salt-api所有操作均在master端
一、安装salt-api
yum -y install salt-api pyOpenSSL
chkconfig salt-api on
二、配置salt-api
修改/etc/salt/master文件
sed -i '/#default_include/s/#default/default/g' /etc/salt/master
mkdir /etc/salt/master.d
创建用于salt-api的用户
useradd -M -s /sbin/nologin hyxc
echo '123456aa' | passwd hyxc --stdin
新增配置文件/etc/salt/master.d/api.conf
cat /etc/salt/master.d/api.conf
rest_cherrypy:
port: 8000
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/certs/localhost.key
新增配置文件/etc/salt/master.d/eauth.conf
cat /etc/salt/master.d/eauth.conf
external_auth:
pam:
hyxc:
- .*
- '@wheel'
- '@runner'
生成自签名证书
salt-call tls.create_self_signed_cert
重启salt-master
service salt-master restart
启动salt-api
service salt-api start
三、Salt-api的使用
使用curl 获取token
curl -k https://192.168.90.62:8000/login -H "Accept: application/x-yaml" -d username='hyxc