一、stal的mysql简单用法
yum install MySQL-python.x86_64 -y ##安装python管理数据库的服务
yum install mariadb-server.x86_64 -y ##安装mairiadb当作数据库使用
systemctl start mariadb ##启动数据库并做好安全初始化
mysql_secure_installation
从官网复制一个salt库的文件,test.sql,将它导入mysql
cat test.sql ##内容可参考下方
CREATE DATABASE `salt`
DEFAULT CHARACTER SET utf8
DEFAULT COLLATE utf8_general_ci;
USE `salt`;
--
-- Table structure for table `jids`
--
DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (
`jid` varchar(255) NOT NULL,
`load` mediumtext NOT NULL,
UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- CREATE INDEX jid ON jids(jid) USING BTREE; ##注释这一行或删除
--
-- Table structure for table `salt_returns`
--
DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Table structure for table `salt_events`
--
DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
mysql -predhat ##进入数据库
MariaDB [(none)]> grant all on salt.* to salt@'%' identified by 'salt'; ##创建一个远程登陆的salt并赋予权限
server2minion上的设定:
vim /etc/salt/minion
systemctl restart salt-minion
yum install MySQL-python.x86_64 -y ##server2上如果不安装这个服务,server1就无法把数据存入数据库
经过简单的配置我们现在不仅能在缓存中看到我们的操作指令,还能看到对server2的操作指令在数据库中
mysql -p
use salt;
select * from salt_returns;
select * from salt_returns;select * from salt_returns;
在添加一些指令,让没有设置minion的server3指令也能保存
vim /etc/salt/master ##加在最后即可
mysql -p
grant all on salt.* to salt@'localhost' identified by 'salt';
systemctl restart salt-master
salt server3 cmd.run hostname ##尝试一些指令,然后在salt库中相同的表中查看
二、salt自带的高可用模块
给server1添加一个salt-syndic模块,让另一台主机server4开启最高master功能,然后server4通过与server1上的syndic模块通信,可以管理多个master
server4上开启top master功能
yum insatll salt-syndic ##首先安装这个组件
vim /etc/salt/master
systemctl restart salt-master
把server1上的syndic服务指向最高master
vim /etc/salt/master
systemctl restart salt-master
server1开启salt-syndic服务和重启master后在server4上测试:
虽然只显示了master,但是推送服务时可以连接掉master下面的主机
三、salt-ssh模块(不需要安装minion端)
把server2的minion停掉
yum install salt-ssh
vim /etc/salt/roster ##指向那个没有minion的客户端
systemctl stop minion
salt-ssh server2 -r "hostname" ##类似于ansible
四、salt的api模块
可以参考github上的api文档,按照自己的需求作出更改即可
yum install salt-api.noarch ##首先安装api组件
先做一个自签名的证书和密钥
然后编写配置文件,加入证书密钥的路径并设置权限
最后开启salt-api,并重启salt-server
生成token密钥,然后连接上自己的客户端minion
curl -sSk https://localhost:8000/login \
-H 'Accept: application/x-yaml' \
-d username=saltapi \
-d password=redhat \
-d eauth=pam
curl -sSk https://localhost:8000 \
-H 'Accept: application/x-yaml' \
-H 'X-Auth-Token: ffa924d84c6a202922c326f07e76b5415ad00283' \
-d client=local -d tgt='*' -d fun=test.ping
vim salt.api.py ##编写一个api文件调用,注意复制的格式
# -*- coding: utf-8 -*-
import urllib2,urllib
import time
try:
import json
except ImportError:
import simplejson as json
class SaltAPI(object):
__token_id = ''
def __init__(self,url,username,password):
self.__url = url.rstrip('/')
self.__user = username
self.__password = password
def token_id(self):
''' user login and get token id '''
params = {'eauth': 'pam', 'username': self.__user, 'password': self.__password}
encode = urllib.urlencode(params)
obj = urllib.unquote(encode)
content = self.postRequest(obj,prefix='/login')
try:
self.__token_id = content['return'][0]['token']
except KeyError:
raise KeyError
def postRequest(self,obj,prefix='/'):
url = self.__url + prefix
headers = {'X-Auth-Token' : self.__token_id}
req = urllib2.Request(url, obj, headers)
opener = urllib2.urlopen(req)
content = json.loads(opener.read())
return content
def list_all_key(self):
params = {'client': 'wheel', 'fun': 'key.list_all'}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
minions = content['return'][0]['data']['return']['minions']
minions_pre = content['return'][0]['data']['return']['minions_pre']
return minions,minions_pre
def delete_key(self,node_name):
params = {'client': 'wheel', 'fun': 'key.delete', 'match': node_name}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
ret = content['return'][0]['data']['success']
return ret
def accept_key(self,node_name):
params = {'client': 'wheel', 'fun': 'key.accept', 'match': node_name}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
ret = content['return'][0]['data']['success']
return ret
def remote_noarg_execution(self,tgt,fun):
''' Execute commands without parameters '''
params = {'client': 'local', 'tgt': tgt, 'fun': fun}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
ret = content['return'][0][tgt]
return ret
def remote_execution(self,tgt,fun,arg):
''' Command execution with parameters '''
params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
ret = content['return'][0][tgt]
return ret
def target_remote_execution(self,tgt,fun,arg):
''' Use targeting for remote execution '''
params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg, 'expr_form': 'nodegroup'}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
jid = content['return'][0]['jid']
return jid
def deploy(self,tgt,arg):
''' Module deployment '''
params = {'client': 'local', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
return content
def async_deploy(self,tgt,arg):
''' Asynchronously send a command to connected minions '''
params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
jid = content['return'][0]['jid']
return jid
def target_deploy(self,tgt,arg):
''' Based on the node group forms deployment '''> -d tgt='*' \
> -d fun=test.ping
return:
- server2: true
server3: true
params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg, 'expr_form': 'nodegroup'}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
jid = content['return'][0]['jid']
return jid
def main():
sapi = SaltAPI(url=,username=,password=)
#sapi.token_id()
print sapi.list_all_key() ##用这一行来测试是否连接上客户端
#sapi.delete_key('test-01')
#sapi.accept_key('test-01')
#sapi.deploy('test-01','nginx')
#print sapi.remote_noarg_execution('test-01','grains.items') ##可以通过这一行来执行命令
if __name__ == '__main__':
main()