• SaltStack日常维护-第七篇


    练习内容

    远程执行其他模块

    官方模块有很多超过300+

    1.cmd.run

    2.network

    3.service

    4.state

    5.其它日常维护

    演示

    cmd.run模块

    可以执行系统命令,超级模块有安全隐患,也可以更模块源代码限制危险命令执行比如(rm reboot等),二次开发一般不用此模块
    [root@linux-node1 salt]# salt '*' cmd.run 'w'
    linux-node1.example.com:
         17:36:55 up 12:00,  1 user,  load average: 0.00, 0.01, 0.05
        USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
        root     pts/0    192.168.56.1     16:01    7.00s  1.27s  0.36s /usr/bin/python /usr/bin/salt * cmd.run w
    linux-node2.example.com:
         17:36:56 up 12:00,  1 user,  load average: 0.00, 0.01, 0.05
        USER     TTY      FROM             LOGIN@   IDLE   JCPU   PCPU WHAT
        root     pts/0    192.168.56.1     16:01   54:32   0.00s  0.00s -bash

    network模块

     network.active_tcp,arp,connect
    [root@linux-node1 salt]# salt -S '192.168.56.12' network.active_tcp
    linux-node2.example.com:
        ----------
        0:
            ----------
            local_addr:
                0.0.0.0
            local_port:
                111
            remote_addr:
                0.0.0.0
            remote_port:
                0
        1:
            ----------
            local_addr:
                192.168.56.12
            local_port:
                8080
            remote_addr:
                0.0.0.0
            remote_port:
                0
        2:
            ----------
            local_addr:
                0.0.0.0
            local_port:
                22
            remote_addr:
                0.0.0.0
            remote_port:
                0
        3:
            ----------
            local_addr:
                127.0.0.1
            local_port:
                25
            remote_addr:
                0.0.0.0
            remote_port:
                0
        4:
            ----------
            local_addr:
                192.168.56.12
            local_port:
                55880
            remote_addr:
                192.168.56.11
            remote_port:
                4505
        5:
            ----------
            local_addr:
                192.168.56.12
            local_port:
                22
            remote_addr:
                192.168.56.1
            remote_port:
                50617
        6:
            ----------
            local_addr:
                192.168.56.12
            local_port:
                44782
            remote_addr:
                192.168.56.11
            remote_port:
                4506
        7:
            ----------
            local_addr:
                192.168.56.12
            local_port:
                44862
            remote_addr:
                192.168.56.11
            remote_port:
                4506
        8:
            ----------
            local_addr:
                192.168.56.12
            local_port:
                44864
            remote_addr:
                192.168.56.11
            remote_port:
                4506
    salt -S '192.168.56.12' network.active_tcp
    [root@linux-node1 salt]# salt '*' network.arp
    linux-node2.example.com:
        ----------
        00:0c:29:3c:56:22:
            192.168.56.11
        00:50:56:c0:00:08:
            192.168.56.1
        00:50:56:e2:2f:59:
            192.168.56.2
    linux-node1.example.com:
        ----------
        00:0c:29:6d:87:0c:
            192.168.56.12
        00:50:56:c0:00:08:
            192.168.56.1
        00:50:56:e2:2f:59:
            192.168.56.2
    salt '*' network.arp
    [root@linux-node1 salt]# salt -S '192.168.56.12' network.connect www.baidu.com 80
    linux-node2.example.com:
        ----------
        comment:
            Successfully connected to www.baidu.com (61.135.169.125) on tcp port 80
        result:
            True
    salt -S '192.168.56.12' network.connect www.baidu.com 80
    域名解析
    salt '*' network.dig www.baidu.com
    获取主机名
    [root@linux-node1 salt]# salt '*' network.get_hostname
    linux-node1.example.com:
        linux-node1
    linux-node2.example.com:
        linux-node2
    获取网卡mac地址
    [root@linux-node1 salt]# salt '*' network.hw_addr eth0
    linux-node1.example.com:
        00:0c:29:3c:56:22
    linux-node2.example.com:
        00:0c:29:6d:87:0c
    获取网卡ip地址相关信息
    [root@linux-node1 salt]# salt '*' network.interface eth0
    linux-node1.example.com:
        |_
          ----------
          address:
              192.168.56.11
          broadcast:
              192.168.56.255
          label:
              eth0
          netmask:
              255.255.255.0
    linux-node2.example.com:
        |_
          ----------
          address:
              192.168.56.12
          broadcast:
              192.168.56.255
          label:
              eth0
          netmask:
              255.255.255.0
    salt '*' network.interface eth0
    只获取ip地址信息
    [root@linux-node1 salt]# salt '*' network.interface_ip eth0
    linux-node1.example.com:
        192.168.56.11
    linux-node2.example.com:
        192.168.56.12
    检查回环网卡信息
    [root@linux-node1 salt]# salt '*' network.is_loopback 127.0.0.1
    linux-node1.example.com:
        True
    linux-node2.example.com:
        True
    获取网络连接信息
    salt '*' network.netstat
    网络ping
    [root@linux-node1 salt]# salt '*' network.ping www.baidu.com
    linux-node1.example.com:
        PING www.a.shifen.com (61.135.169.121) 56(84) bytes of data.
        64 bytes from 61.135.169.121: icmp_seq=1 ttl=128 time=41.2 ms
        64 bytes from 61.135.169.121: icmp_seq=2 ttl=128 time=50.1 ms
        64 bytes from 61.135.169.121: icmp_seq=3 ttl=128 time=87.8 ms
        64 bytes from 61.135.169.121: icmp_seq=4 ttl=128 time=86.0 ms
        
        --- www.a.shifen.com ping statistics ---
        4 packets transmitted, 4 received, 0% packet loss, time 3008ms
        rtt min/avg/max/mdev = 41.298/66.354/87.884/20.883 ms
    linux-node2.example.com:
        PING www.a.shifen.com (61.135.169.121) 56(84) bytes of data.
        64 bytes from 61.135.169.121: icmp_seq=1 ttl=128 time=47.3 ms
        64 bytes from 61.135.169.121: icmp_seq=2 ttl=128 time=45.0 ms
        64 bytes from 61.135.169.121: icmp_seq=3 ttl=128 time=90.8 ms
        64 bytes from 61.135.169.121: icmp_seq=4 ttl=128 time=88.2 ms
        
        --- www.a.shifen.com ping statistics ---
        4 packets transmitted, 4 received, 0% packet loss, time 3006ms
        rtt min/avg/max/mdev = 45.089/67.892/90.865/21.685 ms
    网络ping的其它参数
    root@linux-node1 ~]# salt '*' network.ping archlinux.org timeout=3
    linux-node2.example.com:
        PING archlinux.org (138.201.81.199) 56(84) bytes of data.
        64 bytes from apollo.archlinux.org (138.201.81.199): icmp_seq=1 ttl=128 time=247 ms
        64 bytes from apollo.archlinux.org (138.201.81.199): icmp_seq=2 ttl=128 time=260 ms
        64 bytes from apollo.archlinux.org (138.201.81.199): icmp_seq=3 ttl=128 time=268 ms
        64 bytes from apollo.archlinux.org (138.201.81.199): icmp_seq=4 ttl=128 time=296 ms
        
        --- archlinux.org ping statistics ---
        4 packets transmitted, 4 received, 0% packet loss, time 3005ms
        rtt min/avg/max/mdev = 247.004/268.189/296.863/18.292 ms
    linux-node1.example.com:
        PING archlinux.org (138.201.81.199) 56(84) bytes of data.
        64 bytes from apollo.archlinux.org (138.201.81.199): icmp_seq=1 ttl=128 time=208 ms
        64 bytes from apollo.archlinux.org (138.201.81.199): icmp_seq=2 ttl=128 time=221 ms
        64 bytes from apollo.archlinux.org (138.201.81.199): icmp_seq=3 ttl=128 time=232 ms
        64 bytes from 138.201.81.199: icmp_seq=4 ttl=128 time=260 ms
        
        --- archlinux.org ping statistics ---
        4 packets transmitted, 4 received, 0% packet loss, time 3003ms
        rtt min/avg/max/mdev = 208.509/230.999/260.674/19.194 ms
    [root@linux-node1 ~]# salt '*' network.ping archlinux.org return_boolean=True
    linux-node2.example.com:
        True
    linux-node1.example.com:
        True

    service模块

    service是一个虚拟模块,要调用不同类型系统的服务查看
    [root@linux-node1 salt]# salt '*' service.get_all
    linux-node1.example.com:
        - -.mount
        - NetworkManager
        - NetworkManager-dispatcher
        - NetworkManager-wait-online
    ......
    检查ssh服务
    [root@linux-node1 salt]# salt '*' service.available sshd
    linux-node1.example.com:
        True
    linux-node2.example.com:
        True
    重新加载web服务
    [root@linux-node1 salt]# salt '*' service.reload httpd
    linux-node1.example.com:
        True
    linux-node2.example.com:
        True
    查看服务状态
    [root@linux-node1 salt]# salt '*' service.status httpd
    linux-node1.example.com:
        True
    linux-node2.example.com:
        True

    执行模块state

    This function will call state.highstate or state.sls based on the arguments passed to this function. It exists as a more intuitive way of applying state

    salt '*' state.apply
    加载本地的yml
    salt '*' state.apply localconfig=/path/to/minion.yml
    查看minion在top.sls配置信息
    [root@linux-node1 salt]# salt '*node1*' state.show_top
    linux-node1.example.com:
        ----------
        base:
            - web.lamp
    单独执行pkg模块,执行模块直接就执行 ,状态模块先检查
    root@linux-node1 ~]# salt 'linux-node1.example.com' state.single pkg.installed name=vim-enhanced
    linux-node1.example.com:
    ----------
              ID: vim-enhanced
        Function: pkg.installed
          Result: True
         Comment: Package vim-enhanced is already installed.
         Started: 18:27:39.793850
        Duration: 825.955 ms
         Changes:   
    
    Summary
    ------------
    Succeeded: 1
    Failed:    0
    ------------
    Total states run:     1
    [root@linux-node1 ~]# 

    其它日常维护

    mange检查节点状态
    [root@linux-node1 ~]# salt-run manage.status
    down:
    up:
        - linux-node1.example.com
        - linux-node2.example.com
    mange检查minion版本,有时候可能因为版本不同而导致执行失败
    [root@linux-node1 ~]# salt-run manage.versions
    Master:
        2015.5.10
    Up to date:
        ----------
        linux-node1.example.com:
            2015.5.10
        linux-node2.example.com:
            2015.5.10
    为了安全 可以先执行测试 test=True,没有问题在应用到服务器
    salt "linux-node2*" state.highstate test=True
    salt-cp拷贝文件
    [root@linux-node1 ~]# salt-cp   'linux-node2.example.com' /etc/rc.local  /mnt/
    {'linux-node2.example.com': {'/mnt/rc.local': True}}

    附:英文参考文档 全部模块

    https://www.unixhot.com/docs/saltstack/ref/modules/all/

  • 相关阅读:
    jQuery中.html(“xxx”)和.append("xxx")的区别和不同
    Jquery中对checkbox的各种“全选”或者“取消”功能实现(特别注意1.6+的一定不能使用attr来取属性了!用prop!)
    Jquery 中each循环嵌套的使用示例教程
    关于Jquery中的$.each获取各种返回类型数据的使用方法
    IMEI是什么? 怎样查手机串号IMEI
    linux useradd(adduser)命令参数及用法详解(linux创建新用户命令)
    linux 的useradd 命令的p选项
    Linux SSH远程文件/目录传输命令scp
    C++ 迭代器 基础介绍
    C++中map的一点疑惑...
  • 原文地址:https://www.cnblogs.com/xiewenming/p/7712380.html
Copyright © 2020-2023  润新知