本文共 8481 字,大约阅读时间需要 28 分钟。
# salt --version
salt 2015.5.8 (Lithium)
[root@localhost salt]# salt --version-reportUsage: salt [options] '<target>' <function> [arguments]salt: error: no such option: --version-report
# salt --versions-report
Salt: 2015.5.8Python: 2.6.6 (r266:84292, Jul 23 2015, 15:22:56)
Jinja2: unknownM2Crypto: 0.20.2msgpack-python: 0.4.6msgpack-pure: Not Installedpycrypto: 2.0.1libnacl: Not InstalledPyYAML: 3.10ioflo: Not InstalledPyZMQ: 14.3.1RAET: Not InstalledZMQ: 3.2.5Mako: 0.3.4Tornado: Not Installedtimelib: Not Installeddateutil: Not Installed
# salt-key –L
Accepted Keys:
192.168.10.110192.168.43.218Denied Keys:Unaccepted Keys:192.168.10.110Rejected Keys:
# salt-key –a id
# salt-key -a 192.168.10.110The following keys are going to be accepted:
Unaccepted Keys:192.168.10.110Proceed? [n/Y] Y
# salt-key -A
# salt-key –d id
# salt-key -d 192.168.10.110The following keys are going to be deleted:
Accepted Keys:192.168.10.110Proceed? [N/y] yKey for minion 192.168.10.110 deleted.
# salt-key -D
The following keys are going to be deleted:
Accepted Keys:192.168.10.110192.168.43.218Proceed? [N/y] yKey for minion 192.168.10.110 deleted.Key for minion 192.168.43.218 deleted.
# salt-key –r id
# salt-key -R
The following keys are going to be rejected:
Unaccepted Keys:192.168.10.110Proceed? [n/Y] YKey for minion 192.168.10.110 rejected.
# salt-run manage.up
- 192.168.10.249
#salt-run manage.down
# salt-run manage.down removekeys=True
# salt-run manage.status
# salt-run manage.statusdown:
up:
- 192.168.10.249
# salt-run manage.versions
# salt-run manage.versionsMaster:
2015.5.82016.Up to date:----------192.168.10.249:2015.5.8
分组规则:
G --针对Grains做单个匹配,例如:G@os:Ubuntu
E --针对minion针对正则表达式匹婚配,例如:E@webd+.(dev|qa|prod).locP --针对Grains做正则表达式匹配,例如:P@os:(RedHat|Fedora|CentOS)L --针对minion做列表匹配,例如:L@minion1.test.com,minion3.domain.com or bl*.domain.comI --针对 Pillar 做单个匹配,例如:I@pdata:foobarS --针对子网或是IP做匹配,例如:S@192.168.1.0/24 or S@192.168.1.100R --针对客户端范围做匹配,例如:R@%foo.bar
编辑master配置文件,注意组名前有两个空格,后有一个空格
# vi /etc/salt/masternodegroups:
web: 'L@192.168.10.110,192.168.10.111'
# salt -N ‘web’ test.ping
192.168.10.110:
True
首先要保证组员在master的列表中,否则对分组进行操作时会不成功:
# salt -N group1 test.pingNo minions matched the target. No command was sent, no jid was assigned.
ERROR: No return received
编辑master主配置文件,做如下配置:
file_roots:
base:- /srv/saltdev:- /srv/salt/devprod:- /srv/salt/prod
可以将文件及shell放在/srv/salt等文件夹下,执行其他命令调用方法:salt://dev/install.sh
如下执行脚本:
# salt '192.168.10.110' cmd.script salt://test.sh通过tar压缩或解压文件。
options:Options to pass to the tar command
tarfile:The filename of the tar archive to pack/unpacksources:Comma delimited list of files to pack into the tarfile. Can also be passed as a Python list.dest:The destination directory into which to unpack the tarfilecwd : None,The directory in which the tar command should be executed. If not specified, will default to the home directory of the user under which the salt minion process is running.template : NoneCan be set to 'jinja' or another supported template engine to render the command arguments before execution:salt '' archive.tar cjvf /tmp/salt.tar.bz2 { {grains.saltpath}} template=jinjaCLI Examples:# Create a tarfilesalt '' archive.tar cjvf /tmp/tarfile.tar.bz2 /tmp/file_1,/tmp/file_2# Unpack a tarfilesalt '*' archive.tar xf foo.tar dest=/target/directory
192.168.10.249:
- tar: Removing leading `/' from member names- /root/python/- /root/python/p2- /root/python/p1- /root/testa
通过该方法压缩的文件,解压后带有全路径,可通过cwd指定执行的目录.
# salt '*' archive.tar zcvf /root/test/test.tar.gz python,testa cwd=/root192.168.10.249:
- python/
- python/p2
- python/p1
- testa
192.168.10.249:
- python/- python/p2- python/p1- testa
测试主机的存活状态
# salt ‘*’ test.ping# salt '192.168.10.110' test.ping192.168.10.110:
True
在minion上执行shell命令。
# salt '192.168.10.110' cmd.run 'whoami'192.168.10.110:
root
在文件管理中放入相应的脚本文件
# cat /srv/salt/test.sh#!/bin/bash
echo 'This is a test.'
在minion上执行该脚本:
# salt '192.168.10.110' cmd.script salt://test.sh192.168.10.110:
----------pid:23866retcode:0stderr:stdout:This is a test.
Return usage information for volumes mounted on this minion
CLI Example:salt '*' disk.usage更改文件的所属权.
file.chown(path, user, group)Chown a file, pass the file the desired user and grouppath:path to the file or directoryuser:user ownergroup:group ownerCLI Example:salt '*' file.chown /etc/passwd root rootfile.copy(src, dst, recurse=False, remove_existing=False)
将一个目录或文件夹复制到另一个地方如果复制一个文件夹必须加上recurse=True参数。默认为复制目的文件夹。remove_existing=True,首先将目的文件夹里的内容全部删除,再进行复制。该参数可以保证源和目的完全一样。CLI Example:salt '*' file.copy /path/to/src /path/to/dst
salt '*' file.copy /path/to/src_dir /path/to/dst_dir recurse=Truesalt '*' file.copy /path/to/src_dir /path/to/dst_dir recurse=True remove_existing=True
判断某个文件是否存在,返回true/false。
CLI Example:salt '*' file.file_exists /etc/passwd
判断一个文件夹是否存在,返回true/false。
# salt '*' file.directory_exists /root/a192.168.10.249:
True# salt '*' file.directory_exists /root/ab192.168.10.249:False
返回目录大小(字节)。
CLI Example:# salt '*' file.diskusage /root192.168.10.249:
252580128
salt '*' file.find / type=f name=*.bak size=+10m
salt '*' file.find /var mtime=+30d size=+10m print=path,size,mtimesalt '*' file.find /var/log name=*.[0-9] mtime=+30d size=+10m delete1.查看大小大于10k,后缀为.bak的文件
# salt '*' file.find /root type=f name=*.bak size=+10k192.168.10.249:
- /root/sabawar/assets/tinymce/jscripts/tiny_mce/plugins/media/js/media.js.bak
192.168.10.249:
- /root/sabawar/assets/tinymce/jscripts/tiny_mce/plugins/media/js/media.js.bak- 16485- 1453970790
192.168.10.249:
- /root/sabawar/assets/tinymce/jscripts/tiny_mce/plugins/media/js/media.js.bak# salt '' file.find /root type=f name=\.bak size=+10k192.168.10.249:
过滤某个文件的内容。同linux的grep。
file.grep(path, pattern, *args)Note:This function's return value is slated for refinement in future versions of Saltpath:A file pathpattern:A string. For example: test a[0-5]args:grep options. For example: " -v" " -i -B2"CLI Example:salt '*' file.grep /etc/passwd nobody
salt '*' file.grep /etc/sysconfig/network-scripts/ifcfg-eth0 ipaddr " -i"salt '*' file.grep /etc/sysconfig/network-scripts/ifcfg-eth0 ipaddr " -i -B2"salt '*' file.grep "/etc/sysconfig/network-scripts/*" ipaddr " -i -l"
# cat a
a
bc
# salt '*' file.replace /root/test/a pattern='a' repl='aa'
192.168.10.249:
--- +++ @@ -1,3 +1,3 @@-a+aabc
# cat a
aa
bc
设置文件(夹)的权限
salt '*' file.set_mode /etc/passwd 0644添加一个host对,如果存在将对应的值添加进去,不存在则创建。
# salt '*' hosts.add_host 192.168.10.249 test.com192.168.10.249:
True
在minion检测某个域名或主机的端口是否打开.
CLI Example:salt '*' network.connect archlinux.org 80
salt '*' network.connect archlinux.org 80 timeout=3salt '*' network.connect archlinux.org 80 timeout=3 family=ipv4salt '*' network.connect google-public-dns-a.google.com port=53 proto=udp timeout=3
# salt '*' network.connect 192.168.10.249 22
192.168.10.249:
----------comment:Successfully connected to 192.168.10.249 (192.168.10.249) on tcp port 22result:True22. 获取hostname
Get hostname
CLI Example:
# salt '*' network.get_hostname
192.168.10.249:
localhost.localdomain23. 同步文件
CLI Example:
salt '' rsync.rsync {src} {dst} {delete=True} {update=True} {passwordfile=/etc/pass.crt} {exclude=xx}salt '' rsync.rsync {src} {dst} {delete=True} {excludefrom=/xx.ini}
# salt '*' rsync.rsync /root/test /test
192.168.10.249:
----------pid:5572retcode:0stderr:stdout:sending incremental file listtest/test/atest/a.baktest/telnet.rpmtest/soft/test/soft/telnet.rpmsent 108711 bytes received 96 bytes 72538.00 bytes/sectotal size is 118101 speedup is 1.09
转载于:https://blog.51cto.com/showing/2090354