1、軟件環境:
[root@localhost ~]# cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core) [root@localhost ~]# uname -a Linux localhost.localdomain 3.10.0-514.el7.x86_64 #1 SMP Tue Nov 22 16:42:41 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux [root@localhost ~]#
(1)修改selinux配置文件:
[root@localhost ~]# vim /etc/sysconfig/selinux SELINUX=enforcing 改為 SELINUX=disabled
(2)關閉防火墻:
[root@localhost ~]# systemctl disable firewalld [root@localhost ~]# systemctl stop firewalld [root@localhost ~]# iptables -F [root@localhost ~]# iptables -L
IP分配如下:
master 192.168.112.140
minion 192.168.112.141
minion 192.168.112.142
(3)master和minion端部署安裝
master端執行:
[root@localhost ~]# yum install epel-release [root@localhost ~]# yum install -y salt-master
minion端執行:
[root@localhost ~]# yum install epel-release [root@localhost ~]# yum install salt-minion
(4)修改配置文件:
[root@localhost ~]# vim /etc/salt/minion master: 192.168.112.140 id: server02 [root@localhost ~]# [root@localhost ~]# systemctl start salt-minion [root@localhost ~]# ps -ef|grep salt-minion root 2505 1 2 23:06 ? 00:00:00 /usr/bin/python /usr/bin/salt-minion root 2508 2505 8 23:06 ? 00:00:00 /usr/bin/python /usr/bin/salt-minion root 2536 2318 0 23:06 pts/0 00:00:00 grep --color=auto salt-minion [root@localhost ~]# netstat -lnupt|grep 4505 tcp 0 0 0.0.0.0:4505 0.0.0.0:* LISTEN 2304/python [root@localhost ~]# [root@localhost ~]# [root@localhost ~]# vim /etc/salt/minion master: 192.168.112.140 id: server03 [root@localhost ~]# [root@localhost ~]# systemctl start salt-minion [root@localhost ~]# ps -ef|grep salt-minion root 2487 1 1 23:05 ? 00:00:00 /usr/bin/python /usr/bin/salt-minion root 2490 2487 4 23:06 ? 00:00:00 /usr/bin/python /usr/bin/salt-minion root 2521 2320 0 23:06 pts/0 00:00:00 grep --color=auto salt-minion [root@localhost ~]# [root@localhost ~]# [root@localhost ~]#
(5)設置salt-master和salt-minion開機啟動
[root@localhost ~]# systemctl enable salt-master Created symlink from /etc/systemd/system/multi-user.target.wants/salt-master.service to /usr/lib/systemd/system/salt-master.service. [root@localhost ~]# [root@localhost ~]# systemctl enable salt-minion Created symlink from /etc/systemd/system/multi-user.target.wants/salt-minion.service to /usr/lib/systemd/system/salt-minion.service. [root@localhost ~]#
2、配置saltstack認證
salt-key //查看已經簽名的客戶端
salt-key -a //簽名指定的主機
salt-key -A //簽名所有的主機
salt-key -d //刪除指定主機的簽名
salt-key --help //查看各命令的用法
[root@localhost ~]# salt-key Accepted Keys: Denied Keys: Unaccepted Keys: server02 server03 Rejected Keys: [root@localhost ~]# [root@localhost ~]# salt-key -a server02 The following keys are going to be accepted: Unaccepted Keys: server02 Proceed? [n/Y] Y Key for minion server02 accepted. [root@localhost ~]# [root@localhost ~]# salt-key Accepted Keys: server02 server03 Denied Keys: Unaccepted Keys: Rejected Keys: [root@localhost ~]#
3、日常用法
test.ping用戶檢查master到minion端的網絡連通性,返回True即正常,False為異常
[root@localhost ~]# salt '*' test.ping server02: True server03: True [root@localhost ~]#
cmd.run 在minion端執行shell命令,記住這模塊只能執行短連接命令,比如df命令;長連接的無法返回結果,比如top命令
[root@localhost ~]# salt '*' cmd.run 'hostname' server03: localhost.localdomain server02: localhost.localdomain [root@localhost ~]# salt '*' cmd.run 'df -Th' server02: Filesystem Type Size Used Avail Use% Mounted on /dev/sda3 xfs 90G 1.8G 89G 2% / devtmpfs devtmpfs 231M 0 231M 0% /dev tmpfs tmpfs 241M 12K 241M 1% /dev/shm tmpfs tmpfs 241M 4.6M 236M 2% /run tmpfs tmpfs 241M 0 241M 0% /sys/fs/cgroup /dev/sda1 xfs 1014M 131M 884M 13% /boot tmpfs tmpfs 49M 0 49M 0% /run/user/0 server03: Filesystem Type Size Used Avail Use% Mounted on /dev/sda3 xfs 90G 1.8G 89G 2% / devtmpfs devtmpfs 231M 0 231M 0% /dev tmpfs tmpfs 241M 12K 241M 1% /dev/shm tmpfs tmpfs 241M 4.6M 236M 2% /run tmpfs tmpfs 241M 0 241M 0% /sys/fs/cgroup /dev/sda1 xfs 1014M 131M 884M 13% /boot tmpfs tmpfs 49M 0 49M 0% /run/user/0 [root@localhost ~]#
顯示被控主機的操作系統類型
[root@localhost ~]# salt '*' grains.item os server02: ---------- os: CentOS server03: ---------- os: CentOS [root@localhost ~]#
遠程代碼執行測試
(1)(通配符*匹配)
[root@localhost ~]# salt '*' cmd.exec_code python 'import sys;print sys.version' server02: 2.7.5 (default, Nov 6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)] server03: 2.7.5 (default, Nov 6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)] [root@localhost ~]#
(2)正則匹配
[root@localhost ~]# salt -E 'server(02|03)' test.ping server03: True server02: True [root@localhost ~]#
(3)列表匹配
[root@localhost ~]# salt -L 'server02,server03' test.ping server02: True server03: True [root@localhost ~]#
(4)grains匹配,其命令salt <target> grains.items
[root@localhost ~]# salt 'server02' grains.items server02: ---------- SSDs: biosreleasedate: 07/31/2013 biosversion: 6.00 cpu_flags: - fpu - vme - de - pse - tsc - msr - pae - mce - cx8 - apic - sep - mtrr - pge - mca - cmov - pat - pse36 - clflush - dts - mmx - fxsr - sse - sse2 - ss - ht - syscall - nx - rdtscp - lm - constant_tsc - arch_perfmon - pebs - bts - nopl - xtopology - tsc_reliable - nonstop_tsc - aperfmperf - eagerfpu - pni - pclmulqdq - ssse3 - cx16 - pcid - sse4_1 - sse4_2 - x2apic - popcnt - xsave - avx - f16c - hypervisor - lahf_lm - arat - epb - pln - pts - dtherm - fsgsbase - smep - xsaveopt cpu_model: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz cpuarch: x86_64 domain: fqdn: server02 fqdn_ip4: - 192.168.112.141 fqdn_ip6: - ::1 gpus: |_ ---------- model: SVGA II Adapter vendor: unknown host: server02 hwaddr_interfaces: ---------- eth0: 00:0c:29:0b:28:95 lo: 00:00:00:00:00:00 id: server02 init: systemd ip4_interfaces: ---------- eth0: - 192.168.112.141 lo: - 127.0.0.1 ip6_interfaces: ---------- eth0: lo: ip_interfaces: ---------- eth0: - 192.168.112.141 lo: - 127.0.0.1 ipv4: - 127.0.0.1 - 192.168.112.141 ipv6: kernel: Linux kernelrelease: 3.10.0-514.el7.x86_64 locale_info: ---------- defaultencoding: UTF-8 defaultlanguage: en_US detectedencoding: UTF-8 localhost: server02 lsb_distrib_id: CentOS Linux machine_id: 09e12c5f3a7948af9747ee938feee87f manufacturer: VMware, Inc. master: 192.168.112.140 mdadm: mem_total: 480 nodename: server02 num_cpus: 4 num_gpus: 1 os: CentOS os_family: RedHat osarch: x86_64 oscodename: Core osfinger: CentOS Linux-7 osfullname: CentOS Linux osmajorrelease: 7 osrelease: 7.3.1611 osrelease_info: - 7 - 3 - 1611 path: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin productname: VMware Virtual Platform ps: ps -efH pythonexecutable: /usr/bin/python pythonpath: - /usr/bin - /usr/lib64/python27.zip - /usr/lib64/python2.7 - /usr/lib64/python2.7/plat-linux2 - /usr/lib64/python2.7/lib-tk - /usr/lib64/python2.7/lib-old - /usr/lib64/python2.7/lib-dynload - /usr/lib64/python2.7/site-packages - /usr/lib64/python2.7/site-packages/gtk-2.0 - /usr/lib/python2.7/site-packages pythonversion: - 2 - 7 - 5 - final - 0 saltpath: /usr/lib/python2.7/site-packages/salt saltversion: 2015.5.10 saltversioninfo: - 2015 - 5 - 10 - 0 selinux: ---------- enabled: False enforced: Disabled serialnumber: VMware-56 4d 19 57 3d 1d 44 0d-99 bf 1a ff c4 0b 28 95 server_id: 1264512667 shell: /bin/sh systemd: ---------- features: +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN version: 219 virtual: VMware zmqversion: 3.2.5 [root@localhost ~]#
如果要獲取具體某一項內容,可以直接在該命令后加項名,比如獲取操作系統,則:
[root@localhost ~]# salt -L 'server02,server03' grains.item os server03: ---------- os: CentOS server02: ---------- os: CentOS [root@localhost ~]#
同樣可以獲取host、ip_interfaces、fqdn_ipv4、cpu_model對應的值:
[root@localhost ~]# salt 'server02' grains.item host server02: ---------- host: server02 [root@localhost ~]# [root@localhost ~]# salt 'server02' grains.item ip_interfaces server02: ---------- ip_interfaces: ---------- eth0: - 192.168.112.141 lo: - 127.0.0.1 [root@localhost ~]# [root@localhost ~]# salt 'server02' grains.item fqdn_ip4 server02: ---------- fqdn_ip4: - 192.168.112.141 [root@localhost ~]# [root@localhost ~]# salt 'server02' grains.item cpu_model server02: ---------- cpu_model: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz [root@localhost ~]#
4、常用模塊介紹
(1)、cp模塊(實現遠程文件、目錄的復制,以及下載URL文件等操作)
#將主服務器file_roots指定位置下的目錄復制到被控主機
打開master文件中的
#file_roots:
base:
- /srv/salt
改為:
file_roots:
base:
- /srv/salt
# salt '*' cp.get_dir salt://test_dir /data
salt:// --->表示file_root指定的路徑,這里是/srv/salt,salt://test_dir 表示/srv/salt/test_dir
/data --->表示目標主機上的根目錄下的data目錄
[root@localhost ~]# ll /srv/salt/test_dir/ total 672 -rw-r--r-- 1 root root 686011 May 7 22:37 nginx-1.0.10.tar.gz [root@localhost ~]# salt '*' cp.get_dir salt://test_dir /data server02: - /data/test_dir/nginx-1.0.10.tar.gz server03: - /data/test_dir/nginx-1.0.10.tar.gz [root@localhost ~]# salt '*' cmd.run 'ls -l /data' server03: total 0 drwxr-xr-x 2 root root 33 Jun 1 02:12 test_dir server02: total 0 drwxr-xr-x 2 root root 33 Jun 1 02:12 test_dir [root@localhost ~]#
#將主服務器file_roots指定位置下的文件復制到被控主機
# salt '*' cp.get_file salt://nginx-1.0.10.tar.gz /root/nginx-1.0.10.tar.gz
[root@localhost salt]# salt '*' cp.get_file salt://nginx-1.0.10.tar.gz /root/nginx-1.0.10.tar.gz server02: /root/nginx-1.0.10.tar.gz server03: /root/nginx-1.0.10.tar.gz [root@localhost salt]# salt '*' cmd.run 'ls -l /root/' server02: total 676 -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz server03: total 676 -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz [root@localhost salt]#
對于大文件,cp_get_file支持gzip壓縮,在參數中指定gzip的壓縮級別,如下:
[root@server01 salt]# pwd /srv/salt [root@server01 salt]# ll -th test -rw-r--r-- 1 root root 1.0G Jun 13 22:04 test [root@server01 salt]# salt '*' cp.get_file salt://test /root/test gzip=5 server02: /root/test server03: /root/test [root@server01 salt]# [root@server01 salt]# salt '*' cmd.run 'ls -htl /root/test' server02: -rw-r--r-- 1 root root 1.0G Jun 13 22:06 /root/test server03: -rw-r--r-- 1 root root 1.0G Jun 13 22:06 /root/test [root@server01 salt]#
其中,1代表最小壓縮,9代表最大壓縮,gzip參數是在傳輸過程中對文件進行壓縮。
cp.get_file默認不會在客戶端上建立目錄,如果客戶端上沒有這個目錄了,文件拷貝將失敗,所以這里又有一個參數makedirs,當客戶端上的目標目錄不存在時,直接將該參數的值設置為True,即makedirs=True;
[root@server01 salt]# salt '*' cmd.run 'ls -l /root/' server02: total 1049372 -rw-r--r-- 1 root root 115316 Jun 1 02:26 GeoIP-1.6.5.-1.e16.x86_64.rpm -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 260 Jun 5 22:08 connect.py -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz -rw-r--r-- 1 root root 1073741824 Jun 13 22:06 test drwxr-xr-x 2 root root 33 Jun 13 22:54 web server03: total 1049368 -rw-r--r-- 1 root root 115316 Jun 1 02:26 GeoIP-1.6.5.-1.e16.x86_64.rpm -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz -rw-r--r-- 1 root root 1073741824 Jun 13 22:06 test drwxr-xr-x 2 root root 33 Jun 13 22:54 web [root@server01 salt]# [root@server01 salt]# salt '*' cp.get_file salt://nginx-1.0.10.tar.gz /root/web/nginx-1.0.10.tar.gz makedirs=True server02: /root/web/nginx-1.0.10.tar.gz server03: /root/web/nginx-1.0.10.tar.gz [root@server01 salt]# [root@server01 salt]# salt '*' cmd.run 'ls -l /root/' server02: total 1049372 -rw-r--r-- 1 root root 115316 Jun 1 02:26 GeoIP-1.6.5.-1.e16.x86_64.rpm -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 260 Jun 5 22:08 connect.py -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz -rw-r--r-- 1 root root 1073741824 Jun 13 22:06 test drwxr-xr-x 2 root root 33 Jun 13 22:54 web server03: total 1049368 -rw-r--r-- 1 root root 115316 Jun 1 02:26 GeoIP-1.6.5.-1.e16.x86_64.rpm -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz -rw-r--r-- 1 root root 1073741824 Jun 13 22:06 test drwxr-xr-x 2 root root 33 Jun 13 22:54 web [root@server01 salt]#
注意:cp.get_file從字面上就可以看出是操作對象是文件,即只有在拷貝文件的時候,目標主機上對應的目錄不存在使用makedirs參數才有用,否則該參數無效。
#下載指定URL內容到被控主機指定位置
salt '*' cp.get_url http://dl.fedoraproject.org/pub/epel/6/x86_64/GeoIP-1.6.5-1.el6.x86_64.rpm /root/GeoIP-1.6.5.-1.e16.x86_64.rpm
cp.get_url 根據指定的url地址下載文件到被控端主機的對應目錄下,這里被控端目錄/root/下面
[root@localhost salt]# salt '*' cmd.run 'ls -l /root/' server02: total 676 -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz server03: total 676 -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz [root@localhost salt]# salt '*' cp.get_url http://dl.fedoraproject.org/pub/epel/6/x86_64/GeoIP-1.6.5-1.el6.x86_64.rpm /root/GeoIP-1.6.5.-1.e16.x86_64.rpm server03: /root/GeoIP-1.6.5.-1.e16.x86_64.rpm server02: /root/GeoIP-1.6.5.-1.e16.x86_64.rpm [root@localhost salt]# salt '*' cmd.run 'ls -l /root/' server02: total 792 -rw-r--r-- 1 root root 115316 Jun 1 02:26 GeoIP-1.6.5.-1.e16.x86_64.rpm -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz server03: total 792 -rw-r--r-- 1 root root 115316 Jun 1 02:26 GeoIP-1.6.5.-1.e16.x86_64.rpm -rw-------. 1 root root 1496 Jan 17 09:03 anaconda-ks.cfg -rw-r--r-- 1 root root 686011 Jun 1 02:15 nginx-1.0.10.tar.gz [root@localhost salt]#
當然URL也可以是master上的路徑(salt://)
[root@server01 salt]# salt '*' cp.get_url salt://nginx-1.0.10.tar.gz /opt/nginx-1.0.10.tar.gz server02: /opt/nginx-1.0.10.tar.gz server03: /opt/nginx-1.0.10.tar.gz [root@server01 salt]# salt '*' cmd.run 'ls -l /opt' server02: total 672 -rw-r--r-- 1 root root 686011 Jun 13 23:05 nginx-1.0.10.tar.gz server03: total 672 -rw-r--r-- 1 root root 686011 Jun 13 23:05 nginx-1.0.10.tar.gz [root@server01 salt]#
#salt '*' cp.hash_file salt://test-file
cp.hash_file獲取從主控端下發到被控端后文件的hash值,一般用于對比某個被控端某個文件的hash值
[root@localhost ~]# salt '*' cp.hash_file salt://nginx-1.0.10.tar.gz server02: ---------- hash_type: md5 hsum: 930b297b00fa1018fb0a1dd3e6b7e17e server03: ---------- hash_type: md5 hsum: 930b297b00fa1018fb0a1dd3e6b7e17e [root@localhost ~]#
(2)、cmd模塊(實現遠程的命令行調用執行)
# salt '*' cmd.run 'netstat -ntlp'
[root@localhost salt]# salt '*' cmd.run 'netstat -lnupt' server02: Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1184/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2013/master tcp6 0 0 :::22 :::* LISTEN 1184/sshd tcp6 0 0 ::1:25 :::* LISTEN 2013/master udp 0 0 0.0.0.0:32525 0.0.0.0:* 737/dhclient udp 0 0 127.0.0.1:323 0.0.0.0:* 672/chronyd udp 0 0 0.0.0.0:68 0.0.0.0:* 737/dhclient udp6 0 0 ::1:323 :::* 672/chronyd udp6 0 0 :::14472 :::* 737/dhclient server03: Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1191/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1835/master tcp6 0 0 :::22 :::* LISTEN 1191/sshd tcp6 0 0 ::1:25 :::* LISTEN 1835/master udp 0 0 0.0.0.0:32525 0.0.0.0:* 729/dhclient udp 0 0 127.0.0.1:323 0.0.0.0:* 661/chronyd udp 0 0 0.0.0.0:68 0.0.0.0:* 729/dhclient udp6 0 0 ::1:323 :::* 661/chronyd udp6 0 0 :::14472 :::* 729/dhclient [root@localhost salt]#
(3)、cron模塊(實現被控主機的crontab操作)
## 為指定的被控主機、root用戶添加crontab信息
# salt '*' cron.set_job root '*/5' '*' '*' '*' '*' 'date >/dev/null 2>&1'
# salt '*' cron.raw_cron root
[root@localhost salt]# salt '*' cron.set_job root '*/60' '*' '*' '*' '*' '/usr/local/nginx/sbin/nginx -s reload >/dev/null 2>&1' server02: new server03: new [root@localhost salt]# [root@localhost salt]# salt '*' cmd.run 'crontab -l' server03: # Lines below here are managed by Salt, do not edit */60 * * * * /usr/local/nginx/sbin/nginx -s reload >/dev/null 2>&1 server02: # Lines below here are managed by Salt, do not edit */60 * * * * /usr/local/nginx/sbin/nginx -s reload >/dev/null 2>&1 [root@localhost salt]#
## 刪除指定的被控主機、root用戶的crontab信息
[root@localhost salt]# salt '*' cron.rm_job root '/usr/local/nginx/sbin/nginx -s reload >/dev/null 2>&1' server02: removed server03: removed [root@localhost salt]# salt '*' cmd.run 'crontab -l' server03: # Lines below here are managed by Salt, do not edit server02: # Lines below here are managed by Salt, do not edit [root@localhost salt]#
(4)、dnsutil模塊(實現被控主機通用DNS操作)
給被控制端添加指定的hosts配置項目,即host主機記錄
#salt '*' dnsutil.hosts_append /etc/hosts 192.168.112.140 server01
#salt '*' dnsutil.hosts_append /etc/hosts 192.168.112.141 server02
#salt '*' dnsutil.hosts_append /etc/hosts 192.168.112.142 server03
[root@localhost salt]# salt '*' dnsutil.hosts_append /etc/hosts 192.168.112.140 server01 server02: The following line was added to /etc/hosts: 192.168.112.140 server01 server03: The following line was added to /etc/hosts: 192.168.112.140 server01 [root@localhost salt]# salt '*' dnsutil.hosts_append /etc/hosts 192.168.112.141 server02 server03: The following line was added to /etc/hosts: 192.168.112.141 server02 server02: The following line was added to /etc/hosts: 192.168.112.141 server02 [root@localhost salt]# salt '*' dnsutil.hosts_append /etc/hosts 192.168.112.142 server03 server03: The following line was added to /etc/hosts: 192.168.112.142 server03 server02: The following line was added to /etc/hosts: 192.168.112.142 server03 [root@localhost salt]# salt '*' cmd.run 'grep 192.168.112.* /etc/hosts' server03: 192.168.112.140 server01 192.168.112.141 server02 192.168.112.142 server03 server02: 192.168.112.140 server01 192.168.112.141 server02 192.168.112.142 server03 [root@localhost salt]#
(5)、file模塊(被控主機文件常見操作,包括文件讀寫、權限、查找、校驗等)
# salt '*' file.get_sum /etc/hosts md5
# salt '*' file.stats /etc/hosts
[root@localhost salt]# salt '*' file.get_sum /etc/hosts md5 server03: 7895e4dd8df907aa29d026a75f2a035a server02: 7895e4dd8df907aa29d026a75f2a035a [root@localhost salt]# salt '*' file.stats /etc/hosts server02: ---------- atime: 1496299480.63 ctime: 1496299455.14 gid: 0 group: root inode: 67128992 mode: 0644 mtime: 1496299455.14 size: 234 target: /etc/hosts type: file uid: 0 user: root server03: ---------- atime: 1496299480.62 ctime: 1496299455.14 gid: 0 group: root inode: 67109270 mode: 0644 mtime: 1496299455.14 size: 234 target: /etc/hosts type: file uid: 0 user: root [root@localhost salt]#
(6)、network模塊(返回被控主機網絡信息)
# salt '*' network.ip_addrs
# salt '*' network.interfaces
[root@localhost salt]# salt '*' network.ip_addrs server03: - 192.168.112.142 server02: - 192.168.112.141 [root@localhost salt]# salt '*' network.interfaces server02: ---------- eth0: ---------- hwaddr: 00:0c:29:0b:28:95 inet: |_ ---------- address: 192.168.112.141 broadcast: 192.168.112.255 label: eth0 netmask: 255.255.255.0 inet6: |_ ---------- address: fe80::bf36:72fd:ae66:3183 prefixlen: 64 scope: link up: True lo: ---------- hwaddr: 00:00:00:00:00:00 inet: |_ ---------- address: 127.0.0.1 broadcast: None label: lo netmask: 255.0.0.0 inet6: |_ ---------- address: ::1 prefixlen: 128 scope: host up: True server03: ---------- eth0: ---------- hwaddr: 00:0c:29:63:9d:12 inet: |_ ---------- address: 192.168.112.142 broadcast: 192.168.112.255 label: eth0 netmask: 255.255.255.0 inet6: |_ ---------- address: fe80::7f27:a270:df5d:d68 prefixlen: 64 scope: link up: True lo: ---------- hwaddr: 00:00:00:00:00:00 inet: |_ ---------- address: 127.0.0.1 broadcast: None label: lo netmask: 255.0.0.0 inet6: |_ ---------- address: ::1 prefixlen: 128 scope: host up: True [root@localhost salt]#
(7)、pkg包管理模塊(被控主機程序包管理,如yum、apt-get等)
# salt '*' pkg.install httpd --->安裝Apache服務
# salt '*' pkg.file_list httpd---->查看Apache服務安裝的路徑及安裝的文件
[root@localhost ~]# salt '*' pkg.install httpd server03: ---------- httpd: ---------- new: 2.4.6-45.el7.centos.4 old: httpd-tools: ---------- new: 2.4.6-45.el7.centos.4 old: mailcap: ---------- new: 2.1.41-2.el7 old: server02: ---------- httpd: ---------- new: 2.4.6-45.el7.centos.4 old: httpd-tools: ---------- new: 2.4.6-45.el7.centos.4 old: mailcap: ---------- new: 2.1.41-2.el7 old: [root@localhost ~]#
(8)、service 服務模塊(被控主機程序包服務管理)
# salt '*' service.enable httpd
# salt '*' service.disable httpd
# salt '*' service.status httpd
# salt '*' service.stop httpd
# salt '*' service.start httpd
# salt '*' service.restart httpd
# salt '*' service.reload httpd
[root@localhost ~]# salt '*' service.enable httpd server02: True server03: True [root@localhost ~]# salt '*' service.disable httpd server02: True server03: True [root@localhost ~]# salt '*' service.status httpd server02: False server03: False [root@localhost ~]# salt '*' service.stop httpd server02: True server03: True [root@localhost ~]# salt '*' service.start httpd server03: True server02: True [root@localhost ~]# salt '*' service.reload httpd server03: True server02: True [root@localhost ~]# salt '*' cmd.run 'netstat -lnupt|grep httpd' server03: tcp6 0 0 :::80 :::* LISTEN 17294/httpd server02: tcp6 0 0 :::80 :::* LISTEN 3231/httpd [root@localhost ~]#
(9)、更多功能
更多的功能,比如:grains、pillar、states、modules、returner、runners、reactor等,還有如下高級命令的使用,以及模板配置的渲染、擴展模塊的二次開發等,可以自己去深入學習,未完,待續........
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。