在团800运维工作总结之salt的使用

来这个公司第一件事就是推出了salt,因为要结合自动化上线使用


salt-net-api

获取tocken

1.curl -k http://127.0.0.1:8000/login -H "Accept: application/x-yaml" -d username="saltapi" -d password="abc/123" -d eauth='pam' 


2.curl -k http://192.168.10.169:8000/ -H "Accept: application/x-yaml" -H "X-Auth-Token: 55c539c0b9af9a6a4f1c25f5793823862d07eb91" -d client='local' -d tgt='*' -d fun='cmd.run' -d arg='cp /etc/hosts /opt/'





 salt '*' test.ping

 '*':目标

 test 模块

 ping 函数

 

 定义目标

 '*'

 salt -E 'web1-(prod|devel).example.com'

 -E 代表用正则

 salt -L ''

 -L 代表列表

 

 

 salt -E '(node1|node2).example.com' test.ping

 

 

 

 granins

 数据,存放在minoins上默认就有

 

 salt 'node1.example.com' grains.(ls|items)

 granins相当于facter,获取机器信息的

 

 salt -G 'os:centos' test.ping

 如果系统是centos,执行test.ping

 

 granins也可以添加自定义项,在客户端的/etc/salt/minoins配置文件中granins添加

 

 

 群组

 mater nodegroups

 salt -N 'web1' test.ping

 -N指定组 组名

 

 salt '*' -b 1 test.ping

 -b分批次执行

 

 salt '*' -b 50% test.ping

 分50%执行

 

 

 使用对应的模块名

 /usr/lib/python/site-package/salt/modules/test.py

 函数是ping

 salt master就是告诉客户端做什么事

 test.ping(实在minoins上执行的)

 

 salt 'node3' cmd.run 'uptime'

 cmd.run后面跟执行的命令

 

 salt文件跟路径/srv/salt/

 


 客户端执行test.sh脚本

 在master上/srv/salt/test.sh 

 执行salt 'node' cmd.script salt://test.sh

 

 

 state命令的组织结构,/src/salt/

 top.sls

 base: 环境

'*':

- apache_install

 /src/salt/apache_install/init.sls

 httpd: #id

  pkg:   #states

    - installed 

salt 'node1' state.highstate    找top.sls接口文件处理

salt 'node1' state.sls httpd    找httpd.sls处理


/src/salt/apache_install/init.sls

httpd: #id

  pkg:

    - installed

  service:

    - running

    - require:

      - pkg: httpd

 

 

salt 'node1' state.sls httpd

指定执行某一个sls文件例如httpd.sls



httpd: #id

  pkg:

    - installed

  service:source

    - running

    - require:

      - pkg: httpd

    - watch:

      - file: /etc/httpd/conf/httpd.conf

/etc/httpd/conf/httpd.conf:

  file:

    - managed

    - source: salt://httpd.conf

    - require:

      - pkg: httpd

 

apache:

  pkg.installed:

  {%if granins('os') == 'CentOS' %}

  - name: httpd

  {%else%}

  - name: apache2

  {%endif%}

 

 salt 'node1' file.group_to_gid root

 

 

 f:

  user:

    - present

    - gid: {{salt['file.group_to_gid']('root')}}

调用salt模块,获取相关信息file等于 /usr/lib/python/site-package/salt/modules/file.py




pillar

 salt '*' pillar.items

 /srv/pillar

 top.sls   #入口文件

 base:

  '*':

    - data   #定义的数据文件data.sls data/init.sls

    - users


/srv/pillar/data.sls

/srv/pillar/users.sls

users:

th: 1000

sh: 1001

ut: 1002



salt '*' saltutil.refresh.pillar   同步pillar信息

salt ‘*’ 





pillar 下发用户信息

在所有的minion上添加3个用户

#pillar_roots:

#  base:

#    - /srv/pillar


master reboot


2 cd /srv/pillar

2.1 vim top.sls #决定把pillar信息下发给谁

base:

  '*':

    - data #下面定义的数据文件data.sls 或者 data/init.sls

    - users #同上


[root@node1 pillar]# cat users.sls 


users:

  th: 1000

  sh: 1001

  ut: 1002

  

3 [root@node1 pillar]# salt '*' saltutil.refresh_pillar

验证 salt '*' pillar.items | grep users


4 调用pillar信息

cd /srv/salt #进入到state的目录

[root@node1 salt]# cat mxl.sls 

{% for user, uid in pillar.get('users', {}).items() %}

{{user}}:

  user.present:

    - uid: {{uid}}

{% endfor%}


5 执行      

[root@node1 salt]# salt 'node2' state.sls mxl




include:

  - dhcp.python-libs


dhcp:

  pkg.installed:

    - require:

      - pkg: python-dateutil

 

python-libs.sls  

python-dateutil:

  pkg.installed

  

  

  

 job

name: The same value passed to the state as "name".

changes: A dict describing the changes made. Each thing changed should be a key, with its value being another dict with keys called "old" and "new" containing the old/new values. For example, the pkg state's changes dict has one key for each package changed, with the "old" and "new" keys in its sub-dict containing the old and new versions of the package.

result: A boolean value. True if the action was successful, otherwise False.

comment: A string containing a summary of the result.



pip install MySQLdb


CREATE DATABASE  `salt`

      DEFAULT CHARACTER SET utf8

      DEFAULT COLLATE utf8_general_ci;


USE `salt`;


    --

    -- Table structure for table `jids`

    --


    DROP TABLE IF EXISTS `jids`;

    CREATE TABLE `jids` (

      `jid` varchar(255) NOT NULL,

      `load` mediumtext NOT NULL,

      UNIQUE KEY `jid` (`jid`)

    ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

    -- Table structure for table `salt_returns`

    --


    DROP TABLE IF EXISTS `salt_returns`;

    CREATE TABLE `salt_returns` (

      `fun` varchar(50) NOT NULL,

      `jid` varchar(255) NOT NULL,

      `return` mediumtext NOT NULL,

      `id` varchar(255) NOT NULL,

      `success` varchar(10) NOT NULL,

      `full_ret` mediumtext NOT NULL,

      `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

      KEY `id` (`id`),

      KEY `jid` (`jid`),

      KEY `fun` (`fun`)

    ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

编辑minion上的配置文件并修改相关的mysql信息

mysql.host: '10.255.254.221'

mysql.user: 'salt'

mysql.pass: '123'

mysql.db: 'salt'

mysql.port: 3306


这步最好测试一下

mysql -u salt -p123 -h 10.255.254.221 salt


重新启动你的minion

service salt-minion restart

测试

salt '*' test.ping --return mysql

查看数据库获得信息

 fun: test.ping

       jid: 20150322123606281679

    return: true

        id: node2

   success: 1

  full_ret: {"fun_args": [], "jid": "20150322123606281679", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "node2"}

alter_time: 2015-03-22 12:36:06



job管理

1.list_jobs running Returns the data of all running jobs that are found in the proc directory.

2.find_job Returns specific data about a certain job based on job id.

3.signal_job Allows for a given jid to be sent a signal.

4.term_job Sends a termination signal (SIGTERM, 15) to the process controlling the specified job.

5.kill_job Sends a kill signal (SIGKILL, 9) to the process controlling the specified job.


salt-run jobs.active

salt-run jobs.lookup_jid <job id number>

salt-run jobs.list_jobs



反射

观察event

salt-call

Tag: new_job

Data:

{'_stamp': '2015-03-22T13:36:26.412296',

 'arg': [],

 'fun': 'test.ping',

 'jid': '20150322133626411925',

 'minions': ['node2'],

 'tgt': 'node2',

 'tgt_type': 'glob',

 'user': 'root'}

Event fired at Sun Mar 22 13:36:26 2015

*************************


Tag

Data


编辑master的配置文件

reactor:

  -  'salt/job/*/ret/node3':

     - /srv/reactor/start.sls

 

vim /srv/reactor/start.sls

{% if data['fun'] == 'test.ping' %}

clean_tmp:

  cmd.run:

    - tgt: 'node3'

    - arg:

      - rm -fr /tmp/abc

{% endif %}


以上语句相当于

cmd.run 'node3' 'rm -fr /tmp/abc'


重启你的master

测试

salt '*' test.ping

查看node3上面的文件是否被删除


haproxy 模块使用安装

M2Crypto

pip uninstall PyCrypto

pip install PyCrypto

cd /usr/lib/python2.6/site-packages/

rm -fr salt salt-2014.1.4-py2.6.egg-info/

pip install salt


 


本文出自 “expect批量同步数据” 博客,谢绝转载!

你可能感兴趣的:(local,password)