1.运行模块方法
使用salt命令,语法 salt 'target' 模块.方法 参数
[root@Management-Machine-140 ~]# salt '*' cmd.run 'cat /root/a.log' 139: cat: /root/a.log: No such file or directory 137: cat: /root/a.log: No such file or directory 136: 136 this is a test 138: 138 ERROR: Minions returned with non-zero exit code [root@Management-Machine-140 ~]#
当然也可以自己编写模块和方法,这需要python功底。
2.查看模块对应的可执行函数的功能
查看所有内置模块功能说明 salt ‘*’sys.doc
查看某个模块的所有方法说明 salt '*' sys.doc cmd
查某个模块的特定方法说明 salt '*' sys.doc cmd.run
[root@Management-Machine-140 ~]# salt '136' sys.doc cmd.run 'cmd.run:' Execute the passed command and return the output as a string Note that ``env`` represents the environment variables for the command, and should be formatted as a dict, or a YAML string which resolves to a dict. Warning: This function does not process commands through a shell unless the python_shell flag is set to True. This means that any shell-specific functionality such as 'echo' or the use of pipes, redirection or &&, should either be migrated to cmd.shell or have the python_shell=True flag set here. The use of python_shell=True means that the shell will accept _any_ input including potentially malicious commands such as 'good_command;rm -rf /'. Be absolutely certain that you have sanitized your input prior to using python_shell=True CLI Example: salt '*' cmd.run "ls -l | awk '/foo/{print \$2}'" The template arg can be set to 'jinja' or another supported template engine to render the command arguments before execution. For example: salt '*' cmd.run template=jinja "ls -l /tmp/{{grains.id}} | awk '/foo/{print \$2}'" Specify an alternate shell with the shell parameter: salt '*' cmd.run "Get-ChildItem C:\ " shell='powershell' A string of standard input can be specified for the command to be run using the ``stdin`` parameter. This can be useful in cases where sensitive information must be read from standard input.: salt '*' cmd.run "grep f" stdin='one\ntwo\nthree\nfour\nfive\n' If an equal sign (``=``) appears in an argument to a Salt command it is interpreted as a keyword argument in the format ``key=val``. That processing can be bypassed in order to pass an equal sign through to the remote shell command by manually specifying the kwarg: salt '*' cmd.run cmd='sed -e s/=/:/g'
实例,常见模块的可执行函数:https://docs.saltstack.com/en/latest/ref/modules/all/index.html
[root@Management-Machine-140 ~]# salt '*' network.get_hostname 139: Rsync-139 137: WebB-137 138: Nfs-138 136: WebA-136 [root@Management-Machine-140 ~]#
3.target定位方法
a.指定minions的ID匹配或使用通配符来指定1个或多个,salt默认target类型就是Glob
[root@Management-Machine-140 ~]# salt '136' network.interface eth0 136: |_ ---------- address: 192.168.146.136 broadcast: 192.168.146.255 label: eth0 netmask: 255.255.255.0 [root@Management-Machine-140 pillar]# salt '13*' test.ping 139: True 136: True 137: True 138: True [root@Management-Machine-140 pillar]#
b. 正则 -E,或--pcre
[root@Management-Machine-140 pillar]# salt -E '13[0-9]' test.ping 137: True 139: True 136: True 138: True
c.利用grains匹配minions(可暂时略过)
grains是minions启动的时候获取的系统信息。granins的数据一般是静态的,minions启动后就不会改变,除非重启。缓存在内存中。
salt -G 指定grains
[root@Management-Machine-140 ~]# salt -G 'os:Centos' cmd.run 'df -h' 136: Filesystem Size Used Avail Use% Mounted on /dev/sda1 194M 27M 158M 15% /boot 137: Filesystem Size Used Avail Use% Mounted on /dev/sda1 194M 27M 158M 15% /boot
在服务器端执行salt '136' grains.ls列出minions的选项
[root@Management-Machine-140 ~]# salt '136' grains.items 136: ---------- SSDs: cpu_flags: - fpu - vme - de .......
执行salt '136' grains.items列出minions的选项和值(key:value)
[root@Management-Machine-140 ~]# salt '136' grains.items ...... ip_interfaces: ---------- eth0: - 192.168.146.136 - fe80::250:56ff:fe29:29b6 lo: - 127.0.0.1 - ::1 ipv4: - 127.0.0.1 - 192.168.146.136 ipv6: - ::1 - fe80::250:56ff:fe29:29b6 kernel: Linux kernelrelease: 2.6.32-431.el6.x86_64 [root@Management-Machine-140 pillar]# salt -G 'ip_interfaces:eth0:192.168.146.136' test.ping#多级: 136: True
执行salt '136' grains.item os
[root@Management-Machine-140 ~]# salt '136' grains.item os 136: ---------- os: CentOS [root@Management-Machine-140 ~]#
当然我们可以自定义添加grains项目,在服务器端/etc/salt/grains(建议使用此方法),客户端修改配置文件/etc/salt/minions添加项目(key:value)
[root@WebA-136 ~]# cat /etc/salt/grains test: test role: nginx env: test edit: yang [root@Management-Machine-140 salt]# salt '136' grains.items edit: yang env: test role: nginx test: test
d.根据pillar匹配(可暂时略过)
pillar是master端定义的,并且是针对 minion 定义信息。如存储静态数据、重要的数据(帐号密码)可以存在 pillar 里,还可以定义变量等。
pillar是salt设计的一套接口,指定全局静态数据描述minions的。
有关top.sls请看下面的介绍,建议先看下top.sls的规范或者解释吧。
[root@Management-Machine-140 pillar]# cat top.sls#总入口文件 base: '136': - test [root@Management-Machine-140 pillar]# cat test.sls#测试文件 conf: /etc/123.conf myname: yang [root@Management-Machine-140 pillar]# salt '136' pillar.items#验证 136: ---------- conf: /etc/123.conf myname: yang [root@Management-Machine-140 pillar]# salt -I 'conf:/tmp/123.conf' test.ping #-I 指定pillar 136: True [root@Management-Machine-140 pillar]#
e.根据and or not 匹配
[root@Management-Machine-140 ~]# salt -C 'G@os:Centos and E@13* or 136' test.ping #G@ 指定grains E@使用正则 136: True 138: True 139: True 137: True [root@Management-Machine-140 ~]#
f.根据分组名称过滤
[root@Management-Machine-140 ~]# vim /etc/salt/master ##### Node Groups ##### ########################################## # Node groups allow for logical groupings of minion nodes. A group consists of a group # name and a compound target. nodegroups: web: '136 or 137' test: '138 or 139' [root@Management-Machine-140 ~]# salt -N 'web' test.ping 136: True 137: True
g.利用list -L
[root@Management-Machine-140 pillar]# salt -L 136,137 test.ping 137: True 136: True
h.指定subnet -S即ip或网段
[root@Management-Machine-140 pillar]# salt -S '192.168.146.136' test.ping 136: True [root@Management-Machine-140 pillar]#
转载于:https://blog.51cto.com/12107790/2317369