SaltStack 五

# salt的生产实践
  不推荐使用 file 目录模块模块进行代码部署
  不建议salt管理项目的配置文件,建议分层管理,salt只管理应用服务
  若有固定的文件服务器,可以使用 source: salt://  http://  ftp://
  SLS版本化
  使用版本化 Job Cache保存job的输出到MySQL中
  /var/cache/salt/master/jobs/
  默认保留24小时: keep_jobs: 24

# 远程执行
salt <target> <function> <arguments>
salt '*' cmd.run 'df -h'

# 将返回的数据持久化保存 
salt '*' test.ping --return redis_return
salt '*' test.ping --return mongo_return,redis_return,cassandra_return,elasticsearch_return ******

# return ---> mysql
https://www.unixhot.com/docs/saltstack/ref/returners/all/salt.returners.mysql.html#module-salt.returners.mysql

#  yum -y install mysql-python
1. vim /etc/salt/master  
# Which returner(s) will be used for minion's result:
#return: mysql
master_job_cache: mysql
mysql.host: '192.168.2.103'
mysql.user: 'root'
mysql.pass: '*********'
mysql.db: 'salt'
mysql.port: 3306

2. systemctl restart salt-master
3. salt '*' test.ping
4. salt '*' cmd.run 'df -h'


# 目标选择 
salt '*' test.ping  # *匹配
salt 'linux-node[1-2].com' test.ping 
salt 'linux-node[1,2].com' test.ping 
sale -E 'linux-node(1|2).com' test.ping  # 正则匹配 -E

base:
  'linux-node(1|2).com':
    - match: pcre
    - web.lamp

salt -L 'linux-node1.com,linux-node2.com,linux-node3.com' test.ping  # List 
salt -G 'os:CentOs' test.ping # -G grains
salt -S 192.168.2.103/24 test.ping # -S ip
salt -S 192.168.2.104 test.ping 


salt '*' -b 10 test.ping # 批处理
salt '*' -G 'os:CentOS' --batch-size 25% apache.signal restart 

# 执行模块

salt '*' network.active_tcp  # 活跃的tcp连接
salt '*' network.arp 

salt '*' network.connect archlinux.org 80 # 测试端口
salt '*' network.connect archlinux.org 80 timeout=3
salt '*' network.connect archlinux.org 80 timeout=3 family=ipv4
salt '*' network.connect archlinux.org port=53 proto=udp timeout=3
 
salt '*' network.dig archinux.org # 域名解析
salt '*' network.netstat 
salt '*' network.ping  www.baidu.com 

salt '*' state.show_top

# 日常管理
# include  包含状态
include:
  - web.httpd  # include httd.sls
   
# 测试
salt-run manage.status
salr-run manage.versions

# 修改minion_id
  停止minion服务
  salt-key -d minionid 删除minion
  rm -r /etc/salt/minion_id
  rm -f /etc/salt/pki
  修改配置文件id
  启动minion服务