Job管理
Job简介
- master在下发指令任务时,会附带上产生的jid。
- minion在接收到指令开始执行时,会在本地的/var/cache/salt/minion/proc目录下产生该jid命名的文件,用于在执行过程中master查看当前任务的执行情况。
- 指令执行完毕将结果传送给master后,删除该临时文件。
Job cache
[root@server1 ~]# ls /var/cache/salt/master/jobs/
00 07 0d 12 19 28 33 43 48 57 5c 63 6d 74 79 7d 86 8f 99 b0 b3 c5 cd d1 df f0 f8
01 0a 0e 13 21 2e 36 44 4d 58 5e 65 71 76 7b 82 88 90 a4 b1 b8 c7 ce d9 e0 f1 f9
04 0b 0f 14 25 32 3e 46 50 59 62 68 72 77 7c 83 8b 94 a8 b2 bc cc d0 dc e5 f5 fa
把Job存储到数据库
有两种方法:
1 在minion端设置/etc/salt/minion
############################################
# Default Minion returners. Can be a comma delimited string or a list:
#
return: mysql
#
#return: mysql,slack,redis
#
#return:
# - mysql
# - hipchat
# - slack
mysql.host: '172.25.254.101'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.port: '3306'
安装并初始化mysql
CREATE DATABASE `salt`
DEFAULT CHARACTER SET utf8
DEFAULT COLLATE utf8_general_ci;
USE `salt`;
--
-- Table structure for table `jids`
--
DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (
`jid` varchar(255) NOT NULL,
`load` mediumtext NOT NULL,
UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Table structure for table `salt_returns`
--
DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Table structure for table `salt_events`
--
DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
创建用户
MariaDB [(none)]> grant all on salt.* to salt@'%' identified by 'salt';
2 在 master端设置/etc/salt/master (推荐)
1250 # Which returner(s) will be used for minion's result:
1251 return: mysql
1252 master_job_cache: mysql
1253 mysql.host: 'localhost'
1254 mysql.user: 'salt'
1255 mysql.pass: 'salt'
1256 mysql.db: 'salt'
salt-ssh与salt-syndic
salt-ssh简介
- salt-ssh可以独立运行的,不需要minion端。
- salt-ssh 用的是sshpass进行密码交互的。
- 以串行模式工作,性能下降。
salt-ssh 配置
配置roster文件,默认的本地路径是 /etc/salt/roster:
server2:
host: 172.25.254,102
user: root
passwd: westos
测试
[root@server1 salt]# salt-ssh '*' test.ping
server2:
----------
retcode:
254
stderr:
stdout:
The host key needs to be accepted, to auto accept run salt-ssh with the -i flag:
The authenticity of host '172.25.254.102 (172.25.254.102)' can't be established.
ECDSA key fingerprint is SHA256:fbqFHOqq7gdrJZ0lt9nyszyDiFiwtXqva4tKWBBsMr4.
ECDSA key fingerprint is MD5:a3:f4:21:85:f6:58:0a:22:ad:c5:86:3d:13:15:ed:04.
Are you sure you want to continue connecting (yes/no)?
[root@server1 salt]# salt-ssh '*' test.ping -i
server2:
True
salt-syndic简介
如果大家知道zabbix proxy的话那就很容易理解了,syndic其实就是个代理,隔离master与minion。
Syndic必须要运行在master上,再连接到另一个topmaster上。
Topmaster 下发的状态需要通过syndic来传递给下级master,minion传递给master的数据也是由syndic传递给topmaster。
topmaster并不知道有多少个minion。
syndic与topmaster的file_roots和pillar_roots的目录要保持一致
topmaster端:
vim /etc/salt/master
order_masters: True #作为顶级master
systemctl start salt-master
下级master端:
vim /etc/salt/master
syndic_master: 172.25.254.104
systemctl start salt-master
systemctl start salt-syndic
同意下级master授权
[root@server4 ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
www.westos.org
Rejected Keys:
[root@server4 ~]# salt-key -A -y
The following keys are going to be accepted:
Unaccepted Keys:
www.westos.org
Key for minion www.westos.org accepted.
[root@server4 ~]# salt '*' test.ping
server2:
True
server3:
True