现在分享一下我对0.16版本salt的学习笔记
一、安装
1、在ubuntu系统安装
添加源
debhttp://debian.saltstack.com/debian wheezy-saltstack main
把这个源放到/etc/apt/sources.list
更新源
apt-get update
安装服务端或者客户端
apt-get installsalt-master
apt-get installsalt-minion
2、redhat或者centos的话,安装使用需要安装第三个源
如果你是5版本
|
1
|
wget http:
//dl.cpis-opt.com/huanw/shencan/epel-release-5-4.noarch.rpm && rpm -vih epel-release-5-4.noarch.rpm
|
如果是6版本,使用
|
1
2
3
|
wget http:
//download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
yum install salt-master
yum install salt-minion
|
|
1
2
3
|
The Salt master communicates
with
the minions using an AES-encrypted ZeroMQ connection. These communications are done over ports
4505
and
4506
, which need to be accessible on the master only. This document outlines suggested firewall rules
for
allowing these incoming connections to the master.
Note
No firewall configuration needs to be done on Salt minions. These changes refer to the master only.
|
二、配置
在master端配置
|
1
2
|
vim /etc/salt/master
interface
:
192.168
.
56.102
|
写成你本机的ip
在slave端配置
|
1
2
|
vim /etc/salt/minion
master:
192.168
.
56.102
|
写你服务端的ip
|
1
|
id: localhost
|
是注明自己的标示。
客户端/etc/init.d/salt-minion start 日志文件默认是这个/var/log/salt/minion
服务端/etc/init.d/salt-master start 日志文件默认是这个/var/log/salt/master
|
1
2
3
4
5
6
|
[root@centos salt]# salt-key -L
Accepted Keys:
server.hadoop.com
Unaccepted Keys:
localhost
Rejected Keys:
|
查看你的key情况
同意加入localhost
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@centos salt]# salt-key -L
Accepted Keys:
server.hadoop.com
Unaccepted Keys:
localhost
Rejected Keys:
[root@centos salt]# salt-key -a localhost
Key
for
minion localhost accepted.
[root@centos salt]# salt-key -L
Accepted Keys:
localhost
server.hadoop.com
Unaccepted Keys:
Rejected Keys:
|
查看一下网络连接情况(也就是看看能否连接客户端)
|
1
2
3
4
5
|
[root@centos salt]# salt
'*'
test.ping
localhost:
True
server.hadoop.com:
True
|
先前使用*代表所有机器,如果想单独的话,可以使用
|
1
2
3
|
[root@centos salt]# salt
'localhost'
cmd.run hostname
localhost:
centos
|
如果想运行多个的话,可以使用-L
|
1
2
3
4
5
|
[root@centos salt]# salt -L
'server.hadoop.com,localhost'
cmd.run hostname
server.hadoop.com:
server.hadoop.com
localhost:
centos
|
还可以使用正则
|
1
2
3
|
[root@centos salt]# salt -E
'server*'
cmd.run hostname
server.hadoop.com:
server.hadoop.com
|
-G 这个参数很强大会根据默认的grain的结果来指定最新 grain这个东西就像puppet里面的facter这个东西
|
1
2
3
4
5
6
|
[root@centos salt]# salt -G
'os:Centos'
test.ping
localhost:
True
[root@centos salt]# salt -G
'os:Ubuntu'
test.ping
server.hadoop.com:
True
|
如果想查看哪个项的话
|
1
2
3
4
5
|
[root@centos test]# salt
'*'
grains.item os
server.hadoop.com:
os: Ubuntu
localhost:
os: CentOS
|
执行python代码
|
1
2
3
4
5
6
7
|
[root@centos salt]# salt
'*'
cmd.exec_code python
'import sys;print sys.version'
localhost:
2.6
.
6
(r266:
84292
, Feb
22
2013
,
00
:
00
:
18
)
[GCC
4.4
.
7
20120313
(Red Hat
4.4
.
7
-
3
)]
server.hadoop.com:
2.7
.
3
(
default
, Aug
1
2012
,
05
:
14
:
39
)
[GCC
4.6
.
3
]
|
分组操作
在master里配置
|
1
2
3
|
nodegroups:
group1:
'localhost'
group2:
'server.hadoop.com'
|
可以把localhost分给group1,server.hadoop.com分给group2
然后重启salt-master
|
1
2
3
4
5
6
|
[root@centos salt]# salt -N group1 test.ping
localhost:
True
[root@centos salt]# salt -N group2 test.ping
server.hadoop.com:
True
|
查看网卡ip
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
[root@centos /]# salt
'localhost'
network.interfaces
localhost:
----------
eth0:
----------
hwaddr:
08
:
00
:
27
:
59
:bb:1f
inet:
----------
- address:
192.168
.
56.102
- broadcast:
192.168
.
56.255
-
label
:
eth0
- netmask:
255.255
.
255.0
inet6:
----------
- address:
fe80::a00:27ff:fe59:bb1f
- prefixlen:
64
up:
True
eth1:
----------
hwaddr:
08
:
00
:
27
:ba:ad:
23
inet:
----------
- address:
192.168
.
14.182
- broadcast:
192.168
.
14.255
-
label
:
eth1
- netmask:
255.255
.
255.0
inet6:
----------
- address:
fe80::a00:27ff:feba:ad23
- prefixlen:
64
up:
True
lo:
----------
hwaddr:
00
:
00
:
00
:
00
:
00
:
00
inet:
----------
- address:
127.0
.
0.1
- broadcast:
None
-
label
:
lo
- netmask:
255.0
.
0.0
inet6:
----------
- address:
::
1
- prefixlen:
128
up:
True
|
下面是我的测试
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
[root@centos salt]# salt -C
'G@os:ubuntu'
test.ping
server.hadoop.com:
True
[root@centos salt]# salt -C
'E@server.\w+'
test.ping
server.hadoop.com:
True
[root@centos salt]# salt -C
'P@os:(centos)'
test.ping
localhost:
True
[root@centos salt]# salt -C
'P@os:(centos|ubuntu)'
test.ping
server.hadoop.com:
True
localhost:
True
[root@centos salt]# salt -C
'L@localhost,server.hadoop.com'
test.ping
server.hadoop.com:
True
localhost:
True
[root@centos salt]# salt -C
'S@192.168.56.0/24'
test.ping
server.hadoop.com:
True
localhost:
True
|
查看磁盘空间
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
[root@centos tmp]# salt
'localhost'
disk.usage
localhost:
----------
/:
----------
1K-blocks:
28423176
available:
21572708
capacity:
21
%
filesystem:
/dev/mapper/vg_centos-lv_root
used:
5406628
/boot:
----------
1K-blocks:
495844
available:
438658
capacity:
7
%
filesystem:
/dev/sda1
used:
31586
/dev/shm:
----------
1K-blocks:
510204
available:
510204
capacity:
0
%
filesystem:
tmpfs
used:
0
[root@centos tmp]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_centos-lv_root
28G
5
.2G 21G
21
% /
tmpfs 499M
0
499M
0
% /dev/shm
/dev/sda1 485M 31M 429M
7
% /boot
|
如果想查看所有minion的连接情况,可以使用salt-run manage.status
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[root@centos apache]# salt
'*'
test.ping
server.hadoop.com:
True
localhost:
True
[root@centos apache]#
[root@centos apache]#
[root@centos apache]# salt-run manage.status
down:
-
230
up:
- localhost
- server.hadoop.com
|
如果想安装软件可以使用pkg.install
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
[root@centos echoping]# salt
'localhost'
pkg.install dos2unix
Loaded plugins: fastestmirror
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.esocc.com
* epel: mirrors.vinahost.vn
* extras: mirror.esocc.com
* rpmforge: mirror1.hs-esslingen.de
* updates: centosc6.centos.org
Running rpm_check_debug
Loaded plugins: fastestmirror
localhost:
----------
dos2unix:
----------
new
:
3.1
-
37
.el6
old:
[root@centos echoping]# rpm -qa|grep dos2unix
dos2unix-
3.1
-
37
.el6.x86_64
|
查看你已经安装的包
|
1
|
salt
'localhost'
pkg.list_pkgs
|
删除包
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@centos tmp]# salt
'localhost'
pkg.remove echoping
Loaded plugins: fastestmirror
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.esocc.com
* epel: mirror.neu.edu.cn
* extras: mirror.esocc.com
* rpmforge: mirrors.neusoft.edu.cn
* updates: mirror.esocc.com
Running rpm_check_debug
Loaded plugins: fastestmirror
localhost:
- echoping
[root@centos tmp]# rpm -qa|grep echoping
|
查看你repos(由于内容过多,我就只列出命令了)
|
1
|
salt
'localhost'
pkg.list_repos
|
三、配置类似puppet操作
由于我的master上的存放信息目录是在/var/salt上
|
1
2
3
|
file_roots:
base:
- /
var
/salt/
|
所以进入换个目录
下面是我的配置
|
1
2
3
4
|
[root@centos salt]# cat top.sls
base:
'*'
: #对象名,我使用*代表所有
- vim #资源文件名
|
如果你的资源文件存放在一个目录里,比如在/var/salt/apache/vim.sls,
那么可以写为
|
1
|
-apache.vim
|
代表apache目录下的vim.sls
下面测试
Top里内容为
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
[root@centos salt]# cat top.sls
base:
'localhost'
:
- echoping.echoping#代表echoping目录下的echoping.sls文件
[root@centos echoping]# pwd
/
var
/salt/echoping
[root@centos echoping]# cat echoping.sls
echoping: #id宣告
pkg: #安装包管理
- name: echoping #安装哪个软件
- installed #要求是安装
service: #服务管理
- name: httpd #指定服务
- running #服务运行状态
- reload: True #是否重启
- watch: #如果下面文件发生变化,就重启
- file: /tmp/test_echoping.conf #监控的文件地址
/tmp/test_echoping.conf: #宣告
file.managed: #文件管理
- source: salt:
//echoping/test_echoping.conf #源数据在哪里
- user: root #用户
- group: root #组
- mode:
644
#权限
- backup: minion #备份一份
|
运行的话,可以使用salt 'localhost' state.highstate
注意,如果需要把服务设置为开机启动可以使用- enable:True
由于我设置的是有变化就重启http,所以先查看http的状态
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@centos salt]# ps -ef|grep httpd
root
1430
1
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1436
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1469
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1470
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1471
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1472
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1473
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1474
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1475
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
apache
1476
1430
0
17
:
03
?
00
:
00
:
00
/usr/sbin/httpd
root
1886
1782
0
17
:
04
pts/
0
00
:
00
:
00
grep httpd
[root@centos salt]# date
Fri Aug
9
17
:
04
:
54
CST
2013
|
在17:04启动,然后在运行salt 'localhost' state.highstate
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
[root@centos salt]# salt
'localhost'
state.highstate
Info: Running a benchmark to measure system clock frequency...
Info: Finished RDTSC test. To prevent the startup delay from
this
benchmark,
set
the environment
var
iable RDTSC_FREQUENCY to
2495
on
this
system. This value
is
dependent upon the CPU clock speed and architecture and should be determined separately
for
each
server.
localhost:
----------
State: - file
Name: /tmp/test_echoping.conf
Function: managed
Result: True
Comment: File /tmp/test_echoping.conf updated
Changes: diff: New file
----------
State: - pkg
Name: echoping
Function: installed
Result: True
Comment: The following packages were installed/updated: echoping.
Changes: echoping: {
new
:
5.2
.
0
-
1.2
.el6.rf
old :
}
----------
State: - service
Name: httpd
Function: running
Result: True
Comment: Service restarted
Changes: httpd: True
|
可以看到已经安装了echoping,并且更新了/tmp/test_echoping.conf
在查看一下httpd情况
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@centos salt]# ps -ef|grep httpd
root
2025
1
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2028
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2031
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2032
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2033
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2034
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2035
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2036
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2037
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
apache
2038
2025
0
17
:
06
?
00
:
00
:
00
/usr/sbin/httpd
root
2043
1782
3
17
:
06
pts/
0
00
:
00
:
00
grep httpd
[root@centos salt]# date
Fri Aug
9
17
:
06
:
57
CST
2013
|
可以看到已经重启了。
在查看一下文件传输情况
源文件
|
1
2
3
|
[root@centos salt]# cat /
var
/salt/echoping/test_echoping.conf
this
is
test echoping
this
twice test
|
生成的文件
|
1
2
3
|
[root@centos salt]# cat /tmp/test_echoping.conf
this
is
test echoping
this
twice test
|
查看echoping是否安装
|
1
2
|
[root@centos salt]# rpm -qa|grep echoping
echoping-
5.2
.
0
-
1.2
.el6.rf.x86_64
|
已经安装了
在看看下面的用户与权限
|
1
2
|
[root@centos salt]# ll /tmp/test_echoping.conf
-rw-r--r--
1
root root
38
Aug
9
17
:
05
/tmp/test_echoping.conf
|
也是我们定义的
如果在给/var/salt/echoping/test_echoping.conf修改了,在运行
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
[root@centos echoping]# salt
'localhost'
state.highstate
localhost:
----------
State: - file
Name: /tmp/test_echoping.conf
Function: managed
Result: True
Comment: File /tmp/test_echoping.conf updated
Changes: diff: ---
+++
@@ -
1
,
2
+
1
,
3
@@
this
is
test echoping
this
twice test
+
this
is
3
----------
State: - service
Name: httpd
Function: running
Result: True
Comment: Service restarted
Changes: httpd: True
|
然后服务也重启了
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@centos echoping]# ps -ef|grep httpd
root
2352
1
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2354
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2355
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2356
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2357
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2358
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2359
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2360
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2361
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
apache
2362
2352
0
17
:
21
?
00
:
00
:
00
/usr/sbin/httpd
root
2372
2183
0
17
:
22
pts/
1
00
:
00
:
00
grep httpd
[root@centos echoping]# date
Fri Aug
9
17
:
23
:
01
CST
2013
|
如果想让salt能想puppet那样定时自动的获取配置,可以在/etc/salt/minion里配置
|
1
2
3
4
|
schedule:
highstate:
function
: state.highstate
minutes:
60
|
然后重启salt-minion
请注意,在服务端可以使用salt 'localhost' state.highstate,在客户端的话,使用salt-callstate.highstate
如果使用grains来区分不同的系统安装不同的东东,可以使用下面(比如安装apache,在centos里安装httpd,在ubuntu里安装apache2)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
[root@centos apache]# cat apache.sls
apache:
pkg:
{%
if
grains[
'os'
] ==
'CentOS'
%}
- name: httpd
{% elif grains[
'os'
] ==
'Ubuntu'
%}
- name: apache2
{% endif %}
- installed
service:
{%
if
grains[
'os'
] ==
'CentOS'
%}
- name: httpd
{% elif grains[
'os'
] ==
'Ubuntu'
%}
- name: apache2
{% endif %}
- running
- reload: True
- watch:
- pkg: apache
- file: /tmp/test.conf
/tmp/test.conf:
file.managed:
- source: salt:
//apache/test.conf
- user: root
- group: root
- mode:
644
[root@centos apache]# cat test.conf
this
is
test apache
this
is
2
|
然后运行更新
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
[root@centos apache]# salt
'server.hadoop.com'
state.highstate
server.hadoop.com:
----------
State: - file
Name: /tmp/test.conf
Function: managed
Result: True
Comment: File /tmp/test.conf updated
Changes: diff: New file
----------
State: - pkg
Name: apache2
Function: installed
Result: True
Comment: Package apache2
is
already installed
Changes:
----------
State: - service
Name: apache2
Function: running
Result: True
Comment: Service restarted
Changes: apache2: True
|
注意,如果你想使用命令的话,可以使用cmd.wait
|
1
2
3
4
5
6
|
echo-msg:
cmd.wait:
- name: echo
'this is test'
>/tmp/echo-msg
- user: root
- watch:
- pkg: apache
|
自定义模块
查看你master上的file_root路径,比如我的为
|
1
2
3
|
file_roots:
base:
- /
var
/salt/
|
所以在/var/salt里创建个_modules
|
1
|
mkdir /
var
/salt/_modules
|
然后进入目录编写模块
|
1
2
3
4
5
6
7
8
9
|
cd /
var
/salt/_modules
[root@centos _modules]# cat dl.py
def msg():
msg=
'this is test message'
return
msg
def time():
import
time
a=time.asctime()
return
a
|
必须以.py结尾
然后同步到minion里(使用saltutil.sync_all)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
[root@centos _modules]# salt
'*'
saltutil.sync_all
server.hadoop.com:
|_
- modules.dl
|_
|_
|_
|_
|_
localhost:
|_
- modules.dl
|_
|_
|_
|_
|_
|
下面测试
|
1
2
3
4
5
6
7
8
9
10
|
[root@centos _modules]# salt
'*'
dl.msg
localhost:
this
is
test message
server.hadoop.com:
this
is
test message
[root@centos _modules]# salt
'*'
dl.time
server.hadoop.com:
Tue Aug
13
15
:
25
:
32
2013
localhost:
Tue Aug
13
15
:
25
:
29
2013
|
当然还可以直接调用salt的模块
调用先有的module来显现自定义module中需要的功能saltsalt内置的一个字典,包含了所有的salt的moudle
|
1
2
|
def cmd(cmd):
return
__salt__[
'cmd.run'
](cmd)
|
同步
之后测试
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
[root@centos _modules]# salt
'*'
saltutil.sync_all
server.hadoop.com:
|_
|_
|_
|_
|_
|_
localhost:
|_
- modules.dl
|_
|_
|_
|_
|_
[root@centos _modules]# salt
'localhost'
dl.cmd ls
localhost:
1
.log
1
.py
111
.py
1111
.log
2
.log
3
.log
anaconda-ks.cfg
install.log
install.log.syslog
install_openstack.sh
install_zabbix_agent.sh
svn_install.sh
test
test5
test7.py
zatree
[root@centos _modules]# salt
'localhost'
dl.cmd hostname
localhost:
centos
|
下面是一些关于client的描述
|
1
2
|
Python client API
Salt
is
written to be completely API centric, Salt minions and master can be built directly into third party applications
as
a communication layer. The Salt client API
is
very straightforward.
|
运行单个命令
|
1
2
3
4
5
6
7
8
9
10
|
>>>
import
salt.client
>>> a=salt.client.LocalClient()
>>> a
<salt.client.LocalClient object at
0x1ad8f10
>
>>> a.cmd(
"localhost"
,
"test.ping"
)
{
'localhost'
: True}
>>> a.cmd(
"*"
,
"test.ping"
)
{
'server.hadoop.com'
: True,
'localhost'
: True}
>>> a.cmd(
"*"
,
"dl.time"
)
{
'server.hadoop.com'
:
'Wed Aug 14 09:53:22 2013'
,
'localhost'
:
'Wed Aug 14 09:53:22 2013'
}
|
运行多个命令
|
1
2
|
>>> a.cmd(
'*'
,[
'cmd.run'
,
'test.ping'
,
'dl.time'
],[[
'hostname'
],[],[]])
{
'server.hadoop.com'
: {
'test.ping'
: True,
'dl.time'
:
'Wed Aug 14 10:01:35 2013'
,
'cmd.run'
:
'server.hadoop.com'
},
'localhost'
: {
'test.ping'
: True,
'dl.time'
:
'Wed Aug 14 10:01:35 2013'
,
'cmd.run'
:
'centos'
}}
|
具体参考http://docs.saltstack.com/ref/python-api.html
本文转自 reinxu 51CTO博客,原文链接:http://blog.51cto.com/dl528888/1312503,如需转载请自行联系原作者
