a. Target b. Perform module c. After returning
Object execution module returns the format: command execution module object execution module parameters Sample: salt '*' cmd.run 'free -m'
1. saltstack remote execution -> Target
执行目标doc:https://docs.saltstack.com/en/latest/topics/targeting/index.html#advanced-targeting-methods
1.1) and Minion ID associated target matching method
MinionID匹配
[root@slave1 ~]# salt 'slave1' service.status httpd
slave1:
False
通配符* ? [1-2]等匹配
[root@slave1 ~]# salt '*' service.status sshd
slave1:
True
slave2:
True
[root@slave1 ~]# salt 'slave?' service.status sshd
slave1:
True
slave2:
True
[root@slave1 ~]# salt 'slave[1-2]' service.status sshd
slave2:
True
slave1:
True
A list of matching
[Slave1 the root @ ~] -L # Salt 'Slave1, slave2' test.ping
Slave1:
True
slave2:
True
Match Regular
[Slave1 the root @ ~] # Salt -E 'Slave (. 1 | 2)' test.ping
slave2:
True
Slave1:
True
1.2) and independent matching Minion
Match List:
[Slave1 the root @ ~] -L # Salt 'Slave1, slave2' test.ping
Slave1:
True
slave2:
True
Grains matching
[Slave1 the root @ ~] # Salt -G 'OS: the CentOS' test.ping
slave2:
True
Slave1:
True
subnet address match ip
[root @ Slave1 ~] # Salt -S '10 .0.0.0 / 24 'test.ping
Slave1:
True
slave2:
True
Pillar match
#key: value, defined in advance Pillar system
[root @ ~ Slave1] # Salt -I 'Apache: the httpd' test.ping
Slave1:
True
slave2:
True
1.3) Node Groups match
# Nodegroups defined in the master configuration file
[root @ slave1 ~] # Vim / etc / Salt / master
nodegroups:
Slave-Group: 'L @ Slave1, slave2' Note that two blank spaces #
[root @ slave1 ~] # -N-Slave Group test.ping Salt
slave2:
True
Slave1:
True
1.4) batch execution -Batch size
# 1 before execution before completion of execution of one stage, in proportion to execute
[Slave1 the root @ ~] # Salt '*' 1 -b test.ping
Executing RUN ON [ 'slave2']
retcode:
0
slave2:
True
Executing RUN ON [ 'Slave1']
retcode:
0
Slave1:
True
# perform matching scale, like at the time of restart the server, in order not to affect the service to be restarted first part, and then restart the back portion
[root @ slave1 ~] # salt -G 'os: the CentOS '--batch-size 50% test.ping
Executing RUN ON [' slave2 ']
retcode:
0
slave2:
True
Executing RUN ON [' Slave1 ']
retcode:
0
Slave1:
True
1.5) to mix and match, used much.
2.saltstack Remote Execution -> execution module
The execution module DOC : https://docs.saltstack.com/en/latest/ref/modules/all/index.html#all-salt-modules
#测试主机能否连接外网:
[root@slave1 ~]# salt '*' network.connect www.baidu.com 80
slave1:
----------
comment:
Successfully connected to www.baidu.com (111.13.100.91) on tcp port 80
result:
True
slave2:
----------
comment:
Successfully connected to www.baidu.com (111.13.100.92) on tcp port 80
result:
True
#域名解析:
[root@slave1 ~]# salt '*' network.dig baidu.com
slave1:
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> baidu.co
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3009
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0005 , udp: 4096
;; QUESTION SECTION:
;baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 5 IN A 123.125.115.110
baidu.com. 5 IN A 220.181.57.216
;; Query time: 22 msec
;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Sat Nov 17 17:37:52 CST 2018
;; MSG SIZE rcvd: 70
slave2:
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> baidu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5375
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0005 , udp: 4096
;; QUESTION SECTION:
;baidu.com. IN A
;; ANSWER SECTION:
baidu.com. 5 IN A 220.181.57.216
baidu.com. 5 IN A 123.125.115.110
;; Query time: 23 msec
;; SERVER: 10.0.0.2#53(10.0.0.2)
;; WHEN: Sat Nov 17 17:37:52 CST 2018
;; MSG SIZE rcvd: 70
# 复制文件:salt-cp :
[root@slave1 ~]# salt '*' cmd.run 'mkdir /tmp/syk'
slave2:
slave1:
[root@slave1 ~]# salt-cp '*' /etc/hosts /tmp/syk/
{'slave1': {'/tmp/syk/hosts': True}, 'slave2': {'/tmp/syk/hosts': True}}
[root@slave1 ~]#
[root@slave1 ~]#
[root@slave1 ~]# salt '*' cmd.run 'ls /tmp/syk'
slave2:
hosts
slave1:
hosts
3.saltstack remote execution -> return module
Return module DOC: https://docs.saltstack.com/en/latest/ref/returners/index.html
Return components of the system can be understood as SaltStack Minion performing data stored or returned back to the other, which supports a variety of storage,
Such as MySQL, Redis, ELK, zabbix, we can be recorded by each operation SaltStack Return, for later audit log provides data sources. Return is triggered at the end of the Master task, then Minion accept the processing tasks to establish direct links with the Return storage server, then the data stored in the server.
Here we are with the results returned mysql example:
minion directly to the command execution result is written to MySQL
Dependencies: MySQL-python
1) SATL.RETURNERS.MYSQL (minion return MySQL)
All you need to install a minion-Python the MySQL
[Slave1 the root @ ~] # Salt '*' # pkg.install using the MySQL-Python pkg-Python module mounting the MySQL
Slave1:
----------
the MySQL-Python:
- ---------
new new:
1.2.5-1.el7
Old:
slave2:
----------
the MySQL-Python:
----------
new new:
1.2. 5-1.el7
Old:
2. installation mariadb database
[root @ slave1 ~] # yum install -y mariadb-Server
3. create a salt repository, create jid, salt_returns, salt_events table, authorize
[root @ slave1 ~] # systemctl start mariadb.service
[Slave1 the root @ ~] # MySQL
MariaDB [(none)]> the CREATE DATABASE `salt`
-> the DEFAULT the CHARACTER the SET UTF8
-> DEFAULT COLLATE utf8_general_ci;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> USE `salt`;
MariaDB [salt]> CREATE TABLE `jids` (
-> `jid` varchar(255) NOT NULL,
-> `load` mediumtext NOT NULL,
-> UNIQUE KEY `jid` (`jid`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.01 sec)
REATE TABLE `salt_returns` (
-> `fun` varchar(50) NOT NULL,
-> `jid` varchar(255) NOT NULL,
-> `return` mediumtext NOT NULL,
-> `id` varchar(255) NOT NULL,
-> `success` varchar(10) NOT NULL,
-> `full_ret` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> KEY `id` (`id`),
-> KEY `jid` (`jid`),
-> KEY `fun` (`fun`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.01 sec)
MariaDB [salt]> CREATE TABLE `salt_events` (
-> `id` BIGINT NOT NULL AUTO_INCREMENT,
-> `tag` varchar(255) NOT NULL,
-> `data` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> `master_id` varchar(255) NOT NULL,
-> PRIMARY KEY (`id`),
-> KEY `tag` (`tag`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.00 sec)
MariaDB [salt]> show tables;
+----------------+
| Tables_in_salt |
+ ---------------- +
| JIDs |
| salt_events |
| salt_returns |
+ ---------------- +
3 rows in the SET ( sec 0.00)
MariaDB [Salt]> * Grant All ON Salt to Salt @ '%' IDENTIFIED by 'Salt';.
Query the OK, 0 rows affected (0.00 sec)
4. modify salt-minion, link configuration MySQL
[root @ slave2 ~] # Vim / etc / Salt / Minion
###### ###### Returner Settings
########################## ##################
# Which Returner (S) Used for Will BE Minion apos Result:
#return: MySQL
mysql.host: '10 .0.0.211 '
the mysql.user:' Salt '
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[root @ slave2 ~] # systemctl restart Salt-minion.service
# Clear slave1 user, or on the back of an impact test
MariaDB [(none)]> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| salt | % |
| root | 127.0.0.1 |
| root | ::1 |
| | localhost |
| root | localhost |
| | slave1 |
| root | slave1 |
+------+-----------+
MariaDB [(none)]> drop user "root"@"slave1";
MariaDB [(none)]> drop user ""@"slave1";
MariaDB [(none)]> flush privileges;
[root@slave1 salt]# vim /etc/salt/minion
###### Returner settings ######
############################################
# Which returner(s) will be used for minion's result:
#return: mysql
mysql.host: '10.0.0.211'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[root@slave1 salt]# systemctl restart salt-minion.service
#测试
[root@slave1 salt]# salt '*' test.ping --return mysql
slave1:
True
slave2:
True
MariaDB [salt]> select * from salt_returns\G;
*************************** 1. row ***************************
fun: test.ping
jid: 20181118004551491520
return: true
id: slave1
success: 1
full_ret: {"fun_args": [], "jid": "20181118004551491520", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "slave1"}
alter_time: 2018-11-18 00:45:51
*************************** 2. row ***************************
fun: test.ping
jid: 20181118004551491520
return: true
id: slave2
success: 1
full_ret: {"fun_args": [], "jid": "20181118004551491520", "return": true, "retcode": 0, "success": true, "fun": "test.ping", "id": "slave2"}
alter_time: 2018-11-18 00:45:51
2 rows in set (0.00 sec)
2) Using a salt of job_cache mechanism MySQL (common methods write command)
All commands are executed here write mysql, do not use return, the write cache in mysql
here minion no longer need to connect mysql, you can directly modify the master.
root@slave1 salt]# vim /etc/salt/master
##### Returner settings ######
############################################
# Which returner(s) will be used for minion's result:
#return: mysql
master_job_cache: mysql
mysql.host: '10.0.0.211'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
[root@slave1 salt]# systemctl restart salt-master.service
#测试
[root@slave1 salt]# salt '*' cmd.run 'date'
slave2:
Sun Nov 18 00:55:45 CST 2018
slave1:
Sun Nov 18 00:55:44 CST 2018
[root@slave1 salt]# mysql -e "select * from salt.salt_returns\G;"
*************************** 1. row ***************************
fun: cmd.run
jid: 20181118005544806629
return: "Sun Nov 18 00:55:45 CST 2018"
id: slave2
success: 1
full_ret: {"fun_args": ["date"], "jid": "20181118005544806629", "return": "Sun Nov 18 00:55:45 CST 2018", "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2018-11-17T16:55:44.847235", "fun": "cmd.run", "id": "slave2"}
alter_time: 2018-11-18 00:55:44
*************************** 2. row ***************************
fun: cmd.run
jid: 20181118005544806629
return: "Sun Nov 18 00:55:44 CST 2018"
id: slave1
success: 1
full_ret: {"fun_args": ["date"], "jid": "20181118005544806629", "return": "Sun Nov 18 00:55:44 CST 2018", "retcode": 0, "success": true, "cmd": "_return", "_stamp": "2018-11-17T16:55:44.895262", "fun": "cmd.run", "id": "slave1"}
alter_time: 2018-11-18 00:55:44
# with the -v parameter can be seen jid, and you can view the results by running jid
[root @ slave1 Salt] # Salt '*' cmd.run 'Uptime' -v
jid 20181118005727674446 with the Job Executing
-------------------------------------------
slave2:
7:33 up 00:57:28, User. 1, Load Average: 0.00, 0.01, 0.05
Slave1:
00:57:27 up 1:08, 2 Users, Load Average: 0.09, 0.23, 0.20
[@ Slave1 the root Salt] Salt-jobs.lookup_jid 20181118005727674446 RUN #
slave1:
00:57:27 up 1:08, 2 Users, Load Average: 0.09, 0.23, 0.20
slave2:
00:57:28 up 7:33, User. 1, Load Average: 0.00, 0.01 , 0.05