python saltstack_如何用Python脚本来监控服务器(三)——自动化监控方式之Saltstack

最近，许多小伙伴都在询问知了小姐姐如何用Python脚本来监控服务器。

那么现在，干货来了，知了小姐姐特地请教了知了堂堂信安项目经理——甘老师解答这个问题。

《如何用Python脚本来监控服务器》系列内容较多，知了小姐姐将分4次为大家分享。

1、自动化监控Agent方式

2、自运化监控方式之SSH

3、自动化监控方式之Saltstack

4、自动化监控方式之puppet

今天为大家分享自动化监控方式之Saltstack，正文开始啦~~

saltstack模式：

优点：快速，开发成本低

缺点：依赖saltstack

自动化监控Saltstack方式实战

3.1 Saltstack的环境说明

Saltstack的架构是客户端与服务型模型(C/S)

3.2 saltstack的安装

Salt-master的安装配置：

[root@localhost ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

[root@localhost ~]# /etc/init.d/iptables stop

[root@localhost ~]# yum install salt-master

[root@localhost ~]# cat /etc/salt/master

# The address of the interface to bind to:

interface: 192.168.100.40

[root@localhost ~]# /etc/init.d/salt-master start

总结如下：

Master： yum install salt-master

Master准备：

a. 配置文件，监听本机IP

vim /etc/salt/master

interface: 本机IP地址

b. 启动master

/etc/init.d/salt-master start

salt-minion的安装配置：

[root@localhost ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

[root@localhost ~]# /etc/init.d/iptables stop

[root@localhost ~]# cat /etc/salt/minion

# Set the location of the salt master server. If the master server cannot be

# resolved, then the minion will fail to start.

master: 192.168.100.40

[root@localhost ~]# /etc/init.d/salt-minion start

总结如下：

Slave： yum install salt-minion

Slave准备：

a. 配置文件，连接那个master

vim /etc/salt/minion

master: 远程master地址

b. 启动slave

/etc/init.d/salt-minion start

3.3服务端配置认证

[root@localhost ~]# salt-key -L

Accepted Keys:

Denied Keys:

Unaccepted Keys:

192.168.100.136

Rejected Keys:

[root@localhost ~]# salt-key -a 192.168.100.136

The following keys are going to be accepted:

Unaccepted Keys:

192.168.100.136

Proceed? [n/Y] y

Key for minion 192.168.100.136 accepted.

[root@localhost ~]# salt-key -L

Accepted Keys:

192.168.100.136

Denied Keys:

Unaccepted Keys:

Rejected Keys:

3.4 saltstack的测试(在服务端上进测试)

[root@localhost ~]# salt '192.168.100.136' cmd.run 'df -h'

192.168.100.136:

Filesystem Size Used Avail Use% Mounted on

/dev/sda2 97G 687M 91G 1% /

tmpfs 427M 92K 427M 1% /dev/shm

/dev/sda1 194M 34M 151M 19% /boot

/dev/sda5 20G 172M 19G 1% /home

/dev/sda6 34G 176M 32G 1% /opt

/dev/sda3 49G 3.0G 43G 7% /usr

[root@localhost ~]# salt '*' cmd.run 'df -h'

192.168.100.136:

Filesystem Size Used Avail Use% Mounted on

/dev/sda2 97G 687M 91G 1% /

tmpfs 427M 92K 427M 1% /dev/shm

/dev/sda1 194M 34M 151M 19% /boot

/dev/sda5 20G 172M 19G 1% /home

/dev/sda6 34G 176M 32G 1% /opt

/dev/sda3 49G 3.0G 43G 7% /usr

[root@localhost ~]#

Python salt模块介绍

>>> from salt import client

>>> local = client.LocalClient()

>>> result = local.cmd('192.168.100.136','cmd.run',['ifconfig'])

>>> result.keys()

['192.168.100.136']

>>> result.values()

['eth1 Link encap:Ethernet HWaddr 00:0C:29:75:92:BB \n inet addr:192.168.100.136 Bcast:192.168.100.255 Mask:255.255.255.0\n inet6 addr: fe80::20c:29ff:fe75:92bb/64 Scope:Link\n UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1\n RX packets:45940 errors:0 dropped:0 overruns:0 frame:0\n TX packets:15047 errors:0 dropped:0 overruns:0 carrier:0\n collisions:0 txqueuelen:1000 \n RX bytes:38165890 (36.3 MiB) TX bytes:1378272 (1.3 MiB)\n\nlo Link encap:Local Loopback \n inet addr:127.0.0.1 Mask:255.0.0.0\n inet6 addr: ::1/128 Scope:Host\n UP LOOPBACK RUNNING MTU:16436 Metric:1\n RX packets:16 errors:0 dropped:0 overruns:0 frame:0\n TX packets:16 errors:0 dropped:0 overruns:0 carrier:0\n collisions:0 txqueuelen:0 \n RX bytes:960 (960.0 b) TX bytes:960 (960.0 b)']

>>> result

{'192.168.100.136': 'eth1 Link encap:Ethernet HWaddr 00:0C:29:75:92:BB \n inet addr:192.168.100.136 Bcast:192.168.100.255 Mask:255.255.255.0\n inet6 addr: fe80::20c:29ff:fe75:92bb/64 Scope:Link\n UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1\n RX packets:45940 errors:0 dropped:0 overruns:0 frame:0\n TX packets:15047 errors:0 dropped:0 overruns:0 carrier:0\n collisions:0 txqueuelen:1000 \n RX bytes:38165890 (36.3 MiB) TX bytes:1378272 (1.3 MiB)\n\nlo Link encap:Local Loopback \n inet addr:127.0.0.1 Mask:255.0.0.0\n inet6 addr: ::1/128 Scope:Host\n UP LOOPBACK RUNNING MTU:16436 Metric:1\n RX packets:16 errors:0 dropped:0 overruns:0 frame:0\n TX packets:16 errors:0 dropped:0 overruns:0 carrier:0\n collisions:0 txqueuelen:0 \n RX bytes:960 (960.0 b) TX bytes:960 (960.0 b)'}

>>>

Saltstack实战

from salt import client

local = client.LocalClient()

# ################## 监控今日未采集主机名 ##################

#result = requests.get('http://www.127.0.0.1:8000/assets.html')

# result = ['c1.com','c2.com']

# ################## 远程服务器执行命令 ##################

# import subprocess

# result = subprocess.getoutput("salt 'c1.com' cmd.run 'ifconfig'")

#

# import salt.client

# local = salt.client.LocalClient()

# result = local.cmd('c2.salt.com', 'cmd.run', ['ifconfig'])

# ################## 发送数据 ##################

# requests.post('http://www.127.0.0.1:8000/assets.html',data=data_dict)

你学会了吗？

今天的内容就分享到这儿啦，敬请期待下期分享！想获取更多信安学习干货，欢迎关注公众号【汇智知了堂】啦~

如果还有不清楚的、想要深入了解Python的小伙伴们，加知了小姐姐噢~欢迎大家随时私聊小姐姐，别不好意思哦！

往期回顾：

文章来源：知了堂甘老师原创。