saltstack执行结果存储到MySQL
saltstack执行结果保存到MySQL中,以便进行命令安全审计
必须是python2.7以上的环境
安装相关模块
ubuntu系统安装
apt-get install -y python-mysqldb
centos系统安装
yum install -y MySQL-python
数据库、相关表创建以及账户创建授权
官网:https://docs.saltstack.com/en/latest/ref/returners/all/salt.returners.mysql.html#module-salt.returners.mysql
CREATE DATABASE `salt` DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; USE `salt`; CREATE TABLE `jids` ( `jid` varchar(255) NOT NULL, `load` mediumtext NOT NULL, UNIQUE KEY `jid` (`jid`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; CREATE INDEX jid ON jids(jid) USING BTREE; CREATE TABLE `salt_returns` ( `fun` varchar(50) NOT NULL, `jid` varchar(255) NOT NULL, `return` mediumtext NOT NULL, `id` varchar(255) NOT NULL, `success` varchar(10) NOT NULL, `full_ret` mediumtext NOT NULL, `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP, KEY `id` (`id`), KEY `jid` (`jid`), KEY `fun` (`fun`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; CREATE TABLE `salt_events` ( `id` BIGINT NOT NULL AUTO_INCREMENT, `tag` varchar(255) NOT NULL, `data` mediumtext NOT NULL, `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP, `master_id` varchar(255) NOT NULL, PRIMARY KEY (`id`), KEY `tag` (`tag`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
创建数据库账户以及授权
grant all privileges on salt.* to salt@'localhost' identified by "xxxxxxxx";
salt-master salt-minion端相关配置
方法一
在所有minion端配置添加数据库相关信息
找到minion文件中的#return: mysql后面添加数据库相关信息
#return: mysql
mysql.host: '192.168.217.20'
mysql.user: 'salt'
mysql.pass: 'xxxxx'
mysql.db: 'salt'
mysql.port: 3306
重启所以客户端
方法二
开启master端的master_job_cache,该方法就不需要再minion端配置数据库相关信息了,如果也配置了minion端数据库相关信息,那么执行结果将会在数据库中保存两份
配置如下:
#return: mysql master_job_cache: mysql mysql.host: '192.168.217.20' mysql.user: 'salt' mysql.pass: 'Wclwcw1101!' mysql.db: 'salt' mysql.port: 3306
重启salt-master
坚持,相信有一天,你也能成为别人眼中的大牛!
QQ:939598325