最近,许多小伙伴都在询问知了小姐姐如何用Python脚本来监控服务器。
那么现在,干货来了,知了小姐姐特地请教了知了堂堂信安项目经理——甘老师解答这个问题。
《如何用Python脚本来监控服务器》系列内容较多,知了小姐姐将分4次为大家分享。
1、自动化监控Agent方式
2、自运化监控方式之SSH
3、自动化监控方式之Saltstack
4、自动化监控方式之puppet
今天为大家分享自动化监控方式之Saltstack,正文开始啦~~
saltstack模式:
优点:快速,开发成本低
缺点:依赖saltstack
自动化监控Saltstack方式实战
3.1 Saltstack的环境说明
Saltstack的架构是客户端与服务型模型(C/S)
3.2 saltstack的安装
Salt-master的安装配置:
[root@localhost ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[root@localhost ~]# /etc/init.d/iptables stop
[root@localhost ~]# yum install salt-master
[root@localhost ~]# cat /etc/salt/master
# The address of the interface to bind to:
interface: 192.168.100.40
[root@localhost ~]# /etc/init.d/salt-master start
总结如下:
Master: yum install salt-master
Master准备:
a. 配置文件,监听本机IP
vim /etc/salt/master
interface: 本机IP地址
b. 启动master
/etc/init.d/salt-master start
salt-minion的安装配置:
[root@localhost ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
[root@localhost ~]# /etc/init.d/iptables stop
[root@localhost ~]# cat /etc/salt/minion
# Set the location of the salt master server. If the master server cannot be
# resolved, then the minion will fail to start.
master: 192.168.100.40
[root@localhost ~]# /etc/init.d/salt-minion start
总结如下:
Slave: yum install salt-minion
Slave准备:
a. 配置文件,连接那个master
vim /etc/salt/minion
master: 远程master地址
b. 启动slave
/etc/init.d/salt-minion start
3.3服务端配置认证
[root@localhost ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
192.168.100.136
Rejected Keys:
[root@localhost ~]# salt-key -a 192.168.100.136
The following keys are going to be accepted:
Unaccepted Keys:
192.168.100.136
Proceed? [n/Y] y
Key for minion 192.168.100.136 accepted.
[root@localhost ~]# salt-key -L
Accepted Keys:
192.168.100.136
Denied Keys:
Unaccepted Keys:
Rejected Keys:
3.4 saltstack的测试(在服务端上进测试)
[root@localhost ~]# salt '192.168.100.136' cmd.run 'df -h'
192.168.100.136:
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 97G 687M 91G 1% /
tmpfs 427M 92K 427M 1% /dev/shm
/dev/sda1 194M 34M 151M 19% /boot
/dev/sda5 20G 172M 19G 1% /home
/dev/sda6 34G 176M 32G 1% /opt
/dev/sda3 49G 3.0G 43G 7% /usr
[root@localhost ~]# salt '*' cmd.run 'df -h'
192.168.100.136:
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 97G 687M 91G 1% /
tmpfs 427M 92K 427M 1% /dev/shm
/dev/sda1 194M 34M 151M 19% /boot
/dev/sda5 20G 172M 19G 1% /home
/dev/sda6 34G 176M 32G 1% /opt
/dev/sda3 49G 3.0G 43G 7% /usr
[root@localhost ~]#
Python salt模块介绍
>>> from salt import client
>>> local = client.LocalClient()
>>> result = local.cmd('192.168.100.136','cmd.run',['ifconfig'])
>>> result.keys()
['192.168.100.136']
>>> result.values()
['eth1 Link encap:Ethernet HWaddr 00:0C:29:75:92:BB \n inet addr:192.168.100.136 Bcast:192.168.100.255 Mask:255.255.255.0\n inet6 addr: fe80::20c:29ff:fe75:92bb/64 Scope:Link\n UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1\n RX packets:45940 errors:0 dropped:0 overruns:0 frame:0\n TX packets:15047 errors:0 dropped:0 overruns:0 carrier:0\n collisions:0 txqueuelen:1000 \n RX bytes:38165890 (36.3 MiB) TX bytes:1378272 (1.3 MiB)\n\nlo Link encap:Local Loopback \n inet addr:127.0.0.1 Mask:255.0.0.0\n inet6 addr: ::1/128 Scope:Host\n UP LOOPBACK RUNNING MTU:16436 Metric:1\n RX packets:16 errors:0 dropped:0 overruns:0 frame:0\n TX packets:16 errors:0 dropped:0 overruns:0 carrier:0\n collisions:0 txqueuelen:0 \n RX bytes:960 (960.0 b) TX bytes:960 (960.0 b)']
>>> result
{'192.168.100.136': 'eth1 Link encap:Ethernet HWaddr 00:0C:29:75:92:BB \n inet addr:192.168.100.136 Bcast:192.168.100.255 Mask:255.255.255.0\n inet6 addr: fe80::20c:29ff:fe75:92bb/64 Scope:Link\n UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1\n RX packets:45940 errors:0 dropped:0 overruns:0 frame:0\n TX packets:15047 errors:0 dropped:0 overruns:0 carrier:0\n collisions:0 txqueuelen:1000 \n RX bytes:38165890 (36.3 MiB) TX bytes:1378272 (1.3 MiB)\n\nlo Link encap:Local Loopback \n inet addr:127.0.0.1 Mask:255.0.0.0\n inet6 addr: ::1/128 Scope:Host\n UP LOOPBACK RUNNING MTU:16436 Metric:1\n RX packets:16 errors:0 dropped:0 overruns:0 frame:0\n TX packets:16 errors:0 dropped:0 overruns:0 carrier:0\n collisions:0 txqueuelen:0 \n RX bytes:960 (960.0 b) TX bytes:960 (960.0 b)'}
>>>
Saltstack实战
from salt import client
local = client.LocalClient()
# ################## 监控今日未采集主机名 ##################
#result = requests.get('http://www.127.0.0.1:8000/assets.html')
# result = ['c1.com','c2.com']
# ################## 远程服务器执行命令 ##################
# import subprocess
# result = subprocess.getoutput("salt 'c1.com' cmd.run 'ifconfig'")
#
# import salt.client
# local = salt.client.LocalClient()
# result = local.cmd('c2.salt.com', 'cmd.run', ['ifconfig'])
# ################## 发送数据 ##################
# requests.post('http://www.127.0.0.1:8000/assets.html',data=data_dict)
你学会了吗?
今天的内容就分享到这儿啦,敬请期待下期分享!想获取更多信安学习干货,欢迎关注公众号【汇智知了堂】啦~
如果还有不清楚的、想要深入了解Python的小伙伴们,加知了小姐姐噢~欢迎大家随时私聊小姐姐,别不好意思哦!
往期回顾:
文章来源:知了堂甘老师原创。