一.API接口
利用api接口来实现SaltStack推送,管理集群是非常方便的手段,下面我们尝试利用API来实现Salt的功能….
1.在server1上安装salt api
yum insatll -y salt-api
2.配置自签名证书
cd /etc/pki/tls/cd private/
openssl genrsa 1024
openssl genrsa 1024 > localhost.key
cd certs
make testcert
3.
cd /etc/salt
vim master # 只支持以.conf结尾的文件
cd master.d/
vim api.conf
rest_cherrypy:
port: 8000
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/private/localhost.key
ll /etc/pki/tls/certs/localhost.crt
ll /etc/pki/tls/private/localhost.key
4.
vim auth.conf
external_auth:
pam:
saltapi:
- ‘.*’
- ‘@wheel’
- ‘@runner’
- ‘@jobs’
5.创建用户并设置密码
useradd saltapi
passwd saltapi
5.打开salt-api,重启salt-master,并查看是否监听8000端口
/etc/init.d/salt-api start
netstat -antlp | grep 8000
7.验证服务并获得token
8.利用token号测试三台minion是否通
curl -sSk https://localhost:8000 -H 'Accept: application/x-yaml' -H 'X-Auth-Token: ff47bf4450abec313837e663c3eeea399bb54947' -d client=local -d tgt='*' -d fun=test.ping
9.编写python脚本请求salt api接口
# -*- coding: utf-8 -*-
import urllib2,urllib
import time
try:
import json
except ImportError:
import simplejson as json
class SaltAPI(objec