salt的使用

321312222

salt-net-api
获取tocken
1.curl -k http://127.0.0.1:8000/login -H "Accept: application/x-yaml" -d username="saltapi" -d password="abc/123" -d eauth='pam'

2.curl -k http://192.168.10.169:8000/ -H "Accept: application/x-yaml" -H "X-Auth-Token: 55c539c0b9af9a6a4f1c25f5793823862d07eb91" -d client='local' -d tgt='*' -d fun='cmd.run' -d arg='cp /etc/hosts /opt/'




salt '*' test.ping
'*':目标
test 模块
ping 函数

定义目标
'*'
salt -E 'web1-(prod|devel).example.com'
-E 代表用正则
salt -L ''
-L 代表列表


salt -E '(node1|node2).example.com' test.ping



granins
数据，存放在minoins上默认就有

salt 'node1.example.com' grains.(ls|items)
granins相当于facter，获取机器信息的

salt -G 'os:centos' test.ping
如果系统是centos，执行test.ping

granins也可以添加自定义项，在客户端的/etc/salt/minoins配置文件中granins添加


群组
mater nodegroups
salt -N 'web1' test.ping
-N指定组 组名

salt '*' -b 1 test.ping
-b分批次执行

salt '*' -b 50% test.ping
分50%执行


使用对应的模块名
/usr/lib/python/site-package/salt/modules/test.py
函数是ping
salt master就是告诉客户端做什么事
test.ping(实在minoins上执行的)

salt 'node3' cmd.run 'uptime'
cmd.run后面跟执行的命令

salt文件跟路径/srv/salt/


客户端执行test.sh脚本
在master上/srv/salt/test.sh
执行salt 'node' cmd.script salt://test.sh


state命令的组织结构，/src/salt/
top.sls
base: 环境
        '*':
                - apache_install
/src/salt/apache_install/init.sls
httpd: #id
  pkg:   #states
    - installed

salt 'node1' state.highstate    找top.sls接口文件处理
salt 'node1' state.sls httpd    找httpd.sls处理

/src/salt/apache_install/init.sls
httpd: #id
  pkg:
    - installed
  service:
    - running
    - require:
      - pkg: httpd


salt 'node1' state.sls httpd
指定执行某一个sls文件例如httpd.sls


httpd: #id
  pkg:
    - installed
  service:source
    - running
    - require:
      - pkg: httpd
    - watch:
      - file: /etc/httpd/conf/httpd.conf
/etc/httpd/conf/httpd.conf:
  file:
    - managed
    - source: salt://httpd.conf
    - require:
      - pkg: httpd

apache:
  pkg.installed:
  {%if granins('os') == 'CentOS' %}
  - name: httpd
  {%else%}
  - name: apache2
  {%endif%}

salt 'node1' file.group_to_gid root


f:
  user:
    - present
    - gid: {{salt['file.group_to_gid']('root')}}
调用salt模块，获取相关信息file等于 /usr/lib/python/site-package/salt/modules/file.py



pillar
salt '*' pillar.items
/srv/pillar
top.sls   #入口文件
base:
  '*':
    - data   #定义的数据文件data.sls data/init.sls
    - users

/srv/pillar/data.sls
/srv/pillar/users.sls
users:
        th: 1000
        sh: 1001
        ut: 1002


salt '*' saltutil.refresh.pillar   同步pillar信息       
salt ‘*’




pillar 下发用户信息
在所有的minion上添加3个用户
1
#pillar_roots:
#  base:
#    - /srv/pillar

master reboot

2 cd /srv/pillar
2.1 vim top.sls #决定把pillar信息下发给谁
base:
  '*':
    - data #下面定义的数据文件data.sls 或者 data/init.sls
    - users #同上

[iyunv@node1 pillar]# cat users.sls

users:
  th: 1000
  sh: 1001
  ut: 1002

3 [iyunv@node1 pillar]# salt '*' saltutil.refresh_pillar
验证 salt '*' pillar.items | grep users

4 调用pillar信息
cd /srv/salt #进入到state的目录
[iyunv@node1 salt]# cat mxl.sls
{% for user, uid in pillar.get('users', {}).items() %}
{{user}}:
  user.present:
    - uid: {{uid}}
{% endfor%}

5 执行      
[iyunv@node1 salt]# salt 'node2' state.sls mxl



include:
  - dhcp.python-libs

dhcp:
  pkg.installed:
    - require:
      - pkg: python-dateutil

python-libs.sls          
python-dateutil:
  pkg.installed



job
        name: The same value passed to the state as "name".
        changes: A dict describing the changes made. Each thing changed should be a key, with its value being another dict with keys called "old" and "new" containing the old/new values. For example, the pkg state's changes dict has one key for each package changed, with the "old" and "new" keys in its sub-dict containing the old and new versions of the package.
        result: A boolean value. True if the action was successful, otherwise False.
        comment: A string containing a summary of the result.


pip install MySQLdb

CREATE DATABASE  `salt`
      DEFAULT CHARACTER SET utf8
      DEFAULT COLLATE utf8_general_ci;

USE `salt`;

    --
    -- Table structure for table `jids`
    --

    DROP TABLE IF EXISTS `jids`;
    CREATE TABLE `jids` (
      `jid` varchar(255) NOT NULL,
      `load` mediumtext NOT NULL,
      UNIQUE KEY `jid` (`jid`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

    -- Table structure for table `salt_returns`
    --

    DROP TABLE IF EXISTS `salt_returns`;
    CREATE TABLE `salt_returns` (
      `fun` varchar(50) NOT NULL,
      `jid` varchar(255) NOT NULL,
      `return` mediumtext NOT NULL,
      `id` varchar(255) NOT NULL,
      `success` varchar(10) NOT NULL,
      `full_ret` mediumtext NOT NULL,
      `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
      KEY `id` (`id`),
      KEY `jid` (`jid`),
      KEY `fun` (`fun`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

编辑minion上的配置文件并修改相关的mysql信息

mysql.host: '10.255.254.221'
mysql.user: 'salt'
mysql.pass: '123'
mysql.db: 'salt'
mysql.port: 3306

这步最好测试一下
mysql -u salt -p123 -h 10.255.254.221 salt

重新启动你的minion
service salt-minion restart
测试
salt '*' test.ping --return mysql
查看数据库获得信息
fun: test.ping
       jid: 20150322123606281679
    return: true
        id: node2
   success: 1
  full_ret: {"fun_args": [], "jid": "20150322123606281679", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "node2"}
alter_time: 2015-03-22 12:36:06


job管理
1.list_jobs running Returns the data of all running jobs that are found in the proc directory.
2.find_job Returns specific data about a certain job based on job id.
3.signal_job Allows for a given jid to be sent a signal.
4.term_job Sends a termination signal (SIGTERM, 15) to the process controlling the specified job.
5.kill_job Sends a kill signal (SIGKILL, 9) to the process controlling the specified job.

salt-run jobs.active
salt-run jobs.lookup_jid <job id number>
salt-run jobs.list_jobs


反射
观察event
salt-call
Tag: new_job
Data:
{'_stamp': '2015-03-22T13:36:26.412296',
'arg': [],
'fun': 'test.ping',
'jid': '20150322133626411925',
'minions': ['node2'],
'tgt': 'node2',
'tgt_type': 'glob',
'user': 'root'}
Event fired at Sun Mar 22 13:36:26 2015
*************************

Tag
Data

编辑master的配置文件
reactor:
  -  'salt/job/*/ret/node3':
     - /srv/reactor/start.sls

vim /srv/reactor/start.sls
{% if data['fun'] == 'test.ping' %}
clean_tmp:
  cmd.run:
    - tgt: 'node3'
    - arg:
      - rm -fr /tmp/abc
{% endif %}

以上语句相当于
cmd.run 'node3' 'rm -fr /tmp/abc'

重启你的master
测试
salt '*' test.ping
查看node3上面的文件是否被删除

haproxy 模块使用安装
M2Crypto
pip uninstall PyCrypto
pip install PyCrypto
cd /usr/lib/python2.6/site-packages/
rm -fr salt salt-2014.1.4-py2.6.egg-info/
pip install salt