CREATE TABLE `salt_returns` (
-> `fun` varchar(50) NOT NULL,
-> `jid` varchar(255) NOT NULL,
-> `return` mediumtext NOT NULL,
-> `id` varchar(255) NOT NULL,
-> `success` varchar(10) NOT NULL,
-> `full_ret` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> KEY `id` (`id`),
-> KEY `jid` (`jid`),
-> KEY `fun` (`fun`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.03 sec)
MariaDB [salt]> CREATE TABLE `salt_events` (
-> `id` BIGINT NOT NULL AUTO_INCREMENT,
-> `tag` varchar(255) NOT NULL,
-> `data` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> `master_id` varchar(255) NOT NULL,
-> PRIMARY KEY (`id`),
-> KEY `tag` (`tag`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.02 sec)
MariaDB [salt]> show tables;
+----------------+
| Tables_in_salt |
+----------------+
| jids |
| salt_events |
| salt_returns |
+----------------+
3 rows in set (0.00 sec)
MariaDB [salt]> grant all on salt.* to salt@'%' identified by 'salt';
Query OK, 0 rows affected (0.00 sec)
(4)修改salt-minion,配置MySQL链接
[iyunv@linux-node2 ~]# vim /etc/salt/minion
###### Returner settings ######
############################################
mysql.host: '192.168.56.11'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[iyunv@linux-node2 ~]# systemctl restart salt-minion
[iyunv@linux-node1 ~]# vim /etc/salt/minion
###### Returner settings ######
############################################
mysql.host: '192.168.56.11'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[iyunv@linux-node1 ~]# systemctl restart salt-minion
(5)测试,并在数据库查看返回结果
[iyunv@linux-node1 ~]# salt '*' test.ping --return mysql
linux-node2.example.com:
True
linux-node1.example.com:
True
MariaDB [salt]> select * from salt_returns;
+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
| fun | jid | return | id | success | full_ret | alter_time |
+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
| test.ping | 20180118093222060862 | true | linux-node2.example.com | 1 | {"fun_args": [], "jid": "20180118093222060862", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "linux-node2.example.com"} | 2018-01-18 09:32:22 |
| test.ping | 20180118093222060862 | true | linux-node1.example.com | 1 | {"fun_args": [], "jid": "20180118093222060862", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "linux-node1.example.com"} | 2018-01-18 09:32:24 |
+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
2 rows in set (0.00 sec)
使用salt的job_cache机制将命令写入mysql(常用方法)
执行的所有命令都会写入mysql,不用使用return,把cache写在mysql
[iyunv@linux-node1 ~]# vim /etc/salt/master
master_job_cache: mysql
mysql.host: '192.168.56.11'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[iyunv@linux-node1 ~]# systemctl restart salt-master
[iyunv@linux-node1 ~]# salt '*' cmd.run 'w'
[iyunv@linux-node1 ~]# mysql -uroot -p123456 -e "select * from salt.salt_returns;"
#加上-v参数可以看到jid,并且通过jid可以查看运行的结果
[iyunv@linux-node1 ~]# salt '*' cmd.run 'uptime' -v
Executing job with jid 20180118095000725560
-------------------------------------------
linux-node2.example.com:
09:50:00 up 14 days, 4:24, 2 users, load average: 0.00, 0.01, 0.05
linux-node1.example.com:
09:50:00 up 23 days, 3:56, 2 users, load average: 0.00, 0.06, 0.18
[iyunv@linux-node1 ~]# salt-run jobs.lookup_jid 20180118095000725560
linux-node1.example.com:
09:50:00 up 23 days, 3:56, 2 users, load average: 0.00, 0.06, 0.18
linux-node2.example.com:
09:50:00 up 14 days, 4:24, 2 users, load average: 0.00, 0.01, 0.05
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2018-1-22 11:11:53
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡