2018年7月3日笔记

• state

　　1）state介绍

state是saltstack最核心的功能，通过预先指定好的sls文件对minion进行状态管理，支持pkg， file， network， service， user等。

 

　　2）配置管理 nginx　　

vim /etc/salt/master

找到：file_roots:

在file_roots目录下，vim top.sls

base:

'*':

- nginx

vim nginx.sls

nginx-service:

pkg:

- installed

service:

- running

- require:

- pkg: nginx

- enable: True

nginx-service：是id名字，自定义。pkg: 函数 installed：代表没有安装的通过yum或者apt-get安装，running：启动，enable：开机启动：require：确保只有在安装成功后才会启动。

执行state：

salt '*' state.highstate

 

　　3）配置管理文件

file_test:

file.managed:

- name: /tmp/aminglinux.com

- source: salt://test/123/1.txt

- user: root

- group: root

- mode: 644

说明：第一行的file_test为自定的名字，表示该配置段的名字，可以在别的配置段中引用它，source指定文件从哪里拷贝，这里的test相当于是/srv/salt/test

 

　　4）配置管理目录

file_dir:

file.recurse:

- name: /tmp/testdir

- source: salt://test/123

- user: root

- file_mode: 644

- dir_mode: 755

- mkdir: True

- clean: True //加上它之后，源删除文件或目录，目标也会跟着删除，否则不会删除

 

　　5）配置管理远程命令

cmd_test:

cmd.run:

- onlyif: test -f /tmp/111.txt

- names:

- touch /tmp/111.txt

- mkdir /tmp/1233

- user: root

还可以加unless，和onlyif正好相反

 

　　6）配置管理远程脚本

shell_test:

cmd.script:

- source: salt://test/1.sh

- user: root

cat /srv/salt/test/1.sh

#!/bin/bash

touch /tmp/111.txt

if [ -d /tmp/1233 ]

then

rm -rf /tmp/1233

fi

 

　　7）配置管理计划任务

cron_test:

cron.present:

- name: /bin/touch /tmp/111.txt

- user: root

- minute: '*'

- hour: 20

- daymonth: '*'

- month: '*'

- dayweek: '*'

注意，*需要用单引号引起来。当然我们还可以使用file.managed模块来管理cron，因为系统的cron都是以配置文件的形式存在的。想要删除该cron，需要增加：

cron.absent:

- name: /bin/touch /tmp/111.txt

两者不能共存，要想删除一个cron，那之前的present就得去掉。

 

 

• saltstack常用模块和API调用

1）API：（Application Programming Interface,应用程序编程接口）是一些预先定义的函数，目的是提供应用程序与开发人员基于某软件或硬件得以访问一组例程的能力，而又无需访问源码，或理解内部工作机制的细节。

api的使用原理是通过调用master client模块，实例化一个LocalClient对象，在调用cmd()方法来实现。

　　

以下是API实现test.ping的示例：

yum install -y salt-api

service salt-api restart

import salt.client

client = salt.client.LocalClient()

ret = client.cmd('*', 'test.ping')

print ret

返回形式是一个字典的形式返回

 

2）cmd模块

salt '*' cmd.run "free -m"

API：client.cmd('wms5test1.app.*', 'cmd.run', ['free -m'])

 

3）cp模块

file_roots:

base:

- /export/salt/root

salt根目录：在master中file_roots定义的路径，salt://test.txt相当于/export/salt/root/test.txt

salt 'wms5test1.app.172.17.23.176' cp.get_file salt://nscd.conf /tmp/xiang.txt

salt '*' cp.get_dir salt://test /tmp/ （目录）

API：client.cmd('*', 'cp.get_file', ['salt://test.txt', '/tmp/1.txt'])

 

4）cron模块

salt '*' cron.raw_cron root （查看定时任务）

salt '*' cron.set_job root '*' '*' '*' '*' 1 /export/scripts/rm_log.sh

salt '*' cron.rm_job root /export/scripts/rm_log.sh (写全没效果)

API：client.cmd('*', 'cron.set_job', ['root', '*', '*', '*', '*', 1 /export/scripts/rm_log.sh])

 

5）dnsutil模块

salt '*' dnsutil.hosts_append /etc/hosts 127.0.0.1 xiang.com

salt '*' dnsutil.hosts_remove /etc/hosts xiang.com

API：client.cmd('*', 'dnsutil.hosts_append', ['/etc/hosts', '127.0.0.1', 'xiang.com'])

 

6）file模块

salt '*' file.chown /etc/passwd root root

salt '*' file.copy /path/to/src /path/to/dst

salt '*' file.file_exists /etc/hosts

salt '*' file.directory_exists /etc/

salt '*' file.get_mod /etc/passwd

salt '*' file.set_mod /etc/passwd 0644

salt '*' file.mkdir /tmp/test

salt '*' file.sed /export/servers/nginx/conf/nginx.conf 'debug' 'warn'

salt '*' file.append /tmp/test.txt "welcome xiang"

salt '*' file.remove /tmp/1.txt

API：client.cmd('*', 'file.remove', ['/tmp/1.txt'])

 

7）network模块

salt '*' network.dig www.qq.com

salt '*' network.ping www.qq.com

salt '*' network.ip_addrs

API：client.cmd('*', 'network.ip_addrs')

 

8）pkg包管理模块

管理yum， apt-get等

salt '*' pkg.install php

salt '*' pkg.remove php

salt '*' pkg.upgrade （升级所有的软件包）

API：client.cmd('*', 'pkg.remove, ['php']')

 

9）service模块

salt '*' service.enable nginx

salt '*' service.disable nginx

salt '*' service.restart nginx

API：client.cmd('*', 'service.stop', ['nginx'])

 

 

• 练习

1）installApp.py

def nginx():
    resultBean = dict()
    __salt__['cp.get_file']("salt:_shell/app/nginx.sh /usr/local/src/installnginx.sh")
    jid = __salt__['cmd.async']
    cmd = "sh /usr/local/src/installnginx.sh"
    status, output = commands.getstatusoutput(cmd)
    if status == 0:
        resultBean['code'] = 0
        resultBean['message'] = 'success'
        resultBean['data'] = output
    else:
        resultBean['code'] = -1
        resultBean['message'] = 'install nginx error'
        resultBean['data'] = output
    return resultBean

def tomcat():
    pass

def keepalived():
    pass

def lvs():
    pass

def jdk():
    pass

def mysql():
    pass

def zookeeper():
    pass

def redis():
    pass

 

2）saltapi.py

import json
import requests


class SaltServer(object):
    def __init__(self):
        self.session = requests.session()
        self.token = self.getToken()


    def getToken(self):
        url =  "http://192.168.48.135:8000/login"
        headers = {"Accept": "application/json"}
        data = {
            "username": "saltapi",
            "password": "saltapi",
            "eauth": "pam"
        }
        res = self.session.post(url=url, headers=headers, data=data)
        text = res.text
        result = json.loads(text)
        token = result.get("return")[0].get("token")
        return token

    def runModules(self, minionid, fun, arg=None):
        url = "http://192.168.48.135:8000"
        data = {
            "client": "local",
            "tgt": minionid,
            "fun": fun,
            "arg": arg
        }
        resultBean = dict()
        try:
            res = self.session.post(url=url,  data=data)
            text = res.text
            data = json.loads(text).get("return")
            resultBean['code'] = 0
            resultBean['message'] = "success"
            resultBean['data'] = data
        except Exception as e:
            resultBean['code'] = 0
            resultBean['message'] = "success"
            resultBean['data'] = e
        finally:
            return resultBean


    def runRunner(self, fun, arg=None):
        url = "http://192.168.48.135:8000"
        data = {
            "client": "runner",
            "fun": fun,
            "arg": arg
        }
        resultBean = dict()
        try:
            res = self.session.post(url=url,  data=data)
            text = res.text
            data = json.loads(text).get("return")
            resultBean['code'] = 0
            resultBean['message'] = "success"
            resultBean['data'] = data
        except Exception as e:
            resultBean['code'] = 0
            resultBean['message'] = "success"
            resultBean['data'] = e
        finally:
            return resultBean

 

3）test.py

from lesson31.util.saltapi import SaltServer

saltServer = SaltServer()

result1 = saltServer.runModules('192.168.48.129', 'cp.get_file', ['salt://_shell/app/nginx.sh', '/usr/local/src/installnginx.sh'])
print(result1)
result2 = saltServer.runModules('192.168.48.129', 'installApp.nginx')
print(result2)
# result2 = saltServer.runRunner('manage.status')
# print(result2)