在團800運維工做總結之salt的使用

來這個公司第一件事就是推出了salt，由於要結合自動化上線使用

salt-net-api

獲取tocken

1.curl -k http://127.0.0.1:8000/login -H "Accept: application/x-yaml" -d username="saltapi" -d password="abc/123" -d eauth='pam' 

2.curl -k http://192.168.10.169:8000/ -H "Accept: application/x-yaml" -H "X-Auth-Token: 55c539c0b9af9a6a4f1c25f5793823862d07eb91" -d client='local' -d tgt='*' -d fun='cmd.run' -d arg='cp /etc/hosts /opt/'

 salt '*' test.ping

 '*':目標

 test 模塊

 ping 函數

 

 定義目標

 '*'

 salt -E 'web1-(prod|devel).example.com'

 -E 表明用正則

 salt -L ''

 -L 表明列表

 

 

 salt -E '(node1|node2).example.com' test.ping

 

 

 

 granins

 數據，存放在minoins上默認就有

 

 salt 'node1.example.com' grains.(ls|items)

 granins至關於facter，獲取機器信息的

 

 salt -G 'os:centos' test.ping

 若是系統是centos，執行test.ping

 

 granins也能夠添加自定義項，在客戶端的/etc/salt/minoins配置文件中granins添加

 

 

 羣組

 mater nodegroups

 salt -N 'web1' test.ping

 -N指定組 組名

 

 salt '*' -b 1 test.ping

 -b分批次執行

 

 salt '*' -b 50% test.ping

 分50%執行

 

 

 使用對應的模塊名

 /usr/lib/python/site-package/salt/modules/test.py

 函數是ping

 salt master就是告訴客戶端作什麼事

 test.ping(實在minoins上執行的)

 

 salt 'node3' cmd.run 'uptime'

 cmd.run後面跟執行的命令

 

 salt文件跟路徑/srv/salt/

 

 客戶端執行test.sh腳本

 在master上/srv/salt/test.sh 

 執行salt 'node' cmd.script salt://test.sh

 

 

 state命令的組織結構，/src/salt/

 top.sls

 base: 環境

'*':

- apache_install

 /src/salt/apache_install/init.sls

 httpd: #id

  pkg:   #states

    - installed 

salt 'node1' state.highstate    找top.sls接口文件處理

salt 'node1' state.sls httpd    找httpd.sls處理

/src/salt/apache_install/init.sls

httpd: #id

  pkg:

    - installed

  service:

    - running

    - require:

      - pkg: httpd

 

 

salt 'node1' state.sls httpd

指定執行某一個sls文件例如httpd.sls

httpd: #id

  pkg:

    - installed

  service:source

    - running

    - require:

      - pkg: httpd

    - watch:

      - file: /etc/httpd/conf/httpd.conf

/etc/httpd/conf/httpd.conf:

  file:

    - managed

    - source: salt://httpd.conf

    - require:

      - pkg: httpd

 

apache:

  pkg.installed:

  {%if granins('os') == 'CentOS' %}

  - name: httpd

  {%else%}

  - name: apache2

  {%endif%}

 

 salt 'node1' file.group_to_gid root

 

 

 f:

  user:

    - present

    - gid: {{salt['file.group_to_gid']('root')}}

調用salt模塊，獲取相關信息file等於 /usr/lib/python/site-package/salt/modules/file.py

pillar

 salt '*' pillar.items

 /srv/pillar

 top.sls   #入口文件

 base:

  '*':

    - data   #定義的數據文件data.sls data/init.sls

    - users

/srv/pillar/data.sls

/srv/pillar/users.sls

users:

th: 1000

sh: 1001

ut: 1002

salt '*' saltutil.refresh.pillar   同步pillar信息

salt ‘*’ 

pillar 下發用戶信息

在全部的minion上添加3個用戶

1 

#pillar_roots:

#  base:

#    - /srv/pillar

master reboot

2 cd /srv/pillar

2.1 vim top.sls #決定把pillar信息下發給誰

base:

  '*':

    - data #下面定義的數據文件data.sls 或者 data/init.sls

    - users #同上

[root@node1 pillar]# cat users.sls 

users:

  th: 1000

  sh: 1001

  ut: 1002

  

3 [root@node1 pillar]# salt '*' saltutil.refresh_pillar

驗證 salt '*' pillar.items | grep users

4 調用pillar信息

cd /srv/salt #進入到state的目錄

[root@node1 salt]# cat mxl.sls 

{% for user, uid in pillar.get('users', {}).items() %}

`user`:

  user.present:

    - uid: `uid`

{% endfor%}

5 執行      

[root@node1 salt]# salt 'node2' state.sls mxl

include:

  - dhcp.python-libs

dhcp:

  pkg.installed:

    - require:

      - pkg: python-dateutil

 

python-libs.sls  

python-dateutil:

  pkg.installed

  

  

  

 job

name: The same value passed to the state as "name".

changes: A dict describing the changes made. Each thing changed should be a key, with its value being another dict with keys called "old" and "new" containing the old/new values. For example, the pkg state's changes dict has one key for each package changed, with the "old" and "new" keys in its sub-dict containing the old and new versions of the package.

result: A boolean value. True if the action was successful, otherwise False.

comment: A string containing a summary of the result.

pip install MySQLdb

CREATE DATABASE  `salt`

      DEFAULT CHARACTER SET utf8

      DEFAULT COLLATE utf8_general_ci;

USE `salt`;

    --

    -- Table structure for table `jids`

    --

    DROP TABLE IF EXISTS `jids`;

    CREATE TABLE `jids` (

      `jid` varchar(255) NOT NULL,

      `load` mediumtext NOT NULL,

      UNIQUE KEY `jid` (`jid`)

    ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

    -- Table structure for table `salt_returns`

    --

    DROP TABLE IF EXISTS `salt_returns`;

    CREATE TABLE `salt_returns` (

      `fun` varchar(50) NOT NULL,

      `jid` varchar(255) NOT NULL,

      `return` mediumtext NOT NULL,

      `id` varchar(255) NOT NULL,

      `success` varchar(10) NOT NULL,

      `full_ret` mediumtext NOT NULL,

      `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

      KEY `id` (`id`),

      KEY `jid` (`jid`),

      KEY `fun` (`fun`)

    ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

編輯minion上的配置文件並修改相關的mysql信息

mysql.host: '10.255.254.221'

mysql.user: 'salt'

mysql.pass: '123'

mysql.db: 'salt'

mysql.port: 3306

這步最好測試一下

mysql -u salt -p123 -h 10.255.254.221 salt

從新啓動你的minion

service salt-minion restart

測試

salt '*' test.ping --return mysql

查看數據庫得到信息

 fun: test.ping

       jid: 20150322123606281679

    return: true

        id: node2

   success: 1

  full_ret: {"fun_args": [], "jid": "20150322123606281679", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "node2"}

alter_time: 2015-03-22 12:36:06

job管理

1.list_jobs running Returns the data of all running jobs that are found in the proc directory.

2.find_job Returns specific data about a certain job based on job id.

3.signal_job Allows for a given jid to be sent a signal.

4.term_job Sends a termination signal (SIGTERM, 15) to the process controlling the specified job.

5.kill_job Sends a kill signal (SIGKILL, 9) to the process controlling the specified job.

salt-run jobs.active

salt-run jobs.lookup_jid <job id number>

salt-run jobs.list_jobs

反射

觀察event

salt-call

Tag: new_job

Data:

{'_stamp': '2015-03-22T13:36:26.412296',

 'arg': [],

 'fun': 'test.ping',

 'jid': '20150322133626411925',

 'minions': ['node2'],

 'tgt': 'node2',

 'tgt_type': 'glob',

 'user': 'root'}

Event fired at Sun Mar 22 13:36:26 2015

*************************

Tag

Data

編輯master的配置文件

reactor:

  -  'salt/job/*/ret/node3':

     - /srv/reactor/start.sls

 

vim /srv/reactor/start.sls

{% if data['fun'] == 'test.ping' %}

clean_tmp:

  cmd.run:

    - tgt: 'node3'

    - arg:

      - rm -fr /tmp/abc

{% endif %}

以上語句至關於

cmd.run 'node3' 'rm -fr /tmp/abc'

重啓你的master

測試

salt '*' test.ping

查看node3上面的文件是否被刪除

haproxy 模塊使用安裝

M2Crypto

pip uninstall PyCrypto

pip install PyCrypto

cd /usr/lib/python2.6/site-packages/

rm -fr salt salt-2014.1.4-py2.6.egg-info/

pip install salt