Follow me to learn Saltstack common modules and apis

This is the 20th day of my participation in the August More Text Challenge

A lifelong learner, practitioner and sharer committed to the path of technology, a busy and occasionally lazy original blogger, an occasionally boring and occasionally humorous teenager.

Welcome to dig friends wechat search “Jie Ge’s IT journey” attention!

Follow me to learn Saltstack common modules and apis

Saltstack common modules and API

Saltstack provides very rich function modules, involving the basic functions of the operating system, common tools support, etc.

More modules information see: docs.saltstack.com/en/latest/r…

Of course, also can through the sys module: lists the current version supports all modules: docs. Saltstack. Cn/ref/modules…

[root@saltstack-master salt]# salt 'saltstack_web1group_1' sys.list_modules saltstack_web1group_1: - acl-aliases-alternatives - apache-archive-artifactory -------- Ignore some content --------Copy the code

API principle: This method is implemented by calling the Master Client module, instantiating a LocalClient object, and then calling CMD () to return a string in the form of a standard Python dictionary, which can be converted to a Python dictionary type through eval() for subsequent business logic processing.

Note: To convert character dictionaries to Python dictionary types, it is recommended to use the AST module’s literal_eval() method, which filters malicious functions in expressions.

API implementation of the test. Ping program example run results as follows:

[root@saltstack-master salt]# python python 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.20120313 (Red Hat 4.4.7-17)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import salt.client >>> client = salt.client.LocalClient() >>> ret = client.cmd('*','test.ping') >>> print ret {'saltstack_web1group_1': True, 'saltstack_web1group_2': True} >>>Copy the code

1.1 Archive module

Function: Supports gunzip, Gzip, RAR, tar, UNRar, and Unzip packages at the system level.

[root@saltstack_web1group_1 ~]# sed -n '18p' /etc/salt/minion id: saltstack_web1group_1 [root@saltstack_web1group_1 ~]# touch test [root@saltstack_web1group_1 ~]# gzip test [root@saltstack_web1group_1 ~]# test.gz -rw-r--r--. 1 root root 25 3月 20 05:31 test.gz [root@saltstack-master salt]# Saltstack_web1group_1 'archive.gunzip /root/test.gz Use gunzip to decompress the /root/test.gz package of the controlled machine. [root@saltstack_web1group_1 ~]# test-rw-r --r--. 1 root root 0 3月 20 05:31 testCopy the code

Use gzip to compress the /root/test file on the controlled computer.

[root@saltstack-master salt]# salt 'saltstack_web1group_1' archive.gzip /root/test saltstack_web1group_1: [root@saltstack_web1group_1 ~]# test.gz -rw-r--r--. 1 root root 25 3月 20 05:31 test.gz [root@saltstack-master salt]# salt 'saltstack_web1group_1' archive.tar zcf /tmp/test1.tar.gz /root/test saltstack_web1group_1: - tar: Removing leading `/' from member names [root@saltstack_web1group_1 ~]# ll /tmp/test1.tar.gz -rw-r--r--. 1 root root 45 3月 20 05:41 / TMP /test1.tar.gz [root@saltstack-master salt]# python python 2.6.6 (r266:84292, Aug 18 2016, 15:13:37) [GCC 4.4.20120313 (Red Hat 4.4.7-17)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import salt.client c^H>>> client = salt.client.LocalClient() >>> ret = client.cmd('saltstack_web1group_1', 'archive.gunzip', ['/root/test.gz']) >>> print ret {'saltstack_web1group_1': []} >>> [root@saltstack_web1group_1 ~]# ls -l test -rw-r--r-- 1 root root 0 3月 20 05:31 testCopy the code

1.2 CMD module

Run the following command to perform remote execution: (You have the root operation permission by default and need to evaluate the risk when using the command)

[root@saltstack-master salt]# salt 'saltstack_web1group_1' cmd.run "free -m"; saltstack_web1group_1: total used free shared buffers cached Mem: 230 221 9 0 18 26 -/+ buffers/cache: 176 54 Swap: 2083 207 1876 [root@saltstack-master salt]# mkdir /srv/salt/script -p [root@saltstack-master salt]# cd /srv/salt/script/  [root@saltstack-master script]# ls [root@saltstack-master script]# vim test.sh #! /bin/bash mkdir /tmp/testdir [root@saltstack-master script]# salt '*' cmd.script salt://script/test.sh saltstack_web1group_1: ---------- pid: 31237 retcode: 0 stderr: stdout: saltstack_web1group_2: ---------- pid: 65085 retcode: 0 stderr: stdout: [root@saltstack-master tmp]# chmod +x /srv/salt/script/test.sh [root@saltstack-master tmp]# sh /srv/salt/script/test.sh [root@saltstack-master TMP]# ls -ld/TMP /testdir/ drwxr-xr-x. 2 root root 4096 3月 20 05:56 / TMP /testdir/Copy the code

1.3 cp module

Functions: remote file, directory replication, and download URL files and other operations;

Specifies the minion of/etc/hosts file is copied to the minion of host local saltcache directory (/ var/cache/salt/minion localfiles /)

[root@saltstack-master tmp]# salt '*' cp.cache_local_file /etc/hosts saltstack_web1group_1: /var/cache/salt/minion/localfiles/etc/hosts saltstack_web1group_2: The/var/cache/salt/minion/localfiles/etc/hosts will master file_roots specifies the directory in which the position under the copy to the minion [root @ saltstack - master TMP] # salt '*' cp.get_dir salt://script /tmp saltstack_web1group_2: - /tmp/script/test.sh saltstack_web1group_1: - /tmp/script/test.sh [root@saltstack_web1group_1 ~]# ls /tmp/script/ test.shCopy the code

Cp.get_url downloads files from a URL, either a path on msater (salt://) or an HTTP URL.

[root@saltstack-master tmp]# salt '*' cp.get_url http://www.slashdot.org /tmp/index.html
saltstack_web1group_1:
/tmp/index.html
saltstack_web1group_2:
/tmp/index.html
[root@saltstack-master tmp]# salt '*' cp.get_url salt://test/10 /tmp/index.html
saltstack_web1group_1:
False
saltstack_web1group_2:
False
Copy the code

1.4 the cron module

Run the following command to enable minion crontab operation

View the crontab list of the specified minion and root users

[root@saltstack_web1group_1 ~]# crontab -e */5 * * * * /usr/sbin/ntpdate pool.ntp.org > /dev/null 2>&1 [root@saltstack-master ~]# salt 'saltstack_web1group_1' cron.raw_cron root saltstack_web1group_1: */5 * * * * /usr/sbin/ntpdate pool.ntp.org > /dev/null 2>&1 [root@saltstack-master ~]# salt 'saltstack_web1group_1' Cron.set_job root '*' '*' '*' '*' 1 /usr/local/weekly Add job saltstack_web1group_1 for minion and root users: new [root@saltstack_web1group_1 ~]# crontab -l */5 * * * * /usr/sbin/ntpdate pool.ntp.org > /dev/null 2>&1 [root@saltstack-master ~]# salt 'saltstack_web1group_1' cron.rm_job root /usr/local/weekly Delete /usr/local/weekly saltstack_web1group_1 from minion and root crontab; absent [root@saltstack_web1group_1 ~]# crontab -l */5 * * * * /usr/sbin/ntpdate pool.ntp.org > /dev/null 2>&1Copy the code

1.5 dnsutil module

Run the following command to perform general DNS operations on the Minion host

[root@saltstack-master ~]# salt '*' dnsutil.hosts_append /etc/hosts 127.0.0.1 ad1.yuk.com,ad2.yuk.com Add hosts configuration items saltstack_web1group_2: The following line was added to /etc/hosts: 127.0.0.1 ad1.yuk.com ad2.yuk.com saltstack_web1group_1: The following line was added to /etc/hosts: 127.0.0.1 ad1.yuk.com ad2.yuk.com [root@saltstack-master ~]# salt '*' dnsutil.hosts_remove /etc/hosts ad1.yuk.com Delete the hosts configuration item saltstack_web1group_1: None saltstack_web1group_2: NoneCopy the code

1.6 the file module

Function: Realize common operation of minion host file, including file read and write, permission, search, check, etc

[root@saltstack-master ~]# salt '*' file.check_hash /etc/fstab md5=3498723948716623dc38328f saltstack_web1group_2: ERROR executing 'file.check_hash': The following keyword arguments are not valid: md5=3498723948716623dc38328f saltstack_web1group_1: ERROR executing 'file.check_hash': The following keyword arguments are not valid: Md5 =3498723948716623dc38328f [root@saltstack-master ~]# salt '*' file.get_sum /etc/passwd Supports md5, SHA1, SHA224, SHA256, SHA384, and SHA512 encryption algorithms saltStack_web1group_2: 3750a0f1618c426daecc6e31b425edd5e1ea3b1c7bed3cc863f95b2f1d6b5eb7 saltstack_web1group_1: 3750a0f1618c426daecc6e31b425edd5e1ea3b1c7bed3cc863f95b2f1d6b5eb7 [root@saltstack-master ~]# salt '*' file.chown /etc/passwd root Root User to which the modified file belongs saltstack_web1group_2: None Saltstack_web1group_1: None [root@saltstack-master ~]# salt '*' file.copy /path/to/ SRC /path/to/ DST Copies all minion /path/to/ SRC files to/ path/to/ DST saltstack_web1group_1: The minion function caused an exception: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/salt/minion. Py ", line 1200, in _thread_return return_data = func(*args, * * kwargs) File "/ usr/lib/python2.6 / site - packages/salt/modules/File. Py", line 2439, in copy shutil. Used by copyfile (SRC, DST) File "/ usr/lib64 / python2.6 shutil. Py", line, 50 in used by copyfile with open (SRC, 'rb') as FSRC: IOError: [Errno 2] No such file or directory: '/path/to/src' saltstack_web1group_2: The minion function caused an exception: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/salt/minion. Py ", line 1200, in _thread_return return_data = func(*args, * * kwargs) File "/ usr/lib/python2.6 / site - packages/salt/modules/File. Py", line 2439, in copy shutil. Used by copyfile (SRC, DST) File "/ usr/lib64 / python2.6 shutil. Py", line, 50 in used by copyfile with open (SRC, 'rb') as FSRC: IOError: [Errno 2] No such file or directory: '/path/to/ SRC '[root@saltstack-master ~]# salt '*' file.directory_exists /etc Check whether all minion /etc directories exist. File_exists SaltSTACK_web1group_2: True SaltSTACK_web1group_1: Saltstack_web1group_1: True [root@saltstack-master ~]# salt '*' file.stats /etc/passwd ---------- atime: 1553064961.88 ctime: 1553064930.69 gid: 0 group: root inode: 667462 mode: 0644 mtime: 1464993067.26 size: 1714 Target: /etc/passwd type: file uid: 0 user: root saltstack_web1group_2: ---------- atime: 1553034361.7 ctime: 1553034331.42 GID: 0 group: root inode: 667462 mode: 0644 mtime: 1464993067.26 size: 1714 target: /etc/passwd type: file uid: 0 user: Root [root@saltstack-master ~]# salt '*' file.get_mode /etc/passwd  0644 saltstack_web1group_2: 0644 [root@saltstack-master ~]# salt '*' file.set_mode /etc/passwd 0645 Change the /etc/passwd permission mode of all minion to 0645 saltstack_web1group_1: 0645 saltstack_web1group_2: 0645 [root@saltstack-master ~]# salt '*' file.mkdir /opt/test saltstack_web1group_2 None saltstack_web1group_1: None [root@saltstack-master ~]# salt '*' file.sed /etc/httpd/httpd.conf 'LogLevel warn' 'LogLevel info' Change the LogLevel warn of httpd.conf files on all minion hosts to info saltstack_web1group_1: False saltstack_web1group_2: False [root@saltstack-master ~]# salt '*' file.append/TMP /test/test.conf "maxClient 100" Add all minion/TMP /test/test.conf Maxclient 100 saltstack_web1group_2: The minion function caused an exception: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/salt/minion. Py ", line 1200, in _thread_return return_data = func(*args, * * kwargs) File "/ usr/lib/python2.6 / site - packages/salt/modules/File. Py", line 2043, in append with salt.utils.fopen(path, "r+") as ofile: File "/usr/lib/python2.6/site-packages/salt/utils/__init__.py", line 1046, in fopen fhandle = open(*args, **kwargs) IOError: [Errno 2] No such file or directory: '/tmp/test/test.conf' saltstack_web1group_1: The minion function caused an exception: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/salt/minion. Py ", line 1200, in _thread_return return_data = func(*args, * * kwargs) File "/ usr/lib/python2.6 / site - packages/salt/modules/File. Py", line 2043, in append with salt.utils.fopen(path, "r+") as ofile: File "/usr/lib/python2.6/site-packages/salt/utils/__init__.py", line 1046, in fopen fhandle = open(*args, **kwargs) IOError: [Errno 2] No such file or directory: '/ TMP /test/test.conf' [root@saltstack-master ~]# salt '*' file.remove/TMP /foo Delete all minion/TMP /foo files saltstack_web1group_2: False saltstack_web1group_1: FalseCopy the code

1.7 iptables module

Features: Minion iptables host

[root@saltstack-master ~]# salt '*' iptabnles.append filter INPUT rule='-m state --state RELATED,ESTABLISHED -j ACCEPT' Add rules to all minion hosts [root@saltstack-master ~]# salt '*' iptables. Delete filter INPUT position=3 Delete rules 3 on all Minion hosts [root@saltstack-master ~]# salt '*' iptables.save /etc/sysconfig/iptables saltstack_web1group_1: Wrote 1 lines to "/etc/sysconfig/iptables" saltstack_web1group_2: Wrote 1 lines to "/etc/sysconfig/iptables"Copy the code

1.8 the network module

Run the following command to return minion network information

[root@saltstack-master ~]# salt 'saltstack_web1group_1' network.dig www.jd.com saltstack_web1group_1: ; < < > > DiG 9.8.2 rc1 - RedHat - 9.8.2-0.17 rc1. El6_4. 6 < < > > www.jd.com;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47292 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ; www.jd.com. IN A ;; ANSWER SECTION: www.jd.com. 68 IN CNAME www.jd.com.gslb.qianxun.com. www.jd.com.gslb.qianxun.com. 36 IN CNAME www.jdcdn.com. www.jdcdn.com. 36 IN A 106.39.178.1;; Query time: 29 msec ;; SERVER: 192.168.1.1 # 53 (192.168.1.1);; WHEN: Wed Mar 20 15:07:09 2019 ;; MSG SIZE rcvd: 106 [root@saltstack-master ~]# salt 'saltstack_web1group_1' network.ping www.jd.com saltstack_web1group_1: PING www.jdcdn.com (106.39.178.1) 56(84) bytes of data.64 bytes from 106.39.178.1: Icmp_seq =1 TTL =54 time=7.26 ms 64 bytes from 106.39.178.1: ICmp_seq =2 TTL =54 time=5.62 ms 64 bytes from 106.39.178.1: icmp_seq=2 TTL =54 time=5.62 ms 64 bytes from 106.39.178.1: Icmp_seq =3 TTL =54 time=5.77 ms 64 bytes from 106.39.178.1: Icmp_seq =4 TTL =54 time= 5.4ms -- www.jdcdn.com ping statistics -- 4 packets transmitted, 4 received, 0% packet loss, Time 3012ms RTT min/avg/ Max /mdev = 5.116/5.944/7.269/0.807 ms [root@saltstack-master ~]# salt 'saltstack_web1group_1' Traceroute www.jd.com [root@saltstack-master ~]# salt 'saltstack_web1group_1' network.hwaddr eth1 Obtain the MAC address of minion  saltstack_web1group_1: 00:0c:29: F9:55:5b [root@saltstack-master ~]# salt 'saltstack_web1group_1' network.in_subnet 10.0.0.0/16 Check whether minion belongs to subnet 10.0.0.0/16 saltStack_web1group_1: False [root@saltstack-master ~]# salt 'saltstack_web1group_1' network.interfaces Saltstack_web1group_1: -- -- -- -- -- -- -- -- -- -- eth1: -- -- -- -- -- -- -- -- -- -- hwaddr: 00:0 c: 29: f9: b upon inet: | _ -- -- -- -- -- -- -- -- -- -- address: 192.168.1.183 broadcast: 192.168.1.255 label: eth1 netmask: 255.255.255.0 inet6: | _ -- -- -- -- -- -- -- -- -- -- address: fe80: : 20 c: 29 ff: fef9:555 b prefixlen: 64 scope: link up: True lo: -- -- -- -- -- -- -- -- -- -- hwaddr: 00:00:00:00:00:00 inet: | _ -- -- -- -- -- -- -- -- -- -- address: 127.0.0.1 broadcast: None label: lo netmask: 255.0.0.0 inet6: | _ -- -- -- -- -- -- -- -- -- -- address: : : 1 prefixlen: 128 scope: host up: True [root@saltstack-master ~]# salt 'saltstack_web1group_1' network.ip_addrs Saltstack_web1group_1: - 192.168.1.183 [root@saltstack-master ~]# salt 'saltstack_web1group_1' network.subnets Obtains the subnet information of minion Saltstack_web1group_1: - 192.168.1.0/24Copy the code

1.9 PKG module

Features: Minion package management, such as yum, apt-get

[root@saltstack-master ~]# salt '*' pkg.install PHP saltstack_web1group_2: ---------- PHP: -- -- -- -- -- -- -- -- -- -- new: 5.3.3-49. El6 old: PHP - cli: -- -- -- -- -- -- -- -- -- -- new: 5.3.3-49. El6 old: PHP - common: -- -- -- -- -- -- -- -- -- -- new: 5.3.3-49. El6 old: saltstack_web1group_1: -- -- -- -- -- -- -- -- -- - PHP: -- -- -- -- -- -- -- -- -- -- new: 5.3.3-49. El6 old: PHP - cli: -- -- -- -- -- -- -- -- -- -- new: 5.3.3-49. El6 old: PHP - common: -- -- -- -- -- -- -- -- -- -- new: 5.3.3-49. El6 old: [root@saltstack-master ~]# salt '*' pkg.remove PHP saltstack_web1group_1: ---------- PHP: ---------- new: Old: 5.3.3-49. El6 saltstack_web1group_2: -- -- -- -- -- -- -- -- -- - PHP: -- -- -- -- -- -- -- -- -- -- new: old: 5.3.3-49.el6 [root@saltstack-master ~]# salt '*' pkg.upgrade Upgrade all packages on minionCopy the code

1.10 the service module

Function: Manage minion services

[root@saltstack-master ~]# salt '*' service.status httpd
saltstack_web1group_1:
True
saltstack_web1group_2:
True
[root@saltstack-master ~]# salt '*' service.reload httpd
saltstack_web1group_1:
True
saltstack_web1group_2:
True
Copy the code

Recommended reading

Saltstack centralized management platform installation

Execute commands remotely using Saltstack

In this paper, to the end.

---

Original is not easy, if you think this article is useful to you, please kindly like, comment or forward this article, because this will be my power to output more high-quality articles, thank you!

By the way, please give me some free attention! In case you get lost and don’t find me next time.

See you next time!