SaltStack常用的模块
文章目录
- 2.1.1 network.active_tcp
- 2.1.2 network.calc_net
- 2.1.3 network.connect
- 2.1.4 network.default_route
- 2.1.5 network.get_fqdn
- 2.1.6 network.get_hostname
- 2.1.7 network.get_route
- 2.1.8 network.hw_addr
- 2.1.9 network.ifacestartswith
- 2.1.10 network.in_subnet
- 2.1.11 network.interface
- 2.1.12 network.interface_ip
- 2.1.13 network.interfaces
- 2.1.14 network.ip_addrs
- 2.1.15 network.netstat
- 2.1.16 network.ping
- 2.1.17 network.reverse_ip
- 2.2.1 service.available
- 2.2.2 service.get_all
- 2.2.3 service.disabled
- 2.2.4 service.enabled
- 2.2.5 service.disable
- 2.2.6 service.enable
- 2.2.7 service.reload
- 2.2.8 service.stop
- 2.2.9 service.start
- 2.2.10 service.restart
- 2.2.11 service.status
- 2.3.1 pkg.download
- 2.3.2 pkg.file_list
- 2.3.3 pkg.group_info
- 2.3.4 pkg.group_list
- 2.3.5 pkg.install
- 2.3.6 pkg.list_downloaded
- 2.3.7 pkg.list_pkgs
- 2.3.8 pkg.owner
- 2.3.9 pkg.remove
- 2.3.10 pkg.upgrade
1. SaltStack模块介绍
Module是日常使用SaltStack接触最多的一个组件,其用于管理对象操作,这也是SaltStack通过Push的方式进行管理的入口,比如我们日常简单的执行命令、查看包安装情况、查看服务运行情况等工作都是通过SaltStack Module来实现的。
当安装好Master和Minion包后,系统上会安装很多Module,大家可以通过以下命令查看支持的所有Module列表:
//查看所有module列表
[root@master ~]# salt '192.168.69.202' sys.list_modules
192.168.69.202:
- acl
- aliases
- alternatives
- archive
- artifactory
- blockdev
- btrfs
- buildout
- cloud
- cmd
- composer
- config
- 此处省略N行
//查看指定module的所有function
[root@master ~]# salt '192.168.69.202' sys.list_functions cmd
192.168.69.202:
- cmd.exec_code
- cmd.exec_code_all
- cmd.has_exec
- cmd.retcode
- cmd.run
- cmd.run_all
- cmd.run_chroot
- cmd.run_stderr
- cmd.run_stdout
- cmd.script
- cmd.script_retcode
- cmd.shell
- cmd.shells
- cmd.tty
- cmd.which
- cmd.which_bin
//查看指定module的用法
[root@master ~]# salt '192.168.69.202' sys.doc cmd
'cmd.exec_code:'
Pass in two strings, the first naming the executable language, aka -
python2, python3, ruby, perl, lua, etc. the second string containing
the code you wish to execute. The stdout will be returned.
CLI Example:
salt '*' cmd.exec_code ruby 'puts "cheese"'
...此处省略N行...
//SaltStack默认也支持一次执行多个Module,Module之间通过逗号隔开,默认传参之间也是用逗号分隔,也支持指定传参分隔符号--args-separator=@即可
[root@master ~]# salt '192.168.69.202' test.echo,cmd.run,service.status hello,hostname,salt-minion
192.168.69.202:
----------
cmd.run:
minion
service.status:
True
test.echo:
hello
2. SaltStack常用模块
2.1 SaltStack常用模块之network
2.1.1 network.active_tcp
返回所有活动的tcp连接
[root@master ~]# salt '*' network.active_tcp
192.168.69.202:
----------
0:
----------
local_addr:
::
local_port:
80
remote_addr:
::
remote_port:
0
1:
----------
local_addr:
::
local_port:
22
remote_addr:
::
remote_port:
0
2:
----------
local_addr:
::1
local_port:
25
remote_addr:
::
remote_port:
0
3:
----------
local_addr:
::
local_port:
873
remote_addr:
::
remote_port:
0
4:
----------
local_addr:
192.168.69.202
local_port:
43640
remote_addr:
192.168.69.201
remote_port:
4505
2.1.2 network.calc_net
通过IP和子网掩码计算出网段
[root@master ~]# salt '*' network.calc_net 192.168.69.202 255.255.255.0
192.168.69.202:
192.168.69.0/24
[root@master ~]# salt '*' network.calc_net 192.168.69.202 255.255.255.240
192.168.69.202:
192.168.69.192/28
2.1.3 network.connect
测试minion至某一台服务器的网络是否连通
[root@master ~]# salt '*' network.connect baidu.com 80
192.168.69.202:
----------
comment:
Successfully connected to baidu.com (123.125.115.110) on tcp port 80
result:
True
2.1.4 network.default_route
查看默认路由
[root@master ~]# salt '*' network.default_route
192.168.69.202:
|_
----------
addr_family:
inet
destination:
0.0.0.0
flags:
UG
gateway:
192.168.69.1
interface:
ens32
netmask:
0.0.0.0
|_
----------
addr_family:
inet6
destination:
::/0
flags:
!n
gateway:
::
interface:
lo
netmask:
|_
----------
addr_family:
inet6
destination:
::/0
flags:
!n
gateway:
::
interface:
lo
netmask:
2.1.5 network.get_fqdn
查看主机的fqdn(完全限定域名)
[root@master ~]# salt '*' network.get_fqdn
192.168.69.202:
minion
2.1.6 network.get_hostname
获取主机名
[root@master ~]# salt '*' network.get_hostname
192.168.69.202:
minion
2.1.7 network.get_route
查询到一个目标网络的路由信息
[root@master ~]# salt '*' network.get_route 192.168.70.200
192.168.69.202:
----------
destination:
192.168.70.200
gateway:
192.168.69.1
interface:
ens32
source:
192.168.69.202
2.1.8 network.hw_addr
返回指定网卡的MAC地址
[root@master ~]# salt '*' network.hw_addr ens32
192.168.69.202:
00:0c:29:d8:05:54
2.1.9 network.ifacestartswith
从特定CIDR检索接口名称
[root@master ~]# salt '*' network.ifacestartswith 192.168
192.168.69.202:
- ens32
2.1.10 network.in_subnet
判断当前主机是否在某一个网段内
[root@master ~]# salt '*' network.in_subnet 192.168.69.0/24
192.168.69.202:
True
2.1.11 network.interface
返回指定网卡的信息
[root@master ~]# salt '*' network.interface ens32
192.168.69.202:
|_
----------
address:
192.168.69.202
broadcast:
192.168.69.255
label:
ens32
netmask:
255.255.255.0
2.1.12 network.interface_ip
返回指定网卡的IP地址
[root@master ~]# salt '*' network.interface_ip ens32
192.168.69.202:
192.168.69.202
2.1.13 network.interfaces
返回当前系统中所有的网卡信息
[root@master ~]# salt '*' network.interfaces
192.168.69.202:
----------
ens32:
----------
hwaddr:
00:0c:29:d8:05:54
inet:
|_
----------
address:
192.168.69.202
broadcast:
192.168.69.255
label:
ens32
netmask:
255.255.255.0
inet6:
|_
----------
address:
fe80::6860:c429:1c06:1639
prefixlen:
64
scope:
link
up:
True
lo:
----------
hwaddr:
00:00:00:00:00:00
inet:
|_
----------
address:
127.0.0.1
broadcast:
None
label:
lo
netmask:
255.0.0.0
inet6:
|_
----------
address:
::1
prefixlen:
128
scope:
host
up:
True
2.1.14 network.ip_addrs
返回一个IPv4的地址列表
该函数将会忽略掉127.0.0.1的地址
[root@master ~]# salt '*' network.ip_addrs
192.168.69.202:
- 192.168.69.202
2.1.15 network.netstat
返回所有打开的端口和状态
[root@master ~]# salt '*' network.netstat
192.168.69.202:
|_
----------
inode:
20245
local-address:
0.0.0.0:22
program:
1155/sshd
proto:
tcp
recv-q:
0
remote-address:
0.0.0.0:*
send-q:
0
state:
LISTEN
user:
0
|_
----------
inode:
14152
local-address:
127.0.0.1:25
program:
1386/master
proto:
tcp
recv-q:
0
remote-address:
0.0.0.0:*
send-q:
0
state:
LISTEN
user:
0
|_
----------
inode:
142715
local-address:
0.0.0.0:873
program:
54664/rsync
proto:
tcp
recv-q:
0
remote-address:
0.0.0.0:*
send-q:
0
state:
LISTEN
user:
0
|_
----------
inode:
498916
local-address:
192.168.69.202:22
program:
9388/sshd:
proto:
tcp
recv-q:
0
remote-address:
192.168.160.25:57723
send-q:
0
state:
ESTABLISHED
user:
0
|_
----------
inode:
339297
local-address:
192.168.69.202:43640
program:
9407/python
proto:
tcp
recv-q:
0
remote-address:
192.168.69.201:4505
send-q:
0
state:
ESTABLISHED
user:
0
|_
----------
inode:
324060
local-address:
:::80
program:
24889/httpd
proto:
tcp6
recv-q:
0
remote-address:
:::*
send-q:
0
state:
LISTEN
user:
0
|_
----------
inode:
20247
local-address:
:::22
program:
1155/sshd
proto:
tcp6
recv-q:
0
remote-address:
:::*
send-q:
0
state:
LISTEN
user:
0
|_
----------
inode:
14153
local-address:
::1:25
program:
1386/master
proto:
tcp6
recv-q:
0
remote-address:
:::*
send-q:
0
state:
LISTEN
user:
0
|_
----------
inode:
142716
local-address:
:::873
program:
54664/rsync
proto:
tcp6
recv-q:
0
remote-address:
:::*
send-q:
0
state:
LISTEN
user:
0
2.1.16 network.ping
使用ping命令测试到某主机的连通性
[root@master ~]# salt '*' network.ping baidu.com
192.168.69.202:
PING baidu.com (220.181.57.216) 56(84) bytes of data.
64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=1 ttl=43 time=42.7 ms
64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=2 ttl=43 time=50.6 ms
64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=3 ttl=43 time=42.7 ms
64 bytes from 220.181.57.216 (220.181.57.216): icmp_seq=4 ttl=43 time=42.7 ms
--- baidu.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 42.720/44.709/50.652/3.437 ms
2.1.17 network.reverse_ip
返回一个指定的IP地址的反向地址
[root@master ~]# salt '*' network.reverse_ip 192.168.69.30
192.168.69.202:
30.69.168.192.in-addr.arpa
2.2 SaltStack常用模块之service
2.2.1 service.available
判断指定的服务是否正在运行
[root@master ~]# salt '*' service.available sshd
192.168.69.202:
True
[root@master ~]# salt '*' service.available vsftpd
192.168.69.202:
False
2.2.2 service.get_all
获取所有正在运行的服务
[root@master ~]# salt '*' service.get_all
192.168.69.202:
- NetworkManager
- NetworkManager-dispatcher
- NetworkManager-wait-online
- arp-ethers
- auditd
- autovt@
- basic.target
- blk-availability
- bluetooth.target
- brandbot
- brandbot.path
- console-getty
- console-shell
- container-getty@
- cpupower
- crond
- 此处省略N行
2.2.3 service.disabled
检查指定服务是否开机不自动启动
[root@master ~]# salt '*' service.disabled httpd
192.168.69.202:
False
2.2.4 service.enabled
检查指定服务是否开机自动启动
[root@master ~]# salt '*' service.enabled httpd
192.168.69.202:
True
2.2.5 service.disable
设置指定服务开机不自动启动
[root@master ~]# salt '*' service.disable httpd
192.168.69.202:
True
[root@master ~]# salt '*' service.enabled httpd
192.168.69.202:
False
2.2.6 service.enable
设置指定服务开机自动启动
[root@master ~]# salt '*' service.enable httpd
192.168.69.202:
True
[root@master ~]# salt '*' service.enabled httpd
192.168.69.202:
True
2.2.7 service.reload
重新加载指定服务
[root@master ~]# salt '*' service.reload httpd
192.168.69.202:
True
2.2.8 service.stop
停止指定服务
[root@master ~]# salt '*' service.stop httpd
192.168.69.202:
True
2.2.9 service.start
启动指定服务
[root@master ~]# salt '*' service.start httpd
192.168.69.202:
True
2.2.10 service.restart
重启指定服务
[root@master ~]# salt '*' service.restart httpd
192.168.69.202:
True
2.2.11 service.status
查看指定服务的状态
[root@master ~]# salt '*' service.status httpd
192.168.69.202:
True
2.3 SaltStack常用模块之pkg
2.3.1 pkg.download
只下载软件包但不安装
此功能将会下载指定的软件包及其依赖的所有软件包,但是需要在minion端安装yum-utils,可以使用 cmd.run 进行远程安装
[root@master ~]# salt '*' pkg.download wget
192.168.69.202:
----------
wget:
/var/cache/yum/packages/wget-1.14-18.el7.x86_64.rpm //下载好的软件放在这里
2.3.2 pkg.file_list
列出指定包或系统中已安装的所有包的文件
//列出已安装的apache软件包提供的所有文件
[root@master ~]# salt '*' pkg.file_list httpd
192.168.69.202:
----------
errors:
files:
- /etc/httpd
- /etc/httpd/conf
- /etc/httpd/conf.d
- /etc/httpd/conf.d/README
- /etc/httpd/conf.d/autoindex.conf
- /etc/httpd/conf.d/userdir.conf
- /etc/httpd/conf.d/welcome.conf
- /etc/httpd/conf.modules.d
- /etc/httpd/conf.modules.d/00-base.conf
- /etc/httpd/conf.modules.d/00-dav.conf
- /etc/httpd/conf.modules.d/00-lua.conf
- /etc/httpd/conf.modules.d/00-mpm.conf
- /etc/httpd/conf.modules.d/00-proxy.conf
- /etc/httpd/conf.modules.d/00-systemd.conf
- /etc/httpd/conf.modules.d/01-cgi.conf
- /etc/httpd/conf/httpd.conf
//当不提供参数时,将会列出当前系统中所有已安装软件的文件列表
[root@master ~]# salt '*' pkg.file_list
192.168.69.202:
----------
errors:
files:
- /lib/kbd/keymaps/legacy
- /lib/kbd/keymaps/legacy/amiga
- /lib/kbd/keymaps/legacy/amiga/amiga-de.map.gz
- /lib/kbd/keymaps/legacy/amiga/amiga-us.map.gz
- /lib/kbd/keymaps/legacy/atari
- /lib/kbd/keymaps/legacy/atari/atari-de.map.gz
- /lib/kbd/keymaps/legacy/atari/atari-se.map.gz
- /lib/kbd/keymaps/legacy/atari/atari-uk-falcon.map.gz
- /lib/kbd/keymaps/legacy/atari/atari-us.map.gz
- /lib/kbd/keymaps/legacy/i386
- /lib/kbd/keymaps/legacy/i386/azerty
- /lib/kbd/keymaps/legacy/i386/azerty/azerty.map.gz
- /lib/kbd/keymaps/legacy/i386/azerty/be-latin1.map.gz
- /lib/kbd/keymaps/legacy/i386/azerty/fr-latin0.map.gz
- /lib/kbd/keymaps/legacy/i386/azerty/fr-latin1.map.gz
- /lib/kbd/keymaps/legacy/i386/azerty/fr-latin9.map.gz
2.3.3 pkg.group_info
查看包组的信息
[root@master ~]# salt '*' pkg.group_info 'Development Tools'
192.168.69.202:
----------
conditional:
default:
- byacc
- cscope
- ctags
- diffstat
- doxygen
- elfutils
- gcc-gfortran
- git
- indent
- intltool
- patchutils
- rcs
- subversion
- swig
- systemtap
description:
A basic development environment.
group:
Development Tools
id:
development
mandatory:
- autoconf
- automake
- binutils
- bison
- flex
- gcc
- gcc-c++
- gettext
- libtool
- make
- patch
- pkgconfig
- redhat-rpm-config
- rpm-build
- rpm-sign
optional:
- ElectricFence
- ant
- babel
- bzr
- chrpath
- cmake
- compat-gcc-44
- compat-gcc-44-c++
- cvs
- dejagnu
- expect
- gcc-gnat
- gcc-objc
- gcc-objc++
- imake
- javapackages-tools
- ksc
- libstdc++-docs
- mercurial
- mod_dav_svn
- nasm
- perltidy
- python-docs
- rpmdevtools
- rpmlint
- systemtap-sdt-devel
- systemtap-server
type:
package group
2.3.4 pkg.group_list
列出系统中所有的包组
[root@master ~]# salt '*' pkg.group_list
192.168.69.202:
----------
available:
- Additional Development
- Anaconda Tools
- Backup Client
- Backup Server
- Base
- CentOS Linux Client product core
- CentOS Linux ComputeNode product core
- CentOS Linux Server product core
- CentOS Linux Workstation product core
- Common NetworkManager submodules
- Compatibility Libraries
- Conflicts (Client)
- Conflicts (ComputeNode)
- Conflicts (Server)
- Conflicts (Workstation)
- Console Internet Tools
- Core
- DNS Name Server
- Debugging Tools
- Desktop Debugging and Performance Tools
- Development Tools
- Dial-up Networking Support
- Directory Client
- Directory Server
- E-mail Server
- Emacs
- FTP Server
- File and Storage Server
- Fonts
- GNOME
- GNOME Applications
- Graphical Administration Tools
- Graphics Creation Tools
- Guest Agents
- Guest Desktop Agents
- Hardware Monitoring Utilities
- High Availability
- Hyper-v platform specific packages
- Identity Management Server
- Infiniband Support
- Input Methods
- Internet Applications
- Internet Browser
- Java Platform
- KDE
- KDE Applications
- KDE Multimedia Support
- KVM platform specific packages
- Large Systems Performance
- Legacy UNIX Compatibility
- Legacy X Window System Compatibility
- Load Balancer
- Mainframe Access
- MariaDB Database Client
- MariaDB Database Server
- Multimedia
- Network File System Client
- Network Infrastructure Server
- Networking Tools
- Office Suite and Productivity
- PHP Support
- Performance Tools
- Perl Support
- Perl for Web
- Platform Development
- PostgreSQL Database Client
- PostgreSQL Database Server
- Print Server
- Printing Client
- Python
- Remote Desktop Clients
- Remote Management for Linux
- Resilient Storage
- Ruby Support
- Scientific Support
- Security Tools
- Smart Card Support
- System Administration Tools
- System Management
- Technical Writing
- VMware platform specific packages
- Virtualization Client
- Virtualization Hypervisor
- Virtualization Platform
- Virtualization Tools
- Web Server
- Web Servlet Engine
- X Window System
available environments:
- Minimal Install
- Compute Node
- Infrastructure Server
- File and Print Server
- Basic Web Server
- Virtualization Host
- Server with GUI
- GNOME Desktop
- KDE Plasma Workspaces
- Development and Creative Workstation
available languages:
----------
installed:
installed environments:
2.3.5 pkg.install
安装软件
[root@master ~]# salt '*' pkg.install wget
192.168.69.202:
----------
wget:
----------
new:
1.14-18.el7
old:
2.3.6 pkg.list_downloaded
列出已下载到本地的软件包
[root@master ~]# salt '*' pkg.list_downloaded
192.168.69.202:
----------
wget:
----------
1.14-18.el7:
----------
creation_date_time:
2019-02-22T17:11:52
creation_date_time_t:
1550826712
path:
/var/cache/yum/packages/wget-1.14-18.el7.x86_64.rpm
size:
560152
2.3.7 pkg.list_pkgs
以字典的方式列出当前已安装的软件包
[root@master ~]# salt '*' pkg.list_pkgs
192.168.69.202:
----------
GeoIP:
1.5.0-11.el7
NetworkManager:
1:1.8.0-9.el7
NetworkManager-libnm:
1:1.8.0-9.el7
NetworkManager-team:
1:1.8.0-9.el7
NetworkManager-tui:
1:1.8.0-9.el7
NetworkManager-wifi:
1:1.8.0-9.el7
PyYAML:
3.11-1.el7
...此处省略N行
2.3.8 pkg.owner
列出指定文件是由哪个包提供的
[root@master ~]# salt '*' pkg.owner /usr/sbin/apachectl
192.168.69.202:
httpd
[root@master ~]# salt '*' pkg.owner /usr/sbin/apachectl /etc/httpd/conf/httpd.conf
192.168.69.202:
----------
/etc/httpd/conf/httpd.conf:
httpd
/usr/sbin/apachectl:
httpd
2.3.9 pkg.remove
卸载指定软件
[root@master ~]# salt '*' cmd.run 'rpm -qa|grep wget'
192.168.69.202:
wget-1.14-18.el7.x86_64
[root@master ~]# salt '*' pkg.remove wget
192.168.69.202:
----------
wget:
----------
new:
old:
1.14-18.el7
//若要卸载多个文件,中间需要用逗号隔开
2.3.10 pkg.upgrade
升级系统中所有的软件包或升级指定的软件包
[root@master ~]# salt '*' pkg.upgrade name=openssl
192.168.69.202:
----------
openssl:
----------
new:
1:1.0.2k-16.el7
old:
1:1.0.2k-8.el7
openssl-libs:
----------
new:
1:1.0.2k-16.el7
old:
1:1.0.2k-8.el7
//若想升级系统中所有的软件包则把 name 参数去掉即可
