深入学习SaltStack远程执行
SaltStack远程执行组件解决了大批量主机管理的痛点,如自动化安全认证,信息获取,服务安装配置,目标指定,文件传输,脚本执行等,将使用者从重复的劳动中解放出来,大大提高了效率。
salt远程执行的语法
salt '<目标>' <function> [参数]
salt远程执行示例:salt '*' cmd.run 'w' 命令: salt 目标: '*' 模块: cmd.run (salt自带几百个模块,也可以自己写模块) 返回: 执行结果的返回,由Returnners组件来工作
1.执行目标
Minion ID有关
1.1 通配符
[root@linux-node1 ~]# salt '*' test.ping #使用test模块里的ping方法,测试哪些minion在干活,生产中不建议直接使用* linux-node2.example.com: True linux-node3.example.com: True linux-node1.example.com: True [root@linux-node1 ~]# salt 'linux-node1*' test.ping #使用通配符 linux-node1.example.com: True [root@linux-node1 ~]# salt "linux-node1*" cmd.run 'w' #使用cmd模块里的run方法 linux-node1.example.com: 19:22:48 up 17 min, 1 user, load average: 0.26, 0.15, 0.13 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT root pts/0 192.168.56.1 19:07 0.00s 0.38s 0.33s /usr/bin/python /usr/bin/salt linux-node1* cmd.run w [root@linux-node1 ~]# salt '*' cmd.run 'ls -l /root' #查看目录 linux-node2.example.com: total 1736 -rw-------. 1 root root 1484 May 20 21:42 anaconda-ks.cfg -rw-r--r-- 1 root root 1667282 Jun 5 00:47 chegva.sql drwxr-xr-x. 7 root root 4096 Jun 5 11:03 oneinstack -rw-r--r--. 1 root root 96218 Jun 3 16:00 oneinstack.tar.gz linux-node3.example.com: total 8 -rw-------. 1 root root 3371 Jun 2 00:09 anaconda-ks.cfg -rw-r--r--. 1 root root 2709 Jun 2 07:58 ks-pre.log linux-node1.example.com: total 17496 drwxr-xr-x 2 root root 6 Jun 8 03:36 755 -rw-r--r-- 1 root root 336 Apr 11 12:48 How to install Piwik.html -rw-r--r-- 1 root root 2591 Jun 3 16:00 Nginx-init-CentOS -rw-------. 1 root root 1484 May 20 21:42 anaconda-ks.cfg drwxr-xr-x 9 1001 1001 4096 Jun 5 02:53 nginx-1.10.1 -rw-r--r-- 1 root root 909077 Jun 4 15:56 nginx-1.10.1.tar.gz -rwxr-xr-x 1 root root 402146 Jun 4 15:19 nmon16e_x86_rhel72 -rw-r--r-- 1 root root 16582646 Jun 7 17:09 piwik.zip [root@linux-node1 ~]# salt 'linux-node[1|2].example.com' test.ping #通配符 linux-node2.example.com: True linux-node1.example.com: True [root@linux-node1 ~]# salt 'linux-node?.example.com' test.ping #通配符 linux-node2.example.com: True linux-node1.example.com: True linux-node3.example.com: True
1.2 列表
[root@linux-node1 ~]# salt -L 'linux-node1.example.com,linux-node2.example.com' test.ping linux-node1.example.com: True linux-node2.example.com: True
1.3 正则表达式
[root@linux-node1 ~]# salt -E 'linux-(node1|node2)*' test.ping linux-node1.example.com: True linux-node2.example.com: True linux-node3.example.com: True [root@linux-node1 ~]# salt -E 'linux-(node1|node2).example.com' test.ping linux-node1.example.com: True linux-node2.example.com: True 所有匹配目标的方式,都可以在top file中来指定
主机名设置方案参考:
1.子网、IP地址 [root@linux-node1 ~]# salt -S 192.168.56.11 test.ping linux-node1.example.com: True [root@linux-node1 ~]# salt -S 192.168.56.0/24 test.ping linux-node2.example.com: True linux-node3.example.com: True linux-node1.example.com: True 2.根据业务来进行设置 redis-node1-redis04-idc04-soa.example.com idc04机房soa业务线上redis04集群中的第一个节点
与Minion ID无关
混合匹配语法列表:点我!
[root@linux-node1 ~]# vi /etc/salt/master #定义分组,用nodegroups组中定义的组来进行匹配 nodegroups: web: 'L@linux-node1.example.com,linux-node3.example.com' #L代表list [root@linux-node1 ~]# systemctl restart salt-master [root@linux-node1 ~]# salt -N web test.ping linux-node1.example.com: True linux-node3.example.com: True salt '*' -b 10 test.ping #批处理,百分比处理形式 salt -G 'os:RedHat' --batch-size 25% apache.signal restart
2.自带模块
执行模块列表:点我!
[root@linux-node1 ~]# cd /usr/lib/python2.7/site-packages/salt/modules/ && ls 每一个执行模块都是一个Python来编写的,完全可以自已用python来写想要的模块 [root@linux-node1 ~]# salt '*' network.arp #使用network显示所有minion的arp地址 linux-node2.example.com: ---------- 00:0c:29:90:b7:25: 192.168.56.11 00:50:56:c0:00:08: 192.168.56.1 00:50:56:e6:c5:60: 192.168.56.2 linux-node3.example.com: ---------- 00:0c:29:90:b7:25: 192.168.56.11 00:50:56:c0:00:08: 。。。。省略部分 [root@linux-node1 ~]# salt '*' network.get_hostname #获取主机名 linux-node1.example.com: linux-node1.example.com linux-node3.example.com: linux-node3.example.com linux-node2.example.com: linux-node2.example.com [root@linux-node1 ~]# salt '*' service.status httpd #查看httpd服务运行状态 linux-node3.example.com: True linux-node1.example.com: False linux-node2.example.com: True [root@linux-node1 ~]# salt-cp '*' /etc/hosts /tmp/hosts #将master中/etc/hosts文件拷贝到所有Minion的/tmp/目录中 linux-node1.example.com: ---------- /tmp/hosts: True linux-node2.example.com: ---------- /tmp/hosts: True linux-node3.example.com: ---------- /tmp/hosts: True [root@linux-node2 salt]# ll /tmp total 16 -rw-r--r-- 1 root root 308 Jul 20 12:19 hosts
3.返回程序
Minion直接返回给Master
Minion返回数据直接写入MYSQL数据库
[root@linux-node1 ~]# salt '*' state.single pkg.installed name=MySQL-python #首先用salt安装支持库
linux-node2.example.com:
----------
ID: MySQL-python
Function: pkg.installed
Result: True
Comment: Package MySQL-python is already installed
Started: 13:33:12.884429
Duration: 866.318 ms
Changes:
Summary for linux-node2.example.com
------------
Succeeded: 1
Failed: 0
------------
Total states run: 1
linux-node3.example.com:
----------
ID: MySQL-python
Function: pkg.installed
Result: True
Comment: The following packages were installed/updated: MySQL-python
Started: 13:33:13.207587
Duration: 171315.157 ms
Changes:
----------
MySQL-python:
----------
new:
1.2.3-11.el7
old:
Summary for linux-node3.example.com
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
#创建数据库及相应表
CREATE DATABASE `salt`
DEFAULT CHARACTER SET utf8
DEFAULT COLLATE utf8_general_ci;
USE `salt`;
--
-- Table structure for table `jids`
--
DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (
`jid` varchar(255) NOT NULL,
`load` mediumtext NOT NULL,
UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX jid ON jids(jid) USING BTREE;
--
-- Table structure for table `salt_returns`
--
DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Table structure for table `salt_events`
--
DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
#数据库授权
MariaDB [(none)]> use salt
MariaDB [salt]> grant all on salt.* to salt@'%' identified by 'salt';
MariaDB [salt]> flush privileges;
#编辑minion的配置文件,添加数据库连接信息,保存重启
[root@linux-node2 salt]# grep ^mysql /etc/salt/minion
mysql.host: '192.168.56.11'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[root@linux-node1 ~]# salt '*' test.ping --return mysql
linux-node2.example.com:
True
linux-node3.example.com:
True
linux-node1.example.com:
True
MariaDB [salt]> select * from salt_returns; #由于只在node2中配置了数据库连接,故只返回node2的数据
+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
| fun | jid | return | id | success | full_ret | alter_time |
+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
| test.ping | 20160720225702268181 | true | linux-node2.example.com | 1 | {"fun_args": [], "jid": "20160720225702268181", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "linux-node2.example.com"} | 2016-07-20 22:57:02 |
+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+
1 row in set (0.00 sec)4.编写一个自定义模块
1.存放位置要放在base的_modules目录下
[root@linux-node1 /srv/salt/base]# mkdir _modules [root@linux-node1 /srv/salt/base]# cd _modules/ [root@linux-node1 /srv/salt/base/_modules]# pwd /srv/salt/base/_modules
2.文件名就是模块名。例如my_disk.py
[root@linux-node1 /srv/salt/base/_modules]# cat my_disk.py def list(): cmd = 'df -h' ret = __salt__['cmd.run'](cmd) return ret
3.刷新
[root@linux-node1 /srv/salt/base/_modules]# salt '*' saltutil.sync_modules [root@linux-node2 _modules]# pwd /var/cache/salt/minion/files/base/_modules #刷新后master会把文件推送到Minion指定目录中
4.执行模块
[root@linux-node1 /srv/salt/base/_modules]# salt '*' my_disk.list linux-node3.example.com: Filesystem Size Used Avail Use% Mounted on /dev/sda3 37G 1.7G 36G 5% / devtmpfs 480M 0 480M 0% /dev tmpfs 489M 12K 489M 1% /dev/shm tmpfs 489M 6.7M 483M 2% /run tmpfs 489M 0 489M 0% /sys/fs/cgroup /dev/sda1 1014M 170M 845M 17% /boot tmpfs 98M 0 98M 0% /run/user/0 linux-node2.example.com: Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 48G 4.6G 43G 10% / devtmpfs 903M 0 903M 0% /dev tmpfs 913M 12K 913M 1% /dev/shm tmpfs 913M 8.6M 904M 1% /run tmpfs 913M 0 913M 0% /sys/fs/cgroup /dev/sda1 497M 168M 329M 34% /boot tmpfs 183M 0 183M 0% /run/user/0 linux-node1.example.com: Filesystem Size Used Avail Use% Mounted on /dev/mapper/centos-root 48G 7.4G 41G 16% / devtmpfs 903M 0 903M 0% /dev tmpfs 913M 28K 913M 1% /dev/shm tmpfs 913M 8.6M 904M 1% /run tmpfs 913M 0 913M 0% /sys/fs/cgroup /dev/sda1 497M 168M 329M 34% /boot tmpfs 183M 0 183M 0% /run/user/0
您的博客拥有旺盛的生命力!!
@蒂欧娜 谢谢,共同学习,欢迎常来!