saltstack扩展

1.salt执行后的回显存到数据库

第一种方法:
master端

[root@server9 ~]# yum install -y mysql-server
[root@server9 ~]# /etc/init.d/mysqld start

saltstack扩展_第1张图片
saltstack扩展_第2张图片
minion端

[root@server10 ~]# yum install -y MySQL-python
[root@server10 ~]# vim /etc/salt/minion
mysql.host: '172.25.25.9'
mysql.user: 'salt'
mysql.pass: 'redhat'
mysql.port: 3306
[root@server10 ~]# /etc/init.d/salt-minion restart

saltstack扩展_第3张图片
这里写图片描述
/etc/salt/minion文件内容
saltstack扩展_第4张图片
master端

## 授权
[root@server9 ~]# mysql
mysql> grant all on salt.* to salt@'172.25.25.%' identified by 'redhat';

## 编写文件
[root@server9 ~]# vim test.sql
CREATE DATABASE  `salt`
  DEFAULT CHARACTER SET utf8
  DEFAULT COLLATE utf8_general_ci;

USE `salt`;

--
-- Table structure for table `jids`
--

DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (
  `jid` varchar(255) NOT NULL,
  `load` mediumtext NOT NULL,
  UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- CREATE INDEX jid ON jids(jid) USING BTREE;

--
-- Table structure for table `salt_returns`
--

DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (
  `fun` varchar(50) NOT NULL,
  `jid` varchar(255) NOT NULL,
  `return` mediumtext NOT NULL,
  `id` varchar(255) NOT NULL,
  `success` varchar(10) NOT NULL,
  `full_ret` mediumtext NOT NULL,
  `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
  KEY `id` (`id`),
  KEY `jid` (`jid`),
  KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

--
-- Table structure for table `salt_events`
--

DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

## 导入数据库
[root@server9 ~]# mysql < test.sql
 
## 测试 
[root@server9 ~]# salt 'server10' test.ping --return mysql
# 查看
[root@server9 ~]# mysql
mysql> use salt;
mysql> select * from salt_returns;
-->有返回内容则成功

这里写图片描述
saltstack扩展_第5张图片
test.sql文件内容:
saltstack扩展_第6张图片
saltstack扩展_第7张图片
可以看到有test.ping的回显内容
saltstack扩展_第8张图片
第二种方法:
master端

[root@server9 ~]# yum install MySQL-python -y
[root@server9 ~]# vim /etc/salt/master
master_job_cache: mysql
mysql.host: 'localhost'
mysql.user: 'salt'
mysql.pass: 'redhat'
mysql.port: 3306
[root@server9 ~]# /etc/init.d/salt-master restart
# 授权
[root@server9 ~]# mysql
mysql> grant all on salt.* to salt@localhost identified by 'redhat';

saltstack扩展_第9张图片
这里写图片描述
/etc/salt/master文件内容:
saltstack扩展_第10张图片
这里写图片描述
测试(1):

[root@server9 ~]# salt server8 cmd.run 'df -h'
[root@server9 ~]# mysql
mysql> use salt;
mysql> select * from salt_returns;

saltstack扩展_第11张图片
可以看到cmd.run的回显内容
saltstack扩展_第12张图片
测试(2):

[root@server9 ~]# salt server8 state.sls nginx.service
[root@server9 ~]# mysql
mysql> use salt;
mysql> select * from salt_returns;

saltstack扩展_第13张图片
可以看到state.sls的回显内容
saltstack扩展_第14张图片

2.自行编写模块

[root@server9 ~]# vim /etc/salt/master

[root@server9 ~]# mkdir /srv/salt/_modules
[root@server9 ~]# cd /srv/salt/_modules
[root@server9 _modules]# vim disk.py
#!/usr/bin/env python

def df():
    return __salt__['cmd.run']('df -h')

[root@server9 _modules]# salt '*' saltutil.sync_modules

这里写图片描述
saltstack扩展_第15张图片
saltstack扩展_第16张图片

[root@server9 _modules]# salt '*' disk.df
server8:
    Filesystem                    Size  Used Avail Use% Mounted on
    /dev/mapper/VolGroup-lv_root   19G  1.1G   17G   6% /
    tmpfs                         499M   16K  499M   1% /dev/shm
    /dev/vda1                     485M   33M  427M   8% /boot
server7:
    Filesystem                    Size  Used Avail Use% Mounted on
    /dev/mapper/VolGroup-lv_root   19G  1.1G   17G   6% /
    tmpfs                         499M   16K  499M   1% /dev/shm
    /dev/vda1                     485M   33M  427M   8% /boot
server10:
    Filesystem                    Size  Used Avail Use% Mounted on
    /dev/mapper/VolGroup-lv_root   19G  1.1G   17G   6% /
    tmpfs                         499M   32K  499M   1% /dev/shm
    /dev/vda1                     485M   33M  427M   8% /boot
server9:
    Filesystem                    Size  Used Avail Use% Mounted on
    /dev/mapper/VolGroup-lv_root   19G  1.1G   17G   7% /
    tmpfs                         499M   56K  499M   1% /dev/shm
    /dev/vda1                     485M   33M  427M   8% /boot

saltstack扩展_第17张图片
3.配置syndic

server7:topmaster
server9:master,syndic
在server7

[root@server7 ~]# yum install -y salt-master
[root@server7 salt]# vim master
order_masters: True
[root@server7 salt]# /etc/init.d/salt-master start

saltstack扩展_第18张图片
这里写图片描述
这里写图片描述
server9

[root@server9 _modules]# yum install salt-syndic
[root@server9 salt]# vim /etc/salt/master
syndic_master: 172.25.25.7
# 这里没有用restart,关闭服务后需要过一会儿才能打开,可以先查看是否已经关闭
[root@server9 ~]# /etc/init.d/salt-master stop
[root@server9 ~]# /etc/init.d/salt-master start

saltstack扩展_第19张图片
这里写图片描述
这里写图片描述
这里写图片描述
server7

[root@server7 salt]# salt-key -A
[root@server7 salt]# salt-key -L
[root@server7 salt]# salt '*' test.ping

saltstack扩展_第20张图片
saltstack扩展_第21张图片
4.salt-ssh

server8

[root@server8 ~]# /etc/init.d/salt-minion stop

这里写图片描述
server9

[root@server9 ~]# yum install salt-ssh -y
[root@server9 ~]# vim /etc/salt/roster 
server8:
  host: 172.25.25.8
  user: root
  passwd: redhat
[root@server9 ~]# vim /etc/salt/master
注释掉mysql
[root@server9 ~]# /etc/init.d/salt-master stop
[root@server9 ~]# /etc/init.d/salt-master status
[root@server9 ~]# /etc/init.d/salt-master start
[root@server9 ~]# salt-ssh 'server8' test.ping -i

saltstack扩展_第22张图片
这里写图片描述
/etc/salt/roster文件
saltstack扩展_第23张图片
/etc/salt/master文件
saltstack扩展_第24张图片
saltstack扩展_第25张图片
结果:
这里写图片描述
5.salt-api

server9

[root@server9 ~]# yum install salt-api -y
[root@server9 ~]# cd /etc/pki/tls/private/
[root@server9 private]# openssl genrsa 1024 > localhost.key
[root@server9 certs]# cd /etc/salt/
[root@server9 salt]# cd master.d/
[root@server9 master.d]# vim api.conf
rest_cherrypy:
  port: 8000
  ssl_crt: /etc/pki/tls/certs/localhost.crt
  ssl_key: /etc/pki/tls/private/localhost.key
[root@server9 master.d]# useradd saltapi
[root@server9 master.d]# passwd saltapi

saltstack扩展_第26张图片
这里写图片描述
saltstack扩展_第27张图片
这里写图片描述
api.conf文件:
saltstack扩展_第28张图片

[root@server9 master.d]# vim auth.conf
external_auth:
  pam:
    saltapi:
      - '.*'
      - '@wheel'
      - '@runner'
      - '@jobs'
[root@server9 master.d]# /etc/init.d/salt-master stop
[root@server9 master.d]# /etc/init.d/salt-master status
[root@server9 master.d]# /etc/init.d/salt-master start
[root@server9 master.d]# /etc/init.d/salt-api start

[root@server9 master.d]# vim auth.conf
saltstack扩展_第29张图片
saltstack扩展_第30张图片
测试

curl -sSk https://localhost:8000/login -H 'Accept: application/x-yaml' -d username=saltapi -d password=redhat -d eauth=pam

saltstack扩展_第31张图片

curl -sSk https://localhost:8000 -H 'Accept: application/x-yaml' -H 'X-Auth-Token: f91d0567b25755bfcfea9b4ba3341b9c70827673' -d client=local -d tgt='*' -d fun=test.ping

saltstack扩展_第32张图片

[root@server9 ~]# vim salt-api.py
 1      # -*- coding: utf-8 -*-  
 2      import urllib2,urllib
 3      import time
 4      try:
 5          import json
 6      except ImportError:
 7          import simplejson as json
 8      class SaltAPI(object):
 9         __token_id = ''
 10         def __init__(self,url,username,password):
 11             self.__url = url.rstrip('/')
 12          self.__user = username
 13         self.__password = password
 14     def token_id(self):
 15         ''' user login and get token id '''
 16         params = {'eauth': 'pam', 'username': self.__user, 'password': self.__password}
 17         encode = urllib.urlencode(params)
 18         obj = urllib.unquote(encode)
 19         content = self.postRequest(obj,prefix='/login')
 20         try:
 21             self.__token_id = content['return'][0]['token']
 22         except KeyError:
 23         raise KeyError
 24     def postRequest(self,obj,prefix='/'):
 25         url = self.__url + prefix
 26         headers = {'X-Auth-Token'   : self.__token_id}
 27         req = urllib2.Request(url, obj, headers)
 28         opener = urllib2.urlopen(req)
 29         content = json.loads(opener.read())
 30         return content
 31     def list_all_key(self):
 32         params = {'client': 'wheel', 'fun': 'key.list_all'}
 33         obj = urllib.urlencode(params)
 34         self.token_id()
 35         content = self.postRequest(obj)
 36         minions = content['return'][0]['data']['return']['minions']
 37         minions_pre = content['return'][0]['data']['return']['minions_pre']
 38         return minions,minions_pre
 39     def delete_key(self,node_name):
 40         params = {'client': 'wheel', 'fun': 'key.delete', 'match': node_name}    
 41         obj = urllib.urlencode(params)
 42         self.token_id()
 43         content = self.postRequest(obj)
 44         ret = content['return'][0]['data']['success']
 45         return ret
 46     def accept_key(self,node_name):
 47         params = {'client': 'wheel', 'fun': 'key.accept', 'match': node_name}    
 48         obj = urllib.urlencode(params)
 49         self.token_id()
 50         content = self.postRequest(obj)
 51         ret = content['return'][0]['data']['success']
 52         return ret
 53     def remote_noarg_execution(self,tgt,fun):
 54         ''' Execute commands without parameters '''
 55         params = {'client': 'local', 'tgt': tgt, 'fun': fun}
 56         obj = urllib.urlencode(params)
 57         self.token_id()
 58         content = self.postRequest(obj)
 59         ret = content['return'][0][tgt]
 60         return ret
 61     def remote_execution(self,tgt,fun,arg):
 62         ''' Command execution with parameters '''
 63         params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg}
 64         obj = urllib.urlencode(params)
 65         self.token_id()
 66         content = self.postRequest(obj)
 67         ret = content['return'][0][tgt]
 68         return ret
 69     def target_remote_execution(self,tgt,fun,arg):
 70         ''' Use targeting for remote execution '''
 71         params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg, 'exp    r_form': 'nodegroup'}
 72         obj = urllib.urlencode(params)
 73         self.token_id()
 74         content = self.postRequest(obj)
 75         jid = content['return'][0]['jid']
 76         return jid
 77     def deploy(self,tgt,arg):
 78         ''' Module deployment '''
 79         params = {'client': 'local', 'tgt': tgt, 'fun': 'state.sls', 'arg': a    rg}
 80         obj = urllib.urlencode(params)
 81         self.token_id()
 82         content = self.postRequest(obj)
 83         return content
 84     def async_deploy(self,tgt,arg):
 85         ''' Asynchronously send a command to connected minions '''
 86         params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'a    rg': arg}
 87         obj = urllib.urlencode(params)
 88         self.token_id()
 89         content = self.postRequest(obj)
 90         jid = content['return'][0]['jid']
 91         return jid
 92     def target_deploy(self,tgt,arg):
 93         ''' Based on the node group forms deployment '''
 94         params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'a    rg': arg, 'expr_form': 'nodegroup'}
 95         obj = urllib.urlencode(params)
 96         self.token_id()
 97         content = self.postRequest(obj)
 98         jid = content['return'][0]['jid']
 99         return jid
100 def main():
101     sapi = SaltAPI(url='https://172.25.25.9:8000',username='saltapi',password    ='redhat')
102     #sapi.token_id()  
103     print sapi.list_all_key()
104     #sapi.delete_key('test-01')  
105     #sapi.accept_key('test-01')  
106     #sapi.deploy('test-01','nginx')  
107     #print sapi.remote_noarg_execution('test-01','grains.items')  
108 if __name__ == '__main__':
109     main()
[root@server9 ~]# python salt-api.py 
([u'server10', u'server8', u'server9'], [])

这里写图片描述

你可能感兴趣的:(saltstack扩展)