006-saltstack之远程执行
King
a.目标 b.执行模块 c.返回
目标 执行模块 返回
格式: 命令 目标 执行模块 执行模块参数
样例: salt '*' cmd.run ‘free -m’知识兔 1. saltstack远程执行——>目标
执行目标doc:https://docs.saltstack.com/en/latest/topics/targeting/index.html#advanced-targeting-methods
1.1)和Minion ID相关的目标匹配方式
MinionID匹配
[root@slave1 ~]# salt 'slave1' service.status httpd
slave1:
False
通配符* ? [1-2]等匹配
[root@slave1 ~]# salt '*' service.status sshd
slave1:
True
slave2:
True
[root@slave1 ~]# salt 'slave?' service.status sshd
slave1:
True
slave2:
True
[root@slave1 ~]# salt 'slave[1-2]' service.status sshd
slave2:
True
slave1:
True知识兔 列表匹配
正则匹配
1.2) 和Minion无关的匹配
列表匹配:
[root@slave1 ~]# salt -L 'slave1,slave2' test.ping
slave1:
True
slave2:
True
Grains匹配
[root@slave1 ~]# salt -G 'os:CentOS' test.ping
slave2:
True
slave1:
True
子网 ip地址匹配
[root@slave1 ~]# salt -S '10.0.0.0/24' test.ping
slave1:
True
slave2:
True
Pillar匹配
#key:value,在Pillar系统中提前定义
[root@slave1 ~]# salt -I 'apache:httpd' test.ping
slave1:
True
slave2:
True知识兔 1.3)Node Groups匹配
#在master配置文件进行定义node-groups
[root@slave1 ~]# vim /etc/salt/master
nodegroups:
slave-group: 'L@slave1,slave2' #注意要空两格
[root@slave1 ~]# salt -N slave-group test.ping
slave2:
True
slave1:
True知识兔 1.4)批处理执行–Batch size
#先执行1台完成后再执行一台,按比例去执行
[root@slave1 ~]# salt '*' -b 1 test.ping
Executing run on ['slave2']
retcode:
0
slave2:
True
Executing run on ['slave1']
retcode:
0
slave1:
True
#按比例匹配执行,好比在重启服务器时,为了不影响业务,可以先重启一部分,再重启后面一部分
[root@slave1 ~]# salt -G 'os:CentOS' --batch-size 50% test.ping
Executing run on ['slave2']
retcode:
0
slave2:
True
Executing run on ['slave1']
retcode:
0
slave1:
True知识兔 1.5)混合匹配,使用不多。
2.saltstack远程执行——>执行模块 执行模块doc: https://docs.saltstack.com/en/latest/ref/modules/all/index.html#all-salt-modules
#测试主机能否连接外网:
[root@slave1 ~]# salt '*' network.connect www.baidu.com 80
slave1:
----------
comment:
Successfully connected to www.baidu.com (111.13.100.91) on tcp port 80
result:
True
slave2:
----------
comment:
Successfully connected to www.baidu.com (111.13.100.92) on tcp port 80
result:
True
#域名解析:
[root@slave1 ~]# salt '*' network.dig baidu.com
slave1:
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> baidu.co
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3009
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0005 , udp: 4096
;; QUESTION SECTION:
;baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 5 IN A 123.125.115.110
baidu.com. 5 IN A 220.181.57.216
;; Query time: 22 msec
;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Sat Nov 17 17:37:52 CST 2018
;; MSG SIZE rcvd: 70
slave2:
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5375
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0005 , udp: 4096
;; QUESTION SECTION:
;baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 5 IN A 220.181.57.216
baidu.com. 5 IN A 123.125.115.110
;; Query time: 23 msec
;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Sat Nov 17 17:37:52 CST 2018
;; MSG SIZE rcvd: 70
# 复制文件:salt-cp :
[root@slave1 ~]# salt '*' cmd.run 'mkdir /tmp/syk'
slave2:
slave1:
[root@slave1 ~]# salt-cp '*' /etc/hosts /tmp/syk/
{'slave1': {'/tmp/syk/hosts': True}, 'slave2': {'/tmp/syk/hosts': True}}
[root@slave1 ~]#
[root@slave1 ~]#
[root@slave1 ~]# salt '*' cmd.run 'ls /tmp/syk'
slave2:
hosts
slave1:
hosts知识兔 1 所有minion需要安装MySQL-python
[root@slave1 ~]# salt '*' pkg.install MySQL-python #使用pkg模块安装MySQL-python
slave1:
----------
MySQL-python:
----------
new:
1.2.5-1.el7
old:
slave2:
----------
MySQL-python:
----------
new:
1.2.5-1.el7
old:
2. 安装mariadb数据库
[root@slave1 ~]# yum install -y mariadb-server
3. 创建salt库,创建jid、salt_returns、salt_events表,授权
[root@slave1 ~]# systemctl start mariadb.service
[root@slave1 ~]# mysql
MariaDB [(none)]> CREATE DATABASE `salt`
-> DEFAULT CHARACTER SET utf8
-> DEFAULT COLLATE utf8_general_ci;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> USE `salt`;
MariaDB [salt]> CREATE TABLE `jids` (
-> `jid` varchar(255) NOT NULL,
-> `load` mediumtext NOT NULL,
-> UNIQUE KEY `jid` (`jid`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.01 sec)
REATE TABLE `salt_returns` (
-> `fun` varchar(50) NOT NULL,
-> `jid` varchar(255) NOT NULL,
-> `return` mediumtext NOT NULL,
-> `id` varchar(255) NOT NULL,
-> `success` varchar(10) NOT NULL,
-> `full_ret` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> KEY `id` (`id`),
-> KEY `jid` (`jid`),
-> KEY `fun` (`fun`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.01 sec)
MariaDB [salt]> CREATE TABLE `salt_events` (
-> `id` BIGINT NOT NULL AUTO_INCREMENT,
-> `tag` varchar(255) NOT NULL,
-> `data` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> `master_id` varchar(255) NOT NULL,
-> PRIMARY KEY (`id`),
-> KEY `tag` (`tag`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.00 sec)
MariaDB [salt]> show tables;
+----------------+
| Tables_in_salt |
+----------------+
| jids |
| salt_events |
| salt_returns |
+----------------+
3 rows in set (0.00 sec)
MariaDB [salt]> grant all on salt.* to salt@'%' identified by 'salt';
Query OK, 0 rows affected (0.00 sec)
4. 修改salt-minion,配置MySQL链接
[root@slave2 ~]# vim /etc/salt/minion
###### Returner settings ######
############################################
# Which returner(s) will be used for minion's result:
#return: mysql
mysql.host: '10.0.0.211'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[root@slave2 ~]# systemctl restart salt-minion.service
#清除slave1用户,否则对后面测试有影响
MariaDB [(none)]> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| salt | % |
| root | 127.0.0.1 |
| root | ::1 |
| | localhost |
| root | localhost |
| | slave1 |
| root | slave1 |
+------+-----------+
MariaDB [(none)]> drop user "root"@"slave1";
MariaDB [(none)]> drop user ""@"slave1";
MariaDB [(none)]> flush privileges;
[root@slave1 salt]# vim /etc/salt/minion
###### Returner settings ######
############################################
# Which returner(s) will be used for minion's result:
#return: mysql
mysql.host: '10.0.0.211'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[root@slave1 salt]# systemctl restart salt-minion.service
#测试
[root@slave1 salt]# salt '*' test.ping --return mysql
slave1:
True
slave2:
True
MariaDB [salt]> select * from salt_returns\G;
*************************** 1. row ***************************
fun: test.ping
jid: 20181118004551491520
return: true
id: slave1
success: 1
full_ret: {"fun_args": [], "jid": "20181118004551491520", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "slave1"}
alter_time: 2018-11-18 00:45:51
*************************** 2. row ***************************
fun: test.ping
jid: 20181118004551491520
return: true
id: slave2
success: 1
full_ret: {"fun_args": [], "jid": "20181118004551491520", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "slave2"}
alter_time: 2018-11-18 00:45:51
2 rows in set (0.00 sec)知识兔 root@slave1 salt]# vim /etc/salt/master
##### Returner settings ######
############################################
# Which returner(s) will be used for minion's result:
#return: mysql
master_job_cache: mysql
mysql.host: '10.0.0.211'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[root@slave1 salt]# systemctl restart salt-master.service
#测试
[root@slave1 salt]# salt '*' cmd.run 'date'
slave2:
Sun Nov 18 00:55:45 CST 2018
slave1:
Sun Nov 18 00:55:44 CST 2018
[root@slave1 salt]# mysql -e "select * from salt.salt_returns\G;"
*************************** 1. row ***************************
fun: cmd.run
jid: 20181118005544806629
return: "Sun Nov 18 00:55:45 CST 2018"
id: slave2
success: 1
full_ret: {"fun_args": ["date"], "jid": "20181118005544806629", "return": "Sun Nov 18 00:55:45 CST 2018", "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2018-11-17T16:55:44.847235", "fun": "cmd.run", "id": "slave2"}
alter_time: 2018-11-18 00:55:44
*************************** 2. row ***************************
fun: cmd.run
jid: 20181118005544806629
return: "Sun Nov 18 00:55:44 CST 2018"
id: slave1
success: 1
full_ret: {"fun_args": ["date"], "jid": "20181118005544806629", "return": "Sun Nov 18 00:55:44 CST 2018", "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2018-11-17T16:55:44.895262", "fun": "cmd.run", "id": "slave1"}
alter_time: 2018-11-18 00:55:44
#加上-v参数可以看到jid,并且通过jid可以查看运行的结果
[root@slave1 salt]# salt '*' cmd.run 'uptime' -v
Executing job with jid 20181118005727674446
-------------------------------------------
slave2:
00:57:28 up 7:33, 1 user, load average: 0.00, 0.01, 0.05
slave1:
00:57:27 up 1:08, 2 users, load average: 0.09, 0.23, 0.20
[root@slave1 salt]# salt-run jobs.lookup_jid 20181118005727674446
slave1:
00:57:27 up 1:08, 2 users, load average: 0.09, 0.23, 0.20
slave2:
00:57:28 up 7:33, 1 user, load average: 0.00, 0.01, 0.05知识兔