文章目录
- 1. SaltStack模块介绍
- 2. SaltStack常用模块
- 2.1 SaltStack常用模块之network
- 2.1.1 network.active_tcp
- 2.1.2 network.calc_net
- 2.1.3 network.connect
- 2.1.4 network.default_route
- 2.1.5 network.get_fqdn
- 2.1.6 network.get_hostname
- 2.1.7 network.get_route
- 2.1.8 network.hw_addr
- 2.1.9 network.ifacestartswith
- 2.1.10 network.in_subnet
- 2.1.11 network.interface
- 2.1.12 network.interface_ip
- 2.1.13 network.interfaces
- 2.1.14 network.ip_addrs
- 2.1.15 network.netstat
- 2.1.16 network.ping
- 2.1.17 network.reverse_ip
- 2.2 SaltStack常用模块之service
- 2.3 SaltStack常用模块之pkg
- 2.4 SaltStack常用模块之state
- 2.5 SaltStack常用模块之salt-cp
- 2.6 altStack常用模块之USER
- 2.7 SaltStack常用模块CP
- 2.8 SaltStack常用模块之file
- 2.8.1 file.access
- 2.8.2 file.append
- 2.8.3 file.basename
- 2.8.4 file.dirname
- 2.8.5 file.check_hash
- 2.8.6 file.chattr
- 2.8.7 file.chown
- 2.8.7 file.copy
- 2.8.9 file.ditectory_exists
- 2.8.10 file.diskusage
- 2.8.11 file.file_exists
- 2.8.12 file.find
- 2.8.13 file.get_gid
- 2.8.14 file.get_group
- 2.8.15 file.get_hash
- 2.8.16 file.get_mode
- 2.8.17 file.get_selinux_context
- 2.8.18 file.get_sum
- 2.8.19 file.get_uid与file.get_user
- 2.8.20 file.gid_to_group
- 2.8.21 file.group_to_gid
- 2.8.22 file.grep
- 2.8.23 file.is_blkdev
- 2.8.24 file.lsattr
- 2.8.25 file.mkdir
- 2.8.26 file.move
- 2.8.27 file.prepend
- 2.8.28 file.sed
- 2.8.29 file.read
- 2.8.30 file.readdir
- 2.8.31 file.remove
- 2.8.32 file.rename
- 2.8.33 file.set_mode
- 2.8.34 file.symlink
- 2.8.35 file.touch
- 2.8.36 file.uid_to_user
- 2.8.37 ile.user_to_uid
- 2.8.38 file.write
1. SaltStack模块介绍
Module是日常使用SaltStack接触最多的一个组件,其用于管理对象操作,这也是SaltStack通过Push的方式进行管理的入口,比如我们日常简单的执行命令、查看包安装情况、查看服务运行情况等工作都是通过SaltStack Module来实现的。
当安装好Master和Minion包后,系统上会安装很多Module,可以通过命令查看支持的所有Module列表:
//查看所有module列表
[root@master ~]# salt 'slave1' sys.list_modules
slave1:
- acl
- aliases
- alternatives
- archive
- artifactory
- baredoc
- beacons
- bigip
- btrfs
- buildout
- chroot
- cloud
- cmd
- composer
......略
//查看指定module的所有function
[root@master ~]# salt 'slave1' sys.list_functions cmd
slave1:
- cmd.exec_code
- cmd.exec_code_all
- cmd.has_exec
- cmd.powershell
- cmd.powershell_all
- cmd.retcode
- cmd.run
- cmd.run_all
- cmd.run_bg
- cmd.run_chroot
- cmd.run_stderr
- cmd.run_stdout
- cmd.script
- cmd.script_retcode
- cmd.shell
- cmd.shell_info
- cmd.shells
- cmd.tty
- cmd.which
- cmd.which_bin
//查看指定module的用法,不推荐,直接在官网查看帮助文档
[root@master ~]# salt 'slave1' sys.doc cmd
cmd.exec_code:
Pass in two strings, the first naming the executable language, aka -
python2, python3, ruby, perl, lua, etc. the second string containing
the code you wish to execute. The stdout will be returned.
All parameters from :mod:`cmd.run_all <salt.modules.cmdmod.run_all>` except python_shell can be used.
CLI Example:
salt '*' cmd.exec_code ruby 'puts "cheese"'
salt '*' cmd.exec_code ruby 'puts "cheese"' args='["arg1", "arg2"]' env='{"FOO": "bar"}'
//SaltStack默认也支持一次执行多个Module,Module之间通过逗号隔开,默认传参之间也是用逗号分隔,也支持指定传参分隔符号--args-separator=@即可
2. SaltStack常用模块
2.1 SaltStack常用模块之network
2.1.1 network.active_tcp
//返回所有活动的tcp连接
[root@master ~]# salt '*' network.active_tcp
master:
----------
0:
----------
local_addr:
192.168.216.200
local_port:
22
remote_addr:
192.168.216.1
remote_port:
63911
1:
----------
local_addr:
192.168.216.200
local_port:
4505
remote_addr:
192.168.216.215
remote_port:
60612
.......略
2.1.2 network.calc_net
//通过IP和子网掩码计算出网段
[root@master ~]# salt '*' network.calc_net 192.168.216.200 255.255.255.0
master:
192.168.216.0/24
slave1:
192.168.216.0/24
slave2:
192.168.216.0/24
[root@master ~]# salt '*' network.calc_net 192.168.216.200 255.255.255.240
slave2:
192.168.216.192/28
master:
192.168.216.192/28
slave1:
192.168.216.192/28
2.1.3 network.connect
//测试minion至某一台服务器的网络是否连通
[root@master ~]# salt '*' network.connect baidu.com 80
slave2:
----------
comment:
Successfully connected to baidu.com (220.181.38.148) on tcp port 80
result:
True
master:
----------
comment:
Successfully connected to baidu.com (220.181.38.148) on tcp port 80
result:
True
slave1:
----------
comment:
Successfully connected to baidu.com (220.181.38.251) on tcp port 80
result:
True
//测试slave机是否能连接本机22端口
[root@master ~]# salt 's*' network.connect 192.168.216.200 22
slave2:
----------
comment:
Successfully connected to 192.168.216.200 (192.168.216.200) on tcp port 22
result:
True
slave1:
----------
comment:
Successfully connected to 192.168.216.200 (192.168.216.200) on tcp port 22
result:
True
2.1.4 network.default_route
//查看默认路由
[root@master ~]# salt 'm*' network.default_route
master:
|_
----------
addr_family:
inet
destination:
0.0.0.0
flags:
UG
gateway:
192.168.216.2
interface:
ens160
netmask:
0.0.0.0
|_
----------
addr_family:
inet6
destination:
::/0
flags:
!n
gateway:
::
interface:
lo
netmask:
|_
----------
addr_family:
inet6
destination:
::/0
flags:
!n
gateway:
::
interface:
lo
netmask:
2.1.5 network.get_fqdn
//查看主机的fqdn(完全限定域名)
[root@master ~]# salt 's*' network.get_fqdn
slave1:
slave1
slave2:
slave2
2.1.6 network.get_hostname
[root@master ~]# salt 's*' network.get_hostname
slave2:
slave2
slave1:
slave1
2.1.7 network.get_route
//查询到一个目标网络的路由信息
[root@master ~]# salt 's*' network.get_route 192.168.216.2
slave1:
----------
destination:
192.168.216.2
gateway:
None
interface:
ens32
source:
192.168.216.210
slave2:
----------
destination:
192.168.216.2
gateway:
None
interface:
ens32
source:
192.168.216.215
2.1.8 network.hw_addr
//返回指定网卡的MAC地址
[root@master ~]# salt '*' network.hw_addr ens32
slave2:
00:0c:29:c8:c7:12
master: //master网卡名字不同
Interface "ens32" not in available interfaces: "lo", "ens160"
slave1:
00:0c:29:ac:42:01
[root@master ~]# salt '*' network.hw_addr ens160
master:
00:0c:29:63:5f:81
slave1:
Interface "ens160" not in available interfaces: "lo", "ens32"
slave2:
Interface "ens160" not in available interfaces: "lo", "ens32"
2.1.9 network.ifacestartswith
//从特定CIDR检索接口名称,通过网端确定网卡名字
[root@master ~]# salt '*' network.ifacestartswith 192.168
master:
- ens160
slave1:
- ens32
slave2:
- ens32
[root@master ~]# salt '*' network.ifacestartswith 192.168.216
master:
- ens160
slave2:
- ens32
slave1:
- ens32
[root@master ~]# salt '*' network.ifacestartswith 192.168.216.0
master:
slave1:
slave2:
//通过ip地址查看网卡名字
[root@master ~]# salt '*' network.ifacestartswith 192.168.216.200
master:
- ens160
slave1:
slave2:
2.1.10 network.in_subnet
//判断当前主机是否在某一个网段内
[root@master ~]# salt '*' network.in_subnet 192.168.216.0/24
master:
True
slave1:
True
slave2:
True
2.1.11 network.interface
//返回指定网卡的信息
[root@master ~]# salt '*' network.interface ens32
master:
Interface "ens32" not in available interfaces: "lo", "ens160"
slave1:
|_
----------
address:
192.168.216.210
broadcast:
192.168.216.255
label:
ens32
netmask:
255.255.255.0
slave2:
|_
----------
address:
192.168.216.242
broadcast:
192.168.216.255
label:
ens32
netmask:
255.255.255.0
//
[root@master ~]# salt '*' network.interface ens160
slave1:
Interface "ens160" not in available interfaces: "lo", "ens32"
slave2:
Interface "ens160" not in available interfaces: "lo", "ens32"
master:
|_
----------
address:
192.168.216.200
broadcast:
192.168.216.255
label:
ens160
netmask:
255.255.255.0
2.1.12 network.interface_ip
//返回指定网卡的IP地址
[root@master ~]# salt '*' network.interface_ip ens32
master:
Interface "ens32" not in available interfaces: "lo", "ens160"
slave1:
192.168.216.210
slave2:
192.168.216.242
[root@master ~]# salt '*' network.interface_ip ens160
master:
192.168.216.200
slave1:
Interface "ens160" not in available interfaces: "lo", "ens32"
slave2:
Interface "ens160" not in available interfaces: "lo", "ens32"
2.1.13 network.interfaces
//返回当前系统中所有的网卡信息
[root@master ~]# salt '*' network.interfaces
master:
----------
ens160:
----------
hwaddr:
00:0c:29:63:5f:81
inet:
|_
----------
address:
192.168.216.200
broadcast:
192.168.216.255
label:
ens160
netmask:
255.255.255.0
inet6:
.....略
2.1.14 network.ip_addrs
//返回一个IPv4的地址列表,该函数将会忽略掉127.0.0.1的地址
[root@master ~]# salt '*' network.ip_addrs
master:
- 192.168.216.200
slave1:
- 192.168.216.210
slave2:
- 192.168.216.215
- 192.168.216.242
2.1.15 network.netstat
//返回所有打开的端口和状态
[root@master ~]# salt 'm*' network.netstat
master:
|_
----------
inode:
27726
local-address:
0.0.0.0:22
program:
987/sshd
proto:
tcp
recv-q:
0
remote-address:
....略
2.1.16 network.ping
//使用ping命令测试到某主机的连通性
[root@master ~]# salt '*' network.ping baidu.com
master:
PING baidu.com (220.181.38.148) 56(84) bytes of data.
64 bytes from 220.181.38.148 (220.181.38.148): icmp_seq=1 ttl=128 time=80.10 ms
64 bytes from 220.181.38.148 (220.181.38.148): icmp_seq=2 ttl=128 time=71.4 ms
64 bytes from 220.181.38.148 (220.181.38.148): icmp_seq=3 ttl=128 time=76.2 ms
64 bytes from 220.181.38.148 (220.181.38.148): icmp_seq=4 ttl=128 time=76.7 ms
--- baidu.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3006ms
rtt min/avg/max/mdev = 71.400/76.318/80.964/3.407 ms
slave2:
PING baidu.com (220.181.38.251) 56(84) bytes of data.
64 bytes from 220.181.38.251 (220.181.38.251): icmp_seq=1 ttl=128 time=80.7 ms
64 bytes from 220.181.38.251 (220.181.38.251): icmp_seq=2 ttl=128 time=71.4 ms
64 bytes from 220.181.38.251 (220.181.38.251): icmp_seq=3 ttl=128 time=76.8 ms
64 bytes from 220.181.38.251 (220.181.38.251): icmp_seq=4 ttl=128 time=77.7 ms
--- baidu.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 71.401/76.686/80.720/3.374 ms
slave1:
PING baidu.com (220.181.38.251) 56(84) bytes of data.
64 bytes from 220.181.38.251 (220.181.38.251): icmp_seq=1 ttl=128 time=43.8 ms
64 bytes from 220.181.38.251 (220.181.38.251): icmp_seq=2 ttl=128 time=82.4 ms
64 bytes from 220.181.38.251 (220.181.38.251): icmp_seq=3 ttl=128 time=77.8 ms
64 bytes from 220.181.38.251 (220.181.38.251): icmp_seq=4 ttl=128 time=72.8 ms
--- baidu.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 43.760/69.209/82.447/15.088 ms
2.1.17 network.reverse_ip
//返回一个指定的IP地址的反向地址
[root@master ~]# salt 'm*' network.reverse_ip 192.168.216.200
master:
200.216.168.192.in-addr.arpa
2.2 SaltStack常用模块之service
2.2.1 service.available
//判断指定的服务是否可用,只要安装就为可用,与状态无关
[root@master ~]# salt '*' service.available sshd
master:
True
slave1:
True
slave2:
True
[root@master ~]# salt '*' service.available httpd
master:
False
slave1:
False
slave2:
False
2.2.2 service.get_all
//获取所有正在运行的服务
[root@master ~]# salt 'm*' service.get_all
master:
- NetworkManager
- NetworkManager-dispatcher
- NetworkManager-wait-online
- arp-ethers
- atd
- auditd
- autovt@
- basic.target
- blk-availability
....略
2.2.3 service.disabled
//检查指定服务是否开机不自动启动
[root@master ~]# salt '*' service.disabled sshd
master:
False
slave1:
False
slave2:
False
2.2.4 service.enabled
//检查指定服务是否开机自动启动
[root@master ~]# salt '*' service.enabled sshd
master:
True
slave1:
True
slave2:
True
2.2.5 service.disable
//设置指定服务开机不自动启动
[root@master ~]# salt '*' service.disable sshd
slave2:
True
slave1:
True
master:
True
2.2.6 service.enable
//设置指定服务开机自动启动
[root@master ~]# salt '*' service.enable sshd
slave2:
True
master:
True
slave1:
True
2.2.7 service.reload
//重新加载指定服务
[root@master ~]# salt '*' service.reload sshd
master:
True
slave1:
True
slave2:
True
//查看指定服务的状态
[root@master ~]# salt '*' service.status sshd
master:
True
slave2:
True
slave1:
True
//语法: service.stop/start/restart
2.3 SaltStack常用模块之pkg
2.3.1 pkg.download
//只下载软件包但不安装
此功能将会下载指定的软件包,但是需要在minion端安装yum-utils,可以使用 cmd.run 进行远程安装
[root@master ~]# salt '*' cmd.run 'rpm -qa|grep yum-utils'
slave1:
yum-utils-4.0.18-4.el8.noarch
master:
yum-utils-4.0.18-4.el8.noarch
slave2:
yum-utils-1.1.31-54.el7_8.noarch
[root@master ~]# salt '*' pkg.download wget
slave2:
----------
wget: //路径为下载包的存放位置
/var/cache/yum/packages/wget-1.14-18.el7_6.1.x86_64.rpm
slave1:
----------
wget:
/var/cache/yum/packages/wget-1.19.5-10.el8.x86_64.rpm
master:
----------
wget:
/var/cache/yum/packages/wget-1.19.5-10.el8.x86_64.rpm
2.3.2 pkg.file_list
//列出指定包或系统中已安装的所有包的文件
[root@master ~]# salt 'm*' pkg.file_list wget
master:
----------
errors:
files:
- /etc/wgetrc
- /usr/bin/wget
- /usr/lib/.build-id
- /usr/lib/.build-id/8d
- /usr/lib/.build-id/8d/ec58c9a41fa3f0d9966de12c634bfa25b11451
- /usr/share/doc/wget
- /usr/share/doc/wget/AUTHORS
- /usr/share/doc/wget/COPYING
....略
2.3.3 pkg.group_info
//查看包组的信息
[root@master ~]# salt 'm*' pkg.group_info 'Development Tools'
master:
----------
conditional:
default:
- asciidoc
- byacc
- ctags
- diffstat
- elfutils-libelf-devel
- git
- intltool
- jna
- ltrace
- patchutils
- perl-Fedora-VSP
- perl-Sys-Syslog
- perl-generators
- pesign
- source-highlight
- systemtap
- valgrind
- valgrind-devel
description:
A basic development environment.
group:
Development Tools
id:
None
mandatory:
- autoconf
- automake
- binutils
- bison
- flex
- gcc
- gcc-c++
- gdb
- glibc-devel
- libtool
- make
- pkgconf
- pkgconf-m4
- pkgconf-pkg-config
- redhat-rpm-config
- rpm-build
- rpm-sign
- strace
optional:
- cmake
- expect
- rpmdevtools
- rpmlint
type:
package group
2.3.4 pkg.group_list
//列出系统中所有的包组
[root@master ~]# salt '*' pkg.group_list
slave2:
----------
available:
- Additional Development
- Anaconda Tools
- Backup Client
- Backup Server
- Base
- CentOS Linux Client product core
- CentOS Linux ComputeNode product core
- CentOS Linux Server product core
- CentOS Linux Workstation product core
.....略
2.3.5 pkg.install
//安装软件
[root@master ~]# salt '*' pkg.install httpd
slave2:
----------
apr:
----------
new:
1.4.8-7.el7
old:
apr-util:
----------
new:
1.5.2-6.el7
old:
httpd:
----------
new:
2.4.6-97.el7.centos.1
.....略
2.3.6 pkg.list_downloaded
//列出已下载到本地的软件包
[root@master ~]# salt '*' pkg.list_downloaded
master:
----------
slave1:
----------
slave2:
----------
wget:
----------
1.14-18.el7_6.1:
----------
creation_date_time:
2021-11-03T16:44:42
creation_date_time_t:
1635929082
path:
/var/cache/yum/packages/wget-1.14-18.el7_6.1.x86_64.rpm
size:
560272
2.3.8 pkg.owner
//列出指定文件是由哪个包提供的
[root@master ~]# salt '*' pkg.owner /usr/sbin/apachectl
master:
httpd
slave1:
httpd
slave2:
httpd
2.3.9 pkg.remove
//卸载指定软件
[root@master ~]# salt '*' pkg.remove wget
slave1:
----------
slave2:
----------
master:
----------
wget:
----------
new:
old:
1.19.5-10.el8
2.3.10 pkg.upgrade
//升级系统中所有的软件包或升级指定的软件包
[root@master ~]# salt '*' pkg.upgrade name=openssl
slave2:
----------
openssl:
----------
new:
1:1.0.2k-22.el7_9
old:
1:1.0.2k-12.el7
openssl-libs:
----------
new:
1:1.0.2k-22.el7_9
old:
1:1.0.2k-12.el7
master:
----------
slave1:
----------
//若想升级系统中所有的软件包则把 name 参数去掉即可
2.4 SaltStack常用模块之state
2.4.1 state.show_highstate
//显示当前系统中有哪些高级状态
[root@master ~]# salt 'm*' state.show_highstate
master:
----------
apache-install:
----------
__env__:
base
__sls__:
web.apache.apache
pkg:
|_
----------
name:
httpd
- installed
|_
----------
order:
10000
apache-service:
----------
__env__:
base
__sls__:
web.apache.apache
service:
|_
----------
name:
httpd
|_
----------
enable:
True
- running
|_
----------
order:
10001
2.4.2 state.highstate
//执行高级状态
[root@master ~]# salt 'm*' state.highstate web.apache.apache
master:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: None
Comment: The following packages would be installed/updated: httpd
Started: 17:43:53.134576
Duration: 835.934 ms
Changes:
----------
installed:
----------
httpd :
----------
new:
installed
old:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: None
Comment: Service httpd not present; if created in this state run, it would have been started
Started: 17:43:53.984663
Duration: 24.112 ms
Changes:
Summary for master
------------
Succeeded: 2 (unchanged=2, changed=1)
Failed: 0
------------
Total states run: 2
Total run time: 860.046 ms
2.4.3 state.show_state_usage
//显示当前系统中的高级状态执行情况
[root@master ~]# salt '*' state.show_state_usage
master:
----------
base:
----------
count_all:
3
count_unused:
2
count_used:
1
unused:
- top
- web.nginx.nginx
used:
- web.apache.apache
dev:
----------
count_all:
0
count_unused:
0
count_used:
......略
2.4.4 state.show_top
//返回minion将用于highstate的顶级数据
[root@master ~]# salt '*' state.show_top
master:
----------
base:
- web.apache.apache
slave1:
----------
slave2:
----------
2.4.5 state.top
//执行指定的top file,而不是默认的
[root@master ~]# salt 'm*' state.top apache.sls
master:
----------
ID: apache-install
Function: pkg.installed
Name: httpd
Result: True
Comment: All specified packages are already installed
Started: 18:29:14.389638
Duration: 535.946 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 18:29:14.927350
Duration: 44.56 ms
Changes:
Summary for master
------------
Succeeded: 2
Failed: 0
------------
Total states run: 2
Total run time: 580.506 ms
2.4.6 state.show_sls
//显示 master 上特定sls或sls文件列表中的状态数据
[root@master ~]# salt 'm*' state.show_sls web.apache.apache
master:
----------
apache-install:
----------
__env__:
base
__sls__:
web.apache.apache
pkg:
|_
----------
name:
httpd
- installed
|_
----------
order:
10000
apache-service:
----------
__env__:
base
__sls__:
web.apache.apache
service:
|_
----------
name:
httpd
|_
----------
enable:
True
- running
|_
----------
order:
10001
2.5 SaltStack常用模块之salt-cp
salt-cp能够很方便的把 master 上的文件批量传到 minion上
[root@master ~]# salt 's*' cmd.run 'ls /usr/src/'
slave1:
debug
kernels
slave2:
debug
kernels
[root@master ~]# salt-cp 's*' /etc/passwd /usr/src/
slave1:
----------
/usr/src/passwd:
True
slave2:
----------
/usr/src/passwd:
True
[root@master ~]# salt 's*' cmd.run 'ls /usr/src/'
slave2:
debug
kernels
passwd
slave1:
debug
kernels
passwd
//拷贝多个文件到目标主机的/usr/src目录下
[root@master ~]# salt-cp 's*' /etc/shadow /etc/group /usr/src
slave1:
----------
/usr/src/group:
True
/usr/src/shadow:
True
slave2:
----------
/usr/src/group:
True
/usr/src/shadow:
True
[root@master ~]# salt 's*' cmd.run 'ls /usr/src/'
slave1:
debug
group
kernels
passwd
shadow
slave2:
debug
group
kernels
passwd
shadow
2.6 altStack常用模块之USER
2.6.1 user.add
//创建用户
[root@master ~]# salt 'slave1' cmd.run 'id tom'
slave1:
id: 'tom': no such user
ERROR: Minions returned with non-zero exit code
[root@master ~]# salt '*' user.add tom
slave1:
True
[root@master ~]# salt 'slave1' cmd.run 'id tom'
slave1:
uid=1000(tom) gid=1000(tom) groups=1000(tom)
2.6.2 user.chuid
//更改用户UID
[root@master ~]# salt 'slave1' user.chuid tom 2000
slave1:
True
[root@master ~]# salt 'slave1' cmd.run 'id tom'
slave1:
uid=2000(tom) gid=1000(tom) groups=1000(tom)
2.6.3 user.gid
//更改用户GID
2.6.4 user.chgroups
//更改附加组,前提是组必须存在
[root@master ~]# salt 'slave1' user.chgroups tom abc
slave1:
True
2.6.5 user.chgid
//前提是这个gid的组存在
[root@master ~]# salt 'slave1' user.chgid tom 2000
slave1:
True
2.6.6 user.list_groups
//列出指定用户所属组的列表
[root@master ~]# salt 'slave1' user.list_groups tom
slave1:
- abc
2.6.7 user.info
//返回用户全部信息
[root@master ~]# salt 'slave1' user.info tom
slave1:
----------
fullname:
gid:
2000
groups:
- abc
home:
/home/tom
homephone:
name:
tom
other:
passwd:
x
roomnumber:
shell:
/bin/bash
uid:
2000
workphone:
user.getent
//返回所有系统用户信息的列表
[root@master ~]# salt 'slave1' user.getent
slave1:
|_
----------
fullname:
root
gid:
0
groups:
- root
home:
/root
homephone:
name:
root
other:
passwd:
x
....略
2.6.8 user.list_users
//返回所有用户的列表
[root@master ~]# salt 'slave1' user.list_users
slave1:
- adm
- bin
- chrony
- daemon
- dbus
- ftp
- games
- halt
- jerry
- lp
- mail
- nobody
- operator
- polkitd
- root
- shutdown
- sshd
- sssd
- sync
- systemd-coredump
- systemd-resolve
- tom
- tss
- unbound
2.6.9 user.rename
//修改指定用户的用户名
[root@master ~]# salt 'slave1' user.rename tom tom1
slave1:
False
[root@master ~]# salt 'slave1' user.info tom1
slave1:
----------
fullname:
gid:
2000
groups:
- abc
home:
/home/tom
homephone:
name:
tom1
other:
passwd:
x
roomnumber:
shell:
/bin/bash
uid:
2000
workphone:
2.6.10 user.delete
//删除用户
[root@master ~]# salt 'slave1' user.delete tom1
slave1:
True
[root@master ~]# salt 'slave1' user.info tom1
slave1:
----------
2.7 SaltStack常用模块CP
2.7.1 cp.cache_dest
//返回文件的预期缓存路径,并不是真的缓存
[root@master ~]# salt 'slave1' cp.cache_dest salt://files
slave1:
/var/cache/salt/minion/files/base/files
2.7.2 cp.get_file
//salt:// 表示从master配置文件里面的file_roots里面所定义的目录,saltenv默认为base
[root@master ~]# tree /srv/salt
/srv/salt
|-- base
| |-- top.sls
| `-- web
| |-- apache
| | `-- apache.sls
| `-- nginx
| `-- nginx.sls
|-- dev
|-- prod
`-- test
file_roots:
base:
- /srv/salt/base
test:
- /srv/salt/test
dev:
- /srv/salt/dev
prod:
- /srv/salt/prod
[root@master ~]# salt 'slave1' cp.get_file salt://top.sls /opt/
slave1:
/opt/top.sls
cp.get_file默认不在客户端上建立目录,如果客户端上没有这个目录,且未指定makedirs=True,文件拷贝将失败。
2.7.3 cp.get_dir
//从master上获取目录到minion上
[root@master ~]# salt 'slave1' cp.get_dir salt://web /123/ makedir=true
slave1:
- /123//web/apache/apache.sls
- /123//web/nginx/nginx.sls
[root@master ~]# salt 'slave1' cmd.run 'ls /123/'
slave1:
web
2.7.4 cp.envs
//列出文件的环境,等于配置文件file_roots所设置的目录
[root@master ~]# salt 'slave1' cp.envs
slave1:
- base
- prod
- test
- dev
2.7.5 cp.get.url
//从一个URL地址下载文件,URL可以是msater上的路径(salt://),也可以是http网址。
[root@master ~]# salt 'slave1' cp.get_url salt://web/apache/apache.sls /opt
slave1:
/opt/apache.sls
[root@master ~]# salt 'slave1' cmd.run 'ls /opt/'
slave1:
apache.sls
top.sls
[root@master ~]# salt 'slave1' cp.get_url https://www.baidu.com/index.php?tn=monline_3_dg /opt
slave1:
/opt/index.php?tn=monline_3_dg
2.7.6 cp.list_master
//列出在master上获取的文件
[root@master ~]# salt 'slave1' cp.list_master
slave1:
- top.sls
- web/apache/apache.sls
- web/nginx/nginx.sls
2.7.7 cp.cache_file
//从指定的路径上获取文件缓存到minion,cp.cache_files可以同时缓存多个用逗号隔开
[root@master ~]# salt 'slave1' cp.cache_file salt://web/apache/apache.sls
slave1:
/var/cache/salt/minion/files/base/web/apache/apache.sls
2.7.8 cp.cache_dir
//缓存web目录到minion端,返回存放路径
[root@master ~]# salt 'slave1' cp.cache_dir salt://web
slave1:
- /var/cache/salt/minion/files/base/web/apache/apache.sls
- /var/cache/salt/minion/files/base/web/nginx/nginx.sls
2.7.9 cp.list_master_dirs
//列出存储在主目录上的所有目录
[root@master ~]# salt 'slave1' cp.list_master_dirs
slave1:
- web
- web/apache
- web/nginx
2.7.10 cp.push
将minion端文件推到master,此功能默认关闭,启动需要修改配置文件参数file_recv改为file_recv: True,修改完要重启salt-master
430 # security purposes.
431 file_recv: True
432
//将passwd文件上传到master,默认保存位置是/var/cache/salt/master/minions/minion-id/files
[root@master ~]# salt 'slave1' cp.push /etc/passwd
slave1:
True
[root@master etc]# pwd
/var/cache/salt/master/minions/slave1/files/etc
[root@master etc]# ls
passwd
2.7.10 cp.push_dir
//推送整个目录
[root@master files]# pwd
/var/cache/salt/master/minions/slave1/files
[root@master files]# rm -rf *
[root@master files]# ls
[root@master files]# salt 'slave1' cp.push_dir /opt
slave1:
True
[root@master files]# ls
opt
2.8 SaltStack常用模块之file
2.8.1 file.access
//检查指定路径是否存在
[root@master ~]# salt '*' cmd.run 'ls /etc/passwd'
slave1:
/etc/passwd
[root@master ~]# salt '*' file.access /etc/passwd f
slave1:
True
[root@master ~]# salt '*' file.access /etc/passwd1 f
slave1:
False
//检查指定文件的权限信息
[root@master ~]# salt '*' cmd.run 'ls -l /etc/passwd'
slave1:
-rw-r--r-- 1 root root 1122 Nov 4 14:52 /etc/passwd
[root@master ~]# salt '*' file.access /etc/passwd r //是否有读权限
slave1:
True
[root@master ~]# salt '*' file.access /etc/passwd w //是否有写权限
slave1:
True
[root@master ~]# salt '*' file.access /etc/passwd x //是否有执行权限
slave1:
False
2.8.2 file.append
//往一个文件里追加内容,若此文件不存在则会报异常
[root@master ~]# salt '*' file.append /root/abcd date '1234'
slave1:
Wrote 2 lines to "/root/abcd" //行数与引号有关
[root@master ~]# salt '*' file.append /root/abcd 'date 12345'
slave1:
Wrote 1 lines to "/root/abcd"
[root@master ~]# salt '*' cmd.run 'cat abcd '
slave1:
date
1234
date 12345
2.8.3 file.basename
//获取指定路径的基名
[root@master ~]# salt '*' file.basename '/root/abc'
slave1:
abc
2.8.4 file.dirname
//获取指定路径的目录名
[root@master ~]# salt '*' file.dirname '/root/abc'
slave1:
/root
2.8.5 file.check_hash
//检查指定的文件与hash字符串是否匹配,匹配则返回 True 否则返回 False,用来验证文件完整性,以及是否被篡改
[root@master ~]# salt '*' cmd.run 'md5sum /etc/passwd'
slave1:
b95a8c241e527848583e2ed629e36a10 /etc/passwd
[root@master ~]# salt '*' file.check_hash /etc/passwd b95a8c241e527848583e2ed629e36a10
slave1:
True
2.8.6 file.chattr
修改指定文件的属性
属性 | 对文件的意义 | 对目录的意义 |
---|---|---|
a | 只允许在这个文件之后追加数据,不允许任何进程覆盖或截断这个件 | 只允许在这个目录下建立和修改文件,而不允许删除任何文件 |
i | 不允许对这个文件进行任何的修改,不能删除、更改、移动 | 任何的进程只能修改目录之下的文件,不允许建立和删除文件 |
//查看当前属性
[root@master ~]# salt '*' cmd.run 'lsattr /root'
slave1:
-------------------- /root/anaconda-ks.cfg
----i--------------- /root/abc
-------------------- /root/abcd
[root@master ~]# salt '*' file.chattr /root/abcd operator=add attributes=ai
slave1:
True
//添加属性
[root@master ~]# salt '*' cmd.run 'lsattr /root'
slave1:
-------------------- /root/anaconda-ks.cfg
----i--------------- /root/abc
----ia-------------- /root/abcd
//给指定文件去除属性
[root@master ~]# salt '*' file.chattr /root/abcd operator=remove attributes=ai
slave1:
True
[root@master ~]# salt '*' cmd.run 'lsattr /root'
slave1:
-------------------- /root/anaconda-ks.cfg
----i--------------- /root/abc
-------------------- /root/abcd
2.8.7 file.chown
//设置指定文件的属主、属组信息
[root@master ~]# salt '*' cmd.run 'ls -l /root'
slave1:
total 8
-rw-r--r--. 1 xxx xxx 0 Nov 4 01:12 abc
-rw-r--r-- 1 root root 21 Nov 5 00:26 abcd
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
[root@master ~]# salt '*' file.chown /root/abc root root
slave1:
None
[root@master ~]# salt '*' cmd.run 'ls -l /root'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-r--r-- 1 root root 21 Nov 5 00:26 abcd
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
属主和属组必须一起
2.8.7 file.copy
//在远程主机上复制文件或目录
拷贝文件
[root@master ~]# salt '*' file.copy /etc/passwd /opt/123
slave1:
True
[root@master ~]# salt '*' cmd.run 'ls /opt'
slave1:
123
abc
group
shadow
//删除目标目录中同名的文件或目录并拷贝新内容至其中
[root@master ~]# salt '*' file.copy /root/abc /opt/123 recurse=True //递归 remove_existing=True //删除原来的
slave1:
True
2.8.9 file.ditectory_exists
//判断指定目录是否存在,存在则返回 True ,否则返回 False
[root@master ~]# salt '*' file.directory_exists /etc
slave1:
True
2.8.10 file.diskusage
//递归计算指定路径的磁盘使用情况并以字节为单位返回
[root@master ~]# salt '*' cmd.run 'du -sb /opt'
slave1:
2825 /opt
[root@master ~]# salt '*' file.diskusage /opt
slave1:
2770
2.8.11 file.file_exists
//判断指定文件是否存在,同名目录也会返回flase
[root@master ~]# salt '*' file.file_exists /root/abc
slave1:
True
[root@master ~]# salt '*' file.file_exists /root/abc1
slave1:
False
2.8.12 file.find
类似 find 命令并返回符合指定条件的路径列表
The options include match criteria:
name = path-glob # case sensitive
iname = path-glob # case insensitive
regex = path-regex # case sensitive
iregex = path-regex # case insensitive
type = file-types # match any listed type
user = users # match any listed user
group = groups # match any listed group
size = [+-]number[size-unit] # default unit = byte
mtime = interval # modified since date
grep = regex # search file contents
and/or actions:
delete [= file-types] # default type = 'f'
exec = command [arg ...] # where {} is replaced by pathname
print [= print-opts]
and/or depth criteria:
maxdepth = maximum depth to transverse in path
mindepth = minimum depth to transverse before checking files or directories
The default action is print=path
path-glob:
* = match zero or more chars
? = match any char
[abc] = match a, b, or c
[!abc] or [^abc] = match anything except a, b, and c
[x-y] = match chars x through y
[!x-y] or [^x-y] = match anything except chars x through y
{a,b,c} = match a or b or c
path-regex: a Python Regex (regular expression) pattern to match pathnames
file-types: a string of one or more of the following:
a: all file types
b: block device
c: character device
d: directory
p: FIFO (named pipe)
f: plain file
l: symlink
s: socket
users: a space and/or comma separated list of user names and/or uids
groups: a space and/or comma separated list of group names and/or gids
size-unit:
b: bytes
k: kilobytes
m: megabytes
g: gigabytes
t: terabytes
interval:
[<num>w] [<num>d] [<num>h] [<num>m] [<num>s]
where:
w: week
d: day
h: hour
m: minute
s: second
print-opts: a comma and/or space separated list of one or more of the following:
group: group name
md5: MD5 digest of file contents
mode: file permissions (as integer)
mtime: last modification time (as time_t)
name: file basename
path: file absolute path
size: file size in bytes
type: file type
user: user name
//例子
[root@master ~]# salt '*' file.find / type=f name=\*.cfg size=-10m
slave1:
- /boot/grub2/grub.cfg
- /etc/grub2.cfg
- /root/anaconda-ks.cfg
- /usr/lib/python3.6/site-packages/pip/_vendor/distlib/_backport/sysconfig.cfg
- /usr/share/doc/python3-pyyaml/examples/yaml-highlight/yaml_hl.cfg
2.8.13 file.get_gid
//获取指定文件的gid
[root@master ~]# salt '*' cmd.run 'ls -l /root/'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-r--r-- 1 root root 21 Nov 5 00:26 abcd
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
[root@master ~]# salt '*' file.get_gid /root/abc
slave1:
0
2.8.14 file.get_group
//获取指定文件的组名
[root@master ~]# salt '*' cmd.run 'ls -l /root/'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-r--r-- 1 root root 21 Nov 5 00:26 abcd
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
[root@master ~]# salt '*' file.get_group /root/abc
slave1:
root
2.8.15 file.get_hash
//获取指定文件的hash值,该值通过 sha256 算法得来
[root@master ~]# salt '*' cmd.run 'sha256sum /root/abc'
slave1:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 /root/abc
[root@master ~]# salt '*' file.get_hash /root/abc
slave1:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
2.8.16 file.get_mode
//获取指定文件的权限,以数字方式显示
[root@master ~]# salt '*' cmd.run 'ls -l /root/'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-r--r-- 1 root root 21 Nov 5 00:26 abcd
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
[root@master ~]# salt '*' file.get_mode /root/abc
slave1:
0644
2.8.17 file.get_selinux_context
//获取指定文件的 SELINUX 上下文信息
[root@master ~]# salt '*' cmd.run 'ls -Z /root/abc'
slave1:
unconfined_u:object_r:admin_home_t:s0 /root/abc
[root@master ~]# salt '*' file.get_selinux_context /root/abc
slave1:
unconfined_u:object_r:admin_home_t:s0
2.8.18 file.get_sum
按照指定的算法计算指定文件的特征码并显示,默认使用的sha256算法。
该函数可使用的算法参数有:
- md5
- sha1
- sha224
- sha256 (default)
- sha384
- sha512
[root@master ~]# salt '*' cmd.run 'sha256sum /root/abc'
slave1:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 /root/abc
[root@master ~]# salt '*' file.get_sum /root/abc
slave1:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
[root@master ~]# salt '*' cmd.run 'md5sum /root/abc'
slave1:
d41d8cd98f00b204e9800998ecf8427e /root/abc
[root@master ~]# salt '*' file.get_sum /root/abc md5
slave1:
d41d8cd98f00b204e9800998ecf8427e
2.8.19 file.get_uid与file.get_user
//获取指定文件的 uid 或 用户名
[root@master ~]# salt '*' cmd.run 'ls -l /root/abc'
slave1:
-rw-r--r--. 1 root root 0 Nov 4 01:12 /root/abc
[root@master ~]# salt '*' file.get_uid /root/abc
slave1:
0
[root@master ~]# salt '*' file.get_user /root/abc
slave1:
root
2.8.20 file.gid_to_group
//将指定的 gid 转换为组名并显示
[root@master ~]# salt '*' file.gid_to_group 1000
slave1:
tom
[root@master ~]# salt '*' file.gid_to_group 0
slave1:
root
2.8.21 file.group_to_gid
//将指定的组名转换为 gid 并显示
[root@master ~]# salt '*' file.group_to_gid root
slave1:
0
[root@master ~]# salt '*' file.group_to_gid tom
slave1:
1000
2.8.22 file.grep
//在指定文件中检索指定内容
该函数支持通配符,若在指定的路径中用通配符则必须用双引号引起来
[root@master ~]# salt '*' file.grep /etc/passwd nobody
slave1:
----------
pid:
81659
retcode:
0
stderr:
stdout:
nobody:x:65534:65534:Kernel Overflow User:/:/sbin/nologin
2.8.23 file.is_blkdev
//判断指定的文件是否是块设备文件
[root@master ~]# salt '*' cmd.run 'ls -l /dev/sr0'
slave1:
brw-rw---- 1 root cdrom 11, 0 Nov 4 23:29 /dev/sr0
[root@master ~]# salt '*' file.is_blkdev /dev/sr0
slave1:
True
2.8.24 file.lsattr
//检查并显示出指定文件的属性信息
[root@master ~]# salt '*' file.lsattr /root/abc
slave1:
----------
/root/abc:
[root@master ~]# salt '*' cmd.run 'chattr +i /root/abc'
slave1:
[root@master ~]# salt '*' file.lsattr /root/abc
slave1:
----------
/root/abc:
- i
2.8.25 file.mkdir
//创建目录并设置属主、属组及权限
[root@master ~]# salt '*' cmd.run 'ls -l /root'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-r--r-- 1 root root 21 Nov 5 00:26 abcd
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
[root@master ~]# salt '*' file.mkdir /root/123
slave1:
True
[root@master ~]# salt '*' cmd.run 'ls -l /root'
slave1:
total 8
drwxr-xr-x 2 root root 6 Nov 5 01:51 123
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-r--r-- 1 root root 21 Nov 5 00:26 abcd
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
[root@master ~]# salt '*' file.mkdir /root/ha xxx xxx 400
slave1:
True
[root@master ~]# salt '*' cmd.run 'ls -l /root'
slave1:
total 8
drwxr-xr-x 2 root root 6 Nov 5 01:51 123
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-r--r-- 1 root root 21 Nov 5 00:26 abcd
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
dr-------- 2 xxx xxx 6 Nov 5 01:53 ha
2.8.26 file.move
//移动或重命名
[root@master ~]# salt '*' cmd.run 'ls'
4slave1:
123
abc
abcd
anaconda-ks.cfg
ha
hah
haha
[root@master ~]# salt '*' file.move /root/123 /tmp
slave1:
----------
comment:
'/root/123' moved to '/tmp'
result:
True
[root@master ~]# salt '*' cmd.run 'ls /tmp'
slave1:
123
//改名
[root@master ~]# salt '*' file.move /root/abcd /root/cba
slave1:
----------
comment:
'/root/abcd' moved to '/root/cba'
result:
True
2.8.27 file.prepend
//把文本插入指定文件的开头
[root@master ~]# salt '*' file.prepend /root/cba "hehe"
slave1:
Prepended 1 lines to "/root/cba"
[root@master ~]# salt '*' cmd.run 'cat /root/cba'
slave1:
hehe
date
1234
date 12345
2.8.28 file.sed
//修改文本文件的内容
[root@master ~]# salt '*' cmd.run 'cat /root/cba'
slave1:
hehe
date
1234
date 12345
[root@master ~]# salt '*' file.sed /root/cba '1234' '1112'
slave1:
----------
pid:
98790
retcode:
0
stderr:
stdout:
[root@master ~]# salt '*' cmd.run 'cat /root/cba'
slave1:
hehe
date
1112
date 11125
2.8.29 file.read
//读取文件内容
[root@master ~]# salt '*' file.read /root/cba
slave1:
hehe
date
1112
date 11125
2.8.30 file.readdir
//列出指定目录下的所有文件或目录,包括隐藏文件
[root@master ~]# salt '*' file.readdir /root
slave1:
- .
- ..
- .bash_logout
- .bash_profile
- .bashrc
- .cshrc
- .tcshrc
- anaconda-ks.cfg
- .bash_history
.....略
2.8.31 file.remove
//删除指定的文件或目录,若给出的是目录,将递归删除
[root@master ~]# salt '*' file.remove /root/cba
slave1:
True
[root@master ~]# salt '*' cmd.run 'cat /root/cba'
slave1:
cat: /root/cba: No such file or directory
2.8.32 file.rename
//重命名文件或目录
[root@master ~]# salt '*' cmd.run 'ls -l /root/'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
-rw-r--r-- 1 root root 26 Nov 5 14:56 cba.bak
dr-------- 2 xxx xxx 6 Nov 5 01:53 ha
dr-------- 2 root root 6 Nov 5 01:52 hah
dr-------- 2 root root 6 Nov 5 01:51 haha
[root@master ~]# salt '*' file.rename /root/cba.bak /root/b
slave1:
True
[root@master ~]# salt '*' cmd.run 'ls -l /root/'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
-rw-r--r-- 1 root root 26 Nov 5 14:56 b
dr-------- 2 xxx xxx 6 Nov 5 01:53 ha
dr-------- 2 root root 6 Nov 5 01:52 hah
dr-------- 2 root root 6 Nov 5 01:51 haha
2.8.33 file.set_mode
//给指定文件设置权限
[root@master ~]# salt '*' cmd.run 'ls -l /root'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
-rw-r--r-- 1 root root 26 Nov 5 14:56 b
dr-------- 2 xxx xxx 6 Nov 5 01:53 ha
dr-------- 2 root root 6 Nov 5 01:52 hah
dr-------- 2 root root 6 Nov 5 01:51 haha
[root@master ~]# salt '*' file.set_mode /root/b 0400
slave1:
0400
[root@master ~]# salt '*' cmd.run 'ls -l /root'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
-r-------- 1 root root 26 Nov 5 14:56 b
dr-------- 2 xxx xxx 6 Nov 5 01:53 ha
dr-------- 2 root root 6 Nov 5 01:52 hah
dr-------- 2 root root 6 Nov 5 01:51 haha
2.8.34 file.symlink
//给指定的文件创建软链接
[root@master ~]# salt '*' file.symlink /root/b /opt/a
slave1:
True
[root@master ~]# salt '*' cmd.run 'ls -l /root;ls -l /opt/'
slave1:
total 8
-rw-r--r--. 1 root root 0 Nov 4 01:12 abc
-rw-------. 1 root root 1084 Nov 3 14:05 anaconda-ks.cfg
-r-------- 1 root root 26 Nov 5 14:56 b
dr-------- 2 xxx xxx 6 Nov 5 01:53 ha
dr-------- 2 root root 6 Nov 5 01:52 hah
dr-------- 2 root root 6 Nov 5 01:51 haha
total 12
-rw-r--r-- 1 root root 0 Nov 5 01:11 123
lrwxrwxrwx 1 root root 7 Nov 5 15:04 a -> /root/b
-rw-r--r-- 1 root root 1122 Nov 4 23:40 abc
-rw-r--r-- 1 root root 680 Nov 4 14:21 group
-rw-r--r-- 1 root root 968 Nov 4 14:21 shadow
2.8.35 file.touch
//创建空文件或更新时间戳
[root@master ~]# salt '*' cmd.run 'ls -l /opt'
slave1:
total 12
-rw-r--r-- 1 root root 0 Nov 5 01:11 123
lrwxrwxrwx 1 root root 7 Nov 5 15:04 a -> /root/b
-rw-r--r-- 1 root root 1122 Nov 4 23:40 abc
-rw-r--r-- 1 root root 680 Nov 4 14:21 group
-rw-r--r-- 1 root root 968 Nov 4 14:21 shadow
[root@master ~]# salt '*' file.touch /opt/abc
slave1:
True
[root@master ~]# salt '*' cmd.run 'ls -l /opt'
slave1:
total 12
-rw-r--r-- 1 root root 0 Nov 5 01:11 123
lrwxrwxrwx 1 root root 7 Nov 5 15:04 a -> /root/b
-rw-r--r-- 1 root root 1122 Nov 5 15:06 abc
-rw-r--r-- 1 root root 680 Nov 4 14:21 group
-rw-r--r-- 1 root root 968 Nov 4 14:21 shadow
[root@master ~]# salt '*' file.touch /opt/abcd
slave1:
True
[root@master ~]# salt '*' cmd.run 'ls -l /opt'
slave1:
total 12
-rw-r--r-- 1 root root 0 Nov 5 01:11 123
lrwxrwxrwx 1 root root 7 Nov 5 15:04 a -> /root/b
-rw-r--r-- 1 root root 1122 Nov 5 15:06 abc
-rw-r--r-- 1 root root 0 Nov 5 15:06 abcd
-rw-r--r-- 1 root root 680 Nov 4 14:21 group
-rw-r--r-- 1 root root 968 Nov 4 14:21 shadow
2.8.36 file.uid_to_user
//将指定的 uid 转换成用户名显示出来
[root@master ~]# salt '*' file.uid_to_user 0
slave1:
root
[root@master ~]# salt '*' file.uid_to_user 1000
slave1:
1000
2.8.37 ile.user_to_uid
//将指定的用户转换成 uid 并显示出来
[root@master ~]# salt '*' file.user_to_uid root
slave1:
0
[root@master ~]# salt '*' file.user_to_uid xxx
slave1:
1003
2.8.38 file.write
//往一个指定的文件里覆盖写入指定内容
[root@master ~]# salt '*' cmd.run 'cat /root/b'
slave1:
hehe
date
1234
date 12345
[root@master ~]# salt '*' file.write /root/b "I'm tom"
slave1:
Wrote 1 lines to "/root/b"
[root@master ~]# salt '*' cmd.run 'cat /root/b'
slave1:
I'm tom