第三方调用saltstack
python api使用
实例及工作原理解析
指定target 函数,命令等等,就可以可以了。
[root@mcw01 ~]# python
Python 2.7.5 (default, Aug 4 2017, 00:39:18)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> exit()
[root@mcw01 ~]#
[root@mcw01 ~]# python3
Python 3.6.8 (default, Nov 14 2023, 16:29:52)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import salt.client
>>> local = salt.client.LocalClient()
>>> local.cmd('mcw03','cmd.run',['hostname'])
{'mcw03': 'mcw03'}
>>>
查找导入包的路径
>>> import salt
>>> salt.__path__
['/usr/lib/python3.6/site-packages/salt']
>>>
寻找上面LocalClient所在位置:
[root@mcw01 salt]# grep -Rn 'LocalClient' .|egrep 'class|def'
./client/__init__.py:133:class LocalClient:
./config/__init__.py:3997: :py:class:`~salt.client.LocalClient`.
./netapi/rest_cherrypy/app.py:285:* "local" uses :py:class:`LocalClient <salt.client.LocalClient>` which sends
./netapi/rest_cherrypy/app.py:504:via the ``expire_responses`` setting, and both :py:class:`LocalClient
./netapi/rest_cherrypy/app.py:505:<salt.client.LocalClient>` and :py:class:`RunnerClient
./netapi/rest_tornado/saltnado.py:1187: salt.client.LocalClient.run_job, chunk, is_class_method=True
./utils/event.py:999:class LocalClientEvent(MasterEvent):
[root@mcw01 salt]#
这个文件
[root@mcw01 salt]# less ./client/__init__.py
[root@mcw01 salt]#
.. code-block:: python
import salt.client
local = salt.client.LocalClient()
local.cmd('*', 'test.fib', [10])
"""
....
def cmd(
self,
tgt,
fun,
arg=(),
timeout=None,
tgt_type="glob",
ret="",
jid="",
full_return=False,
kwarg=None,
**kwargs
):
....
was_listening = self.event.cpub
try:
pub_data = self.run_job(
tgt,
fun,
arg,
tgt_type,
ret,
timeout,
jid,
kwarg=kwarg,
listen=True,
**kwargs
)
if not pub_data:
return pub_data
运行了run_job
----
def run_job(
self,
tgt,
fun,
arg=(),
tgt_type="glob",
ret="",
timeout=None,
jid="",
kwarg=None,
listen=False,
**kwargs
):
"""
Asynchronously send a command to connected minions
Prep the job directory and publish a command to any targeted minions.
:return: A dictionary of (validated) ``pub_data`` or an empty
dictionary on failure. The ``pub_data`` contains the job ID and a
list of all minions that are expected to return data.
.. code-block:: python
>>> local.run_job('*', 'test.sleep', [300])
{'jid': '20131219215650131543', 'minions': ['jerry']}
"""
arg = salt.utils.args.condition_input(arg, kwarg)
try:
pub_data = self.pub(
tgt,
fun,
arg,
tgt_type,
ret,
jid=jid,
timeout=self._get_timeout(timeout),
listen=listen,
**kwargs
)
except SaltClientError:
# Re-raise error with specific message
raise SaltClientError(
"The salt master could not be contacted. Is master running?"
)
except AuthenticationError as err:
raise
except AuthorizationError as err:
raise
except Exception as general_exception: # pylint: disable=broad-except
# Convert to generic client error and pass along message
raise SaltClientError(general_exception)
return self._check_pub_data(pub_data, listen=listen)
通过api获取saltstack配置
获取master配置信息
[root@mcw01 ~]# python3
Python 3.6.8 (default, Nov 14 2023, 16:29:52)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import salt.config
>>> master_opts=salt.config.client_config('/etc/salt/master')
>>> dir(master_opts) #查看属性
['__class__', '__contains__', '__delattr__', '__delitem__', '__dir__', '__doc__', '__eq__', '__format__', '__ge__', '__getattribute__', '__getitem__', '__gt__', '__hash__', '__init__', '__init_subclass__', '__iter__', '__le__', '__len__', '__lt__', '__ne__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__setitem__', '__sizeof__', '__str__', '__subclasshook__', 'clear', 'copy', 'fromkeys', 'get', 'items', 'keys', 'pop', 'popitem', 'setdefault', 'update', 'values']
>>> type(master_opts) #查看类型
<class 'dict'>
>>> print(dict(master_opts)) #查看master配置,字典形式打印
{'token_file': '/root/salt_token', 'interface': '127.0.0.1', 'publish_port': 4505, 'zmq_backlog': 1000, 'pub_hwm': 1000, 'auth_mode': 1, 'user': 'root', 'worker_threads': 5, 'sock_dir': '/var/run/salt/master', 'sock_pool_size': 1, 'ret_port': 4506, 'timeout': 5, 'keep_jobs': 24, 'archive_jobs': False, 'root_dir': '/', 'pki_dir': '/etc/salt/pki/master', 'key_cache': '', 'cachedir': '/var/cache/salt/master', 'file_roots': {'base': ['/srv/salt/base', '/srv/salt/prod'], 'prod': ['/srv/salt/prod']}, 'master_roots': {'base': ['/srv/salt-master']}, 'pillar_roots': {'base': ['/srv/pillar/base'], 'prod': ['/srv/pillar/prod']}, 'on_demand_ext_pillar': ['libvirt', 'virtkey'], 'decrypt_pillar': [], 'decrypt_pillar_delimiter': ':', 'decrypt_pillar_default': 'gpg', 'decrypt_pillar_renderers': ['gpg'], 'thoriumenv': None, 'thorium_top': 'top.sls', 'thorium_interval': 0.5, 'thorium_roots': {'base': ['/srv/thorium']}, 'top_file_merging_strategy': 'merge', 'env_order': [], 'saltenv': None, 'lock_saltenv': False, 'pillarenv': None, 'default_top': 'base', 'file_client': 'local', 'local': True, 'roots_update_interval': 60, 'azurefs_update_interval': 60, 'gitfs_update_interval': 60, 'git_pillar_update_interval': 60, 'hgfs_update_interval': 60, 'minionfs_update_interval': 60, 's3fs_update_interval': 60, 'svnfs_update_interval': 60, 'git_pillar_base': 'master', 'git_pillar_branch': 'master', 'git_pillar_env': '', 'git_pillar_fallback': '', 'git_pillar_root': '', 'git_pillar_ssl_verify': True, 'git_pillar_global_lock': True, 'git_pillar_user': '', 'git_pillar_password': '', 'git_pillar_insecure_auth': False, 'git_pillar_privkey': '', 'git_pillar_pubkey': '', 'git_pillar_passphrase': '', 'git_pillar_refspecs': ['+refs/heads/*:refs/remotes/origin/*', '+refs/tags/*:refs/tags/*'], 'git_pillar_includes': True, 'git_pillar_verify_config': True, 'gitfs_remotes': [], 'gitfs_mountpoint': '', 'gitfs_root': '', 'gitfs_base': 'master', 'gitfs_fallback': '', 'gitfs_user': '', 'gitfs_password': '', 'gitfs_insecure_auth': False, 'gitfs_privkey': '', 'gitfs_pubkey': '', 'gitfs_passphrase': '', 'gitfs_saltenv_whitelist': [], 'gitfs_saltenv_blacklist': [], 'gitfs_global_lock': True, 'gitfs_ssl_verify': True, 'gitfs_saltenv': [], 'gitfs_ref_types': ['branch', 'tag', 'sha'], 'gitfs_refspecs': ['+refs/heads/*:refs/remotes/origin/*', '+refs/tags/*:refs/tags/*'], 'gitfs_disable_saltenv_mapping': False, 'hgfs_remotes': [], 'hgfs_mountpoint': '', 'hgfs_root': '', 'hgfs_base': 'default', 'hgfs_branch_method': 'branches', 'hgfs_saltenv_whitelist': [], 'hgfs_saltenv_blacklist': [], 'show_timeout': True, 'show_jid': False, 'unique_jid': False, 'svnfs_remotes': [], 'svnfs_mountpoint': '', 'svnfs_root': '', 'svnfs_trunk': 'trunk', 'svnfs_branches': 'branches', 'svnfs_tags': 'tags', 'svnfs_saltenv_whitelist': [], 'svnfs_saltenv_blacklist': [], 'max_event_size': 1048576, 'master_stats': False, 'master_stats_event_iter': 60, 'minionfs_env': 'base', 'minionfs_mountpoint': '', 'minionfs_whitelist': [], 'minionfs_blacklist': [], 'ext_pillar': [], 'pillar_version': 2, 'pillar_opts': False, 'pillar_safe_render_error': True, 'pillar_source_merging_strategy': 'smart', 'pillar_merge_lists': False, 'pillar_includes_override_sls': False, 'pillar_cache': False, 'pillar_cache_ttl': 3600, 'pillar_cache_backend': 'disk', 'gpg_cache': False, 'gpg_cache_ttl': 86400, 'gpg_cache_backend': 'disk', 'ping_on_rotate': False, 'peer': {}, 'preserve_minion_cache': False, 'syndic_master': 'masterofmasters', 'syndic_failover': 'random', 'syndic_forward_all_events': False, 'syndic_log_file': '/var/log/salt/syndic', 'syndic_pidfile': '/var/run/salt-syndic.pid', 'outputter_dirs': [], 'runner_dirs': [], 'utils_dirs': ['/var/cache/salt/master/extmods/utils'], 'client_acl_verify': True, 'publisher_acl': {}, 'publisher_acl_blacklist': {}, 'sudo_acl': False, 'external_auth': {}, 'token_expire': 43200, 'token_expire_user_override': False, 'permissive_acl': False, 'keep_acl_in_token': False, 'eauth_acl_module': '', 'eauth_tokens': 'localfs', 'extension_modules': '/var/cache/salt/master/extmods', 'module_dirs': [], 'file_recv': False, 'file_recv_max_size': 100, 'file_buffer_size': 1048576, 'file_ignore_regex': [], 'file_ignore_glob': [], 'fileserver_backend': ['roots'], 'fileserver_followsymlinks': True, 'fileserver_ignoresymlinks': False, 'fileserver_limit_traversal': False, 'fileserver_verify_config': True, 'max_open_files': 100000, 'hash_type': 'sha256', 'optimization_order': [0, 1, 2], 'conf_file': '/etc/salt/master', 'open_mode': False, 'auto_accept': False, 'renderer': 'jinja|yaml', 'renderer_whitelist': [], 'renderer_blacklist': [], 'failhard': False, 'state_top': 'top.sls', 'state_top_saltenv': None, 'master_tops': {}, 'master_tops_first': False, 'order_masters': False, 'job_cache': True, 'ext_job_cache': '', 'master_job_cache': 'local_cache', 'job_cache_store_endtime': False, 'minion_data_cache': True, 'enforce_mine_cache': False, 'ipc_mode': 'ipc', 'ipc_write_buffer': 0, 'req_server_niceness': None, 'pub_server_niceness': None, 'fileserver_update_niceness': None, 'mworker_niceness': None, 'mworker_queue_niceness': None, 'maintenance_niceness': None, 'event_return_niceness': None, 'event_publisher_niceness': None, 'reactor_niceness': None, 'ipv6': None, 'tcp_master_pub_port': 4512, 'tcp_master_pull_port': 4513, 'tcp_master_publish_pull': 4514, 'tcp_master_workers': 4515, 'log_file': '/var/log/salt/master', 'log_level': 'warning', 'log_level_logfile': None, 'log_datefmt': '%H:%M:%S', 'log_datefmt_logfile': '%Y-%m-%d %H:%M:%S', 'log_fmt_console': '[%(levelname)-8s] %(message)s', 'log_fmt_logfile': '%(asctime)s,%(msecs)03d [%(name)-17s:%(lineno)-4d][%(levelname)-8s][%(process)d] %(message)s', 'log_fmt_jid': '[JID: %(jid)s]', 'log_granular_levels': {}, 'log_rotate_max_bytes': 0, 'log_rotate_backup_count': 0, 'pidfile': '/var/run/salt-master.pid', 'publish_session': 86400, 'range_server': 'range:80', 'reactor': [{'salt/test': ['/srv/reactor/test.sls']}, {'salt/minion/Minion/restart': ['/srv/reactor/auto.sls']}], 'reactor_refresh_interval': 60, 'reactor_worker_threads': 10, 'reactor_worker_hwm': 10000, 'engines': [], 'event_return': '', 'event_return_queue': 0, 'event_return_whitelist': [], 'event_return_blacklist': [], 'event_match_type': 'startswith', 'runner_returns': True, 'serial': 'msgpack', 'test': False, 'state_verbose': True, 'state_output': 'full', 'state_output_diff': False, 'state_output_profile': True, 'state_auto_order': True, 'state_events': False, 'state_aggregate': False, 'search': '', 'loop_interval': 60, 'nodegroups': {'mcwgroup1': 'L@mcw01,mcw03 or vm2.cluster.com', 'mcwgroup2': 'G@myname:mcw and L@mcw01,mcw03', 'mcwgroup3': 'G@myname:mcw and N@mcwgroup1', 'mcwgroup4': ['G@myname:mcw', 'or', 'G@myname:xiaoma']}, 'ssh_list_nodegroups': {}, 'ssh_use_home_key': False, 'cython_enable': False, 'enable_gpu_grains': False, 'key_logfile': '/var/log/salt/key', 'verify_env': True, 'permissive_pki_access': False, 'key_pass': None, 'signing_key_pass': None, 'default_include': 'master.d/*.conf', 'winrepo_dir': '/srv/salt/win/repo', 'winrepo_dir_ng': '/srv/salt/win/repo-ng', 'winrepo_cachefile': 'winrepo.p', 'winrepo_remotes': ['https://github.com/saltstack/salt-winrepo.git'], 'winrepo_remotes_ng': ['https://github.com/saltstack/salt-winrepo-ng.git'], 'winrepo_branch': 'master', 'winrepo_fallback': '', 'winrepo_ssl_verify': True, 'winrepo_user': '', 'winrepo_password': '', 'winrepo_insecure_auth': False, 'winrepo_privkey': '', 'winrepo_pubkey': '', 'winrepo_passphrase': '', 'winrepo_refspecs': ['+refs/heads/*:refs/remotes/origin/*', '+refs/tags/*:refs/tags/*'], 'syndic_wait': 5, 'jinja_env': {}, 'jinja_sls_env': {}, 'jinja_lstrip_blocks': False, 'jinja_trim_blocks': False, 'tcp_keepalive': True, 'tcp_keepalive_idle': 300, 'tcp_keepalive_cnt': -1, 'tcp_keepalive_intvl': -1, 'sign_pub_messages': True, 'keysize': 2048, 'transport': 'zeromq', 'gather_job_timeout': 10, 'syndic_event_forward_timeout': 0.5, 'syndic_jid_forward_cache_hwm': 100, 'regen_thin': False, 'ssh_passwd': '', 'ssh_priv_passwd': '', 'ssh_port': '22', 'ssh_sudo': False, 'ssh_sudo_user': '', 'ssh_timeout': 60, 'ssh_user': 'root', 'ssh_scan_ports': '22', 'ssh_scan_timeout': 0.01, 'ssh_identities_only': False, 'ssh_log_file': '/var/log/salt/ssh', 'ssh_config_file': '/root/.ssh/config', 'cluster_mode': False, 'sqlite_queue_dir': '/var/cache/salt/master/queues', 'queue_dirs': [], 'cli_summary': False, 'max_minions': 0, 'master_sign_key_name': 'master_sign', 'master_sign_pubkey': False, 'master_pubkey_signature': 'master_pubkey_signature', 'master_use_pubkey_signature': False, 'zmq_filtering': False, 'zmq_monitor': False, 'con_cache': False, 'rotate_aes_key': True, 'cache_sreqs': True, 'dummy_pub': False, 'http_connect_timeout': 20.0, 'http_request_timeout': 3600.0, 'http_max_body': 107374182400, 'cache': 'localfs', 'memcache_expire_seconds': 0, 'memcache_max_items': 1024, 'memcache_full_cleanup': False, 'memcache_debug': False, 'thin_extra_mods': '', 'min_extra_mods': '', 'ssl': None, 'extmod_whitelist': {}, 'extmod_blacklist': {}, 'clean_dynamic_modules': True, 'django_auth_path': '', 'django_auth_settings': '', 'allow_minion_key_revoke': True, 'salt_cp_chunk_size': 98304, 'require_minion_sign_messages': False, 'drop_messages_signature_fail': False, 'discovery': False, 'schedule': {}, 'auth_events': True, 'minion_data_cache_events': True, 'enable_ssh_minions': False, 'netapi_allow_raw_shell': False, 'fips_mode': False, 'detect_remote_minions': False, 'remote_minions_port': 22, '__role': 'master', '__cli': '', 'token_dir': '/var/cache/salt/master/tokens', 'syndic_dir': '/var/cache/salt/master/syndics', 'id': 'mcw01_master', 'master_uri': 'tcp://127.0.0.1:4506'}
>>>
或者minion的配置信息
[root@mcw01 ~]# python3
Python 3.6.8 (default, Nov 14 2023, 16:29:52)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import salt.client
>>> minion_opts=salt.config.minion_config('/etc/salt/minion')
>>> dir(minion_opts)
['__class__', '__contains__', '__delattr__', '__delitem__', '__dir__', '__doc__', '__eq__', '__format__', '__ge__', '__getattribute__', '__getitem__', '__gt__', '__hash__', '__init__', '__init_subclass__', '__iter__', '__le__', '__len__', '__lt__', '__ne__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__setitem__', '__sizeof__', '__str__', '__subclasshook__', 'clear', 'copy', 'fromkeys', 'get', 'items', 'keys', 'pop', 'popitem', 'setdefault', 'update', 'values']
>>>
>>> type(minion_opts)
<class 'dict'>
>>> minion_opts.keys()
dict_keys(['interface', 'master', 'master_type', 'master_uri_format', 'source_interface_name', 'source_address', 'source_ret_port', 'source_publish_port', 'master_port', 'master_finger', 'master_shuffle', 'master_alive_interval', 'master_failback', 'master_failback_interval', 'verify_master_pubkey_sign', 'sign_pub_messages', 'always_verify_signature', 'master_sign_key_name', 'syndic_finger', 'user', 'root_dir', 'pki_dir', 'id', 'id_function', 'cachedir', 'append_minionid_config_dirs', 'cache_jobs', 'grains_blacklist', 'grains_cache', 'grains_cache_expiration', 'grains_deep_merge', 'conf_file', 'sock_dir', 'sock_pool_size', 'backup_mode', 'renderer', 'renderer_whitelist', 'renderer_blacklist', 'random_startup_delay', 'failhard', 'autoload_dynamic_modules', 'saltenv', 'lock_saltenv', 'pillarenv', 'pillarenv_from_saltenv', 'pillar_opts', 'pillar_source_merging_strategy', 'pillar_merge_lists', 'pillar_includes_override_sls', 'pillar_cache', 'pillar_cache_ttl', 'pillar_cache_backend', 'gpg_cache', 'gpg_cache_ttl', 'gpg_cache_backend', 'extension_modules', 'state_top', 'state_top_saltenv', 'startup_states', 'sls_list', 'start_event_grains', 'top_file', 'thoriumenv', 'thorium_top', 'thorium_interval', 'thorium_roots', 'file_client', 'local', 'use_master_when_local', 'file_roots', 'top_file_merging_strategy', 'env_order', 'default_top', 'fileserver_limit_traversal', 'file_recv', 'file_recv_max_size', 'file_ignore_regex', 'file_ignore_glob', 'fileserver_backend', 'fileserver_followsymlinks', 'fileserver_ignoresymlinks', 'pillar_roots', 'on_demand_ext_pillar', 'decrypt_pillar', 'decrypt_pillar_delimiter', 'decrypt_pillar_default', 'decrypt_pillar_renderers', 'roots_update_interval', 'azurefs_update_interval', 'gitfs_update_interval', 'git_pillar_update_interval', 'hgfs_update_interval', 'minionfs_update_interval', 's3fs_update_interval', 'svnfs_update_interval', 'git_pillar_base', 'git_pillar_branch', 'git_pillar_env', 'git_pillar_fallback', 'git_pillar_root', 'git_pillar_ssl_verify', 'git_pillar_global_lock', 'git_pillar_user', 'git_pillar_password', 'git_pillar_insecure_auth', 'git_pillar_privkey', 'git_pillar_pubkey', 'git_pillar_passphrase', 'git_pillar_refspecs', 'git_pillar_includes', 'gitfs_remotes', 'gitfs_mountpoint', 'gitfs_root', 'gitfs_base', 'gitfs_fallback', 'gitfs_user', 'gitfs_password', 'gitfs_insecure_auth', 'gitfs_privkey', 'gitfs_pubkey', 'gitfs_passphrase', 'gitfs_saltenv_whitelist', 'gitfs_saltenv_blacklist', 'gitfs_global_lock', 'gitfs_ssl_verify', 'gitfs_saltenv', 'gitfs_ref_types', 'gitfs_refspecs', 'gitfs_disable_saltenv_mapping', 'unique_jid', 'hash_type', 'optimization_order', 'disable_modules', 'disable_returners', 'whitelist_modules', 'module_dirs', 'returner_dirs', 'grains_dirs', 'states_dirs', 'render_dirs', 'outputter_dirs', 'utils_dirs', 'publisher_acl', 'publisher_acl_blacklist', 'providers', 'clean_dynamic_modules', 'open_mode', 'auto_accept', 'autosign_timeout', 'multiprocessing', 'process_count_max', 'mine_enabled', 'mine_return_job', 'mine_interval', 'ipc_mode', 'ipc_write_buffer', 'ipv6', 'file_buffer_size', 'tcp_pub_port', 'tcp_pull_port', 'tcp_authentication_retries', 'tcp_reconnect_backoff', 'log_file', 'log_level', 'log_level_logfile', 'log_datefmt', 'log_datefmt_logfile', 'log_fmt_console', 'log_fmt_logfile', 'log_fmt_jid', 'log_granular_levels', 'log_rotate_max_bytes', 'log_rotate_backup_count', 'max_event_size', 'enable_legacy_startup_events', 'test', 'ext_job_cache', 'cython_enable', 'enable_fqdns_grains', 'enable_gpu_grains', 'enable_zip_modules', 'state_verbose', 'state_output', 'state_output_diff', 'state_output_profile', 'state_auto_order', 'state_events', 'state_aggregate', 'snapper_states', 'snapper_states_config', 'acceptance_wait_time', 'acceptance_wait_time_max', 'rejected_retry', 'loop_interval', 'verify_env', 'grains', 'permissive_pki_access', 'default_include', 'update_url', 'update_restart_services', 'retry_dns', 'retry_dns_count', 'resolve_dns_fallback', 'recon_max', 'recon_default', 'recon_randomize', 'return_retry_timer', 'return_retry_timer_max', 'return_retry_tries', 'random_reauth_delay', 'winrepo_source_dir', 'winrepo_dir', 'winrepo_dir_ng', 'winrepo_cachefile', 'winrepo_cache_expire_max', 'winrepo_cache_expire_min', 'winrepo_remotes', 'winrepo_remotes_ng', 'winrepo_branch', 'winrepo_fallback', 'winrepo_ssl_verify', 'winrepo_user', 'winrepo_password', 'winrepo_insecure_auth', 'winrepo_privkey', 'winrepo_pubkey', 'winrepo_passphrase', 'winrepo_refspecs', 'pidfile', 'range_server', 'reactor_refresh_interval', 'reactor_worker_threads', 'reactor_worker_hwm', 'engines', 'tcp_keepalive', 'tcp_keepalive_idle', 'tcp_keepalive_cnt', 'tcp_keepalive_intvl', 'modules_max_memory', 'grains_refresh_every', 'minion_id_caching', 'minion_id_lowercase', 'minion_id_remove_domain', 'keysize', 'transport', 'auth_timeout', 'auth_tries', 'master_tries', 'master_tops_first', 'auth_safemode', 'random_master', 'cluster_mode', 'restart_on_error', 'ping_interval', 'username', 'password', 'zmq_filtering', 'zmq_monitor', 'cache_sreqs', 'cmd_safe', 'sudo_user', 'http_connect_timeout', 'http_request_timeout', 'http_max_body', 'event_match_type', 'minion_restart_command', 'pub_ret', 'proxy_host', 'proxy_username', 'proxy_password', 'proxy_port', 'minion_jid_queue_hwm', 'ssl', 'multifunc_ordered', 'beacons_before_connect', 'scheduler_before_connect', 'cache', 'salt_cp_chunk_size', 'extmod_whitelist', 'extmod_blacklist', 'minion_sign_messages', 'discovery', 'schedule', 'ssh_merge_pillar', 'disabled_requisites', 'reactor_niceness', 'fips_mode', '__role', '__cli', 'beacons'])
>>>
>>> print(minion_opts['user'])
root
>>> print(minion_opts['interface'])
0.0.0.0
>>> print(minion_opts['master'])
['10.0.0.11']
>>>
python api的其它模块
1、LocalClient
>>> import salt.client
>>> local=salt.client.LocalClient()
>>> local.cmd('*','cmd.run',['hostname'])
{'mcw01': 'mcw01', 'mcw03': 'mcw03', 'mcw02': 'mcw02', 'mcw04': 'mcw04'}
>>>
支持一次执行多个模块。没有参数的,写个空列表
>>> local.cmd('mcw03',['test.ping','cmd.run','test.echo'],[[],['hostname'],['machangwei']])
{'mcw03': {'test.ping': True, 'cmd.run': 'mcw03', 'test.echo': 'machangwei'}}
>>>
==》异步执行
>>> import salt.client
>>> local=salt.client.LocalClient()
>>>
>>> local.cmd_async('*','test.sleep',[30])
'20240127075219835882'
>>>
==》批量执行
>>> import salt.client
>>> local=salt.client.LocalClient()
>>> returns=local.cmd_batch('*','state.highstate',bat='10%')
>>> for ret in returns:
... print(ret)
...
{'mcw03': {'pkg_|-pkg-init_|-gcc_|-installed': {'name': 'gcc', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 0, 'start_time': '15:58:27.724974', 'duration': 841.383, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-gcc-c++_|-installed': {'name': 'gcc-c++', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 1, 'start_time': '15:58:28.566603', 'duration': 17.593, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-glibc_|-installed': {'name': 'glibc', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 2, 'start_time': '15:58:28.584326', 'duration': 16.184, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-make_|-installed': {'name': 'make', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 3, 'start_time': '15:58:28.600626', 'duration': 16.191, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-autoconf_|-installed': {'name': 'autoconf', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 4, 'start_time': '15:58:28.616949', 'duration': 24.624, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-openssl_|-installed': {'name': 'openssl', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 5, 'start_time': '15:58:28.641768', 'duration': 20.258, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-openssl-devel_|-installed': {'name': 'openssl-devel', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 6, 'start_time': '15:58:28.662184', 'duration': 18.041, '__id__': 'pkg-init'}, 'file_|-haproxy-install_|-/usr/local/src/haproxy-1.5.19.tar.gz_|-managed': {'changes': {}, 'comment': 'File /usr/local/src/haproxy-1.5.19.tar.gz is in the correct state', 'name': '/usr/local/src/haproxy-1.5.19.tar.gz', 'result': True, '__sls__': 'haproxy.install', '__run_num__': 7, 'start_time': '15:58:28.682118', 'duration': 20.305, '__id__': 'haproxy-install'}, 'cmd_|-haproxy-install_|-cd /usr/local/src && tar zxf haproxy-1.5.19.tar.gz && cd haproxy-1.5.19 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy_|-run': {'result': True, 'name': 'cd /usr/local/src && tar zxf haproxy-1.5.19.tar.gz && cd haproxy-1.5.19 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy', 'changes': {}, 'comment': 'unless condition is true', 'skip_watch': True, '__sls__': 'haproxy.install', '__run_num__': 8, 'start_time': '15:58:28.703541', 'duration': 396.225, '__id__': 'haproxy-install'}, 'file_|-/etc/init.d/haproxy_|-/etc/init.d/haproxy_|-managed': {'changes': {}, 'comment': 'File /etc/init.d/haproxy is in the correct state', 'name': '/etc/init.d/haproxy', 'result': True, '__sls__': 'haproxy.install', '__run_num__': 9, 'start_time': '15:58:29.100144', 'duration': 8.864, '__id__': '/etc/init.d/haproxy'}, 'sysctl_|-net.ipv4.ip_nonlocal_bind_|-net.ipv4.ip_nonlocal_bind_|-present': {'name': 'net.ipv4.ip_nonlocal_bind', 'result': True, 'changes': {}, 'comment': 'Sysctl value net.ipv4.ip_nonlocal_bind = 1 is already set', '__sls__': 'haproxy.install', '__run_num__': 10, 'start_time': '15:58:29.109154', 'duration': 8.07, '__id__': 'net.ipv4.ip_nonlocal_bind'}, 'file_|-haproxy-config-dir_|-/etc/haproxy_|-directory': {'name': '/etc/haproxy', 'changes': {}, 'result': True, 'comment': 'The directory /etc/haproxy is in the correct state', '__sls__': 'haproxy.install', '__run_num__': 11, 'start_time': '15:58:29.117415', 'duration': 1.395, '__id__': 'haproxy-config-dir'}, 'cmd_|-haproxy-init_|-chkconfig --add haproxy_|-run': {'result': True, 'name': 'chkconfig --add haproxy', 'changes': {}, 'comment': 'unless condition is true', 'skip_watch': True, '__sls__': 'haproxy.install', '__run_num__': 12, 'start_time': '15:58:29.119162', 'duration': 11.559, '__id__': 'haproxy-init'}, 'file_|-haproxy_|-/usr/sbin/haproxy_|-managed': {'changes': {}, 'comment': 'File /usr/sbin/haproxy is in the correct state', 'name': '/usr/sbin/haproxy', 'result': True, '__sls__': 'cluster.haproxy-outside', '__run_num__': 13, 'start_time': '15:58:29.131044', 'duration': 16.615, '__id__': 'haproxy'}, 'file_|-haproxy-service_|-/etc/haproxy/haproxy.cfg_|-managed': {'changes': {}, 'comment': 'File /etc/haproxy/haproxy.cfg is in the correct state', 'name': '/etc/haproxy/haproxy.cfg', 'result': True, '__sls__': 'cluster.haproxy-outside', '__run_num__': 14, 'start_time': '15:58:29.147806', 'duration': 83.787, '__id__': 'haproxy-service'}, 'service_|-haproxy-service_|-haproxy_|-running': {'name': 'haproxy', 'changes': {}, 'result': True, 'comment': 'The service haproxy is already running', '__sls__': 'cluster.haproxy-outside', '__run_num__': 15, 'start_time': '15:58:29.232297', 'duration': 15.391, '__id__': 'haproxy-service'}, 'file_|-keepalived-install_|-/usr/local/src/keepalived-1.2.17.tar.gz_|-managed': {'changes': {}, 'comment': 'File /usr/local/src/keepalived-1.2.17.tar.gz is in the correct state', 'name': '/usr/local/src/keepalived-1.2.17.tar.gz', 'result': True, '__sls__': 'keepalived.install', '__run_num__': 16, 'start_time': '15:58:29.247870', 'duration': 154.7, '__id__': 'keepalived-install'}, 'cmd_|-keepalived-install_|-cd /usr/local/src && tar zxf keepalived-1.2.17.tar.gz && cd keepalived-1.2.17 && ./configure --prefix=/user/local/keepalived --disable-fwmark && make && make install_|-run': {'result': True, 'name': 'cd /usr/local/src && tar zxf keepalived-1.2.17.tar.gz && cd keepalived-1.2.17 && ./configure --prefix=/user/local/keepalived --disable-fwmark && make && make install', 'changes': {}, 'comment': 'unless condition is true', 'skip_watch': True, '__sls__': 'keepalived.install', '__run_num__': 17, 'start_time': '15:58:29.403010', 'duration': 11.247, '__id__': 'keepalived-install'}, 'file_|-/etc/sysconfig/keepalived_|-/etc/sysconfig/keepalived_|-managed': {'changes': {}, 'comment': 'File /etc/sysconfig/keepalived is in the correct state', 'name': '/etc/sysconfig/keepalived', 'result': True, '__sls__': 'keepalived.install', '__run_num__': 18, 'start_time': '15:58:29.414475', 'duration': 10.089, '__id__': '/etc/sysconfig/keepalived'}, 'file_|-/etc/init.d/keepalived_|-/etc/init.d/keepalived_|-managed': {'changes': {}, 'comment': 'File /etc/init.d/keepalived is in the correct state', 'name': '/etc/init.d/keepalived', 'result': True, '__sls__': 'keepalived.install', '__run_num__': 19, 'start_time': '15:58:29.424698', 'duration': 23.094, '__id__': '/etc/init.d/keepalived'}, 'file_|-xiaoma_|-/usr/local/keepalived/sbin/_|-directory': {'name': '/usr/local/keepalived/sbin/', 'changes': {}, 'result': True, 'comment': 'The directory /usr/local/keepalived/sbin is in the correct state', '__sls__': 'keepalived.install', '__run_num__': 20, 'start_time': '15:58:29.447976', 'duration': 1.113, '__id__': 'xiaoma'}, 'file_|-/usr/local/keepalived/sbin/keepalived_|-/usr/local/keepalived/sbin/keepalived_|-managed': {'changes': {}, 'comment': 'File /usr/local/keepalived/sbin/keepalived is in the correct state', 'name': '/usr/local/keepalived/sbin/keepalived', 'result': True, '__sls__': 'keepalived.install', '__run_num__': 21, 'start_time': '15:58:29.449181', 'duration': 10.979, '__id__': '/usr/local/keepalived/sbin/keepalived'}, 'cmd_|-keepalived-init_|-chkconfig --add keepalived_|-run': {'result': True, 'name': 'chkconfig --add keepalived', 'changes': {}, 'comment': 'unless condition is true', 'skip_watch': True, '__sls__': 'keepalived.install', '__run_num__': 22, 'start_time': '15:58:29.460813', 'duration': 12.972, '__id__': 'keepalived-init'}, 'file_|-/etc/keepalived_|-/etc/keepalived_|-directory': {'name': '/etc/keepalived', 'changes': {}, 'result': True, 'comment': 'The directory /etc/keepalived is in the correct state', '__sls__': 'keepalived.install', '__run_num__': 23, 'start_time': '15:58:29.474007', 'duration': 1.498, '__id__': '/etc/keepalived'}, 'file_|-keepalived-server_|-/etc/keepalived/keepalived.conf_|-managed': {'changes': {}, 'comment': 'File /etc/keepalived/keepalived.conf is in the correct state', 'name': '/etc/keepalived/keepalived.conf', 'result': True, '__sls__': 'cluster.haproxy-outside-keepalived', '__run_num__': 24, 'start_time': '15:58:29.475626', 'duration': 11.162, '__id__': 'keepalived-server'}, 'service_|-keepalived-server_|-keepalived_|-running': {'name': 'keepalived', 'changes': {}, 'result': True, 'comment': 'The service keepalived is already running', '__sls__': 'cluster.haproxy-outside-keepalived', '__run_num__': 25, 'start_time': '15:58:29.487214', 'duration': 13.212, '__id__': 'keepalived-server'}, 'retcode': 0}}
{'mcw02': {'no_|-states_|-states_|-None': {'result': False, 'comment': 'No Top file or master_tops data matches found. Please see master log for details.', 'name': 'No States', 'changes': {}, '__run_num__': 0}, 'retcode': 2}}
{'mcw01': {'pkg_|-pkg-init_|-gcc_|-installed': {'name': 'gcc', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 0, 'start_time': '15:58:36.366094', 'duration': 4993.571, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-gcc-c++_|-installed': {'name': 'gcc-c++', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 1, 'start_time': '15:58:41.359878', 'duration': 17.8, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-glibc_|-installed': {'name': 'glibc', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 2, 'start_time': '15:58:41.377812', 'duration': 16.326, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-make_|-installed': {'name': 'make', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 3, 'start_time': '15:58:41.394249', 'duration': 18.175, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-autoconf_|-installed': {'name': 'autoconf', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 4, 'start_time': '15:58:41.412547', 'duration': 17.6, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-openssl_|-installed': {'name': 'openssl', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 5, 'start_time': '15:58:41.430283', 'duration': 18.768, '__id__': 'pkg-init'}, 'pkg_|-pkg-init_|-openssl-devel_|-installed': {'name': 'openssl-devel', 'changes': {}, 'result': True, 'comment': 'All specified packages are already installed', '__sls__': 'pkg.pkg-init', '__run_num__': 6, 'start_time': '15:58:41.449192', 'duration': 18.149, '__id__': 'pkg-init'}, 'file_|-haproxy-install_|-/usr/local/src/haproxy-1.5.19.tar.gz_|-managed': {'changes': {}, 'comment': 'File /usr/local/src/haproxy-1.5.19.tar.gz is in the correct state', 'name': '/usr/local/src/haproxy-1.5.19.tar.gz', 'result': True, '__sls__': 'haproxy.install', '__run_num__': 7, 'start_time': '15:58:41.484149', 'duration': 107.869, '__id__': 'haproxy-install'}, 'cmd_|-haproxy-install_|-cd /usr/local/src && tar zxf haproxy-1.5.19.tar.gz && cd haproxy-1.5.19 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy_|-run': {'result': True, 'name': 'cd /usr/local/src && tar zxf haproxy-1.5.19.tar.gz && cd haproxy-1.5.19 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy', 'changes': {}, 'comment': 'unless condition is true', 'skip_watch': True, '__sls__': 'haproxy.install', '__run_num__': 8, 'start_time': '15:58:41.593702', 'duration': 647.081, '__id__': 'haproxy-install'}, 'file_|-/etc/init.d/haproxy_|-/etc/init.d/haproxy_|-managed': {'changes': {}, 'comment': 'File /etc/init.d/haproxy is in the correct state', 'name': '/etc/init.d/haproxy', 'result': True, '__sls__': 'haproxy.install', '__run_num__': 9, 'start_time': '15:58:42.241102', 'duration': 13.378, '__id__': '/etc/init.d/haproxy'}, 'sysctl_|-net.ipv4.ip_nonlocal_bind_|-net.ipv4.ip_nonlocal_bind_|-present': {'name': 'net.ipv4.ip_nonlocal_bind', 'result': True, 'changes': {}, 'comment': 'Sysctl value net.ipv4.ip_nonlocal_bind = 1 is already set', '__sls__': 'haproxy.install', '__run_num__': 10, 'start_time': '15:58:42.254647', 'duration': 22.134, '__id__': 'net.ipv4.ip_nonlocal_bind'}, 'file_|-haproxy-config-dir_|-/etc/haproxy_|-directory': {'name': '/etc/haproxy', 'changes': {}, 'result': True, 'comment': 'The directory /etc/haproxy is in the correct state', '__sls__': 'haproxy.install', '__run_num__': 11, 'start_time': '15:58:42.277144', 'duration': 2.16, '__id__': 'haproxy-config-dir'}, 'cmd_|-haproxy-init_|-chkconfig --add haproxy_|-run': {'result': True, 'name': 'chkconfig --add haproxy', 'changes': {}, 'comment': 'unless condition is true', 'skip_watch': True, '__sls__': 'haproxy.install', '__run_num__': 12, 'start_time': '15:58:42.279790', 'duration': 47.565, '__id__': 'haproxy-init'}, 'file_|-haproxy_|-/usr/sbin/haproxy_|-managed': {'changes': {}, 'comment': 'File /usr/sbin/haproxy is in the correct state', 'name': '/usr/sbin/haproxy', 'result': True, '__sls__': 'cluster.haproxy-outside', '__run_num__': 13, 'start_time': '15:58:42.327623', 'duration': 77.964, '__id__': 'haproxy'}, 'file_|-haproxy-service_|-/etc/haproxy/haproxy.cfg_|-managed': {'changes': {}, 'comment': 'File /etc/haproxy/haproxy.cfg is in the correct state', 'name': '/etc/haproxy/haproxy.cfg', 'result': True, '__sls__': 'cluster.haproxy-outside', '__run_num__': 14, 'start_time': '15:58:42.405756', 'duration': 26.32, '__id__': 'haproxy-service'}, 'service_|-haproxy-service_|-haproxy_|-running': {'name': 'haproxy', 'changes': {}, 'result': True, 'comment': 'The service haproxy is already running', '__sls__': 'cluster.haproxy-outside', '__run_num__': 15, 'start_time': '15:58:42.432775', 'duration': 63.086, '__id__': 'haproxy-service'}, 'file_|-keepalived-install_|-/usr/local/src/keepalived-1.2.17.tar.gz_|-managed': {'changes': {}, 'comment': 'File /usr/local/src/keepalived-1.2.17.tar.gz is in the correct state', 'name': '/usr/local/src/keepalived-1.2.17.tar.gz', 'result': True, '__sls__': 'keepalived.install', '__run_num__': 16, 'start_time': '15:58:42.496054', 'duration': 36.791, '__id__': 'keepalived-install'}, 'cmd_|-keepalived-install_|-cd /usr/local/src && tar zxf keepalived-1.2.17.tar.gz && cd keepalived-1.2.17 && ./configure --prefix=/user/local/keepalived --disable-fwmark && make && make install_|-run': {'result': True, 'name': 'cd /usr/local/src && tar zxf keepalived-1.2.17.tar.gz && cd keepalived-1.2.17 && ./configure --prefix=/user/local/keepalived --disable-fwmark && make && make install', 'changes': {}, 'comment': 'unless condition is true', 'skip_watch': True, '__sls__': 'keepalived.install', '__run_num__': 17, 'start_time': '15:58:42.533378', 'duration': 12.648, '__id__': 'keepalived-install'}, 'file_|-/etc/sysconfig/keepalived_|-/etc/sysconfig/keepalived_|-managed': {'changes': {}, 'comment': 'File /etc/sysconfig/keepalived is in the correct state', 'name': '/etc/sysconfig/keepalived', 'result': True, '__sls__': 'keepalived.install', '__run_num__': 18, 'start_time': '15:58:42.546344', 'duration': 18.967, '__id__': '/etc/sysconfig/keepalived'}, 'file_|-/etc/init.d/keepalived_|-/etc/init.d/keepalived_|-managed': {'changes': {}, 'comment': 'File /etc/init.d/keepalived is in the correct state', 'name': '/etc/init.d/keepalived', 'result': True, '__sls__': 'keepalived.install', '__run_num__': 19, 'start_time': '15:58:42.565465', 'duration': 7.714, '__id__': '/etc/init.d/keepalived'}, 'file_|-xiaoma_|-/usr/local/keepalived/sbin/_|-directory': {'name': '/usr/local/keepalived/sbin/', 'changes': {}, 'result': True, 'comment': 'The directory /usr/local/keepalived/sbin is in the correct state', '__sls__': 'keepalived.install', '__run_num__': 20, 'start_time': '15:58:42.573297', 'duration': 1.14, '__id__': 'xiaoma'}, 'file_|-/usr/local/keepalived/sbin/keepalived_|-/usr/local/keepalived/sbin/keepalived_|-managed': {'changes': {}, 'comment': 'File /usr/local/keepalived/sbin/keepalived is in the correct state', 'name': '/usr/local/keepalived/sbin/keepalived', 'result': True, '__sls__': 'keepalived.install', '__run_num__': 21, 'start_time': '15:58:42.574534', 'duration': 18.528, '__id__': '/usr/local/keepalived/sbin/keepalived'}, 'cmd_|-keepalived-init_|-chkconfig --add keepalived_|-run': {'result': True, 'name': 'chkconfig --add keepalived', 'changes': {}, 'comment': 'unless condition is true', 'skip_watch': True, '__sls__': 'keepalived.install', '__run_num__': 22, 'start_time': '15:58:42.593731', 'duration': 13.178, '__id__': 'keepalived-init'}, 'file_|-/etc/keepalived_|-/etc/keepalived_|-directory': {'name': '/etc/keepalived', 'changes': {}, 'result': True, 'comment': 'The directory /etc/keepalived is in the correct state', '__sls__': 'keepalived.install', '__run_num__': 23, 'start_time': '15:58:42.607105', 'duration': 1.726, '__id__': '/etc/keepalived'}, 'file_|-keepalived-server_|-/etc/keepalived/keepalived.conf_|-managed': {'changes': {}, 'comment': 'File /etc/keepalived/keepalived.conf is in the correct state', 'name': '/etc/keepalived/keepalived.conf', 'result': True, '__sls__': 'cluster.haproxy-outside-keepalived', '__run_num__': 24, 'start_time': '15:58:42.608962', 'duration': 9.11, '__id__': 'keepalived-server'}, 'service_|-keepalived-server_|-keepalived_|-running': {'name': 'keepalived', 'changes': {}, 'result': True, 'comment': 'The service keepalived is already running', '__sls__': 'cluster.haproxy-outside-keepalived', '__run_num__': 25, 'start_time': '15:58:42.618523', 'duration': 19.089, '__id__': 'keepalived-server'}, 'retcode': 0}}
{'mcw04': {'no_|-states_|-states_|-None': {'result': False, 'comment': 'No Top file or master_tops data matches found. Please see master log for details.', 'name': 'No States', 'changes': {}, '__run_num__': 0}, 'retcode': 2}}
>>>
==》逐个返回结果
>>> import salt.client
>>> local=salt.client.LocalClient()
>>> ret=local.cmd_iter('*','test.ping')
>>> for i in ret:
... print(i)
...
{'mcw01': {'ret': True, 'retcode': 0, 'jid': '20240127080133628154'}}
{'mcw03': {'ret': True, 'retcode': 0, 'jid': '20240127080133628154'}}
{'mcw04': {'ret': True, 'retcode': 0, 'jid': '20240127080133628154'}}
{'mcw02': {'ret': True, 'retcode': 0, 'jid': '20240127080133628154'}}
>>>
==》逐次返回结果,如果没有结果继续等待
>>> import salt.client
>>> local=salt.client.LocalClient()
>>> ret=local.cmd_iter_no_block('*','test.ping')
>>> for i in ret:
... print(i)
...
None
{'mcw04': {'ret': True, 'retcode': 0, 'jid': '20240127080509099693'}}
{'mcw01': {'ret': True, 'retcode': 0, 'jid': '20240127080509099693'}}
{'mcw03': {'ret': True, 'retcode': 0, 'jid': '20240127080509099693'}}
{'mcw02': {'ret': True, 'retcode': 0, 'jid': '20240127080509099693'}}
>>>
==》随机执行
>>> import salt.client
>>> local=salt.client.LocalClient()
>>> local.cmd_subset('*','test.ping',sub=1,progress=True)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.6/site-packages/salt/client/__init__.py", line 557, in cmd_subset
**kwargs
File "/usr/lib/python3.6/site-packages/salt/client/__init__.py", line 782, in cmd
ret[mid] = data if full_return else data.get("ret", {})
AttributeError: 'int' object has no attribute 'get'
>>>
==》执行命令
>>> import salt.client
>>> local=salt.client.LocalClient()
>>> local.run_job('mcw03','test.ping',[300])
{'jid': '20240127082323390382', 'minions': ['mcw03']}
>>>
2、salt caller
客户端执行命令salt-call
[root@mcw02 ~]# python3
Python 3.6.8 (default, Nov 14 2023, 16:29:52)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import salt.client
>>> caller=salt.client.Caller()
>>> caller.cmd('test.ping')
True
>>> caller.function('test.ping')
True
>>> exit()
[root@mcw02 ~]# salt-call test.ping
local:
True
[root@mcw02 ~]#
3、RunnerClient
salt-run的作用,报错了,回头再看
[root@mcw01 ~]# python3
Python 3.6.8 (default, Nov 14 2023, 16:29:52)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import salt.config
>>> opts=salt.config.master_config('/etc/salt/master')
>>> runner=salt.runner.RunnerClient(opts)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: module 'salt' has no attribute 'runner'
>>> runner.cmd('jobs.list_jobs',[])
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'runner' is not defined
>>>
4、wheelclient
一样,有问题,以后再看看
[root@mcw01 ~]# python3
Python 3.6.8 (default, Nov 14 2023, 16:29:52)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import salt.config
>>> opts=salt.config.master_config('/etc/salt/master')
>>> wheel=salt.wheel.Wheel(opts)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: module 'salt' has no attribute 'wheel'
>>> wheel.call_func('key.list_all')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'wheel' is not defined
>>>
通过restful api调用
1、restful api配置环境部署
1、部署salt-api服务
部署到master上
[root@mcw01 ~]# yum install gcc make python-devel libffi-devel -y
salt master minion没有启动时报错
[root@mcw01 ~]# salt-call tls.create_self_signed_cert
[ERROR ] No master could be reached or all masters denied the minion's connection attempt.
Attempt to authenticate with the salt master failed with timeout error
[root@mcw01 ~]#
缺少一个安装包报错
[root@mcw01 ~]# salt-call tls.create_self_signed_cert
'tls' __virtual__ returned False: PyOpenSSL version 0.10 or later must be installed before this module can be used.
[root@mcw01 ~]#
安装需要的包,报错缺少某个模块
[root@mcw01 ~]# pip3 install pyOpenSSL
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting pyOpenSSL
Using cached https://files.pythonhosted.org/packages/f0/e2/f8b4f1c67933a4907e52228241f4bd52169f3196b70af04403b29c63238a/pyOpenSSL-23.2.0-py3-none-any.whl
Collecting cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0 (from pyOpenSSL)
Using cached https://files.pythonhosted.org/packages/f7/80/04cc7637238b78f8e7354900817135c5a23cf66dfb3f3a216c6d630d6833/cryptography-40.0.2.tar.gz
Complete output from command python setup.py egg_info: =============================DEBUG ASSISTANCE==========================
If you are seeing an error here please try the following to
successfully install cryptography: Upgrade to the latest pip and try again. This will fix errors for most
users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip
=============================DEBUG ASSISTANCE========================== Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-build-ol5hiy7_/cryptography/setup.py", line 18, in <module>
from setuptools_rust import RustExtension
ModuleNotFoundError: No module named 'setuptools_rust' ----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-ol5hiy7_/cryptography/
[root@mcw01 ~]#
安装缺少的包
[root@mcw01 ~]# pip3 install setuptools-rust
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting setuptools-rust
Downloading https://files.pythonhosted.org/packages/66/ca/66bdf8f326977098eff28c314c8f825bc28d6986944c590e40ad0f74c5f0/setuptools_rust-1.1.2-py3-none-any.whl
Collecting setuptools>=46.1 (from setuptools-rust)
Cache entry deserialization failed, entry ignored
Downloading https://files.pythonhosted.org/packages/b0/3a/88b210db68e56854d0bcf4b38e165e03be377e13907746f825790f3df5bf/setuptools-59.6.0-py3-none-any.whl (952kB)
100% |████████████████████████████████| 962kB 1.3MB/s
Collecting semantic-version<3,>=2.8.2 (from setuptools-rust)
Downloading https://files.pythonhosted.org/packages/6a/23/8146aad7d88f4fcb3a6218f41a60f6c2d4e3a72de72da1825dc7c8f7877c/semantic_version-2.10.0-py2.py3-none-any.whl
Requirement already satisfied: typing-extensions>=3.7.4.3 in /usr/local/lib/python3.6/site-packages (from setuptools-rust)
Installing collected packages: setuptools, semantic-version, setuptools-rust
Successfully installed semantic-version-2.10.0 setuptools-59.6.0 setuptools-rust-1.1.2
[root@mcw01 ~]
报错需要更高的rust版本
[root@mcw01 ~]# pip3 install pyOpenSSL
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Collecting pyOpenSSL
Using cached https://files.pythonhosted.org/packages/f0/e2/f8b4f1c67933a4907e52228241f4bd52169f3196b70af04403b29c63238a/pyOpenSSL-23.2.0-py3-none-any.whl
Collecting cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0 (from pyOpenSSL)
Using cached https://files.pythonhosted.org/packages/f7/80/04cc7637238b78f8e7354900817135c5a23cf66dfb3f3a216c6d630d6833/cryptography-40.0.2.tar.gz
Collecting cffi>=1.12 (from cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0->pyOpenSSL)
Cache entry deserialization failed, entry ignored
Downloading https://files.pythonhosted.org/packages/3a/12/d6066828014b9ccb2bbb8e1d9dc28872d20669b65aeb4a86806a0757813f/cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402kB)
100% |████████████████████████████████| 409kB 1.6MB/s
Collecting pycparser (from cffi>=1.12->cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0->pyOpenSSL)
Downloading https://files.pythonhosted.org/packages/62/d5/5f610ebe421e85889f2e55e33b7f9a6795bd982198517d912eb1c76e1a53/pycparser-2.21-py2.py3-none-any.whl (118kB)
100% |████████████████████████████████| 122kB 3.2MB/s
Installing collected packages: pycparser, cffi, cryptography, pyOpenSSL
/usr/local/lib/python3.6/site-packages/setuptools/command/install.py:37: SetuptoolsDeprecationWarning: setup.py install is deprecated. Use build and pip and other standards-based tools.
....../
copying src/cryptography/hazmat/bindings/_rust/pkcs7.pyi -> build/lib.linux-x86_64-3.6/cryptography/hazmat/bindings/_rust
copying src/cryptography/hazmat/bindings/_rust/x509.pyi -> build/lib.linux-x86_64-3.6/cryptography/hazmat/bindings/_rust
creating build/lib.linux-x86_64-3.6/cryptography/hazmat/bindings/_rust/openssl
copying src/cryptography/hazmat/bindings/_rust/openssl/__init__.pyi -> build/lib.linux-x86_64-3.6/cryptography/hazmat/bindings/_rust/openssl
copying src/cryptography/hazmat/bindings/_rust/openssl/x25519.pyi -> build/lib.linux-x86_64-3.6/cryptography/hazmat/bindings/_rust/openssl
running build_ext
running build_rust =============================DEBUG ASSISTANCE=============================
If you are seeing a compilation error please try the following steps to
successfully install cryptography:
1) Upgrade to the latest pip and try again. This will fix errors for most
users. See: https://pip.pypa.io/en/stable/installing/#upgrading-pip
2) Read https://cryptography.io/en/latest/installation/ for specific
instructions for your platform.
3) Check our frequently asked questions for more information:
https://cryptography.io/en/latest/faq/
4) Ensure you have a recent Rust toolchain installed:
https://cryptography.io/en/latest/installation/#rust Python: 3.6.8
platform: Linux-3.10.0-693.el7.x86_64-x86_64-with-centos-7.4.1708-Core
pip: 9.0.3
setuptools: 59.6.0
setuptools_rust: 1.1.2
rustc: n/a
=============================DEBUG ASSISTANCE============================= error: can't find Rust compiler If you are using an outdated pip version, it is possible a prebuilt wheel is available for this package but pip is not able to install from it. Installing from the wheel would avoid the need for a Rust compiler. To update pip, run: pip install --upgrade pip and then retry package installation. If you did intend to build this package from source, try installing a Rust compiler from your system package manager and ensure it is on the PATH during installation. Alternatively, rustup (available at https://rustup.rs) is the recommended way to download and update the Rust compiler toolchain. This package requires Rust >=1.48.0. ----------------------------------------
Command "/usr/bin/python3 -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-aq0e4b0m/cryptography/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-544fypgg-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-aq0e4b0m/cryptography/
[root@mcw01 ~]#
更新pip
[root@mcw01 ~]# pip3 install --upgrade pip
WARNING: Running pip install with root privileges is generally not a good idea. Try `pip3 install --user` instead.
Cache entry deserialization failed, entry ignored
Collecting pip
Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB)
100% |████████████████████████████████| 1.7MB 842kB/s
Installing collected packages: pip
Successfully installed pip-21.3.1
You are using pip version 21.3.1, however version 23.3.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
[root@mcw01 ~]#
然后pip安装成功
[root@mcw01 ~]# pip3 install pyOpenSSL
WARNING: pip is being invoked by an old script wrapper. This will fail in a future version of pip.
Please see https://github.com/pypa/pip/issues/5599 for advice on fixing the underlying issue.
To avoid this problem you can invoke Python with '-m pip' instead of running pip directly.
Collecting pyOpenSSL
Using cached pyOpenSSL-23.2.0-py3-none-any.whl (59 kB)
Collecting cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0
Downloading cryptography-40.0.2-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.7 MB)
|████████████████████████████████| 3.7 MB 1.2 MB/s
Requirement already satisfied: cffi>=1.12 in /usr/local/lib64/python3.6/site-packages (from cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0->pyOpenSSL) (1.15.1)
Requirement already satisfied: pycparser in /usr/local/lib/python3.6/site-packages (from cffi>=1.12->cryptography!=40.0.0,!=40.0.1,<42,>=38.0.0->pyOpenSSL) (2.21)
Installing collected packages: cryptography, pyOpenSSL
Successfully installed cryptography-40.0.2 pyOpenSSL-23.2.0
WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv
[root@mcw01 ~]#
生成证书:
[root@mcw01 ~]# salt-call tls.create_self_signed_cert
/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py:6: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.bindings.openssl.binding import Binding
local:
Created Private Key: "/etc/pki/tls/certs/localhost.key." Created Certificate: "/etc/pki/tls/certs/localhost.crt."
[root@mcw01 ~]#
安装软件
[root@mcw01 ~]# yum install -y salt-api
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Package salt-api-3004.2-1.el7.noarch already installed and latest version
Nothing to do
[root@mcw01 ~]#
2、配置用户以及权限
[root@mcw01 ~]# ls /etc/salt/master.d/
[root@mcw01 ~]# vim /etc/salt/master.d/eauth.conf
[root@mcw01 ~]# cat /etc/salt/master.d/eauth.conf
external_auth:
pam:
saltapi:
- .
- '@wheel'
- '@runner'
[root@mcw01 ~]# useradd -M -s /sbin/nologin saltapi
[root@mcw01 ~]# echo "spassword"|passwd saltapi --stdin
Changing password for user saltapi.
passwd: all authentication tokens updated successfully.
[root@mcw01 ~]#
3、配置salt-api服务
记得重启salt-master服务
[root@mcw01 ~]# ls /etc/salt/master.d/
eauth.conf
[root@mcw01 ~]# vim /etc/salt/master.d/api.conf
[root@mcw01 ~]# cat /etc/salt/master.d/api.conf
rest_cherrypy:
port: 8000
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/certs/localhost.key
[root@mcw01 ~]#
4、启动服务
[root@mcw01 ~]# systemctl status salt-api
● salt-api.service - The Salt API
Loaded: loaded (/usr/lib/systemd/system/salt-api.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Docs: man:salt-api(1)
file:///usr/share/doc/salt/html/contents.html
https://docs.saltproject.io/en/latest/contents.html
[root@mcw01 ~]# systemctl start salt-api
[root@mcw01 ~]# systemctl status salt-api
● salt-api.service - The Salt API
Loaded: loaded (/usr/lib/systemd/system/salt-api.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2024-01-28 13:54:43 CST; 3s ago
Docs: man:salt-api(1)
file:///usr/share/doc/salt/html/contents.html
https://docs.saltproject.io/en/latest/contents.html
Main PID: 7049 (salt-api)
CGroup: /system.slice/salt-api.service
├─7049 /usr/bin/python3 /usr/bin/salt-api
└─7056 /usr/bin/python3 /usr/bin/salt-api Jan 28 13:54:43 mcw01 systemd[1]: Starting The Salt API...
Jan 28 13:54:43 mcw01 systemd[1]: Started The Salt API.
Jan 28 13:54:44 mcw01 salt-api[7049]: [WARNING ] /usr/local/lib/python3.6/site-packages/OpenSSL/_util.py:6: CryptographyDeprecationWarning: Python 3.6 is no longer suppor... Python 3.6.
Jan 28 13:54:44 mcw01 salt-api[7049]: from cryptography.hazmat.bindings.openssl.binding import Binding
Hint: Some lines were ellipsized, use -l to show in full.
[root@mcw01 ~]#
5、测试
curl -X POST \
-k https://10.0.0.11:8000/login \
-d username='saltapi' \
-d password='spassword' \
-d eauth='pam' | python3 -mjson.tool
[root@mcw01 ~]# curl -X POST \
> -k https://10.0.0.11:8000/login \
> -d username='saltapi' \
> -d password='spassword1' \
> -d eauth='pam' | python3 -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 806 100 760 100 46 5567 336 --:--:-- --:--:-- --:--:-- 5588
Expecting value: line 1 column 1 (char 0)
[root@mcw01 ~]#
测试报错
2024-01-28 14:04:13,883 [salt.auth :306 ][WARNING ][2936] The eauth system "pam" is not enabled
2024-01-28 14:04:13,884 [salt.auth :307 ][WARNING ][2936] Authentication failure of type "eauth" occurred.
2024-01-28 14:04:13,884 [salt.master :2142][WARNING ][2936] Authentication failure of type "eauth" occurred.
查看sshd是开启了的
[root@mcw01 ~]# grep UsePAM /etc/ssh/sshd_config
# WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several
UsePAM yes
[root@mcw01 ~]#
这是因为上面添加了master配置,没有重启服务,重启之后,就可以用了
[root@mcw01 ~]# systemctl restart salt-master
[root@mcw01 ~]#
可以了,符合预期.。认证登录获取token
[root@mcw01 ~]# curl -X POST -k https://10.0.0.11:8000/login -d username='saltapi' -d password='spassword' -d eauth='pam' | python3 -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 243 100 198 100 45 1707 388 --:--:-- --:--:-- --:--:-- 1721
{
"return": [
{
"token": "e8229d0bd8858d5f000aede279d4881968054bf5",
"expire": 1706466070.8909082,
"start": 1706422870.8909078,
"user": "saltapi",
"eauth": "pam",
"perms": [
".",
"@wheel",
"@runner"
]
}
]
}
[root@mcw01 ~]#
使用上面token的访问一些信息:
[root@mcw01 ~]#
[root@mcw01 ~]# curl -k https://10.0.0.11:8000/minions -H "Accept: application/x-yaml" -H "X-Auth-Token:e8229d0bd8858d5f000aede279d4881968054bf5"
return:
- mcw01:
biosreleasedate: 11/12/2020
biosversion: '6.00'
cpu_flags:
- fpu
- vme
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- mmx
- fxsr
- sse
- sse2
- ss
- syscall
- nx
- pdpe1gb
- rdtscp
- lm
- constant_tsc
- arch_perfmon
- rep_good
- nopl
- xtopology
- tsc_reliable
- nonstop_tsc
- eagerfpu
- pni
- pclmulqdq
- ssse3
- fma
- cx16
- pcid
- sse4_1
- sse4_2
- x2apic
- movbe
- popcnt
- tsc_deadline_timer
- aes
- xsave
- avx
- f16c
- rdrand
- hypervisor
- lahf_lm
- abm
- 3dnowprefetch
- fsgsbase
- tsc_adjust
- bmi1
- avx2
- smep
- bmi2
- erms
- invpcid
- avx512f
- avx512dq
- rdseed
- adx
- smap
- avx512ifma
- clflushopt
- clwb
- avx512cd
- sha_ni
- avx512bw
- avx512vl
- xsaveopt
- xsavec
- xgetbv1
- arat
- avx512vbmi
- avx512_vpopcntdq
cpu_model: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
cpuarch: x86_64
cwd: /
disk_big: '21.5'
disk_num: '5'
disks:
- sda
- sr0
dns:
domain: ''
ip4_nameservers:
- 223.5.5.5
ip6_nameservers: []
nameservers:
- 223.5.5.5
options: []
search: []
sortlist: []
domain: ''
efi: false
efi-secure-boot: false
fqdn: mcw01
fqdn_ip4:
- 10.0.0.11
fqdn_ip6:
- fe80::9335:fbc:5cf6:ad83
fqdns:
- vm1.cluster.com
gid: 0
gpus:
- model: SVGA II Adapter
vendor: vmware
groupname: root
host: mcw01
hwaddr_interfaces:
ens33: 00:0c:29:0b:af:8b
ens34: 00:0c:29:0b:af:95
lo: 00:00:00:00:00:00
id: mcw01
init: systemd
ip4_gw: 10.0.0.254
ip4_interfaces:
ens33:
- 10.0.0.11
ens34: []
lo:
- 127.0.0.1
ip6_gw: false
ip6_interfaces:
ens33:
- fe80::9335:fbc:5cf6:ad83
ens34: []
lo:
- ::1
ip_gw: true
ip_interfaces:
ens33:
- 10.0.0.11
- fe80::9335:fbc:5cf6:ad83
ens34: []
lo:
- 127.0.0.1
- ::1
ipv4:
- 10.0.0.11
- 127.0.0.1
ipv6:
- ::1
- fe80::9335:fbc:5cf6:ad83
kernel: Linux
kernelparams:
- - BOOT_IMAGE
- /vmlinuz-3.10.0-693.el7.x86_64
- - root
- /dev/mapper/centos-root
- - ro
- null
- - crashkernel
- auto
- - rd.lvm.lv
- centos/root
- - rd.lvm.lv
- centos/swap
- - rhgb
- null
- - quiet
- null
- - LANG
- en_US.UTF-8
kernelrelease: 3.10.0-693.el7.x86_64
kernelversion: '#1 SMP Tue Aug 22 21:09:27 UTC 2017'
locale_info:
defaultencoding: UTF-8
defaultlanguage: en_US
detectedencoding: UTF-8
timezone: unknown
localhost: mcw01
lsb_distrib_codename: CentOS Linux 7 (Core)
lsb_distrib_id: CentOS Linux
lvm:
centos:
- root
- swap
machine_id: bb1b2376b74646258ef7222ab51c5112
manufacturer: VMware, Inc.
master: 10.0.0.11
mdadm: []
mem_total: 2831
myclass:
- 1
- 2
mygongzuo: null
myhobby:
- lanqiu
- zuqiu
- yumaoqiu
myname: mcw
nodename: mcw01
num_cpus: 1
num_gpus: 1
os: CentOS
os_family: RedHat
osarch: x86_64
oscodename: CentOS Linux 7 (Core)
osfinger: CentOS Linux-7
osfullname: CentOS Linux
osmajorrelease: 7
osrelease: 7.4.1708
osrelease_info:
- 7
- 4
- 1708
path: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
pid: 2817
productname: VMware Virtual Platform
ps: ps -efHww
pythonexecutable: /usr/bin/python3
pythonpath:
- /usr/bin
- /usr/lib64/python36.zip
- /usr/lib64/python3.6
- /usr/lib64/python3.6/lib-dynload
- /usr/local/lib/python3.6/site-packages
- /usr/lib64/python3.6/site-packages
- /usr/lib/python3.6/site-packages
pythonversion:
- 3
- 6
- 8
- final
- 0
roles:
- webserver
- memcache
saltpath: /usr/lib/python3.6/site-packages/salt
saltversion: '3004.2'
saltversioninfo:
- 3004
- 2
selinux:
enabled: false
enforced: Disabled
serialnumber: VMware-56 4d e1 31 df d3 45 ba-1f 3c f8 40 26 0b af 8b
server_id: 821607250
shell: /bin/sh
ssds: []
swap_total: 3
systemd:
features: +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN
version: '219'
systempath:
- /usr/local/sbin
- /usr/local/bin
- /usr/sbin
- /usr/bin
transactional: false
uid: 0
username: root
uuid: 31e14d56-d3df-ba45-1f3c-f840260baf8b
virtual: VMware
zfs_feature_flags: false
zfs_support: false
zmqversion: 4.1.4
mcw02:
biosreleasedate: 11/12/2020
biosversion: '6.00'
cpu_flags:
- fpu
- vme
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- mmx
- fxsr
- sse
- sse2
- ss
- syscall
- nx
- pdpe1gb
- rdtscp
- lm
- constant_tsc
- arch_perfmon
- rep_good
- nopl
- xtopology
- tsc_reliable
- nonstop_tsc
- eagerfpu
- pni
- pclmulqdq
- ssse3
- fma
- cx16
- pcid
- sse4_1
- sse4_2
- x2apic
- movbe
- popcnt
- tsc_deadline_timer
- aes
- xsave
- avx
- f16c
- rdrand
- hypervisor
- lahf_lm
- abm
- 3dnowprefetch
- fsgsbase
- tsc_adjust
- bmi1
- avx2
- smep
- bmi2
- erms
- invpcid
- avx512f
- avx512dq
- rdseed
- adx
- smap
- avx512ifma
- clflushopt
- clwb
- avx512cd
- sha_ni
- avx512bw
- avx512vl
- xsaveopt
- xsavec
- xgetbv1
- arat
- avx512vbmi
- avx512_vpopcntdq
cpu_model: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
cpuarch: x86_64
cwd: /
disks:
- sda
- sr0
dns:
domain: ''
ip4_nameservers:
- 223.5.5.5
ip6_nameservers: []
nameservers:
- 223.5.5.5
options: []
search: []
sortlist: []
domain: ''
efi: false
efi-secure-boot: false
fqdn: mcw02
fqdn_ip4:
- 10.0.0.12
fqdn_ip6:
- fe80::9335:fbc:5cf6:ad83
- fe80::495b:ff7:d185:f95d
- fe80::f32c:166d:40de:8f2e
fqdns:
- mcw02
gid: 0
gpus:
- model: SVGA II Adapter
vendor: vmware
groupname: root
host: mcw02
hwaddr_interfaces:
ens33: 00:0c:29:af:9b:98
ens34: 00:0c:29:af:9b:a2
lo: 00:00:00:00:00:00
id: mcw02
init: systemd
ip4_gw: 10.0.0.254
ip4_interfaces:
ens33:
- 10.0.0.12
- 10.0.0.99
ens34: []
lo:
- 127.0.0.1
ip6_gw: false
ip6_interfaces:
ens33:
- fe80::f32c:166d:40de:8f2e
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
ens34: []
lo:
- ::1
ip_gw: true
ip_interfaces:
ens33:
- 10.0.0.12
- 10.0.0.99
- fe80::f32c:166d:40de:8f2e
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
ens34: []
lo:
- 127.0.0.1
- ::1
ipv4:
- 10.0.0.12
- 10.0.0.99
- 127.0.0.1
ipv6:
- ::1
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
- fe80::f32c:166d:40de:8f2e
kernel: Linux
kernelparams:
- - BOOT_IMAGE
- /vmlinuz-3.10.0-693.el7.x86_64
- - root
- /dev/mapper/centos-root
- - ro
- null
- - crashkernel
- auto
- - rd.lvm.lv
- centos/root
- - rd.lvm.lv
- centos/swap
- - rhgb
- null
- - quiet
- null
- - LANG
- en_US.UTF-8
kernelrelease: 3.10.0-693.el7.x86_64
kernelversion: '#1 SMP Tue Aug 22 21:09:27 UTC 2017'
locale_info:
defaultencoding: UTF-8
defaultlanguage: en_US
detectedencoding: UTF-8
timezone: unknown
localhost: mcw02
lsb_distrib_codename: CentOS Linux 7 (Core)
lsb_distrib_id: CentOS Linux
lvm:
centos:
- root
- swap
machine_id: bb1b2376b74646258ef7222ab51c5112
manufacturer: VMware, Inc.
master: 10.0.0.11
mdadm: []
mem_total: 3774
myname: mcw
nodename: mcw02
num_cpus: 1
num_gpus: 1
os: CentOS
os_family: RedHat
osarch: x86_64
oscodename: CentOS Linux 7 (Core)
osfinger: CentOS Linux-7
osfullname: CentOS Linux
osmajorrelease: 7
osrelease: 7.4.1708
osrelease_info:
- 7
- 4
- 1708
path: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
pid: 1912
productname: VMware Virtual Platform
ps: ps -efHww
pythonexecutable: /usr/bin/python3
pythonpath:
- /usr/bin
- /usr/lib64/python36.zip
- /usr/lib64/python3.6
- /usr/lib64/python3.6/lib-dynload
- /usr/lib64/python3.6/site-packages
- /usr/lib/python3.6/site-packages
pythonversion:
- 3
- 6
- 8
- final
- 0
saltpath: /usr/lib/python3.6/site-packages/salt
saltversion: '3004.2'
saltversioninfo:
- 3004
- 2
selinux:
enabled: false
enforced: Disabled
serialnumber: VMware-56 4d 2d d8 bf c5 a5 54-d3 13 90 55 ee af 9b 98
server_id: 1918965342
shell: /bin/sh
ssds: []
swap_total: 3
systemd:
features: +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN
version: '219'
systempath:
- /usr/local/sbin
- /usr/local/bin
- /usr/sbin
- /usr/bin
transactional: false
uid: 0
username: root
uuid: d82d4d56-c5bf-54a5-d313-9055eeaf9b98
virtual: VMware
zfs_feature_flags: false
zfs_support: false
zmqversion: 4.1.4
mcw03:
biosreleasedate: 11/12/2020
biosversion: '6.00'
cpu_flags:
- fpu
- vme
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- mmx
- fxsr
- sse
- sse2
- ss
- syscall
- nx
- pdpe1gb
- rdtscp
- lm
- constant_tsc
- arch_perfmon
- rep_good
- nopl
- xtopology
- tsc_reliable
- nonstop_tsc
- eagerfpu
- pni
- pclmulqdq
- ssse3
- fma
- cx16
- pcid
- sse4_1
- sse4_2
- x2apic
- movbe
- popcnt
- tsc_deadline_timer
- aes
- xsave
- avx
- f16c
- rdrand
- hypervisor
- lahf_lm
- abm
- 3dnowprefetch
- fsgsbase
- tsc_adjust
- bmi1
- avx2
- smep
- bmi2
- erms
- invpcid
- avx512f
- avx512dq
- rdseed
- adx
- smap
- avx512ifma
- clflushopt
- clwb
- avx512cd
- sha_ni
- avx512bw
- avx512vl
- xsaveopt
- xsavec
- xgetbv1
- arat
- avx512vbmi
- avx512_vpopcntdq
cpu_model: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
cpuarch: x86_64
cwd: /
disk_big: '21.5'
disk_num: '5'
disks:
- sda
- sr0
dns:
domain: ''
ip4_nameservers:
- 223.5.5.5
ip6_nameservers: []
nameservers:
- 223.5.5.5
options: []
search: []
sortlist: []
domain: ''
efi: false
efi-secure-boot: false
fqdn: mcw03
fqdn_ip4:
- 10.0.0.13
fqdn_ip6:
- fe80::9335:fbc:5cf6:ad83
- fe80::495b:ff7:d185:f95d
- fe80::f32c:166d:40de:8f2e
fqdns:
- mcw03
gid: 0
gpus:
- model: SVGA II Adapter
vendor: vmware
groupname: root
host: mcw03
hwaddr_interfaces:
ens33: 00:0c:29:ae:54:49
ens34: 00:0c:29:ae:54:53
lo: 00:00:00:00:00:00
id: mcw03
init: systemd
ip4_gw: 10.0.0.254
ip4_interfaces:
ens33:
- 10.0.0.13
ens34: []
lo:
- 127.0.0.1
ip6_gw: false
ip6_interfaces:
ens33:
- fe80::f32c:166d:40de:8f2e
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
ens34: []
lo:
- ::1
ip_gw: true
ip_interfaces:
ens33:
- 10.0.0.13
- fe80::f32c:166d:40de:8f2e
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
ens34: []
lo:
- 127.0.0.1
- ::1
ipv4:
- 10.0.0.13
- 127.0.0.1
ipv6:
- ::1
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
- fe80::f32c:166d:40de:8f2e
kernel: Linux
kernelparams:
- - BOOT_IMAGE
- /vmlinuz-3.10.0-693.el7.x86_64
- - root
- /dev/mapper/centos-root
- - ro
- null
- - crashkernel
- auto
- - rd.lvm.lv
- centos/root
- - rd.lvm.lv
- centos/swap
- - rhgb
- null
- - quiet
- null
- - LANG
- en_US.UTF-8
kernelrelease: 3.10.0-693.el7.x86_64
kernelversion: '#1 SMP Tue Aug 22 21:09:27 UTC 2017'
locale_info:
defaultencoding: UTF-8
defaultlanguage: en_US
detectedencoding: UTF-8
timezone: unknown
localhost: mcw03
lsb_distrib_codename: CentOS Linux 7 (Core)
lsb_distrib_id: CentOS Linux
lvm:
centos:
- root
- swap
machine_id: bb1b2376b74646258ef7222ab51c5112
manufacturer: VMware, Inc.
master: 10.0.0.11
mdadm: []
mem_total: 2467
nodename: mcw03
num_cpus: 1
num_gpus: 1
os: CentOS
os_family: RedHat
osarch: x86_64
oscodename: CentOS Linux 7 (Core)
osfinger: CentOS Linux-7
osfullname: CentOS Linux
osmajorrelease: 7
osrelease: 7.4.1708
osrelease_info:
- 7
- 4
- 1708
path: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
pid: 2437
productname: VMware Virtual Platform
ps: ps -efHww
pythonexecutable: /usr/bin/python3
pythonpath:
- /usr/bin
- /usr/lib64/python36.zip
- /usr/lib64/python3.6
- /usr/lib64/python3.6/lib-dynload
- /usr/lib64/python3.6/site-packages
- /usr/lib/python3.6/site-packages
pythonversion:
- 3
- 6
- 8
- final
- 0
saltpath: /usr/lib/python3.6/site-packages/salt
saltversion: '3004.2'
saltversioninfo:
- 3004
- 2
selinux:
enabled: false
enforced: Disabled
serialnumber: VMware-56 4d 32 c0 fc c4 56 c4-cc dc 1d c7 5b ae 54 49
server_id: 322909251
shell: /bin/sh
ssds: []
swap_total: 3
systemd:
features: +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN
version: '219'
systempath:
- /usr/local/sbin
- /usr/local/bin
- /usr/sbin
- /usr/bin
transactional: false
uid: 0
username: root
uuid: c0324d56-c4fc-c456-ccdc-1dc75bae5449
virtual: VMware
zfs_feature_flags: false
zfs_support: false
zmqversion: 4.1.4
mcw04:
biosreleasedate: 11/12/2020
biosversion: '6.00'
cpu_flags:
- fpu
- vme
- de
- pse
- tsc
- msr
- pae
- mce
- cx8
- apic
- sep
- mtrr
- pge
- mca
- cmov
- pat
- pse36
- clflush
- mmx
- fxsr
- sse
- sse2
- ss
- syscall
- nx
- pdpe1gb
- rdtscp
- lm
- constant_tsc
- arch_perfmon
- rep_good
- nopl
- xtopology
- tsc_reliable
- nonstop_tsc
- eagerfpu
- pni
- pclmulqdq
- ssse3
- fma
- cx16
- pcid
- sse4_1
- sse4_2
- x2apic
- movbe
- popcnt
- tsc_deadline_timer
- aes
- xsave
- avx
- f16c
- rdrand
- hypervisor
- lahf_lm
- abm
- 3dnowprefetch
- fsgsbase
- tsc_adjust
- bmi1
- avx2
- smep
- bmi2
- erms
- invpcid
- avx512f
- avx512dq
- rdseed
- adx
- smap
- avx512ifma
- clflushopt
- clwb
- avx512cd
- sha_ni
- avx512bw
- avx512vl
- xsaveopt
- xsavec
- xgetbv1
- arat
- avx512vbmi
- avx512_vpopcntdq
cpu_model: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
cpuarch: x86_64
cwd: /
disks:
- sda
- sr0
dns:
domain: ''
ip4_nameservers:
- 223.5.5.5
ip6_nameservers: []
nameservers:
- 223.5.5.5
options: []
search: []
sortlist: []
domain: ''
efi: false
efi-secure-boot: false
fqdn: mcw04
fqdn_ip4:
- 192.168.80.4
- 10.0.0.14
- 172.168.4.4
fqdn_ip6:
- fe80::c40e:7276:fe3:2c85
- fe80::9335:fbc:5cf6:ad83
- fe80::495b:ff7:d185:f95d
- fe80::3727:c947:9372:e96a
fqdns:
- mcw04
- vm4.cluster.com
gid: 0
gpus:
- model: SVGA II Adapter
vendor: vmware
groupname: root
host: mcw04
hwaddr_interfaces:
ens33: 00:0c:29:73:fb:5c
ens34: 00:0c:29:73:fb:66
ens37: 00:0c:29:73:fb:70
ens38: 00:0c:29:73:fb:7a
lo: 00:00:00:00:00:00
id: mcw04
init: systemd
ip4_gw: 10.0.0.254
ip4_interfaces:
ens33:
- 10.0.0.14
ens34: []
ens37:
- 192.168.80.4
ens38:
- 172.168.4.4
lo:
- 127.0.0.1
ip6_gw: false
ip6_interfaces:
ens33:
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
ens34: []
ens37:
- fe80::c40e:7276:fe3:2c85
ens38:
- fe80::3727:c947:9372:e96a
lo:
- ::1
ip_gw: true
ip_interfaces:
ens33:
- 10.0.0.14
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
ens34: []
ens37:
- 192.168.80.4
- fe80::c40e:7276:fe3:2c85
ens38:
- 172.168.4.4
- fe80::3727:c947:9372:e96a
lo:
- 127.0.0.1
- ::1
ipv4:
- 10.0.0.14
- 127.0.0.1
- 172.168.4.4
- 192.168.80.4
ipv6:
- ::1
- fe80::3727:c947:9372:e96a
- fe80::495b:ff7:d185:f95d
- fe80::9335:fbc:5cf6:ad83
- fe80::c40e:7276:fe3:2c85
kernel: Linux
kernelparams:
- - BOOT_IMAGE
- /vmlinuz-3.10.0-693.el7.x86_64
- - root
- /dev/mapper/centos-root
- - ro
- null
- - crashkernel
- auto
- - rd.lvm.lv
- centos/root
- - rd.lvm.lv
- centos/swap
- - rhgb
- null
- - quiet
- null
- - LANG
- en_US.UTF-8
kernelrelease: 3.10.0-693.el7.x86_64
kernelversion: '#1 SMP Tue Aug 22 21:09:27 UTC 2017'
locale_info:
defaultencoding: UTF-8
defaultlanguage: en_US
detectedencoding: UTF-8
timezone: unknown
localhost: mcw04
lsb_distrib_codename: CentOS Linux 7 (Core)
lsb_distrib_id: CentOS Linux
lvm:
centos:
- root
- swap
machine_id: bb1b2376b74646258ef7222ab51c5112
manufacturer: VMware, Inc.
master: 10.0.0.11
mdadm: []
mem_total: 1494
myname: xiaoma
nodename: mcw04
num_cpus: 1
num_gpus: 1
os: CentOS
os_family: RedHat
osarch: x86_64
oscodename: CentOS Linux 7 (Core)
osfinger: CentOS Linux-7
osfullname: CentOS Linux
osmajorrelease: 7
osrelease: 7.4.1708
osrelease_info:
- 7
- 4
- 1708
path: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
pid: 2449
productname: VMware Virtual Platform
ps: ps -efHww
pythonexecutable: /usr/bin/python3
pythonpath:
- /usr/bin
- /usr/lib64/python36.zip
- /usr/lib64/python3.6
- /usr/lib64/python3.6/lib-dynload
- /usr/lib64/python3.6/site-packages
- /usr/lib/python3.6/site-packages
pythonversion:
- 3
- 6
- 8
- final
- 0
saltpath: /usr/lib/python3.6/site-packages/salt
saltversion: '3004.2'
saltversioninfo:
- 3004
- 2
selinux:
enabled: false
enforced: Disabled
serialnumber: VMware-56 4d 01 4e 4d 8e 1f ea-ce a5 26 41 f6 73 fb 5c
server_id: 270933825
shell: /bin/sh
ssds: []
swap_total: 3
systemd:
features: +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ -LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN
version: '219'
systempath:
- /usr/local/sbin
- /usr/local/bin
- /usr/sbin
- /usr/bin
transactional: false
uid: 0
username: root
uuid: 4e014d56-8e4d-ea1f-cea5-2641f673fb5c
virtual: VMware
zfs_feature_flags: false
zfs_support: false
zmqversion: 4.1.4
[root@mcw01 ~]#
注意:开启pam之后,salt终端命令执行也是需要验证的 -a pam
[root@mcw01 ~]# salt mcw01 grians.items
/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py:6: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.bindings.openssl.binding import Binding
^C
Exiting gracefully on Ctrl-c
This job's jid is: 20240128170702571596
The minions may not have all finished running and any remaining minions will return upon completion. To look up the return data for this job later, run the following command: salt-run jobs.lookup_jid 20240128170702571596
Exception ignored in: <generator object _read at 0x7ff16acdceb8>
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/salt/transport/ipc.py", line 702, in _read
TypeError: catching classes that do not inherit from BaseException is not allowed
[root@mcw01 ~]# salt mcw01 grians.items
/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py:6: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.bindings.openssl.binding import Binding
mcw01:
'grians.items' is not available.
ERROR: Minions returned with non-zero exit code
[root@mcw01 ~]#
[root@mcw01 ~]# salt mcw01 test.ping -a pam
/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py:6: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.bindings.openssl.binding import Binding
username: saltapi
password:
mcw01:
True
[root@mcw01 ~]#
通过restful api实现日常操作
1、运行远程模块
curl -k https://10.0.0.11:8000/ \
-H "Accept: application/json" \
-H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" \
-d client='local' \
-d tgt='*' \
-d fun='test.ping' \
| python3 -mjson.tool
[root@mcw01 ~]# curl -k https://10.0.0.11:8000/ \
> -H "Accept: application/json" \
> -H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" \
> -d client='local' \
> -d tgt='*' \
> -d fun='test.ping' \
> | python3 -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 106 100 74 100 32 142 61 --:--:-- --:--:-- --:--:-- 142
{
"return": [
{
"mcw03": true,
"mcw04": true,
"mcw01": true,
"mcw02": true
}
]
}
[root@mcw01 ~]#
2、查询指定job
获取任务列表
curl -k https://10.0.0.11:8000/jobs/ \
-H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" |python3 -mjson.tool
[root@mcw01 ~]# curl -k https://10.0.0.11:8000/jobs/ \
> -H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" |python3 -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 9643 100 9643 0 0 5995 0 0:00:01 0:00:01 --:--:-- 5993
{
"return": [
{
"20240127075826131706": {
"Function": "test.ping",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 07:58:26.131706"
},
"20240128063318617808": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 06:33:18.617808"
},
"20240127075835038619": {
"Function": "saltutil.find_job",
"Arguments": [
"20240127075829928919"
],
"Target": [
"mcw01"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 07:58:35.038619"
},
"20240127082056024450": {
"Function": "sys.list_functions",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:20:56.024450"
},
"20240127070307842804": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 07:03:07.842804"
},
"20240127082403361817": {
"Function": "sys.list_functions",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:24:03.361817"
},
"20240128045429189111": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 04:54:29.189111"
},
"20240127071959433353": {
"Function": [
"test.ping",
"cmd.run",
"test.echo"
],
"Arguments": [
[],
[
"hostname"
],
[
"machangwei"
]
],
"Target": "mcw03",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 07:19:59.433353"
},
"20240127160307795911": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 16:03:07.795911"
},
"20240128020307799740": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 02:03:07.799740"
},
"20240127200307806732": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 20:03:07.806732"
},
"20240127120307791869": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 12:03:07.791869"
},
"20240127081810993562": {
"Function": "test.ping",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:18:10.993562"
},
"20240127100307804024": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 10:03:07.804024"
},
"20240127210307809306": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 21:03:07.809306"
},
"20240127081606346048": {
"Function": "sys.list_functions",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:16:06.346048"
},
"20240128010307785898": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 01:03:07.785898"
},
"20240127220307790451": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 22:03:07.790451"
},
"20240127082421101267": {
"Function": "sys.list_functions",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:24:21.101267"
},
"20240127082410322681": {
"Function": "test.ping",
"Arguments": [],
"Target": [
"mcw03"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 08:24:10.322681"
},
"20240127180307804263": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 18:03:07.804263"
},
"20240127170307797449": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 17:03:07.797449"
},
"20240127130307799599": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 13:03:07.799599"
},
"20240127082404935480": {
"Function": "test.ping",
"Arguments": [],
"Target": [
"mcw01"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 08:24:04.935480"
},
"20240127071640052870": {
"Function": "cmd.run",
"Arguments": [
"hostname"
],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 07:16:40.052870"
},
"20240127075219835882": {
"Function": "test.sleep",
"Arguments": [
30
],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 07:52:19.835882"
},
"20240127075826360301": {
"Function": "state.highstate",
"Arguments": [],
"Target": [
"mcw03"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 07:58:26.360301"
},
"20240127075829624890": {
"Function": "state.highstate",
"Arguments": [],
"Target": [
"mcw02"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 07:58:29.624890"
},
"20240127075829928919": {
"Function": "state.highstate",
"Arguments": [],
"Target": [
"mcw01"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 07:58:29.928919"
},
"20240127075842761243": {
"Function": "state.highstate",
"Arguments": [],
"Target": [
"mcw04"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 07:58:42.761243"
},
"20240127080133628154": {
"Function": "test.ping",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:01:33.628154"
},
"20240127080307783624": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:03:07.783624"
},
"20240127080509099693": {
"Function": "test.ping",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:05:09.099693"
},
"20240127080633331114": {
"Function": "sys.list_functions",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:06:33.331114"
},
"20240127080636496089": {
"Function": "test.ping",
"Arguments": [],
"Target": [
"mcw04"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 08:06:36.496089"
},
"20240127110307799102": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 11:03:07.799102"
},
"20240127081607948343": {
"Function": "test.ping",
"Arguments": [],
"Target": [
"mcw04"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 08:16:07.948343"
},
"20240127082057633331": {
"Function": "test.ping",
"Arguments": [],
"Target": [
"mcw03"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 08:20:57.633331"
},
"20240127082323390382": {
"Function": "test.ping",
"Arguments": [
300
],
"Target": "mcw03",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:23:23.390382"
},
"20240127082405980551": {
"Function": "sys.list_functions",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:24:05.980551"
},
"20240127082407552195": {
"Function": "test.ping",
"Arguments": [],
"Target": [
"mcw03"
],
"Target-type": "list",
"User": "root",
"StartTime": "2024, Jan 27 08:24:07.552195"
},
"20240127082408772412": {
"Function": "sys.list_functions",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:24:08.772412"
},
"20240127085355911574": {
"Function": "test.ping",
"Arguments": [],
"Target": "mcw02",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 08:53:55.911574"
},
"20240127090307801858": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 09:03:07.801858"
},
"20240127140307797333": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 14:03:07.797333"
},
"20240127150307810959": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 15:03:07.810959"
},
"20240127190307813466": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 19:03:07.813466"
},
"20240127230307802376": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 27 23:03:07.802376"
},
"20240128000307787845": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 00:03:07.787845"
},
"20240128045549966242": {
"Function": "test.ping",
"Arguments": [],
"Target": "mcw03",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 04:55:49.966242"
},
"20240128053311904295": {
"Function": "test.ping",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 05:33:11.904295"
},
"20240128053318629698": {
"Function": "mine.update",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 05:33:18.629698"
},
"20240128054532451937": {
"Function": "tls.create_self_signed_cert",
"Arguments": [],
"Target": "mcw01",
"Target-type": "glob",
"User": "root",
"StartTime": "2024, Jan 28 05:45:32.451937"
},
"20240128062532496807": {
"Function": "grains.items",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "saltapi",
"StartTime": "2024, Jan 28 06:25:32.496807"
},
"20240128064745829110": {
"Function": "test.ping",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "saltapi",
"StartTime": "2024, Jan 28 06:47:45.829110"
}
}
]
}
[root@mcw01 ~]#
获取jid后,即可获取该任务的详细情况
就把jid拼到路径后面
curl -k https://10.0.0.11:8000/jobs/20240128064745829110 \
-H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" |python3 -mjson.tool
[root@mcw01 ~]# curl -k https://10.0.0.11:8000/jobs/20240128064745829110 \
> -H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" |python3 -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 554 100 554 0 0 411 0 0:00:01 0:00:01 --:--:-- 411
{
"info": [
{
"jid": "20240128064745829110",
"Function": "test.ping",
"Arguments": [],
"Target": "*",
"Target-type": "glob",
"User": "saltapi",
"Minions": [
"mcw01",
"mcw02",
"mcw03",
"mcw04"
],
"StartTime": "2024, Jan 28 06:47:45.829110",
"Result": {
"mcw03": {
"return": true,
"retcode": 0,
"success": true
},
"mcw04": {
"return": true,
"retcode": 0,
"success": true
},
"mcw01": {
"return": true,
"retcode": 0,
"success": true
},
"mcw02": {
"return": true,
"retcode": 0,
"success": true
}
}
}
],
"return": [
{
"mcw03": true,
"mcw04": true,
"mcw01": true,
"mcw02": true
}
]
}
[root@mcw01 ~]#
3、运行runner
curl -k https://10.0.0.11:8000/ \
-H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" \
-d client="runner" \
-d fun="manage.status" |python3 -mjson.tool
[root@mcw01 ~]# curl -k https://10.0.0.11:8000/ \
> -H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" \
> -d client="runner" \
> -d fun="manage.status" |python3 -mjson.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 101 100 70 100 31 62 27 0:00:01 0:00:01 --:--:-- 62
{
"return": [
{
"up": [
"mcw01",
"mcw02",
"mcw03",
"mcw04"
],
"down": []
}
]
}
[root@mcw01 ~]#
4、运行cmd.run
[root@mcw01 ~]# curl -skS https://10.0.0.11:8080/run \
> -H 'Accept: application/x-yaml' \
> -H "X-Auth-Token: e8229d0bd8858d5f000aede279d4881968054bf5" \
> -H 'Content-type: application/json' \
>
curl: (7) Failed connect to 10.0.0.11:8080; Connection refused
[root@mcw01 ~]#
[root@mcw01 ~]#
[root@mcw01 ~]# curl -skS https://10.0.0.11:8000/run \
> -H 'Accept: application/x-yaml' \
> -H 'Content-type: application/json' \
> -d '[{
> "client": "local",
> "tgt": "*",
> "fun": "cmd.run",
> "kwarg": {
> "cmd": "hostname"
> },
> "username": "saltapi",
> "password": "spassword",
> "eauth": "pam"
> }]'
return:
- mcw01: mcw01
mcw02: mcw02
mcw03: mcw03
mcw04: mcw04
[root@mcw01 ~]#
认证用的自动,这里是不行的,这里是pam认证
[root@mcw01 ~]# curl -skS https://10.0.0.11:8000/run \
> -H 'Accept: application/x-yaml' \
> -H 'Content-type: application/json' \
> -d '[{
> "client": "local",
> "tgt": "*",
> "fun": "cmd.run",
> "kwarg": {
> "cmd": "hostname"
> },
> "username": "saltapi",
> "password": "spassword",
> "eauth": "auto"
> }]'
<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"></meta>
<title>401 Unauthorized</title>
<style type="text/css">
#powered_by {
margin-top: 20px;
border-top: 2px solid black;
font-style: italic;
} #traceback {
color: red;
}
</style>
</head>
<body>
<h2>401 Unauthorized</h2>
<p>No permission -- see authorization schemes</p>
<pre id="traceback"></pre>
<div id="powered_by">
<span>
Powered by <a href="http://www.cherrypy.org">CherryPy 5.6.0</a>
</span>
</div>
</body>
</html>
[root@mcw01 ~]#
5、删除minion的认证
curl --request POST \
--url https://192.168.56.11:8080/ \
--header 'Content-Type: application/json' \
--header 'X-Auth-Token: fce2eb30115b01856ae2bad4a5e6ed53b7121283' \
--header 'content-type: application/x-www-form-urlencoded' \
--data client=wheel \
--data fun=key.delete \
--data match=172.20.211.11
6、测试服务器网络
curl --request POST \
--url https://salt.master.com/ \
--header 'Accept: application/x-yaml' \
--header 'X-Auth-Token: cf400ad507d07397d07910e8b154c5f3a7a3d4fd' \
--header 'content-type: application/json' \
--data '{
"tgt": "172.20.221.76",
"client": "local",
"tgt_type": "list",
"fun": "network.ping",
"arg":"www.baidu.com"
}'
7、使用python调用salt-api接口范例
#!/usr/bin/env python
#-*- coding:utf-8 -*-
import json
import requests class SaltClient(object):
def __init__(self, **login_info):
self.login_url = login_info.get("login_url")
self.api_url = login_info.get("api_url")
self.username = login_info.get("username")
self.password = login_info.get("password") def get_token(self):
validate_data = {
"username": self.username ,
"password": self.password,
"eauth": 'pam'
} headers = {
'Accept': 'application/json',
'Content-Type': 'application/json; charset=UTF-8',
'User-Agent': 'py-saltclient'
}
try:
resp = requests.post(self.login_url, json=validate_data, headers=headers, verify=False)
if resp.status_code == 200:
resp_body = json.loads(resp.content)
data = {
'start_time': resp_body['return'][0]['start'],
'expire_time': resp_body['return'][0]['expire'],
'token': resp_body['return'][0]['token']
}
return data
except Exception as e:
print e def exec_command(self, data, token):
headers = {
'Accept': 'application/json',
'Content-Type': 'application/json; charset=UTF-8',
'X-Auth-Token': token
} try:
resp = requests.post(self.api_url, json=data, headers=headers, verify=False)
return resp.content
except Exception as e:
return "not ok" if __name__ == '__main__':
login_info = {
"login_url":"https://<master_IP>/login",
"api_url":"https://<master_IP>/",
"username":"salt-api",
"password":"salt-api"
}
client = SaltClient(**login_info)
token = client.get_token().get("token")
target = "192.168.1.12"
func_ps = 'monitor_srv.ls'
para_ps = {"path":"/abc/extra_conf"}
cmd = {
"client": "local",
"tgt": target,
"fun": func_ps,
'kwarg': para_ps
} res = client.exec_command(data=cmd, token=token)
res = json.loads(res)
returns = res['return']
8、执行状态
[root@mcw01 ~]# salt 'mcw03' state.sls init/env_init -a pam
/usr/local/lib/python3.6/site-packages/OpenSSL/_util.py:6: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography. The next release of cryptography will remove support for Python 3.6.
from cryptography.hazmat.bindings.openssl.binding import Binding
username: saltapi
password:
mcw03:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf is in the correct state
Started: 01:21:48.006617
Duration: 27.91 ms
Changes:
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: File /etc/profile is in correct state
Started: 01:21:48.034680
Duration: 5.346 ms
Changes:
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: File /etc/bashrc is in correct state
Started: 01:21:48.040134
Duration: 3.198 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Sysctl value net.ipv4.ip_local_port_range = 10000 65000 is already set
Started: 01:21:48.046190
Duration: 17.294 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Sysctl value fs.file-max = 2000000 is already set
Started: 01:21:48.063889
Duration: 8.324 ms
Changes:
----------
ID: net.ipv4.ip_forward
Function: sysctl.present
Result: True
Comment: Sysctl value net.ipv4.ip_forward = 1 is already set
Started: 01:21:48.072530
Duration: 6.47 ms
Changes:
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Sysctl value vm.swappiness = 0 is already set
Started: 01:21:48.079250
Duration: 4.978 ms
Changes:
----------
ID: yum_repo_release
Function: pkg.installed
Result: True
Comment: unless condition is true
Started: 01:21:49.165032
Duration: 1197.786 ms
Changes: Summary for mcw03
------------
Succeeded: 8
Failed: 0
------------
Total states run: 8
Total run time: 1.271 s
[root@mcw01 ~]#
第一次执行报错,缺少参数
[root@mcw01 ~]# curl -skS https://10.0.0.11:8000/run \
> -H 'Accept: application/x-yaml' \
> -H 'Content-type: application/json' \
> -d '[{
> "client": "local",
> "tgt": "*",
> "fun": "state.sls",
> "kwarg": {
> "cmd": "init/env_init"
> },
> "username": "saltapi",
> "password": "spassword",
> "eauth": "pam"
> }]'
return:
- mcw01: "Passed invalid arguments to state.sls: sls() missing 1 required positional
argument: 'mods'\n\n Execute the states in one or more SLS files\n\n test\n
\ Run states in test-only (dry-run) mode\n\n pillar\n Custom Pillar
values, passed as a dictionary of key-value pairs\n\n .. code-block:: bash\n\n
\ salt '*' state.sls stuff pillar='{\"foo\": \"bar\"}'\n\n ..
note::\n Values passed this way will override existing Pillar values
set via\n ``pillar_roots`` or an external Pillar source. Pillar values
that\n are not included in the kwarg will not be overwritten.\n\n ..
versionchanged:: 2016.3.0\n GPG-encrypted CLI Pillar data is now supported
via the GPG\n renderer. See :ref:`here <encrypted-cli-pillar-data>`
for details.\n\n pillar_enc\n Specify which renderer to use to decrypt
encrypted data located within\n the ``pillar`` value. Currently, only ``gpg``
is supported.\n\n .. versionadded:: 2016.3.0\n\n exclude\n Exclude
specific states from execution. Accepts a list of sls names, a\n comma-separated
string of sls names, or a list of dictionaries\n containing ``sls`` or
``id`` keys. Glob-patterns may be used to match\n multiple states.\n\n
\ .. code-block:: bash\n\n salt '*' state.sls foo,bar,baz exclude=bar,baz\n
\ salt '*' state.sls foo,bar,baz exclude=ba*\n salt '*' state.sls
foo,bar,baz exclude=\"[{'id': 'id_to_exclude'}, {'sls': 'sls_to_exclude'}]\"\n\n
\ queue : False\n Instead of failing immediately when another state run
is in progress,\n queue the new state run to begin running once the other
has finished.\n\n This option starts a new thread for each queued state
run, so use this\n option sparingly.\n\n concurrent : False\n Execute
state runs concurrently instead of serially\n\n .. warning::\n\n This
flag is potentially dangerous. It is designed for use when\n multiple
state runs can safely be run at the same time. Do *not*\n use this
flag for performance optimization.\n\n saltenv\n Specify a salt fileserver
environment to be used when applying states\n\n .. versionchanged:: 0.17.0\n
\ Argument name changed from ``env`` to ``saltenv``.\n\n .. versionchanged::
2014.7.0\n If no saltenv is specified, the minion config will be checked
for an\n ``environment`` parameter and if found, it will be used. If
none is\n found, ``base`` will be used. In prior releases, the minion
config\n was not checked and ``base`` would always be assumed when
the\n saltenv was not explicitly set.\n\n pillarenv\n Specify
a Pillar environment to be used when applying states. This\n can also be
set in the minion config file using the\n :conf_minion:`pillarenv` option.
When neither the\n :conf_minion:`pillarenv` minion config option nor this
CLI argument is\n used, all Pillar environments will be merged together.\n\n
\ localconfig\n Optionally, instead of using the minion config, load
minion opts from\n the file specified by this argument, and then merge
them with the\n options from the minion config. This functionality allows
for specific\n states to be run with their own custom minion configuration,
including\n different pillars, file_roots, etc.\n\n mock\n The
mock option allows for the state run to execute without actually\n calling
any states. This then returns a mocked return which will show\n the requisite
ordering as well as fully validate the state run.\n\n .. versionadded::
2015.8.4\n\n sync_mods\n If specified, the desired custom module types
will be synced prior to\n running the SLS files:\n\n .. code-block::
bash\n\n salt '*' state.sls stuff sync_mods=states,modules\n salt
'*' state.sls stuff sync_mods=all\n\n .. versionadded:: 2017.7.8,2018.3.3,2019.2.0\n\n
\ CLI Example:\n\n .. code-block:: bash\n\n # Run the states configured
in salt://example.sls (or salt://example/init.sls)\n salt '*' state.apply
example\n\n # Run the states configured in salt://core.sls (or salt://core/init.sls)\n
\ # and salt://edit/vim.sls (or salt://edit/vim/init.sls)\n salt
'*' state.sls core,edit.vim\n\n # Run the states configured in a more deeply
nested directory such as salt://my/nested/state.sls (or salt://my/nested/state/init.sls)\n
\ salt '*' state.sls my.nested.state\n\n salt '*' state.sls core
exclude=\"[{'id': 'id_to_exclude'}, {'sls': 'sls_to_exclude'}]\"\n salt
'*' state.sls myslsfile pillar=\"{foo: 'Foo!', bar: 'Bar!'}\"\n "
mcw02: "Passed invalid arguments to state.sls: sls() missing 1 required positional
argument: 'mods'\n\n Execute the states in one or more SLS files\n\n test\n
\ Run states in test-only (dry-run) mode\n\n pillar\n Custom Pillar
values, passed as a dictionary of key-value pairs\n\n .. code-block:: bash\n\n
\ salt '*' state.sls stuff pillar='{\"foo\": \"bar\"}'\n\n ..
note::\n Values passed this way will override existing Pillar values
set via\n ``pillar_roots`` or an external Pillar source. Pillar values
that\n are not included in the kwarg will not be overwritten.\n\n ..
versionchanged:: 2016.3.0\n GPG-encrypted CLI Pillar data is now supported
via the GPG\n renderer. See :ref:`here <encrypted-cli-pillar-data>`
for details.\n\n pillar_enc\n Specify which renderer to use to decrypt
encrypted data located within\n the ``pillar`` value. Currently, only ``gpg``
is supported.\n\n .. versionadded:: 2016.3.0\n\n exclude\n Exclude
specific states from execution. Accepts a list of sls names, a\n comma-separated
string of sls names, or a list of dictionaries\n containing ``sls`` or
``id`` keys. Glob-patterns may be used to match\n multiple states.\n\n
\ .. code-block:: bash\n\n salt '*' state.sls foo,bar,baz exclude=bar,baz\n
\ salt '*' state.sls foo,bar,baz exclude=ba*\n salt '*' state.sls
foo,bar,baz exclude=\"[{'id': 'id_to_exclude'}, {'sls': 'sls_to_exclude'}]\"\n\n
\ queue : False\n Instead of failing immediately when another state run
is in progress,\n queue the new state run to begin running once the other
has finished.\n\n This option starts a new thread for each queued state
run, so use this\n option sparingly.\n\n concurrent : False\n Execute
state runs concurrently instead of serially\n\n .. warning::\n\n This
flag is potentially dangerous. It is designed for use when\n multiple
state runs can safely be run at the same time. Do *not*\n use this
flag for performance optimization.\n\n saltenv\n Specify a salt fileserver
environment to be used when applying states\n\n .. versionchanged:: 0.17.0\n
\ Argument name changed from ``env`` to ``saltenv``.\n\n .. versionchanged::
2014.7.0\n If no saltenv is specified, the minion config will be checked
for an\n ``environment`` parameter and if found, it will be used. If
none is\n found, ``base`` will be used. In prior releases, the minion
config\n was not checked and ``base`` would always be assumed when
the\n saltenv was not explicitly set.\n\n pillarenv\n Specify
a Pillar environment to be used when applying states. This\n can also be
set in the minion config file using the\n :conf_minion:`pillarenv` option.
When neither the\n :conf_minion:`pillarenv` minion config option nor this
CLI argument is\n used, all Pillar environments will be merged together.\n\n
\ localconfig\n Optionally, instead of using the minion config, load
minion opts from\n the file specified by this argument, and then merge
them with the\n options from the minion config. This functionality allows
for specific\n states to be run with their own custom minion configuration,
including\n different pillars, file_roots, etc.\n\n mock\n The
mock option allows for the state run to execute without actually\n calling
any states. This then returns a mocked return which will show\n the requisite
ordering as well as fully validate the state run.\n\n .. versionadded::
2015.8.4\n\n sync_mods\n If specified, the desired custom module types
will be synced prior to\n running the SLS files:\n\n .. code-block::
bash\n\n salt '*' state.sls stuff sync_mods=states,modules\n salt
'*' state.sls stuff sync_mods=all\n\n .. versionadded:: 2017.7.8,2018.3.3,2019.2.0\n\n
\ CLI Example:\n\n .. code-block:: bash\n\n # Run the states configured
in salt://example.sls (or salt://example/init.sls)\n salt '*' state.apply
example\n\n # Run the states configured in salt://core.sls (or salt://core/init.sls)\n
\ # and salt://edit/vim.sls (or salt://edit/vim/init.sls)\n salt
'*' state.sls core,edit.vim\n\n # Run the states configured in a more deeply
nested directory such as salt://my/nested/state.sls (or salt://my/nested/state/init.sls)\n
\ salt '*' state.sls my.nested.state\n\n salt '*' state.sls core
exclude=\"[{'id': 'id_to_exclude'}, {'sls': 'sls_to_exclude'}]\"\n salt
'*' state.sls myslsfile pillar=\"{foo: 'Foo!', bar: 'Bar!'}\"\n "
mcw03: "Passed invalid arguments to state.sls: sls() missing 1 required positional
argument: 'mods'\n\n Execute the states in one or more SLS files\n\n test\n
\ Run states in test-only (dry-run) mode\n\n pillar\n Custom Pillar
values, passed as a dictionary of key-value pairs\n\n .. code-block:: bash\n\n
\ salt '*' state.sls stuff pillar='{\"foo\": \"bar\"}'\n\n ..
note::\n Values passed this way will override existing Pillar values
set via\n ``pillar_roots`` or an external Pillar source. Pillar values
that\n are not included in the kwarg will not be overwritten.\n\n ..
versionchanged:: 2016.3.0\n GPG-encrypted CLI Pillar data is now supported
via the GPG\n renderer. See :ref:`here <encrypted-cli-pillar-data>`
for details.\n\n pillar_enc\n Specify which renderer to use to decrypt
encrypted data located within\n the ``pillar`` value. Currently, only ``gpg``
is supported.\n\n .. versionadded:: 2016.3.0\n\n exclude\n Exclude
specific states from execution. Accepts a list of sls names, a\n comma-separated
string of sls names, or a list of dictionaries\n containing ``sls`` or
``id`` keys. Glob-patterns may be used to match\n multiple states.\n\n
\ .. code-block:: bash\n\n salt '*' state.sls foo,bar,baz exclude=bar,baz\n
\ salt '*' state.sls foo,bar,baz exclude=ba*\n salt '*' state.sls
foo,bar,baz exclude=\"[{'id': 'id_to_exclude'}, {'sls': 'sls_to_exclude'}]\"\n\n
\ queue : False\n Instead of failing immediately when another state run
is in progress,\n queue the new state run to begin running once the other
has finished.\n\n This option starts a new thread for each queued state
run, so use this\n option sparingly.\n\n concurrent : False\n Execute
state runs concurrently instead of serially\n\n .. warning::\n\n This
flag is potentially dangerous. It is designed for use when\n multiple
state runs can safely be run at the same time. Do *not*\n use this
flag for performance optimization.\n\n saltenv\n Specify a salt fileserver
environment to be used when applying states\n\n .. versionchanged:: 0.17.0\n
\ Argument name changed from ``env`` to ``saltenv``.\n\n .. versionchanged::
2014.7.0\n If no saltenv is specified, the minion config will be checked
for an\n ``environment`` parameter and if found, it will be used. If
none is\n found, ``base`` will be used. In prior releases, the minion
config\n was not checked and ``base`` would always be assumed when
the\n saltenv was not explicitly set.\n\n pillarenv\n Specify
a Pillar environment to be used when applying states. This\n can also be
set in the minion config file using the\n :conf_minion:`pillarenv` option.
When neither the\n :conf_minion:`pillarenv` minion config option nor this
CLI argument is\n used, all Pillar environments will be merged together.\n\n
\ localconfig\n Optionally, instead of using the minion config, load
minion opts from\n the file specified by this argument, and then merge
them with the\n options from the minion config. This functionality allows
for specific\n states to be run with their own custom minion configuration,
including\n different pillars, file_roots, etc.\n\n mock\n The
mock option allows for the state run to execute without actually\n calling
any states. This then returns a mocked return which will show\n the requisite
ordering as well as fully validate the state run.\n\n .. versionadded::
2015.8.4\n\n sync_mods\n If specified, the desired custom module types
will be synced prior to\n running the SLS files:\n\n .. code-block::
bash\n\n salt '*' state.sls stuff sync_mods=states,modules\n salt
'*' state.sls stuff sync_mods=all\n\n .. versionadded:: 2017.7.8,2018.3.3,2019.2.0\n\n
\ CLI Example:\n\n .. code-block:: bash\n\n # Run the states configured
in salt://example.sls (or salt://example/init.sls)\n salt '*' state.apply
example\n\n # Run the states configured in salt://core.sls (or salt://core/init.sls)\n
\ # and salt://edit/vim.sls (or salt://edit/vim/init.sls)\n salt
'*' state.sls core,edit.vim\n\n # Run the states configured in a more deeply
nested directory such as salt://my/nested/state.sls (or salt://my/nested/state/init.sls)\n
\ salt '*' state.sls my.nested.state\n\n salt '*' state.sls core
exclude=\"[{'id': 'id_to_exclude'}, {'sls': 'sls_to_exclude'}]\"\n salt
'*' state.sls myslsfile pillar=\"{foo: 'Foo!', bar: 'Bar!'}\"\n "
mcw04: "Passed invalid arguments to state.sls: sls() missing 1 required positional
argument: 'mods'\n\n Execute the states in one or more SLS files\n\n test\n
\ Run states in test-only (dry-run) mode\n\n pillar\n Custom Pillar
values, passed as a dictionary of key-value pairs\n\n .. code-block:: bash\n\n
\ salt '*' state.sls stuff pillar='{\"foo\": \"bar\"}'\n\n ..
note::\n Values passed this way will override existing Pillar values
set via\n ``pillar_roots`` or an external Pillar source. Pillar values
that\n are not included in the kwarg will not be overwritten.\n\n ..
versionchanged:: 2016.3.0\n GPG-encrypted CLI Pillar data is now supported
via the GPG\n renderer. See :ref:`here <encrypted-cli-pillar-data>`
for details.\n\n pillar_enc\n Specify which renderer to use to decrypt
encrypted data located within\n the ``pillar`` value. Currently, only ``gpg``
is supported.\n\n .. versionadded:: 2016.3.0\n\n exclude\n Exclude
specific states from execution. Accepts a list of sls names, a\n comma-separated
string of sls names, or a list of dictionaries\n containing ``sls`` or
``id`` keys. Glob-patterns may be used to match\n multiple states.\n\n
\ .. code-block:: bash\n\n salt '*' state.sls foo,bar,baz exclude=bar,baz\n
\ salt '*' state.sls foo,bar,baz exclude=ba*\n salt '*' state.sls
foo,bar,baz exclude=\"[{'id': 'id_to_exclude'}, {'sls': 'sls_to_exclude'}]\"\n\n
\ queue : False\n Instead of failing immediately when another state run
is in progress,\n queue the new state run to begin running once the other
has finished.\n\n This option starts a new thread for each queued state
run, so use this\n option sparingly.\n\n concurrent : False\n Execute
state runs concurrently instead of serially\n\n .. warning::\n\n This
flag is potentially dangerous. It is designed for use when\n multiple
state runs can safely be run at the same time. Do *not*\n use this
flag for performance optimization.\n\n saltenv\n Specify a salt fileserver
environment to be used when applying states\n\n .. versionchanged:: 0.17.0\n
\ Argument name changed from ``env`` to ``saltenv``.\n\n .. versionchanged::
2014.7.0\n If no saltenv is specified, the minion config will be checked
for an\n ``environment`` parameter and if found, it will be used. If
none is\n found, ``base`` will be used. In prior releases, the minion
config\n was not checked and ``base`` would always be assumed when
the\n saltenv was not explicitly set.\n\n pillarenv\n Specify
a Pillar environment to be used when applying states. This\n can also be
set in the minion config file using the\n :conf_minion:`pillarenv` option.
When neither the\n :conf_minion:`pillarenv` minion config option nor this
CLI argument is\n used, all Pillar environments will be merged together.\n\n
\ localconfig\n Optionally, instead of using the minion config, load
minion opts from\n the file specified by this argument, and then merge
them with the\n options from the minion config. This functionality allows
for specific\n states to be run with their own custom minion configuration,
including\n different pillars, file_roots, etc.\n\n mock\n The
mock option allows for the state run to execute without actually\n calling
any states. This then returns a mocked return which will show\n the requisite
ordering as well as fully validate the state run.\n\n .. versionadded::
2015.8.4\n\n sync_mods\n If specified, the desired custom module types
will be synced prior to\n running the SLS files:\n\n .. code-block::
bash\n\n salt '*' state.sls stuff sync_mods=states,modules\n salt
'*' state.sls stuff sync_mods=all\n\n .. versionadded:: 2017.7.8,2018.3.3,2019.2.0\n\n
\ CLI Example:\n\n .. code-block:: bash\n\n # Run the states configured
in salt://example.sls (or salt://example/init.sls)\n salt '*' state.apply
example\n\n # Run the states configured in salt://core.sls (or salt://core/init.sls)\n
\ # and salt://edit/vim.sls (or salt://edit/vim/init.sls)\n salt
'*' state.sls core,edit.vim\n\n # Run the states configured in a more deeply
nested directory such as salt://my/nested/state.sls (or salt://my/nested/state/init.sls)\n
\ salt '*' state.sls my.nested.state\n\n salt '*' state.sls core
exclude=\"[{'id': 'id_to_exclude'}, {'sls': 'sls_to_exclude'}]\"\n salt
'*' state.sls myslsfile pillar=\"{foo: 'Foo!', bar: 'Bar!'}\"\n "
[root@mcw01 ~]#
我们可以看到,参数不是cmd了,而是mods了
[root@mcw01 ~]# curl -skS https://10.0.0.11:8000/run \
> -H 'Accept: application/x-yaml' \
> -H 'Content-type: application/json' \
> -d '[{
> "client": "local",
> "tgt": "*",
> "fun": "state.sls",
> "kwarg": {
> "mods": "init/env_init"
> },
> "username": "saltapi",
> "password": "spassword",
> "eauth": "pam"
> }]' return:
- mcw01:
file_|-/etc/bashrc_|-/etc/bashrc_|-append:
__id__: /etc/bashrc
__run_num__: 2
__sls__: init.audit
changes: {}
comment: File /etc/bashrc is in correct state
duration: 18.459
name: /etc/bashrc
result: true
start_time: '01:24:41.036176'
file_|-/etc/profile_|-/etc/profile_|-append:
__id__: /etc/profile
__run_num__: 1
__sls__: init.history
changes: {}
comment: File /etc/profile is in correct state
duration: 5.075
name: /etc/profile
result: true
start_time: '01:24:41.030947'
file_|-/etc/resolv.conf_|-/etc/resolv.conf_|-managed:
__id__: /etc/resolv.conf
__run_num__: 0
__sls__: init.dns
changes:
diff: "--- \n+++ \n@@ -1,2 +1,3 @@\n # Generated by NetworkManager\n+#salt
tongbu by mcw\n nameserver 223.5.5.5\n"
comment: File /etc/resolv.conf updated
duration: 92.985
name: /etc/resolv.conf
result: true
start_time: '01:24:40.937741'
pkg_|-yum_repo_release_|-yum_repo_release_|-installed:
__id__: yum_repo_release
__run_num__: 7
__sls__: init.epel
changes: {}
comment: unless condition is true
duration: 9228.526
name: yum_repo_release
result: true
skip_watch: true
start_time: '01:24:44.434505'
sysctl_|-fs.file-max_|-fs.file-max_|-present:
__id__: fs.file-max
__run_num__: 4
__sls__: init.sysctl
changes: {}
comment: Sysctl value fs.file-max = 2000000 is already set
duration: 9.449
name: fs.file-max
result: true
start_time: '01:24:41.305480'
sysctl_|-net.ipv4.ip_forward_|-net.ipv4.ip_forward_|-present:
__id__: net.ipv4.ip_forward
__run_num__: 5
__sls__: init.sysctl
changes: {}
comment: Sysctl value net.ipv4.ip_forward = 1 is already set
duration: 9.754
name: net.ipv4.ip_forward
result: true
start_time: '01:24:41.315128'
sysctl_|-net.ipv4.ip_local_port_range_|-net.ipv4.ip_local_port_range_|-present:
__id__: net.ipv4.ip_local_port_range
__run_num__: 3
__sls__: init.sysctl
changes:
net.ipv4.ip_local_port_range: 10000 65000
comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
duration: 196.662
name: net.ipv4.ip_local_port_range
result: true
start_time: '01:24:41.108380'
sysctl_|-vm.swappiness_|-vm.swappiness_|-present:
__id__: vm.swappiness
__run_num__: 6
__sls__: init.sysctl
changes: {}
comment: Sysctl value vm.swappiness = 0 is already set
duration: 18.666
name: vm.swappiness
result: true
start_time: '01:24:41.325427'
mcw02:
file_|-/etc/bashrc_|-/etc/bashrc_|-append:
__id__: /etc/bashrc
__run_num__: 2
__sls__: init.audit
changes: {}
comment: File /etc/bashrc is in correct state
duration: 35.064
name: /etc/bashrc
result: true
start_time: '01:24:41.658401'
file_|-/etc/profile_|-/etc/profile_|-append:
__id__: /etc/profile
__run_num__: 1
__sls__: init.history
changes: {}
comment: File /etc/profile is in correct state
duration: 157.482
name: /etc/profile
result: true
start_time: '01:24:41.500582'
file_|-/etc/resolv.conf_|-/etc/resolv.conf_|-managed:
__id__: /etc/resolv.conf
__run_num__: 0
__sls__: init.dns
changes:
diff: "--- \n+++ \n@@ -1,2 +1,3 @@\n # Generated by NetworkManager\n+#salt
tongbu by mcw\n nameserver 223.5.5.5\n"
comment: File /etc/resolv.conf updated
duration: 418.966
name: /etc/resolv.conf
result: true
start_time: '01:24:41.081322'
pkg_|-yum_repo_release_|-yum_repo_release_|-installed:
__id__: yum_repo_release
__run_num__: 7
__sls__: init.epel
changes: {}
comment: unless condition is true
duration: 5181.687
name: yum_repo_release
result: true
skip_watch: true
start_time: '01:24:55.649797'
sysctl_|-fs.file-max_|-fs.file-max_|-present:
__id__: fs.file-max
__run_num__: 4
__sls__: init.sysctl
changes: {}
comment: Sysctl value fs.file-max = 2000000 is already set
duration: 10.838
name: fs.file-max
result: true
start_time: '01:24:41.945649'
sysctl_|-net.ipv4.ip_forward_|-net.ipv4.ip_forward_|-present:
__id__: net.ipv4.ip_forward
__run_num__: 5
__sls__: init.sysctl
changes: {}
comment: Sysctl value net.ipv4.ip_forward = 1 is already set
duration: 7.36
name: net.ipv4.ip_forward
result: true
start_time: '01:24:41.956788'
sysctl_|-net.ipv4.ip_local_port_range_|-net.ipv4.ip_local_port_range_|-present:
__id__: net.ipv4.ip_local_port_range
__run_num__: 3
__sls__: init.sysctl
changes:
net.ipv4.ip_local_port_range: 10000 65000
comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
duration: 38.655
name: net.ipv4.ip_local_port_range
result: true
start_time: '01:24:41.906755'
sysctl_|-vm.swappiness_|-vm.swappiness_|-present:
__id__: vm.swappiness
__run_num__: 6
__sls__: init.sysctl
changes: {}
comment: Sysctl value vm.swappiness = 0 is already set
duration: 10.376
name: vm.swappiness
result: true
start_time: '01:24:41.964466'
mcw03:
file_|-/etc/bashrc_|-/etc/bashrc_|-append:
__id__: /etc/bashrc
__run_num__: 2
__sls__: init.audit
changes: {}
comment: File /etc/bashrc is in correct state
duration: 3.719
name: /etc/bashrc
result: true
start_time: '01:24:40.853787'
file_|-/etc/profile_|-/etc/profile_|-append:
__id__: /etc/profile
__run_num__: 1
__sls__: init.history
changes: {}
comment: File /etc/profile is in correct state
duration: 7.164
name: /etc/profile
result: true
start_time: '01:24:40.846394'
file_|-/etc/resolv.conf_|-/etc/resolv.conf_|-managed:
__id__: /etc/resolv.conf
__run_num__: 0
__sls__: init.dns
changes: {}
comment: File /etc/resolv.conf is in the correct state
duration: 43.344
name: /etc/resolv.conf
result: true
start_time: '01:24:40.802792'
pkg_|-yum_repo_release_|-yum_repo_release_|-installed:
__id__: yum_repo_release
__run_num__: 7
__sls__: init.epel
changes: {}
comment: unless condition is true
duration: 1440.326
name: yum_repo_release
result: true
skip_watch: true
start_time: '01:24:42.125352'
sysctl_|-fs.file-max_|-fs.file-max_|-present:
__id__: fs.file-max
__run_num__: 4
__sls__: init.sysctl
changes: {}
comment: Sysctl value fs.file-max = 2000000 is already set
duration: 7.261
name: fs.file-max
result: true
start_time: '01:24:40.871892'
sysctl_|-net.ipv4.ip_forward_|-net.ipv4.ip_forward_|-present:
__id__: net.ipv4.ip_forward
__run_num__: 5
__sls__: init.sysctl
changes: {}
comment: Sysctl value net.ipv4.ip_forward = 1 is already set
duration: 4.673
name: net.ipv4.ip_forward
result: true
start_time: '01:24:40.879392'
sysctl_|-net.ipv4.ip_local_port_range_|-net.ipv4.ip_local_port_range_|-present:
__id__: net.ipv4.ip_local_port_range
__run_num__: 3
__sls__: init.sysctl
changes: {}
comment: Sysctl value net.ipv4.ip_local_port_range = 10000 65000 is already
set
duration: 11.342
name: net.ipv4.ip_local_port_range
result: true
start_time: '01:24:40.860246'
sysctl_|-vm.swappiness_|-vm.swappiness_|-present:
__id__: vm.swappiness
__run_num__: 6
__sls__: init.sysctl
changes: {}
comment: Sysctl value vm.swappiness = 0 is already set
duration: 3.819
name: vm.swappiness
result: true
start_time: '01:24:40.884237'
mcw04:
file_|-/etc/bashrc_|-/etc/bashrc_|-append:
__id__: /etc/bashrc
__run_num__: 2
__sls__: init.audit
changes: {}
comment: File /etc/bashrc is in correct state
duration: 8.52
name: /etc/bashrc
result: true
start_time: '01:24:42.151831'
file_|-/etc/profile_|-/etc/profile_|-append:
__id__: /etc/profile
__run_num__: 1
__sls__: init.history
changes: {}
comment: File /etc/profile is in correct state
duration: 14.143
name: /etc/profile
result: true
start_time: '01:24:42.137404'
file_|-/etc/resolv.conf_|-/etc/resolv.conf_|-managed:
__id__: /etc/resolv.conf
__run_num__: 0
__sls__: init.dns
changes:
diff: "--- \n+++ \n@@ -1,2 +1,3 @@\n # Generated by NetworkManager\n+#salt
tongbu by mcw\n nameserver 223.5.5.5\n"
comment: File /etc/resolv.conf updated
duration: 513.946
name: /etc/resolv.conf
result: true
start_time: '01:24:41.623254'
pkg_|-yum_repo_release_|-yum_repo_release_|-installed:
__id__: yum_repo_release
__run_num__: 7
__sls__: init.epel
changes: {}
comment: unless condition is true
duration: 8657.083
name: yum_repo_release
result: true
skip_watch: true
start_time: '01:24:56.958955'
sysctl_|-fs.file-max_|-fs.file-max_|-present:
__id__: fs.file-max
__run_num__: 4
__sls__: init.sysctl
changes: {}
comment: Sysctl value fs.file-max = 2000000 is already set
duration: 9.626
name: fs.file-max
result: true
start_time: '01:24:42.720360'
sysctl_|-net.ipv4.ip_forward_|-net.ipv4.ip_forward_|-present:
__id__: net.ipv4.ip_forward
__run_num__: 5
__sls__: init.sysctl
changes: {}
comment: Sysctl value net.ipv4.ip_forward = 1 is already set
duration: 24.805
name: net.ipv4.ip_forward
result: true
start_time: '01:24:42.730235'
sysctl_|-net.ipv4.ip_local_port_range_|-net.ipv4.ip_local_port_range_|-present:
__id__: net.ipv4.ip_local_port_range
__run_num__: 3
__sls__: init.sysctl
changes:
net.ipv4.ip_local_port_range: 10000 65000
comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
duration: 398.747
name: net.ipv4.ip_local_port_range
result: true
start_time: '01:24:42.321170'
sysctl_|-vm.swappiness_|-vm.swappiness_|-present:
__id__: vm.swappiness
__run_num__: 6
__sls__: init.sysctl
changes: {}
comment: Sysctl value vm.swappiness = 0 is already set
duration: 5.4
name: vm.swappiness
result: true
start_time: '01:24:42.755275'
[root@mcw01 ~]#
salt-run的生产配置
# cat /etc/salt/master.d/api.conf
external_auth:
pam:
salt:
- .*
rest_cherrypy:
# can be any port
port: 8000
host: "10.x.x.46"
ssl_crt: /etc/pki/tls/certs/api.crt
# no need to specify ssl_key if cert and key
# are in one single file
ssl_key: /etc/pki/tls/certs/api.key
debug: False
disable_ssl: False
# cat /etc/salt/master.d/apus.conf
keep_jobs: 12
#
9、grains信息查询
第三方调用saltstack的更多相关文章
- ios调用第三方程序打开文件,以及第三方调用自己的APP打开文件
1.自己的APP调用第三方打开文件 主要是使用 UIDocumentInteractionController 类 并实现 UIDocumentInteractionControllerDel ...
- 第三节:SignalR之PersistentConnection模型详解(步骤、用法、分组、跨域、第三方调用)
一. 承上声明 在上一个章节里,啰里啰嗦写了一堆关于介绍SignalR的“废话”,从这一篇开始往后正式撸代码,这期间不少人(包括 张善友大哥)建议我直接用.Net Core下的SignalR,关于此简 ...
- 【转】Android将Activity打成jar包供第三方调用(解决资源文件不能打包的问题)
Android中引入第三方Jar包的方法(java.lang.NoClassDefFoundError解决办法) 鼠标右键项目,然后属性,然后java buildpath 然后order and ex ...
- Android将Activity打成jar包供第三方调用(解决资源文件不能打包的问题)
转载地址:http://blog.csdn.net/xiaanming/article/details/9257853 最近有一个需要,我们公司做了一个apk客户端,然后其他的公司可以根据自己的需要来 ...
- 接口鉴权,提供给第三方调用的接口,进行sign签名
//场景:公司要跟第三方公司合作,提供接口给对方对接,这样需要对接口进行授权,不然任何人都可以调我们公司的接口,会导致安全隐患: 思路: 在每个接口请求参数都带上ApiKey 和sign签名: 我们在 ...
- Saltstack的API接口与调用方式
saltstack看起来是成为一个大规模自己主动化运维和云计算管理的一个框架,类似于SDK,并非像puppet仅仅成为一个工具.基于良好设计的API和清楚的思路,让salt的二次开发变得非常easy ...
- iOS APP中第三方APP调用自己的APP,打开文件
根据需求需要在项目中要打开word.pdf.excel等文件,在info.plist文件中添加 <key>CFBundleDocumentTypes</key> <arr ...
- saltstack高效运维
saltstack高效运维 salt介绍 saltstack是由thomas Hatch于2011年创建的一个开源项目,设计初衷是为了实现一个快速的远程执行系统. salt强大吗 系统管理员日常会 ...
- 17,saltstack高效运维
salt介绍 saltstack是由thomas Hatch于2011年创建的一个开源项目,设计初衷是为了实现一个快速的远程执行系统. salt强大吗 系统管理员日常会进行大量的重复性操作,例如安 ...
- saltstack 自动化运维
salt介绍 saltstack是由thomas Hatch于2011年创建的一个开源项目,设计初衷是为了实现一个快速的远程执行系统. salt强大吗 系统管理员日常会进行大量的重复性操作,例如安装软 ...
随机推荐
- 成长计划校园极客秀|基于OpenHarmony的智能阳台
前言 本文由OpenAtom OpenHarmony(以下简称"OpenHarmony")开源开发者成长计划活动的参与者李建涛提供,详细阐述了由搭载OpenHarmony系统的拓维 ...
- Qt:获取WIFI列表
示例:使用QT来获取Windows电脑WIFI列表中所有WIFI的名称,实际是执行CMD命令来完成(netsh wlan show networks) // 获取WIFI列表 QProcess pro ...
- Native API在HarmonyOS应用工程中的使用指导
HarmonyOS的应用必须用js来桥接native.需要使用ace_napi仓中提供的napi接口来处理js交互.napi提供的接口名与三方Node.js一致,目前支持部分接口,符号表见ace_ ...
- The First 寒假集训の小总结
转眼间十五天的寒假集训已经结束,也学习到了许多新知识,dp,线段树,单调栈和单调队列......,假期过得还是很有意义的,虽然我的两次考试成绩不尽人意(只能怪我自己没有好好理解知识点还有好好做题),但 ...
- Solon 的事务管理工具类(TranUtils)
Solon 在编码上,是强调注解与手写并重的一个风格.它有个 @Tran 注解,用于事务管理(可以参考:<事务的全局控制及应用>).这里,主要是讲讲它的手动处理工具类 TranUtils. ...
- c# 深克隆与浅克隆
前言 我们都知道memberwiseclone 会将浅克隆. 什么是浅克隆?如何深克隆呢? 正文 public class good{ private good(){ oneclass=new cla ...
- PolarDB-X 源码解读系列:DML 之 INSERT IGNORE 流程
简介: 本文将进一步介绍 PolarDB-X 中 INSERT IGNORE 的执行流程,其根据插入的表是否有 GSI 也有所变化. 作者:潜璟 在上一篇源码阅读中,我们介绍了 INSERT 的执行流 ...
- 平行云CEO 李岩:CloudXR ,开启通往元宇宙的通道
简介:一端是算力无穷的云,这也是 CloudXR 的精髓所在. 图:2022阿里云视觉计算私享会现场 5月11日,在"2022阿里云视觉计算私享会"上,平行云CEO李岩为大家 ...
- 云原生应用实现规范 - 初识 Operator
简介: 本文我们将首先了解到 Operator 是什么,之后逐步了解到 Operator 的生态建设,Operator 的关键组件及其基本的工作原理,下面让我们来一探究竟吧. 作者 | 匡大虎.阚俊宝 ...
- Flink 在唯品会的实践
简介: Flink 在唯品会的容器化实践应用以及产品化经验. 唯品会自 2017 年开始基于 k8s 深入打造高性能.稳定.可靠.易用的实时计算平台,支持唯品会内部业务在平时以及大促的平稳运行.现平台 ...