saltstack常用的模块及函数
- SaltStack模块介绍
- network模块
- service模块
- pkg模块
- state模块
- cp模块
- useradd
- SaltStack常用模块之salt-cp
- SaltStack常用模块之file
- file.access
- file.append
- file.basename
- file.dirname
- file.check_hosh
- file.chattr
- file.chown
- file.copy
- file.ditectory_exists
- file.diskusage
- file.file_exists
- file.find
- file.get_gid、get_uid、get_group
- file.get_user
- file.get_mode
- file.get_selinux_context
- file.gid_to_group、file.group_to_gid
- file.grep
- file.is_blkdev
- file.lsattr
- file.mkdir
- file.move
- file.prepend
- file.sed
- file.read
- file.readdir
- file.remove
- file.rename
- file.set_mode
- file.symlink
- file.touch
- file.uid_to_user、user_to_uid
- file.write
SaltStack模块介绍
Module是日常使用SaltStack接触最多的一个组件,其用于管理对象操作,这也是SaltStack通过Push的方式进行管理的入口,比如我们日常简单的执行命令、查看包安装情况、查看服务运行情况等工作都是通过SaltStack Module来实现的。
一个完整的模块命令包括:模块+函数;模块和函数中间用"."分割。例如:sys.list_modules
当安装好Master和Minion包后,系统上会安装很多Module,大家可以通过以下命令查看支持的所有Module列表:
//查看系统中所有的模块,这些并不是所有的模块
[root@master salt]# salt '*' sys.list_modules
node01:
- acl
- aliases
- alternatives
- apache
- archive
- artifactory
- baredoc
- beacons
- bigip
- btrfs
- buildout
- chroot
- cloud
- cmd
- composer
- config
- consul
- container_resource
- cp
- cron
- cryptdev
- data
- defaults
- devinfo
- devmap
- disk
- django
- dnsmasq
- dnsutil
- drbd
- environ
- ethtool
- event
- extfs
- file
- firewalld
- freezer
- gem
- genesis
- glassfish
- google_chat
- grafana4
- grains
- group
- hashutil
- helm
- highstate_doc
- hosts
- http
- hue
- incron
- ini
- inspector
- introspect
- iosconfig
- ip
- ipset
- iptables
- jboss7
- jboss7_cli
- jinja
- k8s
- kernelpkg
- key
- keyboard
- kmod
- kubeadm
- locale
- locate
- log
- logrotate
- lowpkg
- lvm
- mandrill
- match
- mattermost
- mine
- minion
- modjk
- mount
- msteams
- nagios_rpc
- namecheap_domains
- namecheap_domains_dns
- namecheap_domains_ns
- namecheap_ssl
- namecheap_users
- network
- nexus
- nova
- nspawn
- nxos
- nxos_api
- nxos_upgrade
- openscap
- openstack_config
- opsgenie
- out
- pagerduty
- pagerduty_util
- pam
- parallels
- partition
- peeringdb
- pillar
- pip
- pkg
- pkg_resource
- postfix
- ps
- publish
- pushover
- pyenv
- random
- random_org
- rbenv
- rest_sample_utils
- restartcheck
- ret
- rvm
- s3
- s6
- salt_proxy
- salt_version
- saltcheck
- saltutil
- schedule
- scsi
- sdb
- seed
- serverdensity_device
- service
- shadow
- slack
- slsutil
- smbios
- smtp
- solrcloud
- sqlite3
- ssh
- state
- status
- statuspage
- supervisord
- sys
- sysctl
- sysfs
- syslog_ng
- system
- telegram
- telemetry
- temp
- test
- timezone
- tuned
- udev
- uptime
- user
- vault
- vbox_guest
- virtualenv
- vsphere
- webutil
- x509
- xfs
- xml
- zabbix
- zenoss
查看指定模块module的用法
[root@master salt]# salt '*' sys.doc cp
cp.cache_dest:
New in version 3000
Returns the expected cache path for the file, if cached using
:py:func:`cp.cache_file <salt.modules.cp.cache_file>`.
Note:
This only returns the _expected_ path, it does not tell you if the URL
is really cached. To check if the URL is cached, use
:py:func:`cp.is_cached <salt.modules.cp.is_cached>` instead.
CLI Examples: //只要是查看案例
salt '*' cp.cache_dest https://foo.com/bar.rpm
salt '*' cp.cache_dest salt://my/file
salt '*' cp.cache_dest salt://my/file saltenv=dev
......
......
一个命令执行多个模块
[root@master salt]# salt '*' test.echo,cmd.run 'hello word',date
# test.echo和'hello Word'是一个完整命令。cmd.run和date是一个完整命令
# 每个模块之间用,分割;模块和参数之间用一个空格分割
node01:
----------
cmd.run:
Wed Nov 3 19:21:39 CST 2021
test.echo:
hello word
network模块
网路模块
当前受控端只有node01主机
[root@master salt]# salt-key -L
Accepted Keys:
node01
Denied Keys:
Unaccepted Keys:
master
Rejected Keys:
network.calc_net
通过IP和子网掩码计算出网段
[root@master salt]# salt '*' network.calc_net 192.168.164.133 255.255.255.0
node01:
192.168.164.0/24
[root@master salt]# salt '*' network.calc_net 192.168.0.0 255.255.0.0
node01:
192.168.0.0/16
[root@master salt]# salt '*' network.calc_net 192.168.0.0 255.255.248.0
node01:
192.168.0.0/21
[root@master salt]# salt '*' network.calc_net 192.168.0.0 255.255.240.0
node01:
192.168.0.0/20
network.connect
测试minion至某一台服务器的网络是否连通
[root@master salt]# salt '*' network.connect www.baidu.com 80
# 测试node01 是否和百度能通讯 用80端口
node01:
----------
comment:
Successfully connected to www.baidu.com (182.61.200.6) on tcp port 80
result:
True
[root@master salt]# salt '*' network.connect www.xiaomi.com 80
# 测试node01 是否和小米能通讯 用80端口
node01:
----------
comment:
Successfully connected to www.xiaomi.com (183.84.6.219) on tcp port 80
result:
True
network.default_route
查看默认路由
[root@master salt]# salt '*' network.default_route
node01:
|_
----------
addr_family:
inet
destination:
0.0.0.0 //默认路由
flags:
UG
gateway:
192.168.164.2 //网关
interface:
ens33 //网卡名称
netmask: //子网掩码
0.0.0.0
network.get_fqdn
查看主机的fqdn(完全限定域名)显示完整的主机名
[root@master salt]# salt '*' network.get_fqdn
node01:
node01
network.get_hostname
获取主机名
[root@master salt]# salt '*' network.get_hostname
node01:
node01
network.get_route
查询到达一个目标网络(主机)的路由信息
[root@master salt]# salt '*' network.get_route 192.168.164.133
# node01到达192.168.164.133主机的路由信息
node01:
----------
destination: //目标主机IP
192.168.164.133
gateway: //网关
None
interface: //接口 也是就网卡
ens33
source: //从这个IP出发
192.168.164.128
network.hw_addr
返回指定网卡的MAC地址
[root@master salt]# salt '*' network.hw_addr ens33
# 返回node01网卡的MAC地址
node01:
00:0c:29:73:96:01
network.ifacestartswith
从特定CIDR检索接口名称
[root@master salt]# salt '*' network.ifacestartswith 192.168
# 检查这个IP在哪个网卡中
node01:
- ens33
[root@master salt]# salt '*' network.ifacestartswith 127
node01:
- lo
network.in_subnet
判断当前主机是否在某一个网段中
[root@master salt]# salt '*' network.in_subnet 192.168.164.0/24
# 判断node01主机是否在164网段中
node01:
True //正确 没问题。node01在164网段中
[root@master salt]# salt '*' network.in_subnet 192.168.163.0/24
node01:
False //错误,不在163网段中
network.interface
返回指定网卡的信息
[root@master salt]# salt '*' network.interface ens33
# 返回显示node01 中ens33网卡的信息
node01:
|_
----------
address:
192.168.164.128 //IP地址
broadcast:
192.168.164.255 //广播地址
label:
ens33 //网卡名称
netmask:
255.255.255.0 //子网掩码
network.interface_ip
返回指定网卡的IP地址
[root@master salt]# salt '*' network.interface_ip ens33
# 返回node01中ens33网卡的IP地址
node01:
192.168.164.128
[root@master salt]# salt '*' network.interface_ip lo
# 返回node01中lo(测试,回环网卡)网卡的IP地址
node01:
127.0.0.1
network.interfaces
返回当前系统中所有网卡的信息
[root@master salt]# salt '*' network.interfaces
node01:
----------
ens33:
----------
hwaddr:
00:0c:29:73:96:01 //mac地址
inet:
|_
----------
address:
192.168.164.128 //node01的IP地址
broadcast:
192.168.164.255 //node01的广播地址
label:
ens33 //网卡名
netmask:
255.255.255.0 //子网掩码
inet6:
|_
----------
address:
fe80::65f2:205e:c9e8:7e94 //IPV6地址
prefixlen:
64
scope:
link
up:
True
lo:
----------
hwaddr:
00:00:00:00:00:00
inet:
|_
----------
address:
127.0.0.1
broadcast:
None
label:
lo
netmask:
255.0.0.0
inet6:
|_
----------
address:
::1
prefixlen:
128
scope:
host
up:
True
network.ip_addrs
返回一个IPV4的地址列表,该函数将会忽略127.0.0.1的地址
[root@master salt]# salt '*' network.ip_addrs
# 返回node01主机的所有IP地址
node01:
- 192.168.164.128
network.netstat
返回所有打开的端口和状态
[root@master salt]# salt '*' network.netstat
node01:
|_
----------
inode:
20168
local-address:
*:22
program:
sshd
proto:
tcp
recv-q:
0
remote-address:
*:*
send-q:
128
state:
LISTEN
user:
0
|_
----------
inode:
20998
local-address:
127.0.0.1:25
program:
master
proto:
tcp
recv-q:
0
remote-address:
*:*
send-q:
100
state:
LISTEN
user:
0
|_
----------
inode:
22420
local-address:
192.168.164.128:22
program:
sshd
proto:
tcp
recv-q:
0
remote-address:
192.168.164.1:54247
send-q:
0
state:
ESTABLISHED
user:
0
|_
----------
inode:
22473
local-address:
192.168.164.128:22
program:
sshd
proto:
tcp
recv-q:
0
remote-address:
192.168.164.1:54248
send-q:
0
state:
ESTABLISHED
user:
0
|_
----------
inode:
22791
local-address:
192.168.164.128:39654
program:
salt-minion
proto:
tcp
recv-q:
0
remote-address:
192.168.164.133:4505
send-q:
0
state:
ESTABLISHED
user:
0
|_
----------
inode:
20170
local-address:
:::22
program:
sshd
proto:
tcp
recv-q:
0
remote-address:
:::*
send-q:
128
state:
LISTEN
user:
0
|_
----------
inode:
20999
local-address:
::1:25
program:
master
proto:
tcp
recv-q:
0
remote-address:
:::*
send-q:
100
state:
LISTEN
user:
0
network.ping
使用ping命令测试到某主机的连通性
[root@master salt]# salt '*' network.ping www.baidu.com
# 测试node01到达百度的连通性,延迟等信息
node01:
PING www.a.shifen.com (182.61.200.7) 56(84) bytes of data.
64 bytes from localhost (182.61.200.7): icmp_seq=1 ttl=128 time=29.8 ms
64 bytes from localhost (182.61.200.7): icmp_seq=2 ttl=128 time=25.8 ms
64 bytes from localhost (182.61.200.7): icmp_seq=3 ttl=128 time=25.2 ms
64 bytes from localhost (182.61.200.7): icmp_seq=4 ttl=128 time=32.3 ms
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3007ms
rtt min/avg/max/mdev = 25.239/28.322/32.398/2.943 ms
network.reverse_ip
返回一个指定的IP地址的反向地址
DNS会用到
[root@master salt]# salt '*' network.reverse_ip 192.168.164.110
node01:
110.164.168.192.in-addr.arpa
networtk.active_tcp
返回所有活动的tcp连接,也就是查看有哪些IP和端口和node01建立了端口号
[root@master salt]# salt '*' network.active_tcp
node01:
----------
0:
----------
local_addr:
192.168.164.128 //node01的IP
local_port:
22 //端口号
remote_addr:
192.168.164.1
remote_port:
54247
1:
----------
local_addr:
192.168.164.128
local_port:
22
remote_addr:
192.168.164.1
remote_port:
54248
2:
----------
local_addr:
192.168.164.128
local_port:
39654
remote_addr:
192.168.164.133
remote_port:
4505
service模块
关于服务管理相关的模块
service.available
判断指定的服务是否可用
[root@master salt]# salt '*' service.available sshd
# 判断node01中的sshd服务是否可用,只要是安装了就会返回true
node01:
True
[root@master salt]# salt '*' service.available httpd
node01:
False
service.get_all
获取所有正则运行的服务
[root@master salt]# salt '*' service.get_all
node01:
- NetworkManager
- NetworkManager-dispatcher
- NetworkManager-wait-online
- auditd
- autovt@
- basic.target
- blk-availability
- bluetooth.target
- brandbot
- brandbot.path
- console-getty
- console-shell
- container-getty@
- cpupower
- crond
- cryptsetup-pre.target
- cryptsetup.target
- ctrl-alt-del.target
- dbus
- dbus-org.freedesktop.NetworkManager
- dbus-org.freedesktop.hostname1
- dbus-org.freedesktop.import1
- dbus-org.freedesktop.locale1
- dbus-org.freedesktop.login1
- dbus-org.freedesktop.machine1
- dbus-org.freedesktop.nm-dispatcher
- dbus-org.freedesktop.timedate1
- dbus.socket
- debug-shell
- default.target
- dev-hugepages.mount
- dev-mqueue.mount
- dm-event
- dm-event.socket
- dracut-cmdline
- dracut-initqueue
- dracut-mount
- dracut-pre-mount
- dracut-pre-pivot
- dracut-pre-trigger
- dracut-pre-udev
- dracut-shutdown
- ebtables
- emergency
- emergency.target
- final.target
- firewalld
- fstrim
- fstrim.timer
- getty-pre.target
- getty.target
- getty@
- graphical.target
- halt-local
- halt.target
- hibernate.target
- hybrid-sleep.target
- initrd-cleanup
- initrd-fs.target
- initrd-parse-etc
- initrd-root-fs.target
- initrd-switch-root
- initrd-switch-root.target
- initrd-udevadm-cleanup-db
- initrd.target
- iprdump
- iprinit
- iprupdate
- iprutils.target
- irqbalance
- kdump
- kexec.target
- kmod-static-nodes
- local-fs-pre.target
- local-fs.target
- lvm2-lvmetad
- lvm2-lvmetad.socket
- lvm2-lvmpolld
- lvm2-lvmpolld.socket
- lvm2-monitor
- lvm2-pvscan@
- machines.target
- messagebus
- microcode
- multi-user.target
- netconsole
- network
- network-online.target
- network-pre.target
- network.target
- nss-lookup.target
- nss-user-lookup.target
- paths.target
- plymouth-halt
- plymouth-kexec
- plymouth-poweroff
- plymouth-quit
- plymouth-quit-wait
- plymouth-read-write
- plymouth-reboot
- plymouth-start
- plymouth-switch-root
- polkit
- postfix
- poweroff.target
- printer.target
- proc-sys-fs-binfmt_misc.automount
- proc-sys-fs-binfmt_misc.mount
- quotaon
- rc-local
- rdisc
- reboot.target
- remote-cryptsetup.target
- remote-fs-pre.target
- remote-fs.target
- rescue
- rescue.target
- rhel-autorelabel
- rhel-autorelabel-mark
- rhel-configure
- rhel-dmesg
- rhel-domainname
- rhel-import-state
- rhel-loadmodules
- rhel-readonly
- rpcbind.target
- rsyslog
- runlevel0.target
- runlevel1.target
- runlevel2.target
- runlevel3.target
- runlevel4.target
- runlevel5.target
- runlevel6.target
- salt-minion
- salt-proxy@
- selinux-policy-migrate-local-changes@
- serial-getty@
- shutdown.target
- sigpwr.target
- sleep.target
- slices.target
- smartcard.target
- sockets.target
- sound.target
- sshd
- sshd-keygen
- sshd.socket
- sshd@
- suspend.target
- swap.target
- sys-fs-fuse-connections.mount
- sys-kernel-config.mount
- sys-kernel-debug.mount
- sysinit.target
- syslog.socket
- system-update.target
- systemd-ask-password-console
- systemd-ask-password-console.path
- systemd-ask-password-plymouth
- systemd-ask-password-plymouth.path
- systemd-ask-password-wall
- systemd-ask-password-wall.path
- systemd-backlight@
- systemd-binfmt
- systemd-bootchart
- systemd-firstboot
- systemd-fsck-root
- systemd-fsck@
- systemd-halt
- systemd-hibernate
- systemd-hibernate-resume@
- systemd-hostnamed
- systemd-hwdb-update
- systemd-hybrid-sleep
- systemd-importd
- systemd-initctl
- systemd-initctl.socket
- systemd-journal-catalog-update
- systemd-journal-flush
- systemd-journald
- systemd-journald.socket
- systemd-kexec
- systemd-localed
- systemd-logind
- systemd-machine-id-commit
- systemd-machined
- systemd-modules-load
- systemd-nspawn@
- systemd-poweroff
- systemd-quotacheck
- systemd-random-seed
- systemd-readahead-collect
- systemd-readahead-done
- systemd-readahead-done.timer
- systemd-readahead-drop
- systemd-readahead-replay
- systemd-reboot
- systemd-remount-fs
- systemd-rfkill@
- systemd-shutdownd
- systemd-shutdownd.socket
- systemd-suspend
- systemd-sysctl
- systemd-timedated
- systemd-tmpfiles-clean
- systemd-tmpfiles-clean.timer
- systemd-tmpfiles-setup
- systemd-tmpfiles-setup-dev
- systemd-udev-settle
- systemd-udev-trigger
- systemd-udevd
- systemd-udevd-control.socket
- systemd-udevd-kernel.socket
- systemd-update-done
- systemd-update-utmp
- systemd-update-utmp-runlevel
- systemd-user-sessions
- systemd-vconsole-setup
- teamd@
- time-sync.target
- timers.target
- tmp.mount
- tuned
- umount.target
- vgauthd
- vmtoolsd
- wpa_supplicant
service.disabled
检查
指定的服务是否为开机自启
[root@master salt]# salt '*' service.enabled sshd
node01:
True
service.disable
设置
指定服务不开机自启
[root@master salt]# salt '*' service.disable httpd
node01:
True
service.enable
设置
指定服务开机自启
[root@master salt]# salt '*' service.enable httpd
node01:
True
service.reload
重新加载指定服务
[root@master salt]# salt '*' service.reload httpd
node01:
True
service.stop
停止指定服务运行
[root@master salt]# salt '*' service.stop httpd
node01:
True
service.start/restart/status/
start:启动
restart:重新启动
status:查看状态
[root@master salt]# salt '*' service.start httpd
node01:
True
[root@master salt]# salt '*' service.restart httpd
node01:
True
[root@master salt]# salt '*' service.status httpd
node01:
True
pkg模块
pkg.download
只下载软件包但不安装
此功能将会下载指定的软件包,但是需要在minion端安装yum-utils,可以使用 cmd.run 进行远程安装
[root@master ~]# salt '*' cmd.run 'yum -y install yum-utils'
node01:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.ustc.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.ustc.edu.cn
Package yum-utils-1.1.31-54.el7_8.noarch already installed and latest version
Nothing to do
[root@master ~]# salt '*' pkg.download wget
node01:
----------
wget:
/var/cache/yum/packages/wget-1.14-18.el7_6.1.x86_64.rpm
# 到/var/cache/yum/packages/目录中就可以看见下载的wget软件包,但是没有安装
[root@node01 ~]# cd /var/cache/yum/packages/
[root@node01 packages]# ls
wget-1.14-18.el7_6.1.x86_64.rpm
pkg.file_list
列出指定包或系统中已经安装的所有包的文件
[root@master ~]# salt '*' pkg.file_list httpd
node01:
----------
errors:
files:
- /etc/httpd
- /etc/httpd/conf
- /etc/httpd/conf.d
- /etc/httpd/conf.d/README
- /etc/httpd/conf.d/autoindex.conf
- /etc/httpd/conf.d/userdir.conf
- /etc/httpd/conf.d/welcome.conf
- /etc/httpd/conf.modules.d
- /etc/httpd/conf.modules.d/00-base.conf
- /etc/httpd/conf.modules.d/00-dav.conf
- /etc/httpd/conf.modules.d/00-lua.conf
- /etc/httpd/conf.modules.d/00-mpm.conf
- /etc/httpd/conf.modules.d/00-proxy.conf
- /etc/httpd/conf.modules.d/00-systemd.conf
- /etc/httpd/conf.modules.d/01-cgi.conf
......
pkg.group_info
查看包组的信息
[root@master ~]# salt '*' pkg.group_info 'Development Tools'
node01:
----------
conditional:
default:
- byacc
- cscope
- ctags
- diffstat
- doxygen
- elfutils
- gcc-gfortran
- git
- indent
- intltool
- patchutils
- rcs
- subversion
- swig
- systemtap
description:
A basic development environment.
group:
Development Tools
id:
development
mandatory:
- autoconf
- automake
- binutils
- bison
- flex
- gcc
- gcc-c++
- gettext
- libtool
- make
- patch
- pkgconfig
- redhat-rpm-config
- rpm-build
- rpm-sign
optional:
- ElectricFence
- ant
- babel
- bzr
- chrpath
- cmake
- compat-gcc-44
- compat-gcc-44-c++
- cvs
- dejagnu
- expect
- gcc-gnat
- gcc-objc
- gcc-objc++
- imake
- javapackages-tools
- ksc
- mercurial
- mod_dav_svn
- nasm
- perltidy
- rpmdevtools
- rpmlint
- systemtap-sdt-devel
- systemtap-server
type:
package group
pkg.group_list
列出系统中所有的包组
[root@master ~]# salt '*' pkg.group_list
node01:
----------
available:
- Additional Development
- Anaconda Tools
- Backup Client
- Backup Server
- Base
- CentOS Linux Client product core
- CentOS Linux ComputeNode product core
- CentOS Linux Server product core
- CentOS Linux Workstation product core
- Common NetworkManager submodules
- Compatibility Libraries
- Conflicts (Client)
- Conflicts (ComputeNode)
- Conflicts (Server)
- Conflicts (Workstation)
- Console Internet Tools
- Core
- DNS Name Server
- Debugging Tools
- Desktop Debugging and Performance Tools
- Development Tools
- Dial-up Networking Support
- Directory Client
- Directory Server
- E-mail Server
- Emacs
- FTP Server
- File and Storage Server
- Fonts
- GNOME
- GNOME Applications
- Graphical Administration Tools
- Graphics Creation Tools
- Guest Agents
- Guest Desktop Agents
- Hardware Monitoring Utilities
- High Availability
- Hyper-v platform specific packages
- Identity Management Server
- Infiniband Support
- Input Methods
- Internet Applications
- Internet Browser
- Java Platform
- KDE
- KDE Applications
- KDE Multimedia Support
- KVM platform specific packages
- Large Systems Performance
- Legacy UNIX Compatibility
- Legacy X Window System Compatibility
- Load Balancer
- Mainframe Access
- MariaDB Database Client
- MariaDB Database Server
- Multimedia
- Network File System Client
- Network Infrastructure Server
- Networking Tools
- Office Suite and Productivity
- PHP Support
- Performance Tools
- Perl Support
- Perl for Web
- Platform Development
- PostgreSQL Database Client
- PostgreSQL Database Server
- Print Server
- Printing Client
- Python
- Remote Desktop Clients
- Remote Management for Linux
- Resilient Storage
- Ruby Support
- Scientific Support
- Security Tools
- Smart Card Support
- System Administration Tools
- System Management
- Technical Writing
- VMware platform specific packages
- Virtualization Client
- Virtualization Hypervisor
- Virtualization Platform
- Virtualization Tools
- Web Server
- Web Servlet Engine
- X Window System
available environments:
- Minimal Install
- Compute Node
- Infrastructure Server
- File and Print Server
- Basic Web Server
- Virtualization Host
- Server with GUI
- GNOME Desktop
- KDE Plasma Workspaces
- Development and Creative Workstation
available languages:
----------
installed:
installed environments:
pkg.install
安装软件
[root@master ~]# salt '*' pkg.install wget
node01:
----------
wget:
----------
new:
1.14-18.el7_6.1
old:
pkg.list_pkgs
以字典的方式列出当前已经安装的软件包
[root@master ~]# salt '*' pkg.list_pkgs
node01:
----------
GeoIP:
1.5.0-11.el7
NetworkManager:
1:1.10.2-13.el7
NetworkManager-libnm:
1:1.10.2-13.el7
NetworkManager-team:
1:1.10.2-13.el7
NetworkManager-tui:
1:1.10.2-13.el7
acl:
2.2.51-14.el7
aic94xx-firmware:
30-6.el7
alsa-firmware:
1.0.28-2.el7
alsa-lib:
1.1.4.1-2.el7
alsa-tools-firmware:
1.1.0-1.el7
apr:
1.4.8-7.el7
apr-util:
1.5.2-6.el7
audit:
2.8.1-3.el7
audit-libs:
2.8.1-3.el7
authconfig:
6.2.8-30.el7
basesystem:
10.0-7.el7.centos
bash:
4.2.46-30.el7
bash-completion:
1:2.1-8.el7
bind-libs-lite:
32:9.9.4-61.el7
bind-license:
32:9.9.4-61.el7
binutils:
2.27-27.base.el7
biosdevname:
0.7.3-1.el7
btrfs-progs:
4.9.1-1.el7
bzip2-libs:
1.0.6-13.el7
ca-certificates:
2017.2.20-71.el7
centos-logos:
70.0.6-3.el7.centos
centos-release:
7-5.1804.el7.centos
chkconfig:
1.7.4-1.el7
coreutils:
8.22-21.el7
cpio:
2.11-27.el7
cracklib:
2.9.0-11.el7
cracklib-dicts:
2.9.0-11.el7
cronie:
1.4.11-19.el7
cronie-anacron:
1.4.11-19.el7
crontabs:
1.11-6.20121102git.el7
cryptsetup-libs:
1.7.4-4.el7
curl:
7.29.0-46.el7
cyrus-sasl-lib:
2.1.26-23.el7
dbus:
1:1.10.24-7.el7
......略
pkg.owner
列出指定的文件是由哪个包提供的
[root@master ~]# salt '*' pkg.owner /usr/sbin/apachectl
node01:
httpd
pkg.remove
卸载指定的软件
[root@master ~]# salt '*' pkg.remove wget
node01:
----------
wget:
----------
new:
old:
1.14-18.el7_6.1
pkg.upgrade
升级系统中所有的软件包或升级指定的软件包
在这里插入代码片
state模块
state.show_highstate
显示当前系统中有哪些高级状态
[root@master ~]# salt '*' state.show_highstate
node01:
----------
apache-install: //任务名 ID
----------
__env__:
base //base基础环境
__sls__:
web.apache.install //要执行的高级状态文件位置
pkg:
|_
----------
name:
httpd //变量名,要安装的服务名
- installed
|_
----------
order:
10000
apache-service:
----------
__env__:
base
__sls__:
web.apache.install
service:
|_
----------
name:
httpd
|_
----------
enable:
True
- running
|_
----------
order:
10001
state.highstate
执行高级状态
[root@master ~]# salt '*' state.highstate web.apache.isntall
# 可以指定要执行的状态文件 也可以不指定用top file中的设置,则会执行所有的额高级状态
node01:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 21:03:22.143758
Duration: 810.984 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 21:03:22.964596
Duration: 37.181 ms
Changes:
Summary for node01
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 848.165 ms
state.show_state_usage
显示当前系统中的高级状态执行情况
[root@master ~]# salt '*' state.show_state_usage
node01:
----------
base: //基础环境
----------
count_all: //3个状态
3
count_unused: //2个没被使用
2
count_used:
1
unused: //这两个状态藐视文件没被使用
- top
- web.nginx.install
used:
- web.apache.install
dev: //开发环境
----------
count_all:
0
count_unused:
0
count_used:
0
unused:
used:
prod: //生产环境
----------
count_all:
0
count_unused:
0
count_used:
0
unused:
used:
test: //测试环境
----------
count_all:
0
count_unused:
0
count_used:
0
unused:
used:
state.show_top
返回minion将用于highstate的顶级数据,也就是显示node01的状态文件,只显示匹配到的主机的状态文件
[root@master ~]# salt '*' state.show_top
node01:
----------
base:
- web.apache.install
state.top
执行指定的top file,而不是默认的。如果要是用自定义的topfile文件就要改master中的
//跟改配置文件
[root@master ~]# vim /etc/salt/master
......
# root of the base environment as defined in "File Server settings" below.
#state_top: top.sls
state_top: runtime.sls //自定义top file文件的名称
# The master_tops option replaces the external_nodes option by creating
......
//跟改运来的top文件名
[root@master ~]# cd /srv/salt/base/
[root@master base]# ls
top.sls web
[root@master base]# mv top.sls runtime.sls
[root@master base]# salt '*' state.top runtime.sls
node01:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 21:13:27.655830
Duration: 699.259 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 21:13:28.357148
Duration: 41.681 ms
Changes:
Summary for node01
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 740.940 ms
state.show_sls
显示 master 上特定sls或sls文件列表中的状态数据
[root@master base]# salt '*' state.show_sls web.apache.install
node01:
----------
apache-install:
----------
__env__:
base
__sls__:
web.apache.install
pkg:
|_
----------
name:
httpd
- installed
|_
----------
order:
10000
apache-service:
----------
__env__:
base
__sls__:
web.apache.install
service:
|_
----------
name:
httpd
|_
----------
enable:
True
- running
|_
----------
order:
10001
cp模块
salt根目录:在master中 file_roots 定义的路径。例如:假设在master中有如下定义:
file_roots:
base:
- /srv/salt/
那么:salt://vimrc指的实际路径是:/srv/salt/vimrc,这样做的好处是,可以满足state系统中环境的概念。
[root@master ]# vim /etc/salt/master
file_roots:
base:
- /srv/salt/base //要先在base中创建一个vimrc目录
dev:
- /srv/salt/dev
prod:
- /srv/salt/prod
test:
- /srv/salt/test
-
[root@master base]# pwd
/srv/salt/base
[root@master base]# mkdir vimrc
[root@master base]# ls
runtime.sls vimrc web
[root@master base]# cat vimrc/wjm
111
get_file
从master下载文件到客户端
[root@master base]# salt '*' cp.get_file salt://vimrc/wjm /etc/test01
# 把/srv/salt/base/vimrc/wjm文件传到目标主机并改名为的/etc/test01 文件
node02:
/etc/test01
node01:
/etc/test01
[root@node01 etc]# cat test01
111
# 文件已经成功传输过来了,并且已经改了文件名
get_dir
从master下载一整个目录
//web是base环境下的一个目录
[root@master ~]# salt 'node1' cp.get_dir salt://web /root/web
node1:
- /root/web/web/apache/install.sls
- /root/web/web/nginx/install.sls
[root@node1 ~]# ls
anaconda-ks.cfg test top.sls web
[root@node1 ~]# tree web/
web/
└── web
├── apache
│ └── install.sls
└── nginx
└── install.sls
get_url
从一个url地址下载文件
[root@master ~]# salt '*' cp.get_url http://vault.centos.org/7.9.2009/os/Source/SPackages/httpd-2.4.6-95.el7.centos.src.rpm /usr/src
node01:
/usr/src/httpd-2.4.6-95.el7.centos.src.rpm
//node01可以查看到刚刚下载的文件
[root@node01 ~]# cd /usr/src
[root@node01 src]# ls
debug
httpd-2.4.6-95.el7.centos.src.rpm
httpd-2.4.6-95.el7.centos.x86_64.rpm.part
kernels
useradd
创建用户的模块
user.add
添加一个新用户
[root@master base]# salt '*' user.add wjm
node01:
True
//到目标主机中查看
[root@node01 ~]# id wjm
uid=1000(wjm) gid=1000(wjm) 组=1000(wjm)
user.chgid
跟改用户的默认组
[root@master base]# salt '*' user.chgid wjm 999
node01:
True
[root@node01 ~]# id wjm
uid=1000(wjm) gid=999(input) 组=999(input)
user.chgroups
跟改用户的附属组
[root@master base]# salt '*' user.chgroups wjm w01
# 前提是对面主机中有w01这个用户
node01:
True
[root@node01 ~]# id wjm
uid=1000(wjm) gid=999(wjm) 组=999(wjm),1000(w01)
user.chhome
更改用户的家目录,如果旧的家目录存在,则将家目录的文件移动到新的家目录
[root@master base]# salt '*' user.chhome wjm /home/www
node01:
True
user.chuid
跟改用户的UID
[root@master base]# salt '*' user.chuid wjm 1111
node01:
True
[root@node01 www]# id wjm
uid=1111(wjm) gid=1000(wjm) 组=1000(wjm),1001(w01)
user.delete
删除minion中的用户
[root@master base]# salt '*' user.delete wjm
node01:
True
[root@node01 www]# id wjm
id: wjm: no such user
user.rename
修改用户名
//首先创建一个名字wjm的用户
[root@node01 www]# useradd wjm
[root@node01 www]# id wjm
uid=1002(wjm) gid=1002(wjm) 组=1002(wjm)
//修改wjm的用户名
[root@master base]# salt '*' user.rename wjm WJM
node01:
False
[root@node01 www]# id WJM
uid=1002(WJM) gid=1002(wjm) 组=1002(wjm)
SaltStack常用模块之salt-cp
salt-cp能够很方便的把 master 上的文件批量传到 minion上
//拷贝单个文件到目标主机的/usr/src目录下
[root@master ~]# salt '*' cmd.run 'ls /usr/src/' //先查看当前有什么文件,便于后面对比效果
node01:
debug
httpd-2.4.6-95.el7.centos.src.rpm
httpd-2.4.6-95.el7.centos.x86_64.rpm.part
kernels
node02:
debug
kernels
[root@master ~]# salt-cp '*' /etc/passwd /usr/src/
# 把master上的/etc/passwd拷贝到目标主机的 /usr/src/下
node01:
----------
/usr/src/passwd:
True
node02:
----------
/usr/src/passwd:
True
[root@master ~]# salt '*' cmd.run 'ls /usr/src/'
node02:
debug
kernels
passwd
node01:
debug
httpd-2.4.6-95.el7.centos.src.rpm
httpd-2.4.6-95.el7.centos.x86_64.rpm.part
kernels
passwd
//除了单个文件拷贝 还可以多个文件同时拷贝
[root@master ~]# salt-cp '*' /etc/passwd /etc/group /usr/src/
# 拷贝master上的/etc/passwd /etc/group 到目标主机的/usr/src/中
node01:
----------
/usr/src/group:
True
/usr/src/passwd:
True
node02:
----------
/usr/src/group:
True
/usr/src/passwd:
True
[root@master ~]# salt '*' cmd.run 'ls /usr/src/'
node02:
debug
group
kernels
passwd
node01:
debug
group
httpd-2.4.6-95.el7.centos.src.rpm
httpd-2.4.6-95.el7.centos.x86_64.rpm.part
kernels
passwd
SaltStack常用模块之file
file.access
检查指定路径是否存在,也就是查看有没有这个路径
[root@master ~]# salt 'node02' cmd.run 'ls /usr/src'
# 先查看目标主机是否有这个文件,然后用access验证一下
node02:
debug
group
kernels
passwd
[root@master ~]# salt 'node02' file.access /usr/src/passwd f
# f:文件类型
node02:
True
检查指定文件的权限信息
[root@master ~]# salt 'node02' file.access /usr/src/passwd r
# 查看passwd这个文件是否有读的权限
node02:
True
[root@master ~]# salt 'node02' file.access /usr/src/passwd w
# 查看passwd这个文件是否有写的权限
node02:
True
[root@master ~]# salt 'node02' file.access /usr/src/passwd x
# 查看passwd这个文件是否有执行的权限
node02:
False
file.append
往一个文件里追加内容,若此文件不存在则会报异常
[root@master ~]# salt 'node02' cmd.run 'ls /root/'
node02:
anaconda-ks.cfg
wjm
[root@master ~]# salt 'node02' file.append /root/wjm "wjm123"
node02:
Wrote 1 lines to "/root/wjm"
//查看内容是否追加进去
[root@master ~]# salt 'node02' cmd.run 'cat /root/wjm'
node02:
wjm123
# 如果没有要追加的文件则会报错
file.basename
获取指定路径的基名
[root@master ~]# salt 'node02' file.basename '/root/wjm'
node02:
wjm
file.dirname
获取 指定路径的目录名
[root@master ~]# salt 'node02' file.dirname '/root/wjm'
node02:
/root
file.check_hosh
检查指定的文件与hash字符串是否匹配,匹配则返回true否则返回false
[root@master ~]# salt 'node02' cmd.run 'md5sum /root/wjm'
node02:
cfa1072acac0e0b7046e46f48f0f0a40 /root/wjm
[root@master ~]# salt 'node02' file.check_hash /root/wjm cfa1072acac0e0b7046e46f48f0f0a40
node02:
True
file.chattr
修改指定文件的属性
属性 | 对文件的意义 | 对目录的意义 |
---|---|---|
a | 只允许在这个文件之后追加数据,不允许任何进程覆盖或截断这个文件 | 只允许在这个目录下建立和修改文件,而不允许删除任何文件 |
i | 不允许对这个文件进行任何的修改,不能删除、更改、移动 | 任何的进程只能修改目录之下的文件,不允许建立和删除文件 |
给指定文件添加属性
[root@master ~]# salt 'node02' cmd.run 'lsattr /root'
# 查看wjm当前原始的属性
node02:
-------------------- /root/anaconda-ks.cfg
-------------------- /root/wjm
[root@master ~]# salt 'node02' file.chattr /root/wjm operator=add attributes=ai
# 给wjm添加ai的属性
node02:
True
[root@master ~]# salt 'node02' cmd.run 'lsattr /root'node02:
# 查看设置过后的属性
-------------------- /root/anaconda-ks.cfg
----ia-------------- /root/wjm
给指定文件去除属性
[root@master ~]# salt 'node02' file.chattr /root/wjm operator=remove attributes=ai
# 添加属性是add 删除属性是remove ,需要删除什么属性就在attributes后面等于什么
node02:
True
[root@master ~]# salt 'node02' cmd.run 'lsattr /root'node02:
-------------------- /root/anaconda-ks.cfg
-------------------- /root/wjm
file.chown
设置指定文件的属主、属组信息
[root@master ~]# salt 'node02' cmd.run 'ls -l /root/'
node02:
total 8
-rw-------. 1 root root 1094 Sep 24 09:06 anaconda-ks.cfg
-rw-r--r-- 1 root root 7 Nov 4 21:37 wjm
[root@master ~]# salt 'node02' file.chown /root/wjm tom tom
# 注意!!!前提是目标主机中有tom用户,并且在设置的时候要同时写上主和组
# 如果只想改主为tom 组不变可以写成 tom root
node02:
None
[root@master ~]# salt 'node02' cmd.run 'ls -l /root/'
node02:
total 8
-rw-------. 1 root root 1094 Sep 24 09:06 anaconda-ks.cfg
-rw-r--r-- 1 tom tom 7 Nov 4 21:37 wjm
file.copy
在远程主机上复制文件或目录
拷贝文件
[root@master ~]# salt 'node02' file.copy /root/wjm /tmp/test01
# 把node02上的wjm文件拷贝到node02的/tmp/下并改名为test01
node02:
True
[root@master ~]# salt 'node02' cmd.run 'ls -l /tmp/'
node02:
total 4
drwx------ 3 root root 17 Nov 4 21:03 systemd-private-e6b9680b9cec4f67b0a8c63897ac8ebc-chronyd.service-VUZBmp
-rw-r--r-- 1 tom tom 7 Nov 4 22:04 test01
drwx------ 2 root root 6 Nov 4 21:03 vmware-root_898-2722239165
覆盖并拷贝目录,将会覆盖同名文件或目录
[root@master ~]# salt 'node02' file.copy /tmp/test01 /root/abc recurse=true
node02:
True
[root@master ~]# salt 'node02' cmd.run 'ls -l /root'
node02:
total 12
-rw-r--r-- 1 tom tom 7 Nov 4 22:08 abc
-rw-------. 1 root root 1094 Sep 24 09:06 anaconda-ks.cfg
-rw-r--r-- 1 tom tom 7 Nov 4 21:37 wjm
file.ditectory_exists
判断指定目录是否存在,存在则返回true,否则返回false
[root@master ~]# salt 'node02' file.directory_exists /root/wjm
# 如果是文件会报错
node02:
False
[root@master ~]# salt 'node02' file.directory_exists /root
# 只有目录才返回正确
node02:
True
file.diskusage
递归计算指定路径的磁盘使用情况并以字节为单位返回,也就是计算整个路径占用磁盘的情况
[root@master ~]# salt 'node02' cmd.run 'du -sb /root'
# 有点差异是正常的
node02:
12412 /root
[root@master ~]# salt 'node02' file.diskusage /root
node02:
12198
file.file_exists
判断指定文件是否存在
[root@master ~]# salt 'node02' file.file_exists /root/wjm
# 有这个文件就返回true正确
node02:
True
[root@master ~]# salt 'node02' file.file_exists /root/sadfsd
# 如果没有这个文件就返回false
node02:
False
file.find
类似于find查找命令,并返回符合指定条件的路径列表
匹配方式:
name(名字) = path-glob # case sensitive
iname(忽略大小写) = path-glob # case insensitive
regex(正则表达式) = path-regex # case sensitive
iregex(忽略大小正则表达式) = path-regex # case insensitive
type(类型) = file-types # match any listed type
user(用户) = users # match any listed user
group(组) = groups # match any listed group
size(大小) = [+-]number[size-unit] # default unit = byte
mtime(修改时间) = interval # modified since date
grep(过滤) = regex # search file contents
匹配过后的动作:
delete [= file-types]//删除,默认的动作 # default type = 'f' //删除,默认的动作
exec = command [arg ...]//后面跟要执行的命令 # where {} is replaced by pathname
print [= print-opts]//打印
打印的值:
可以打印哪些值
group: group name //组的名字
md5: MD5 digest of file contents //md5加密
mode: file permissions (as integer) //权限
mtime: last modification time (as time_t) //修改时间
name: file basename //名字
path: file absolute path //路径,位置
size: file size in bytes //大小
type: file type //类型
user: user name //用户
The default action is print=path
默认的动作打印路径
路径的通配符
* //所有字符串 = match zero or more chars
? // 任意的单个字符串 = match any char
[abc] //匹配abc中的单个字符,a或b或c = match a, b, or c
[!abc] or [^abc]//除abc之外的其它东西 = match anything except a, b, and c
[x-y] //x到y的范围 = match chars x through y
[!x-y] or [^x-y]//除了x到y的其他东西 = match anything except chars x through y
{a,b,c} // 匹配a或者b或者c,和第三种一个意思 = match a or b or c
文件类型:
a: all file types //所有的文件类型
b: block device // 块设备
c: character device //字符设备
d: directory //目录
p: FIFO (named pipe) //管道符
f: plain file// 文件
l: symlink //连接文件
s: socket //套接字文件
根据深度查找:
maxdepth = maximum depth to transverse in path
# 最大深度就是第一层到max之间查找,但是max之后的层就找不到了
mindepth = minimum depth to transverse before checking files or directories
# 最小层就是从第几层开始往后面找,如果设置的最小层上面前面还有东西 那么还是不会去找,只会从设置的最小往下找
大小的单位:
b: bytes //字节
k: kilobytes //kb
m: megabytes //mb
g: gigabytes //GB
t: terabytes //TB
间隔,根据修改时间查询
[<num>w] [<num>d] [<num>h] [<num>m] [<num>s]
# num是数字的意思
where:
w: week //周
d: day //天
h: hour //小时
m: minute //分钟
s: second //秒
示例:
salt '*' file.find / type=f name=\*.bak size=+10m
# 查找类型是文件 名字是以.bak结尾 并且大小在10mb以上的文件
salt '*' file.find /var mtime=+30d size=+10m print=path,size,mtime
# 在/var下查找 修改时间在30天以前,并且大小在10mb以上 然后在打印出他们的位置、大小、修改时间
salt '*' file.find /var/log name=\*.[0-9] mtime=+30d size=+10m delete
# 在/var/log 查找包含.0-9数字,并且修改时间在30天以前 大小10mb以上的 东西删除掉
file.get_gid、get_uid、get_group
获取指定文件的的gid、group组名
//查看目标主机文件的属性和用户id,然后在用模块执行验证
[root@master ~]# salt 'node02' cmd.run 'ls -l /root/wjm'
node02:
-rw-r--r-- 1 tom tom 7 Nov 4 21:37 /root/wjm
[root@master ~]# salt 'node02' cmd.run 'id tom'
node02:
uid=1000(tom) gid=1000(tom) groups=1000(tom)
[root@master ~]# salt 'node02' file.get_gid /root/wjm
# 查看文件的用户id uid
node02:
1000
[root@master ~]# salt 'node02' file.get_group /root/wjm
# 查看文件的组名
node02:
tom
[root@master ~]# salt '*' file.get_uid /root/wjm
# 查看指定文件的uid
node2:
0
file.get_user
获取指定文件的用户名
[root@master ~]# salt '*' file.get_user /root/wjm
node2:
tom
file.get_mode
获取指定主机文件的权限
[root@master ~]# salt 'node02' cmd.run 'ls -l /root/wjm'
node02:
-rw-r--r-- 1 tom tom 7 Nov 4 21:37 /root/wjm
[root@master ~]# salt 'node02' file.get_mode /root/wjm
node02:
0644
file.get_selinux_context
获取指定文件的selinux上下文信息
注意:这个上下文信息只有系统自带文件才有,如果是我们自己创建那么就没有
[root@master ~]# salt 'node02' file.get_selinux_context /root/anaconda-ks.cfg
node02:
system_u:object_r:admin_home_t:s0
file.gid_to_group、file.group_to_gid
gid_to_group 获取指定gid并转换为组名
[root@master ~]# salt 'node02' file.gid_to_group 1000
node02:
tom
roup_to_gid 获取指定的组名转换为gid数字形式来显示
[root@master ~]# salt 'node02' file.group_to_gid tom
node02:
1000
file.grep
在指定文件中检索指定内容
该函数支持通配符
,若在指定的路径中使用通配符必须使用双引号引起来
[root@master ~]# salt 'node02' file.grep /etc/passwd nobody
node02:
----------
pid:
30447
retcode:
0
stderr:
stdout:
nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin
//-i选项是不区分大小写,打印IP地址
[root@master ~]# salt 'node02' file.grep /etc/sysconfig/network-scripts/ifcfg-ens33 ipaddr -- -i
node02:
----------
pid:
33965
retcode:
0
stderr:
stdout:
IPADDR=192.168.164.137
//-B打印所匹配到的内容以及前两行内容
salt '*' file.grep /etc/sysconfig/network-scripts/ifcfg-eth0 ipaddr -- -i -B2
# 后面的选择可以组合写成 -- -iB2
//-l 列出文件内容符合指定的样式的文件名称,指定的路径中用通配符则必须用双引号引起来
salt '*' file.grep "/etc/sysconfig/network-scripts/*" ipaddr -- -i -l
file.is_blkdev
判断指定的文件是都是块设备文件
[root@master ~]# salt 'node02' file.is_blkdev /dev/sr0
# /dev/sr0这个位置一般是挂载镜像文件的位置
node02:
True
file.lsattr
检查并便显示出指定文件的属性信息
[root@master ~]# salt 'node02' cmd.run 'lsattr /root/wjm'
# 首先查看文件的属性
node02:
-------------------- /root/wjm
[root@master ~]# salt 'node02' file.lsattr /root/wjm
# 再用命令查看一下文件的属性
node02:
----------
/root/wjm:
[root@master ~]# salt 'node02' cmd.run 'chattr +a /root/wjm'
# 给文件添加属性
node02:
[root@master ~]# salt 'node02' cmd.run 'lsattr /root/wjm'
# 用模块查看文件的属性
node02:
-----a-------------- /root/wjm
[root@master ~]# salt 'node02' file.lsattr /root/wjm
# 用模块查看文件的属性
node02:
----------
/root/wjm:
- a
file.mkdir
创建目录并设置属主、属组及权限
[root@master ~]# salt 'node02' file.mkdir /root/test02 tom tom 755
# 如果不指定属主和组会使用默认的root用户,
# 如果不指定权限也会用目录默认的权限755
node02:
True
[root@master ~]# salt 'node02' cmd.run 'ls -l /root'
node02:
total 12
-rw-r--r-- 1 tom tom 7 Nov 4 22:08 abc
-rw-------. 1 root root 1094 Sep 24 09:06 anaconda-ks.cfg
drwxr-xr-x 2 tom tom 6 Nov 5 11:20 test02
-rw-r--r-- 1 tom tom 7 Nov 4 21:37 wjm
file.move
移动或重命名文件
[root@master ~]# salt '*' cmd.run 'ls -l /root'
node01:
total 4
drwxr-xr-x 2 tom tom 6 Nov 4 17:03 345
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
[root@master ~]# salt '*' file.move /root/345 /tmp/678
node01:
----------
comment:
'/root/345' moved to '/tmp/678'
result:
True
[root@master ~]# salt '*' cmd.run 'ls -l /tmp'
node01:
total 0
drwxr-xr-x 2 tom tom 6 Nov 4 17:03 678
file.prepend
把文本插入指定文件的开头
[root@node01 ~]# echo "123 \n 456" > www
# 首先先在受控端确保有一个文件
[root@node01 ~]# cat www
123 \n 456
[root@master ~]# salt '*' file.prepend /root/www 'hahh' 'hehe'
# 把hahh和hehe插入到www文件的前面
node01:
Prepended 2 lines to "/root/www"
[root@master ~]# salt '*' cmd.run 'cat /root/www'
node01:
hahh
hehe
123 \n 456
file.sed
修改文本文件的内容
[root@master ~]# salt '*' cmd.run 'cat /root/www'
node01:
hahh
hehe
123 \n 456
[root@master ~]# salt '*' file.sed /root/www 'hehe' 'wjm'
# 把www文件中的hehe替换成wjm
node01:
----------
pid:
13397
retcode: //返回结果是0就表示正常,就和$?一样的含义,表示查看上一个命令是否执行成功
0
stderr:
stdout:
[root@master ~]# salt '*' cmd.run 'cat /root/www'
node01:
hahh
wjm
123 \n 456
//指定修改哪个内容
[root@master ~]# salt '*' file.sed /root/www '123' '321' flags=2
# 修改每一行中第二次出现的123改成321
node01:
----------
pid:
18926
retcode:
0
stderr:
stdout:
[root@master ~]# salt '*' cmd.run 'cat /root/www'
node01:
hahh 123 321
wjm 123
123 \n 456
[root@master ~]#
file.read
读取文件内容
[root@master ~]# salt '*' file.read /root/www
node01:
hahh 123 321
wjm 123
123 \n 456
file.readdir
列出指定目录下的所有文件或目录,包括隐藏文件
类似于ls -a
[root@master ~]# salt '*' file.readdir /root
node01:
- .
- ..
- .bash_logout
- .bash_profile
- .bashrc
- .cshrc
- .tcshrc
- anaconda-ks.cfg
- .bash_history
- .pki
- www.bak
- .viminfo
- www
file.remove
删除指定的文件或目录,若给出的是目录,则会递归把目录下的所有东西删除
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
drwxr-xr-x 2 root root 6 Nov 6 15:22 111
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-r--r-- 1 root root 40 Nov 6 15:18 www
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
[root@master ~]# salt '*' file.remove /root/111
node01:
True
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-r--r-- 1 root root 40 Nov 6 15:18 www
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
file.rename
重命名文件或目录
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-r--r-- 1 root root 40 Nov 6 15:18 www
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
[root@master ~]# salt '*' file.rename /root/www /root/w123
node01:
True
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-r--r-- 1 root root 40 Nov 6 15:18 w123
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
file.set_mode
给指定文件设置权限
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-r--r-- 1 root root 40 Nov 6 15:18 w123
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
[root@master ~]# salt '*' file.set_mode /root/w123 677
# 修改w123的权限为677
node01:
0677
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-rwxrwx 1 root root 40 Nov 6 15:18 w123
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
file.symlink
给指定的文件创建软链接
[root@master ~]# salt '*' file.symlink /root/w123 /root/123
# 前提是root下事先是没有123这个文件的
node01:
True
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
lrwxrwxrwx 1 root root 10 Nov 6 15:33 123 -> /root/w123
-rw-r--r-- 1 root root 0 Nov 6 15:29 222
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-r--r-- 1 root root 40 Nov 6 15:18 w123
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
file.touch
创建空文件或者修改时间戳
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
lrwxrwxrwx 1 root root 10 Nov 6 15:33 123 -> /root/w123
-rw-r--r-- 1 root root 0 Nov 6 15:29 222
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-r--r-- 1 root root 40 Nov 6 15:18 w123
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
[root@master ~]# salt '*' file.touch /root/install
# 创建一个名为install的空文件
node01:
True
[root@master ~]# salt '*' file.touch /root/222
# 修改222文件的时间戳
node01:
True
[root@master ~]# salt '*' cmd.run 'ls -l'
node01:
total 12
lrwxrwxrwx 1 root root 10 Nov 6 15:33 123 -> /root/w123
-rw-r--r-- 1 root root 0 Nov 6 15:35 222
-rw-------. 1 root root 1263 Oct 13 14:41 anaconda-ks.cfg
-rw-r--r-- 1 root root 0 Nov 6 15:35 install
-rw-r--r-- 1 root root 40 Nov 6 15:18 w123
-rw-r--r-- 1 root root 40 Nov 6 15:16 www.bak
file.uid_to_user、user_to_uid
将uid数字转换成对应的用户名,将用户名装换成对应的uid数字
[root@master ~]# salt '*' file.uid_to_user 0
node01:
root
[root@master ~]# salt '*' file.user_to_uid root
node01:
0
file.write
往一个指定的文件里面覆盖写入指定内容
这种方式类似于linux命令中的">"覆盖,会原来文件中的内容全部覆盖
也就是会将原来文件的内容删除掉,然后重新写入内容
[root@master ~]# salt '*' cmd.run 'cat /root/w123'
node01:
hahh 123 321
wjm 123
123 \n 456
[root@master ~]# salt '*' file.write /root/w123 '新的内容'
node01:
Wrote 1 lines to "/root/w123"
[root@master ~]# salt '*' cmd.run 'cat /root/w123'
node01:
新的内容