Architect growth path 5.2-Saltstack remote execution

Click architect growth path

Architect growth path 5.2-Saltstack remote execution

Configuration management tools:

• Pupper :.. 1 using ruby programming language; 2 installation environment is relatively complex; 3 does not support remote execution tool configuration can require FUNC.
• Ansible .: 1 using python programming language; 2 acquired by Red Hat; 3 lightweight; 4, the work does not have the ability to block the deployment of batch-based, real-Volume Deployment module ansible is running....
• Saltstack : using python programming language, while providing a convenient Rest API secondary development and integration with other platforms (the highest corporate usage)

Saltstack three basic functions:

• Remote execution Remote execution: simultaneously execute commands in a batch of hundreds of thousands of machines
• Configuration management Configuration management: management state (a condition described, but this is difficult to roll back state)
• Event-Driven infrastucture event-driven infrastructure: the listener object state change event capture event generates automatic scheduling, self-healing
• Salt cloud  cloud management: can manage almost all public and private clouds

Saltstack operates in four ways:

• local: a local self-running
• Minion / Master: is the C / S model
• Syndic management proxy component (as will be appreciated zabbix proxy mode)
• Salt SSH: do not install the agent, also gather information through SSH

The concept of remote execution 1. Saltstack

Remote execution is one of the core functions of Saltstack. Salt module is mainly used to batch selected minion then execute the command, and returns the result obtained.

Example 1: The above example of the "judgment of Salt minion is alive?"

Salt: is a command comes saltstack 
*: indicates the target host, here represented all target hosts 
test.ping:test saltstack in a module, ping a method of this module is a following

Example: 2: saltstack using a remote module execute shell commands cmd.run

The syntax of the command structure 2.Salt

salt '<target>' <function> [arguments]

Target host target matching method:

• And minionID-related uses, wildcards, lists, and regular;
• MinionID with independent use, IP, composite, packet, Grains, Pillar

Remote perform common module ( click on a list of all modules ):

• test module: for testing
• user modules: a user management
• cmd module: used to execute arbitrary shell commands
• pkg modules: management software package
• file module: used to configure
• service module: for Service Management

3.Salt command of the target host target matching method

3.1 wildcard matching

[root @ Saltstack01 /] # salt '*' test.ping 
[root @ Saltstack01 /] # salt 'Saltstack02' test.ping 
[root @ Saltstack01 /] # salt '* 02' test.ping 
[root @ Saltstack01 /] # salt 'Saltstack0 [1 | 2]' test.ping 
[root @ Saltstack01 /] # salt 'Saltstack0 [1 | 2]' test.ping 
[root @ Saltstack01 /] # salt 'Saltstack0?' test.ping

3.2 A list of matching

[Root @ Saltstack01 /] # salt -L 'Saltstack01, Saltstack02' test.ping

3.3 regular match 

[root@Saltstack01 /]# salt -E '^Salt' test.ping
[root@Saltstack01 /]# salt -E '^Salt.*2' test.ping

3.4 IP match 

[root@Saltstack01 /]# salt -S '172.18.20.227' test.ping
[root@Saltstack01 /]# salt -S '172.18.20.0/24' test.ping　

3.5 Composite match 

[root@Saltstack01 /]# salt -C 'G@os:Centos and [email protected]' test.ping

3.6 分组匹配 

[root@Saltstack01 /]# vim /etc/salt/master
nodegroups:
  webserver: 'Saltstack01,Saltstack02'
  dbserver: 'Saltstack03'
[root@Saltstack01 /]# systemctl restart salt-master
[root@Saltstack01 /]# salt -N 'webserver' test.ping
[root@Saltstack01 /]# salt -N 'dbserver' test.ping

3.7 Grains匹配　　

[root@Saltstack01 /]# salt -G 'os:Centos' test.ping
[root@Saltstack01 /]# salt -G 'localhost:Saltstack02' test.ping

4.Salt命令的远程执行常用模块

4.1 test模块 

功能：用于测试。

[root@Saltstack01 /]# salt '*' test.ping

4.2 user模块 

功能：详见官方。

salt '*' user.add name <uid> <gid> <groups> <home> <shell>

4.3 cmd模块 

功能：实现远程的命令行调用执行，可以使用shell所有命令（默认具备root操作权限，使用时需评估风险）

4.4 pkg模块 

功能：软件包状态管理，会根据操作系统不同，选择对应的安装方式（如CentOS系统默认使用yum，Debian系统默认使用apt-get）

[root@Saltstack01 /]# salt '*' pkg.install "vsftpd"   #安装

[root@Saltstack01 /]# salt '*' pkg.remove "vsftpd"  #卸载

[root@Saltstack01 /]# salt '*' pkg.latest_version "vsftpd"  #安装最新版本

[root@Saltstack01 /]# salt '*' pkg.upgrade "vsftpd"   #更新软件包

[root@Saltstack01 /]# salt '*' pkg  #查看帮助手册

表上表示已安装程序包。

4.5 file模块 　　

功能：被控主机常见的文件操作，包括文件读写、权限、查找、校验。

#校验所有minion主机文件的加密信息，支持md5、sha1、sha224、shs256、sha384、sha512加密算法
[root@Saltstack01 /]# salt '*' file.get_sum /etc/passwd md5

#修改所有minion主机/etc/passwd文件的属组、用户权限、等价于chown root:root /etc/passwd
[root@Saltstack01 /]]# salt '*' file.chown /etc/passwd root root

#获取所有minion主机/etc/passwd的stats信息
[root@Saltstack01 /]]# salt '*' file.stats /etc/passwd

#获取所有minion主机/etc/passwd的权限mode,如755,644
[root@Saltstack01 /]]# salt '*' file.get_mode /etc/passwd

#修改所有minion主机/etc/passwd的权限mode为0644
[root@Saltstack01 /]]# salt '*' file.set_mode /etc/passwd 0644

#在所有minion主机创建/opt/test目录
[root@Saltstack01 /]]# salt '*' file.mkdir /opt/test

#在所有minion主机穿件/tmp/test.conf文件
[root@Saltstack01 /]]# salt '*' file.touch /tmp/test.conf

#将所有minion主机/tmp/test.conf文件追加内容'maxclient 100'
[root@Saltstack01 /]]# salt '*' file.append /tmp/test.conf 'maxclient 100'

#删除所有minion主机的/tmp/test.conf文件
[root@Saltstack01 /]]# salt '*' file.remove /tmp/test.conf

4.6 service模块 　　

功能：被控主机程序包服务管理.

#开启（enable）禁用（disable）
salt '*' service.enable <service name>
salt '*' service.disabled <service name>

#reload、restart、start、stop、status操作
salt '*' service.reload <service name>
salt '*' service.restart <service name>
salt '*' service.start <service name>
salt '*' service.stop <service name>
salt '*' service.status <service name>

......