SaltStack组件之return
使用mysql作为return存储方式
在所有minion上安装Mysql-python模块
[root@master ~]# salt '*' cmd.run 'rpm -qa|grep -i MYSQL |grep python'
minion:
python3-PyMySQL-0.10.1-2.module_el8.5.0+761+faacb0fb.noarch
部署一台mysql服务器用作存储服务器
[root@mysql ~]# yum -y install mariadb-server
[root@mysql ~]# systemctl start mariadb
[root@mysql ~]# systemctl enable mariadb
Created symlink /etc/systemd/system/mysql.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/mysqld.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.
[root@mysql ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 80 *:3306 *:*
创建数据库和表结构
[root@mysql ~]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE `salt`
-> DEFAULT CHARACTER SET utf8
-> DEFAULT COLLATE utf8_general_ci;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> USE `salt`;
Database changed
MariaDB [salt]> DROP TABLE IF EXISTS `jids`;
Query OK, 0 rows affected, 1 warning (0.001 sec)
MariaDB [salt]> CREATE TABLE `jids` (
-> `jid` varchar(255) NOT NULL,
-> `load` mediumtext NOT NULL,
-> UNIQUE KEY `jid` (`jid`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.007 sec)
MariaDB [salt]> DROP TABLE IF EXISTS `salt_returns`;
Query OK, 0 rows affected, 1 warning (0.001 sec)
MariaDB [salt]> CREATE TABLE `salt_returns` (
-> `fun` varchar(50) NOT NULL,
-> `jid` varchar(255) NOT NULL,
-> `return` mediumtext NOT NULL,
-> `id` varchar(255) NOT NULL,
-> `success` varchar(10) NOT NULL,
-> `full_ret` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> KEY `id` (`id`),
-> KEY `jid` (`jid`),
-> KEY `fun` (`fun`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.005 sec)
MariaDB [salt]> DROP TABLE IF EXISTS `salt_events`;
Query OK, 0 rows affected, 1 warning (0.001 sec)
MariaDB [salt]> CREATE TABLE `salt_events` (
-> `id` BIGINT NOT NULL AUTO_INCREMENT,
-> `tag` varchar(255) NOT NULL,
-> `data` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> `master_id` varchar(255) NOT NULL,
-> PRIMARY KEY (`id`),
-> KEY `tag` (`tag`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.004 sec)
MariaDB [salt]> show tables;
+----------------+
| Tables_in_salt |
+----------------+
| jids |
| salt_events |
| salt_returns |
+----------------+
3 rows in set (0.001 sec)
授权访问
MariaDB [salt]> grant all on salt.* to salt@'192.168.149.%' identified by 'salt';
Query OK, 0 rows affected (0.001 sec)
MariaDB [salt]> flush privileges;
Query OK, 0 rows affected (0.001 sec)
配置minion
[root@minion ~]# vim /etc/salt/minion
.....
mysql.host: '192.168.149.137' 此处ip为mysql的ip
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
......
[root@minion ~]# systemctl restart salt-minion
在Master上测试存储到mysql中
[root@master ~]# salt '*' test.ping --return mysql
minion:
True
在数据库中查询
MariaDB [salt]> select * from salt_returns\G
*************************** 1. row ***************************
fun: test.ping
jid: 20210708112240985083
return: true
id: minion
success: 1
full_ret: {"success": true, "return": true, "retcode": 0, "jid": "20210708112240985083", "fun": "test.ping", "fun_args": [], "id": "minion"}
alter_time: 2021-07-08 07:22:43
1 row in set (0.000 sec)
job cache
开启master端的master_job_cache
[root@master ~]# yum -y install python3-PyMySQL
[root@master ~]# vim /etc/salt/master
......此处省略......
master_job_cache: mysql
mysql.host: '192.168.149.137'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
......
[root@master ~]# systemctl restart salt-master
在数据库服务器中清空表内容
MariaDB [salt]> delete from salt.salt_returns;
Query OK, 1 row affected (0.002 sec)
MariaDB [salt]> select * from salt.salt_returns;
Empty set (0.000 sec)
在master上再次测试能否存储至数据库
[root@master ~]# salt 'minion' cmd.run 'df -h'
minion:
Filesystem Size Used Avail Use% Mounted on
devtmpfs 876M 0 876M 0% /dev
tmpfs 895M 80K 895M 1% /dev/shm
tmpfs 895M 8.8M 887M 1% /run
tmpfs 895M 0 895M 0% /sys/fs/cgroup
/dev/mapper/cs-root 17G 2.1G 15G 13% /
/dev/nvme0n1p1 1014M 197M 818M 20% /boot
tmpfs 179M 0 179M 0% /run/user/0
在数据库中查询
MariaDB [salt]> select * from salt.salt_returns\G
*************************** 1. row ***************************
fun: cmd.run
jid: 20210708122008769697
return: "Filesystem Size Used Avail Use% Mounted on\ndevtmpfs 876M 0 876M 0% /dev\ntmpfs 895M 40K 895M 1% /dev/shm\ntmpfs 895M 8.8M 887M 1% /run\ntmpfs 895M 0 895M 0% /sys/fs/cgroup\n/dev/mapper/cs-root 17G 2.1G 15G 13% /\n/dev/nvme0n1p1 1014M 197M 818M 20% /boot\ntmpfs 179M 0 179M 0% /run/user/0"
id: minion
success: 1
full_ret: {"cmd": "_return", "id": "minion", "success": true, "return": "Filesystem Size Used Avail Use% Mounted on\ndevtmpfs 876M 0 876M 0% /dev\ntmpfs 895M 40K 895M 1% /dev/shm\ntmpfs 895M 8.8M 887M 1% /run\ntmpfs 895M 0 895M 0% /sys/fs/cgroup\n/dev/mapper/cs-root 17G 2.1G 15G 13% /\n/dev/nvme0n1p1 1014M 197M 818M 20% /boot\ntmpfs 179M 0 179M 0% /run/user/0", "retcode": 0, "jid": "20210708122008769697", "fun": "cmd.run", "fun_args": ["df -h"], "_stamp": "2021-07-08T12:20:08.898521"}
alter_time: 2021-07-08 08:20:08
1 row in set (0.000 sec)
job管理
获取任务的jid
[root@master ~]# salt 'minion' cmd.run 'uptime' -v
Executing job with jid 20210708122033489726
-------------------------------------------
minion:
08:20:33 up 1:17, 2 users, load average: 0.00, 0.08, 0.16
通过jid获取此任务的返回结果
[root@master ~]# salt-run jobs.lookup_jid 20210708122033489726
minion:
08:20:33 up 1:17, 2 users, load average: 0.00, 0.08, 0.16
SaltStack之salt-ssh
salt-ssh管理
在 master 上安装 salt-ssh
[root@master ~]# yum -y install salt-ssh
目标机器上安装python3
[root@mysql ~]# yum -y install python3
通过使用用户名密码的SSH实现远程管理
修改配置文件,添加受控机信息
[root@master ~]# vim /etc/salt/roster
......
mariadb_host:
host: 192.168.149.137
user: root
passwd: 1
测试连通性
- 第一次访问时需要输入 yes/no ,但是 saltstack 是不支持交互式操作的,所以为了解决这个问题,我们需要对其进行设置,让系统不进行主机验证。
[root@master ~]# vim ~/.ssh/config
StrictHostKeyChecking no
[root@master ~]# salt-ssh '*' test.ping
mariadb_host:
True
执行状态命令,初始化系统,安装salt-minion
[root@master ~]# mkdir -p /srv/salt/base/{repo,files}
[root@master ~]# \cp /etc/yum.repos.d/salt.repo /srv/salt/base/repo/salt.repo
[root@master ~]# cp /etc/salt/minion /srv/salt/base/files/
[root@master ~]# vim /srv/salt/base/repo.sls
salt-repo:
file.managed:
- name: /etc/yum.repos.d/salt.repo
- source: salt://repo/salt.repo
- user: root
- group: root
- mode: 644
[root@master ~]# vim /srv/salt/base/minion.sls
salt-minion-install:
pkg.installed:
- name: salt-minion
salt-minion-conf:
file.managed:
- name: /etc/salt/minion
- source: salt://files/minion
- user: root
- group: root
- mode: 644
- template: jinja
- default:
ID: {{ grains['ipv4'] [1] }}
- require:
- pkg: salt-minion-install
salt-minion-service:
service.running:
- name: salt-minion
- enable: True
- start: True
- watch:
- file: /etc/salt/minion
[root@master ~]# salt-ssh '*' state.sls repo
mariadb_host:
----------
ID: salt-repo
Function: file.managed
Name: /etc/yum.repos.d/sal.repo
Result: True
Comment: File /etc/yum.repos.d/sal.repo updated
Started: 09:19:06.836369
Duration: 94.254 ms
Changes:
----------
diff:
New file
mode:
0644
Summary for mariadb_host
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
Total run time: 94.254 ms
[root@master ~]# salt-ssh '*' state.sls minion
mariadb_host:
----------
ID: salt-minion-install
Function: pkg.installed
Name: salt-minion
Result: True
Comment: The following packages were installed/updated: salt-minion
Started: 09:22:07.706076
Duration: 135202.071 ms
Changes:
----------
此处省略......
[root@master ~]# salt-ssh '*' cmd.run 'systemctl restart salt-minion'
mariadb_host:
[root@master ~]# salt-key -L
Accepted Keys:
master
minion
minion1
Denied Keys:
Unaccepted Keys:
mysql 可以看到这里多了一个还未被添加的minion
Rejected Keys:
[root@master ~]# salt-key -a mysql
The following keys are going to be accepted:
Unaccepted Keys:
mysql
Proceed? [n/Y] y
Key for minion mysql accepted.
[root@master ~]# salt-key -L
Accepted Keys:
master
minion
minion1
mysql
Denied Keys:
Unaccepted Keys:
Rejected Keys
[root@mysql ~]# systemctl status salt-minion
● salt-minion.service - The Salt Minion
Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; enabled; vendor preset: disabled)
Active: active (running) since Thu 2021-07-08 09:27:31 EDT; 29s ago
Docs: man:salt-minion(1)
file:///usr/share/doc/salt/html/contents.html
https://docs.saltstack.com/en/latest/contents.html
Main PID: 268860 (salt-minion)