saltsack自动化配置day02:之manage、salt-ssh和salt jobs
一、SALT.RUNNERS.MANAGE
Manage官方文档:
https://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.manage.html#module-salt.runners.manage
salt-run manage.up # 显示当前存活的minion。
salt-run manage.down # 显示当前未存活的minion。
salt-run manage.down removekeys=True # 显示未存活的minion,并将其删除。
salt-run manage.status # 显示当前up和down的minion。
salt-run manage.vesions # 显示master和所有minion的版本。
二、 salt-ssh
1、salt-ssh官方文档:
https://docs.saltstack.com/en/latest/topics/ssh/index.html
2、配置文件/etc/salt/roster
<Salt ID>: # 目标ID host: # 远程主机的IP地址或者主机名 user: # 可以登录的用户 passwd: # 可以登录用户的密码(可选) port: # ssh端口 sudo: # 是否运行sudo,设置True或者False priv: # ssh私钥的路径,默认是/etc/salt/pki/master/ssh/salt-ssh.rsa timeout: # 连接ssh时的超时时间
3、salt-ssh功能
1、运行原始shell调用:-r
[root@salt-master keepalived]# salt-ssh '*' -r 'df -h'
node1:
----------
retcode:
0
stderr:
stdout:
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_im75-LogVol01
287G 11G 262G 4% /
tmpfs 3.9G 20K 3.9G 1% /dev/shm
/dev/sda1 477M 69M 383M 16% /boot
node2:
----------
retcode:
0
stderr:
stdout:
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_im75-LogVol01
287G 9.5G 263G 4% /
tmpfs 3.9G 12K 3.9G 1% /dev/shm
/dev/sda1 477M 69M 383M 16% /boot
[root@salt-master keepalived]#
2、不去回答yes或者no的话
vim .ssh/confg里面添加一行
StrictHostkeyChecking no
3、slat-ssh "*" -r "test.ping"
[root@saltstack base]# salt-ssh "*" -r "test.ping"
node2-114:
----------
retcode:
127
stderr:
bash: test.ping: command not found
stdout:
node1-113:
----------
retcode:
127
stderr:
bash: test.ping: command not found
stdout:
4、slat-ssh "*" test.ping -i #不加就不会有交互
[root@saltstack base]# salt-ssh "*" test.ping -i
Permission denied for host node2-114, do you want to deploy the salt-ssh key? (password required):
[Y/n] yes
Password for root@inode2-114:
illegal--node2-114:
True
状态管理:同salt
Target:支持glob及正则
4、企业应用案例
1、salt-ssh批量安装salt-minion
2、用salt-minion批量部署salt-ssh的key
3、openstack密钥用起来很爽(类似与salt-ssh)
4、相当你即有了Ansible又有了saltsack
三. salt job
0、job的缓存
salt master每次执行一个任务,都会为该任务创建一个jobid。master上默认会缓存24小时内的所有执行过的job的操作信息,其路径为/var/cache/salt/master/jobs/。minion上在每次有任务执行时,在/var/cache/salt/minion/proc/目录下会出现以jobid为名的缓存文件,可以通过strings命令查看此文件的内容;当任务执行完毕后,该缓存文件会被删掉。
官方文档:
https://docs.saltstack.com/en/latest/topics/jobs/
1、查看当前在执行的jobs
[root@saltstack base]# salt-run -d |grep jobs
jobs.active: #查看当前在执行的jobs
Return a report on all actively running jobs from a job id centric
salt-run jobs.active
jobs.exit_success:
salt-run jobs.exit_success 20160520145827701627
jobs.last_run:
List all detectable jobs and associated functions
salt-run jobs.last_run
salt-run jobs.last_run target=nodename
salt-run jobs.last_run function='cmd.run'
salt-run jobs.last_run metadata="{'foo': 'bar'}"
2、指定jid查看jobs详细信息
jobs.list_job: #指定jid查看jobs详细信息
salt-run jobs.list_job 20130916125524463507
salt-run jobs.list_job 20130916125524463507 --out=pprint
3、查看所有的jobs
jobs.list_jobs: #查看所有的jobs
List all detectable jobs and associated functions
If more than one of the below options are used, only jobs which match
salt-run jobs.list_jobs search_metadata='{"foo": "bar", "baz": "qux"}'
Can be passed as a string or a list. Returns jobs which match the
salt-run jobs.list_jobs search_function='test.*'
salt-run jobs.list_jobs search_function='["test.*", "pkg.install"]'
salt-run jobs.list_jobs search_function='test.*,pkg.install'
Can be passed as a string or a list. Returns jobs which match the
salt-run jobs.list_jobs search_target='*.mydomain.tld'
salt-run jobs.list_jobs search_target='["db*", "myminion"]'
salt-run jobs.list_jobs search_target='db*,myminion'
module is not installed, this argument will be ignored). Returns jobs
module is not installed, this argument will be ignored). Returns jobs
salt-run jobs.list_jobs
salt-run jobs.list_jobs search_function='test.*' search_target='localhost' search_metadata='{"bar": "foo"}'
salt-run jobs.list_jobs start_time='2015, Mar 16 19:00' end_time='2015, Mar 18 22:00'
jobs.list_jobs_filter:
List all detectable jobs and associated functions
salt-run jobs.list_jobs_filter 50
salt-run jobs.list_jobs_filter 100 filter_find_job=False
4、指定jid查询jobs结果
jobs.lookup_jid: #指定jid查询jobs结果
salt-run jobs.lookup_jid 20130916125524463507
salt-run jobs.lookup_jid 20130916125524463507 --out=highstate
5、指定jid查询jobs的详细信息
jobs.print_job: ##指定jid查询jobs的详细信息
salt-run jobs.print_job 20130916125524463507
It can also be used to schedule jobs directly on the master, for example:
6、以下是常用的job相关的方法:
runner功能和salt模块类似,只不过salt模块是在minion上执行,runner是在master上执行,执行命令为salt-run。
注:可以通过salt-run -d | grep job 来查看job相关的命令
saltutil.running # 查看当前正在运行的jobs saltutil.find_job <jid> # 查看指定jid的job saltutil.signal_job <jid> <single> # 指定的jid进程发送信号 saltutil.term_job <jid> # 终止指定的jid进程(信号为15) saltutil.kill_job <jid> # 终止指定的jid进程(信号为9)
任务运行时,minion端/var/cache/salt/minion/proc下存放jid临时文件
master端/var/cache/salt/master/jobs默认缓存24小时
salt-run jobs.active # 查看所有minion当前正在运行的jobs(在所有minions上运行saltutil.running) salt-run jobs.lookup_jid <jid> # 从master jobs cache中查询指定jid的运行结果 salt-run jobs.list_jobs # 列出当前master jobs cache中的所有job
7、按照官方文档的描述,计划任务有3种配置方式,分别是:
* 在master配置文件中配置
* 在minion配置文件中配置
* 在pillar中配置
下面介绍schedule在pillar中的用法:
我的pillar文件夹是 /srv/salt/pillar
首先创建一个 /srv/salt/pillar/top.sls
base:
"*"
- schedule
然后创建 /srv/salt/pillar/schedule.sls
schedule:
test-job:
function: cmd.run
seconds: 10
args:
- 'uptime >> /tmp/uptime.log'
这个调度任务的意思是 每隔10秒执行uptime,将结果追加到/tmp/uptime.log中。
创建完文件之后执行下面的命令把pillar的修改刷到minion端去
salt "*" saltutil.refresh_pillar
这样就完成了一个简单的计划任务创建。
想查看minion端都有哪些计划任务可以用
salt "*" pillar.get schedule
或者
salt "*" config.option schedule
