1. 技术文章
  2. saltstack 实践

saltstack 实践

与世无争的帅哥 提交于 2020-08-10 10:12:05 
salt 多master搭建及salt-api调用

环境:
OS:CentOS6.7
Python3.6 + pip
Saltstack 3001
Master: 
A c61 192.168.122.201
C c63 192.168.122.203
Slave:
B c62 192.168.122.202
D c64 192.168.122.204

安装软件:
pip install salt cherrypy

一、	salt多master实践
A/C: salt-master
B/D: 
  /etc/salt/minion
    master:
      - c61
      - c63
id: 192.168.122.202 (B)
id: 192.168.122.204 (D)
     启动 salt-minion
   A/C: salt-key -A (接受B/D加入)
   完成搭建
1.系统yum安装的saltstack 2015.5.11版本,搭建多master不成功
2.当前单master的minion节点,修改配置后,需要重启salt-minion服务,新master做好信任

二、	salt-api搭建
  $ salt-call --local tls.create_self_signed_cert
  /etc/salt/master
default_include: master.d/*.conf
  /etc/salt/master.d/api.conf
      rest_cherrypy:
        host: 192.168.122.201
        port: 8000
        ssl_crt: /etc/pki/tls/certs/localhost.crt
        ssl_key: /etc/pki/tls/certs/localhost.key
  $ useradd -M -s /sbin/nologin saltapi
  $ echo 'saltapi' | passwd --stdin saltapi
  /etc/salt/master.d/auth.conf
    external_auth:
      pam:
      saltapi:
        - .*
        - '@wheel'
        - '@runner'
  # 启动服务
$ salt-api  

三、	脚本
【Bash版本】
登录:
curl -sSk https://192.168.122.201:8000/login \
     -H 'Accept: application/json' \
     -d username=saltapi \
     -d password=saltapi \
     -d eauth=pam

异步PING测试:(同步参数 -d client=local)
curl -sSk https://192.168.122.201:8000 \
     -H 'Accept: application/json' \
     -H 'X-Auth-Token: 8289f2f3370f306d68a6d3155bf4c5490a28c59a'\
     -d client=local_async \
     -d tgt='*' \
     -d fun=test.ping \

查询jid结果:
curl -sSk https://192.168.122.201:8000/jobs/20200805085552509605 \
     -H 'Accept: application/json' \
     -H 'X-Auth-Token: 8289f2f3370f306d68a6d3155bf4c5490a28c59a'

远程执行:
curl -sSk https://192.168.122.201:8000 \
     -H 'Accept: application/json' \
     -H 'X-Auth-Token: 8289f2f3370f306d68a6d3155bf4c5490a28c59a'\
     -d client=local_async \
     -d tgt='*' \
     -d fun='cmd.run' -d arg=' tail -n 50 /var/log/anaconda.log'




【Python版本】
登录:(获取token)
import requests
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)

headers = {"Accept": "application/json"}
data = {
         "username": "saltapi",
         "password": "saltapi",
         "eauth": "pam",
       }
res = requests.post('https://192.168.122.201:8000/login', headers=headers, data=data, verify=False)
print(res.json())


远程执行:(获取jid)
import requests
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
headers = {"Accept": "application/json",
           "X-Auth-Token": "8289f2f3370f306d68a6d3155bf4c5490a28c59a"
            }
data = {
         "client": "local_async",
         "tgt": "*",
         "fun": "cmd.run",
         "arg": "tail -n 50 /var/log/anaconda.log",
         }
res = requests.post('https://192.168.122.201:8000', headers=headers, data=data, verify=False)
print(res.json())

远程执行II:(获取jid)
import requests
import json
from urllib3.exceptions import InsecureRequestWarning
import ssl
import urllib
from urllib import parse
from urllib import request
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
headers = {"Accept": "application/json",
             "X-Auth-Token": "8289f2f3370f306d68a6d3155bf4c5490a28c59a"
            }
xx = [("client", "local_async"), ("tgt", "*"), ("fun", "cmd.run"),  ("arg", "tail -n 50 /var/log/anaconda.log"), ("arg", "")]
obj = parse.urlencode(xx).encode(encoding='UTF8')
req = request.Request('https://192.168.122.201:8000', obj, headers)
context = ssl._create_unverified_context()
opener = urllib.request.urlopen(req, context=context)
content = json.loads(opener.read())
print(content)


查询jid结果:
import requests
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning)
headers = {"Accept": "application/json",
             "X-Auth-Token": "8289f2f3370f306d68a6d3155bf4c5490a28c59a"
            }
jid = "20200805095421530444"
res = requests.get('https://192.168.122.201:8000/jobs/' + jid, headers=headers, verify=False)
print(res.json())
标签
urllib3
jid
curl
Minion
Anaconda
pam
cherrypy
python
OpENer
pip
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!