1.目标 2.执行模块 3.返回
salt ‘*’ cmd.run ‘uptime’命令 目标 执行模块 执行模块参数
1、SlatStack远程执行–目标
执行目标:
- (1)和Minion ID相关的目标匹配方式
1、MinionID匹配[root@linux-node1 ~]# salt 'linux-node1.example.com' service.status sshdlinux-node1.example.com: True2、通配符* ? [1-2]等匹配[root@linux-node1 ~]# salt 'linux*' service.status sshdlinux-node2.example.com: Truelinux-node1.example.com: True[root@linux-node1 ~]# salt 'linux-node?.example.com' service.status sshdlinux-node2.example.com: Truelinux-node1.example.com: True[root@linux-node1 ~]# salt 'linux-node[1-2].example.com' service.status sshdlinux-node2.example.com: Truelinux-node1.example.com: True3、列表匹配[root@linux-node1 ~]# salt -L 'linux-node1.example.com,linux-node2.example.com' test.pinglinux-node2.example.com: Truelinux-node1.example.com: True4、正则表达式匹配[root@linux-node1 ~]# salt -E 'linux-(node1|node2)*' test.pinglinux-node2.example.com: Truelinux-node1.example.com: True
- (2)和Minion无关匹配
1、Grains匹配[root@linux-node1 ~]# salt -G 'os:CentOS' test.pinglinux-node2.example.com: Truelinux-node1.example.com: True2、子网、IP地址匹配[root@linux-node1 ~]# salt -S '192.168.56.0/24' test.pinglinux-node1.example.com: Truelinux-node2.example.com: True3、Pillar匹配#这里目标key:value,是在pillar系统中定义[root@linux-node1 ~]# salt -I 'apache:httpd' test.pinglinux-node2.example.com: Truelinux-node1.example.com: True
- (3)混合匹配(少用)
- (4)Node Groups匹配
#在master配置文件进行定义node-groups[root@linux-node1 ~]# vim /etc/salt/masternodegroups: web-group: 'L@linux-node1.example.com,linux-node2.example.com'[root@linux-node1 ~]# systemctl restart salt-master[root@linux-node1 ~]# salt -N web-group test.pinglinux-node2.example.com: Truelinux-node1.example.com: True
- (5)批处理执行–Batch size
#先执行1台完成后再执行一台,按比例去执行[root@linux-node1 ~]# salt '*' -b 1 test.pingExecuting run on ['linux-node2.example.com']jid: 20180117172632455823linux-node2.example.com: Trueretcode: 0Executing run on ['linux-node1.example.com']jid: 20180117172632650981linux-node1.example.com: Trueretcode: 0#按比例匹配执行,好比在重启服务器时,为了不影响业务,可以先重启一部分,再重启后面一部分[root@linux-node1 ~]# salt -G 'os:CentOS' --batch-size 50% test.pingExecuting run on ['linux-node2.example.com']jid: 20180117172759207757linux-node2.example.com: Trueretcode: 0Executing run on ['linux-node1.example.com']jid: 20180117172759402383linux-node1.example.com: Trueretcode: 0
2、SlatStack远程执行–执行模块
执行模块:
3、SlatStack远程执行–返回
返回模块: Return组件可以理解为SaltStack系统对执行Minion返回后的数据进行存储或者返回给其他程序,它支持多种存储方式,如MySQL、Redis、ELK、zabbix,通过Return我们可以对SaltStack的每次操作进行记录,对以后的日志审计提供了数据来源。 Return是在Master端触发任务,然后Minion接受处理任务直接与Return存储服务器建立链接,然后把数据存储到服务器。 返回是minion直接将命令执行结果写入到MySQL,需要的依赖包:MySQL-python
- (1)SATL.RETURNERS.MYSQL(minion返回MySQL)
View Code(1)所有minion需要安装MySQL-python[root@linux-node1 ~]# salt '*' cmd.run 'yum install -y MySQL-python'[root@linux-node1 ~]# salt '*' pkg.install MySQL-python #使用pkg模块安装MySQL-python(2)安装mariadb数据库[root@linux-node1 ~]# yum install -y mariadb-server[root@linux-node1 ~]# systemctl start mariadb(3)创建salt库,创建jid、salt_returns、salt_events表,授权[root@linux-node1 ~]# mysql -uroot -pEnter password: MariaDB [(none)]> CREATE DATABASE `salt` -> DEFAULT CHARACTER SET utf8 -> DEFAULT COLLATE utf8_general_ci;Query OK, 1 row affected (0.00 sec)MariaDB [(none)]> USE `salt`;Database changedMariaDB [salt]> CREATE TABLE `jids` ( -> `jid` varchar(255) NOT NULL, -> `load` mediumtext NOT NULL, -> UNIQUE KEY `jid` (`jid`) -> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;Query OK, 0 rows affected (0.00 sec)MariaDB [salt]> CREATE TABLE `salt_returns` ( -> `fun` varchar(50) NOT NULL, -> `jid` varchar(255) NOT NULL, -> `return` mediumtext NOT NULL, -> `id` varchar(255) NOT NULL, -> `success` varchar(10) NOT NULL, -> `full_ret` mediumtext NOT NULL, -> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP, -> KEY `id` (`id`), -> KEY `jid` (`jid`), -> KEY `fun` (`fun`) -> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;Query OK, 0 rows affected (0.03 sec)MariaDB [salt]> CREATE TABLE `salt_events` ( -> `id` BIGINT NOT NULL AUTO_INCREMENT, -> `tag` varchar(255) NOT NULL, -> `data` mediumtext NOT NULL, -> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP, -> `master_id` varchar(255) NOT NULL, -> PRIMARY KEY (`id`), -> KEY `tag` (`tag`) -> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;Query OK, 0 rows affected (0.02 sec)MariaDB [salt]> show tables;+----------------+| Tables_in_salt |+----------------+| jids || salt_events || salt_returns |+----------------+3 rows in set (0.00 sec)MariaDB [salt]> grant all on salt.* to salt@'%' identified by 'salt';Query OK, 0 rows affected (0.00 sec)(4)修改salt-minion,配置MySQL链接[root@linux-node2 ~]# vim /etc/salt/minion###### Returner settings ##################################################mysql.host: '192.168.56.11'mysql.user: 'salt'mysql.pass: 'salt'mysql.db: 'salt'mysql.port: 3306[root@linux-node2 ~]# systemctl restart salt-minion[root@linux-node1 ~]# vim /etc/salt/minion###### Returner settings ##################################################mysql.host: '192.168.56.11'mysql.user: 'salt'mysql.pass: 'salt'mysql.db: 'salt'mysql.port: 3306[root@linux-node1 ~]# systemctl restart salt-minion(5)测试,并在数据库查看返回结果[root@linux-node1 ~]# salt '*' test.ping --return mysqllinux-node2.example.com: Truelinux-node1.example.com: TrueMariaDB [salt]> select * from salt_returns;+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+| fun | jid | return | id | success | full_ret | alter_time |+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+| test.ping | 20180118093222060862 | true | linux-node2.example.com | 1 | { "fun_args": [], "jid": "20180118093222060862", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "linux-node2.example.com"} | 2018-01-18 09:32:22 || test.ping | 20180118093222060862 | true | linux-node1.example.com | 1 | { "fun_args": [], "jid": "20180118093222060862", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "linux-node1.example.com"} | 2018-01-18 09:32:24 |+-----------+----------------------+--------+-------------------------+---------+-----------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+2 rows in set (0.00 sec)
- 使用salt的job_cache机制将命令写入mysql(常用方法)
- 执行的所有命令都会写入mysql,不用使用return,把cache写在mysql
[root@linux-node1 ~]# vim /etc/salt/mastermaster_job_cache: mysqlmysql.host: '192.168.56.11'mysql.user: 'salt'mysql.pass: 'salt'mysql.db: 'salt'mysql.port: 3306[root@linux-node1 ~]# systemctl restart salt-master[root@linux-node1 ~]# salt '*' cmd.run 'w'[root@linux-node1 ~]# mysql -uroot -p123456 -e "select * from salt.salt_returns;"#加上-v参数可以看到jid,并且通过jid可以查看运行的结果[root@linux-node1 ~]# salt '*' cmd.run 'uptime' -vExecuting job with jid 20180118095000725560-------------------------------------------linux-node2.example.com: 09:50:00 up 14 days, 4:24, 2 users, load average: 0.00, 0.01, 0.05linux-node1.example.com: 09:50:00 up 23 days, 3:56, 2 users, load average: 0.00, 0.06, 0.18[root@linux-node1 ~]# salt-run jobs.lookup_jid 20180118095000725560linux-node1.example.com: 09:50:00 up 23 days, 3:56, 2 users, load average: 0.00, 0.06, 0.18linux-node2.example.com: 09:50:00 up 14 days, 4:24, 2 users, load average: 0.00, 0.01, 0.05