概述
######1、实验环境
- Server1 172.25.29.1 salt-master salt-minion rhel6.5
- Server2 172.25.29.2 salt-minion rhel6.5
- Server3 172.25.29.3 salt-minion rhel6.5
- Server4 172.25.29.4 salt-syndic rhel6.5
######2、salt返回值存入数据库
######(1)方式1:Minion侧运行Returner
#########server2:
[root@server2 salt]# pwd
/etc/salt
[root@server2 salt]# yum install MySQL-python -y
[root@server2 salt]# vim minion
815 mysql.host: '172.25.29.1'
816 mysql.user: 'salt'
817 mysql.pass: 'westos'
818 mysql.db: 'salt'
819 mysql.port: 3306
[root@server2 salt]# /etc/init.d/salt-minion restart
#########server1:
[root@server1 ~]# yum install mysql-server -y
[root@server1 ~]# mysql
mysql> grant all on salt.* to salt@'172.25.29.%' identified by 'westos'; //授权
[root@server1 ~]# cat test.sql
CREATE DATABASE `salt`
DEFAULT CHARACTER SET utf8
DEFAULT COLLATE utf8_general_ci;
USE `salt`;
--
-- Table structure for table `jids`
--
DROP TABLE IF EXISTS `jids`;
CREATE TABLE `jids` (
`jid` varchar(255) NOT NULL,
`load` mediumtext NOT NULL,
UNIQUE KEY `jid` (`jid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- CREATE INDEX jid ON jids(jid) USING BTREE;
--
-- Table structure for table `salt_returns`
--
DROP TABLE IF EXISTS `salt_returns`;
CREATE TABLE `salt_returns` (
`fun` varchar(50) NOT NULL,
`jid` varchar(255) NOT NULL,
`return` mediumtext NOT NULL,
`id` varchar(255) NOT NULL,
`success` varchar(10) NOT NULL,
`full_ret` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
KEY `id` (`id`),
KEY `jid` (`jid`),
KEY `fun` (`fun`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
--
-- Table structure for table `salt_events`
--
DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
[root@server1 ~]# mysql < test.sql
[root@server1 ~]# salt 'server2' test.ping --return mysql //测试
[root@server1 ~]# mysql
mysql> use salt;
mysql> select * from salt_returns; //查看数据是否存入
######(2)方式2:Master侧运行Returner
[root@server1 salt]# yum install MySQL-python -y //下载模块
[root@server1 salt]# vim master
1059 master_job_cache: mysql
1060 mysql.host: 'localhost'
1061 mysql.user: 'salt'
1062 mysql.pass: 'westos'
1063 mysql.db: 'salt'
1064 mysql.port: 3306
[root@server1 salt]# /etc/init.d/salt-master restart
[root@server1 salt]# mysql
mysql> grant all on salt.* to salt@localhost identified by 'westos';
mysql> flush privileges;
[root@server1 salt]# salt server3 cmd.run 'df -h' //测试
[root@server1 salt]# mysql -u salt -p
mysql> use salt;
mysql> select * from salt_returns;
######3、自定义模块
[root@server1 salt]# cd /srv/salt/
[root@server1 salt]# mkdir _modules
[root@server1 salt]# cd _modules/
[root@server1 _modules]# vim my_disk.py
#!/usr/bin/env python
def df():
return __salt__['cmd.run']('df -h')
[root@server1 _modules]# salt '*' saltutil.sync_modules
[root@server1 _modules]# salt '*' my_disk.df
######4、salt-syndic顶级master
#########server1:
[root@server1 salt]# salt-key -L
[root@server1 salt]# yum install salt-syndic -y
[root@server1 salt]# vim master
858 syndic_master: 172.25.29.4 //server4为其顶级master
[root@server1 salt]# /etc/init.d/salt-master restart
[root@server1 salt]# /etc/init.d/salt-syndic start
#########server4:
[root@server4 salt]# yum install salt-master
[root@server4 salt]# vim master
857 order_masters: True
[root@server4 salt]# /etc/init.d/salt-master start
[root@server4 salt]# salt-key -L
[root@server4 salt]# salt-key -A //与server1交换公钥
[root@server4 salt]# salt-key -L
[root@server4 salt]# salt '*' test.ping //可测试到server1的minion
######5、salt-ssh
[root@server1 salt]# vim master
1059 # master_job_cache: mysql
[root@server1 salt]# /etc/init.d/salt-master restart
[root@server1 salt]# yum install salt-ssh
[root@server1 salt]# vim /etc/salt/roster
server3:
host: 172.25.29.3
user: root
passwd: westos
[root@server1 salt]# salt-ssh 'server3' test.ping -i
[root@server1 _modules]# salt-ssh 'server3' my_disk.df
######6、api认证
[root@server1 salt]# yum install salt-api -y
[root@server1 salt]# /etc/init.d/salt-api start
[root@server1 salt]# cd /etc/pki/tls/private
[root@server1 private]# openssl genrsa 1024 > localhost.key
[root@server1 private]# ls
localhost.key
[root@server1 private]# cd ..
[root@server1 tls]# ls
cert.pem certs misc openssl.cnf private
[root@server1 tls]# cd certs
[root@server1 certs]# ls
ca-bundle.crt cert.pem Makefile
ca-bundle.trust.crt make-dummy-cert renew-dummy-cert
[root@server1 certs]# make testcert
[root@server1 certs]# cd /etc/salt/master.d
[root@server1 master.d]# vim api.conf
rest_cherrypy:
port: 8000
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/private/localhost.key
[root@server1 master.d]# vim auth.conf
external_auth:
pam:
saltapi:
- '.*'
- '@wheel'
- '@runner'
- '@jobs'
[root@server1 salt]# useradd saltapi
[root@server1 salt]# passwd saltapi
[root@server1 master.d]# /etc/init.d/salt-api restart
[root@server1 master.d]# /etc/init.d/salt-master restart
[root@server1 master.d]# netstat -antlp |grep 8000
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 24845/salt-api -d
[root@server1 salt]# curl -sSk https://localhost:8000/login
> -H 'Accept: application/x-yaml'
> -d username=saltapi
> -d password=777
> -d eauth=pam
[root@server1 master.d]# curl -sSk https://localhost:8000
> -H 'Accept: application/x-yaml'
> -H 'X-Auth-Token: 58cd29ec17c39f021dcf2bcbb32bbb2f928744bf'
> -d client=local
> -d tgt='*'
> -d fun=test.ping
最后
以上就是秀丽口红为你收集整理的saltstack返回值+数据库、salt-syndic、 api认证的全部内容,希望文章能够帮你解决saltstack返回值+数据库、salt-syndic、 api认证所遇到的程序开发问题。
如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。
本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
发表评论 取消回复