来这个公司第一件事就是推出了salt,因为要结合自动化上线使用
salt-net-api
获取tocken
1.curl -k http://127.0.0.1:8000/login -H "Accept: application/x-yaml" -d username="saltapi" -d password="abc/123" -d eauth='pam'
2.curl -k http://192.168.10.169:8000/ -H "Accept: application/x-yaml" -H "X-Auth-Token: 55c539c0b9af9a6a4f1c25f5793823862d07eb91" -d client='local' -d tgt='*' -d fun='cmd.run' -d arg='cp /etc/hosts /opt/'
salt '*' test.ping
'*':目标
test 模块
ping 函数
定义目标
'*'
salt -E 'web1-(prod|devel).example.com'
-E 代表用正则
salt -L ''
-L 代表列表
salt -E '(node1|node2).example.com' test.ping
granins
数据,存放在minoins上默认就有
salt 'node1.example.com' grains.(ls|items)
granins相当于facter,获取机器信息的
salt -G 'os:centos' test.ping
如果系统是centos,执行test.ping
granins也可以添加自定义项,在客户端的/etc/salt/minoins配置文件中granins添加
群组
mater nodegroups
salt -N 'web1' test.ping
-N指定组 组名
salt '*' -b 1 test.ping
-b分批次执行
salt '*' -b 50% test.ping
分50%执行
使用对应的模块名
/usr/lib/python/site-package/salt/modules/test.py
函数是ping
salt master就是告诉客户端做什么事
test.ping(实在minoins上执行的)
salt 'node3' cmd.run 'uptime'
cmd.run后面跟执行的命令
salt文件跟路径/srv/salt/
客户端执行test.sh脚本
在master上/srv/salt/test.sh
执行salt 'node' cmd.script salt://test.sh
state命令的组织结构,/src/salt/
top.sls
base: 环境
'*':
- apache_install
/src/salt/apache_install/init.sls
httpd: #id
pkg: #states
- installed
salt 'node1' state.highstate 找top.sls接口文件处理
salt 'node1' state.sls httpd 找httpd.sls处理
/src/salt/apache_install/init.sls
httpd: #id
pkg:
- installed
service:
- running
- require:
- pkg: httpd
salt 'node1' state.sls httpd
指定执行某一个sls文件例如httpd.sls
httpd: #id
pkg:
- installed
service:source
- running
- require:
- pkg: httpd
- watch:
- file: /etc/httpd/conf/httpd.conf
/etc/httpd/conf/httpd.conf:
file:
- managed
- source: salt://httpd.conf
- require:
- pkg: httpd
apache:
pkg.installed:
{%if granins('os') == 'CentOS' %}
- name: httpd
{%else%}
- name: apache2
{%endif%}
salt 'node1' file.group_to_gid root
f:
user:
- present
- gid: {{salt['file.group_to_gid']('root')}}
调用salt模块,获取相关信息file等于 /usr/lib/python/site-package/salt/modules/file.py
pillar
salt '*' pillar.items
/srv/pillar
top.sls #入口文件
base:
'*':
- data #定义的数据文件data.sls data/init.sls
- users
/srv/pillar/data.sls
/srv/pillar/users.sls
users:
th: 1000
sh: 1001
ut: 1002
salt '*' saltutil.refresh.pillar 同步pillar信息
salt ‘*’
pillar 下发用户信息
在所有的minion上添加3个用户
1
#pillar_roots:
# base:
# - /srv/pillar
master reboot
2 cd /srv/pillar
2.1 vim top.sls #决定把pillar信息下发给谁
base:
'*':
- data #下面定义的数据文件data.sls 或者 data/init.sls
- users #同上
[root@node1 pillar]# cat users.sls
users:
th: 1000
sh: 1001
ut: 1002
3 [root@node1 pillar]# salt '*' saltutil.refresh_pillar
验证 salt '*' pillar.items | grep users
4 调用pillar信息
cd /srv/salt #进入到state的目录
[root@node1 salt]# cat mxl.sls
{% for user, uid in pillar.get('users', {}).items() %}
`user`:
user.present:
- uid: `uid`
{% endfor%}
5 执行
[root@node1 salt]# salt 'node2' state.sls mxl
include:
- dhcp.python-libs
dhcp:
pkg.installed:
- require:
- pkg: python-dateutil
python-libs.sls
python-dateutil:
pkg.installed
job
name: The same value passed to the state as "name".
changes: A dict describing the changes made. Each thing changed should be a key, with its value being another dict with keys called "old" and "new" containing the old/new values. For example, the pkg state's changes dict has one key for each package changed, with the "old" and "new" keys in its sub-dict containing the old and new versions of the package.
result: A boolean value. True if the action was successful, otherwise False.
comment: A string containing a summary of the result.
pip install MySQLdb
CREATE DATABASE `salt`
DEFAULT CHARACTER SET utf8
DEFAULT COLLATE utf8_general_ci;
USE `salt`;
--
-- Table structure for table `jids`
--
DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (
`jid` varchar(255) NOT NULL,
`load` mediumtext NOT NULL,
UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- Table structure for table `salt_returns`
--
DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
编辑minion上的配置文件并修改相关的mysql信息
mysql.host: '10.255.254.221'
mysql.user: 'salt'
mysql.pass: '123'
mysql.db: 'salt'
mysql.port: 3306
这步最好测试一下
mysql -u salt -p123 -h 10.255.254.221 salt
重新启动你的minion
service salt-minion restart
测试
salt '*' test.ping --return mysql
查看数据库获得信息
fun: test.ping
jid: 20150322123606281679
return: true
id: node2
success: 1
full_ret: {"fun_args": [], "jid": "20150322123606281679", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "node2"}
alter_time: 2015-03-22 12:36:06
job管理
1.list_jobs running Returns the data of all running jobs that are found in the proc directory.
2.find_job Returns specific data about a certain job based on job id.
3.signal_job Allows for a given jid to be sent a signal.
4.term_job Sends a termination signal (SIGTERM, 15) to the process controlling the specified job.
5.kill_job Sends a kill signal (SIGKILL, 9) to the process controlling the specified job.
salt-run jobs.active
salt-run jobs.lookup_jid
salt-run jobs.list_jobs
反射
观察event
salt-call
Tag: new_job
Data:
{'_stamp': '2015-03-22T13:36:26.412296',
'arg': [],
'fun': 'test.ping',
'jid': '20150322133626411925',
'minions': ['node2'],
'tgt': 'node2',
'tgt_type': 'glob',
'user': 'root'}
Event fired at Sun Mar 22 13:36:26 2015
*************************
Tag
Data
编辑master的配置文件
reactor:
- 'salt/job/*/ret/node3':
- /srv/reactor/start.sls
vim /srv/reactor/start.sls
{% if data['fun'] == 'test.ping' %}
clean_tmp:
cmd.run:
- tgt: 'node3'
- arg:
- rm -fr /tmp/abc
{% endif %}
以上语句相当于
cmd.run 'node3' 'rm -fr /tmp/abc'
重启你的master
测试
salt '*' test.ping
查看node3上面的文件是否被删除
haproxy 模块使用安装
M2Crypto
pip uninstall PyCrypto
pip install PyCrypto
cd /usr/lib/python2.6/site-packages/
rm -fr salt salt-2014.1.4-py2.6.egg-info/
pip install salt