SaltStack执行状态收集入库-第五篇

实验目标

1.salt执行的状态然后结果写入MySQL可以方便查询执行salt执行的历史记录

实现方法

1.使用salt的return功能，是minion直接写入MySQL（相对比较麻烦）

2.使用master的jobcache写入到MySQL

环境

node1  192.168.56.11   角色 salt-master  salt-minon  DB

node2  192.168.56.12   角色  salt-minon

步骤

一，在master的配置文件添加以下内容

[root@linux-node1 salt]# tail -8 /etc/salt/master 
#return: mysql
master_job_cache: mysql
mysql.host: '192.168.56.11'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306

二，安装数据库，这里用MariaDB 

[root@linux-node1 salt]# yum install -y mariadb mariadb-server
[root@linux-node1 salt]# systemctl start mariadb
[root@linux-node1 salt]#mysql_secure_installation  #删除anonymous 删除test库 设置root密码 刷新权限表 关闭root远程登录

三，登陆到数据库创建salt数据和表

[root@linux-node1 salt]# mysql -uroot -p123456

#下面是创建数据库和表语句
CREATE DATABASE  `salt`
  DEFAULT CHARACTER SET utf8
  DEFAULT COLLATE utf8_general_ci;

USE `salt`;

--
-- Table structure for table `jids`
--

DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (
  `jid` varchar(255) NOT NULL,
  `load` mediumtext NOT NULL,
  UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE INDEX jid ON jids(jid) USING BTREE;

--
-- Table structure for table `salt_returns`
--

DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (
  `fun` varchar(50) NOT NULL,
  `jid` varchar(255) NOT NULL,
  `return` mediumtext NOT NULL,
  `id` varchar(255) NOT NULL,
  `success` varchar(10) NOT NULL,
  `full_ret` mediumtext NOT NULL,
  `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
  KEY `id` (`id`),
  KEY `jid` (`jid`),
  KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

--
-- Table structure for table `salt_events`
--

DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

四，授权用户

如果是授权的新用户就不需要刷新用户表

MariaDB [salt]> grant all on salt.* to salt@192.168.56.11 identified by 'salt';
Query OK, 0 rows affected (0.03 sec)

 五，测试用户是否能正常登陆

[root@linux-node1 salt]# mysql -h 192.168.56.11 -usalt -psalt
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 110
Server version: 5.5.56-MariaDB MariaDB Server

Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> 

六，重启salt-master

因为修改了master的配置文件

[root@linux-node1 ~]# systemctl restart salt-master

七，先看下salt_returns表信息，是空的

MariaDB [(none)]> use salt
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [salt]>  select * from salt_returns\G;
Empty set (0.00 sec)

八，salt执行远程命令

[root@linux-node1 salt]# salt "*" test.ping
linux-node2.example.com:
    True
linux-node1.example.com:
    True

[root@linux-node1 salt]# salt "*" cmd.run "w"
linux-node1.example.com:
16:25:01 up 10:48, 1 user, load average: 0.00, 0.01, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 192.168.56.1 16:01 5.00s 0.55s 0.37s /usr/bin/python /usr/bin/salt * cmd.run w
linux-node2.example.com:
16:25:02 up 10:48, 1 user, load average: 0.01, 0.02, 0.05
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 192.168.56.1 16:01 23:13 0.00s 0.00s -bash

九，再次查看salt库的salt_returns表信息，执行的数据已经记录到MariaDB中

MariaDB [salt]> use salt
Database changed
MariaDB [salt]>  select * from salt_returns\G;
*************************** 1. row ***************************
       fun: test.ping
       jid: 20171022162359446464
    return: true
        id: linux-node2.example.com
   success: 1
  full_ret: {"fun_args": [], "jid": "20171022162359446464", "return": true, "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2017-10-22T20:23:59.736379", "fun": "test.ping", "id": "linux-node2.example.com"}
alter_time: 2017-10-22 16:23:59
*************************** 2. row ***************************
       fun: test.ping
       jid: 20171022162359446464
    return: true
        id: linux-node1.example.com
   success: 1
  full_ret: {"fun_args": [], "jid": "20171022162359446464", "return": true, "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2017-10-22T20:23:59.757709", "fun": "test.ping", "id": "linux-node1.example.com"}
alter_time: 2017-10-22 16:23:59
*************************** 3. row ***************************
       fun: cmd.run
       jid: 20171022162501827838
    return: " 16:25:01 up 10:48,  1 user,  load average: 0.00, 0.01, 0.05\nUSER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT\nroot     pts/0    192.168.56.1     16:01    5.00s  0.55s  0.37s /usr/bin/python /usr/bin/salt * cmd.run w"
        id: linux-node1.example.com
   success: 1
  full_ret: {"fun_args": ["w"], "jid": "20171022162501827838", "return": " 16:25:01 up 10:48,  1 user,  load average: 0.00, 0.01, 0.05\nUSER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT\nroot     pts/0    192.168.56.1     16:01    5.00s  0.55s  0.37s /usr/bin/python /usr/bin/salt * cmd.run w", "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2017-10-22T20:25:01.867563", "fun": "cmd.run", "id": "linux-node1.example.com"}
alter_time: 2017-10-22 16:25:01
*************************** 4. row ***************************
       fun: cmd.run
       jid: 20171022162501827838
    return: " 16:25:02 up 10:48,  1 user,  load average: 0.01, 0.02, 0.05\nUSER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT\nroot     pts/0    192.168.56.1     16:01   23:13   0.00s  0.00s -bash"
        id: linux-node2.example.com
   success: 1
  full_ret: {"fun_args": ["w"], "jid": "20171022162501827838", "return": " 16:25:02 up 10:48,  1 user,  load average: 0.01, 0.02, 0.05\nUSER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT\nroot     pts/0    192.168.56.1     16:01   23:13   0.00s  0.00s -bash", "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2017-10-22T20:25:01.882218", "fun": "cmd.run", "id": "linux-node2.example.com"}
alter_time: 2017-10-22 16:25:01
4 rows in set (0.01 sec)

十，在salt执行命令时可用加上-v 显示作业ID

[root@linux-node1 salt]#  salt '*' cmd.run 'w' -v
Executing job with jid 20171022163046673306
-------------------------------------------

linux-node1.example.com:
     16:30:46 up 10:54,  1 user,  load average: 0.00, 0.01, 0.05
    USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
    root     pts/0    192.168.56.1     16:01    6.00s  0.57s  0.35s /usr/bin/python /usr/bin/salt * cmd.run w -v
linux-node2.example.com:
     16:30:47 up 10:54,  1 user,  load average: 0.00, 0.01, 0.05
    USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
    root     pts/0    192.168.56.1     16:01   28:58   0.00s  0.00s -bash

总结

可以这样对SaltStack 做二次开发 ：

1.Master Job cache将所有的job输出保存到MySQL

2.如果做管理平台，可以将User id和Jid做关联

3.使用List做目标选择

附：英文参考文档

https://www.unixhot.com/docs/saltstack/ref/returners/all/salt.returners.mysql.html#module-salt.returners.mysql