saltstack api部署,使用.
来源:互联网 发布:js正则表达式匹配括号 编辑:程序博客网 时间:2024/05/29 16:21
from: http://jiechao2012.blog.51cto.com/3251753/1594077?utm_source=tuicool&utm_medium=referral
#这几天一直在研究saltstack api,自己也走了很多坑,把部署,使用的过程记录下来分享给大家,欢迎大家一起交流,探讨。#系统环境:Centos6.5 X86_64#python版本:2.6.6#安装salt服务和依赖:cat /etc/redhat-release cd /etc/yum.repos.d/ && wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpmrpm -ivh epel-release-6-8.noarch.rpmyum -y install kernel-firmware kernel-headers perf e2fsprogsrpm -ivh libyaml-0.1.3-1.4.el6.x86_64.rpm rpm -ivh PyYAML-3.10-3.1.el6.x86_64.rpm yum -y install salt-master salt-api #安装pip:wget https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#md5=01026f87978932060cc86c1dc527903e --no-check-certificatetar xvfz pip-1.5.6.tar.gzcd pip-1.5.6python setup.py build && python setup.py install && pip freeze#使用pip安装cherrypy:pip install cherrypy==3.2.3#配置openssl证书:cd /etc/pki/tls/certs[root@localhost certs]# make testcertumask 77 ; \ /usr/bin/openssl genrsa -aes128 2048 > /etc/pki/tls/private/localhost.keyGenerating RSA private key, 2048 bit long modulus......................................+++.....................+++e is 65537 (0x10001)Enter pass phrase:Verifying - Enter pass phrase:umask 77 ; \ /usr/bin/openssl req -utf8 -new -key /etc/pki/tls/private/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt -set_serial 0Enter pass phrase for /etc/pki/tls/private/localhost.key:You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [XX]:CNState or Province Name (full name) []:beijingLocality Name (eg, city) [Default City]:beijingOrganization Name (eg, company) [Default Company Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:jiechao@gmail.comcd ../private/[root@localhost private]# openssl rsa -in localhost.key -out localhost_nopass.keyEnter pass phrase for localhost.key:writing RSA key[root@localhost private]# useradd -M -s /sbin/nologin jc[root@localhost private]# passwd jcChanging password for user jc.New password: BAD PASSWORD: it is too simplistic/systematicBAD PASSWORD: is too simpleRetype new password: passwd: all authentication tokens updated successfully.#salt master配置文件:/etc/salt/master #取消注释default_include: master.d/*.confmkdir -p /etc/salt/master.d#saltstack服务端配置:[root@localhost ~]# cat /etc/salt/master.d/api.conf rest_cherrypy: port: 8000 ssl_crt: /etc/pki/tls/certs/localhost.crt ssl_key: /etc/pki/tls/private/localhost_nopass.key[root@localhost ~]# cat /etc/salt/master.d/eauth.conf external_auth: pam: jc: - .* - '@wheel' - '@runner' #重启salt-master和salt-api服务: [root@localhost ~]# /etc/init.d/salt-master restartStopping salt-master daemon: [FAILED]Starting salt-master daemon: [ OK ][root@localhost ~]# /etc/init.d/salt-api restartStopping salt-api daemon: [FAILED]Starting salt-api daemon: [ OK ][root@localhost ~]# netstat -lntp|grep 8000tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 14695/python #curl使用api:[root@localhost ~]# curl -k https://192.168.1.10:8000/login -H "Accept: application/x-yaml" -d username='jc' -d password='123456' -d eauth='pam'return:- eauth: pam expire: 1419373087.9501131 perms: - .* - '@wheel' - '@runner' start: 1419329887.9501131 token: e214657dba43b46c482501349123jkpo user: jc #saltstack安装客户端测试:yum -y install salt-minion#更改配置:/etc/salt/minion master: 192.168.1.10id: localhost/etc/init.d/salt-minion restart#API测试test.ping:[root@localhost ~]# curl -k https://192.168.1.10:8000/ -H "Accept: application/x-yaml" -H "X-Auth-Token: e214657dba43b46c482501349123jkpo" -d client='local' -d tgt='*' -d fun='test.ping'return:- localhost: true#Api测试查看系统内存:[root@localhost ~]# curl -k https://192.168.1.10:8000/ -H "Accept: application/x-yaml" -H "X-Auth-Token: e214657dba43b46c482501349123jkpo" -d client='local' -d tgt='*' -d fun='cmd.run' -d arg="free -m"return:- localhost: ' total used free shared buffers cached Mem: 13830 3375 10523 0 253 467 -/+ buffers/cache: 655 11243 Swap: 9000 0 9000' #脚本:[root@localhost ~]# cat saltapi.py #!/usr/bin/env pythonimport urllib2,urllibimport timetry: import jsonexcept ImportError: import simplejson as jsonclass SaltAPI(object): __token_id = '' def __init__(self,url,username,password): self.__url = url.rstrip('/') self.__user = username self.__password = password def token_id(self): ''' user login and get token id ''' params = {'eauth': 'pam', 'username': self.__user, 'password': self.__password} encode = urllib.urlencode(params) obj = urllib.unquote(encode) content = self.postRequest(obj,prefix='/login') try: self.__token_id = content['return'][0]['token'] except KeyError: raise KeyError def postRequest(self,obj,prefix='/'): url = self.__url + prefix headers = {'X-Auth-Token' : self.__token_id} req = urllib2.Request(url, obj, headers) opener = urllib2.urlopen(req) content = json.loads(opener.read()) return content def list_all_key(self): params = {'client': 'wheel', 'fun': 'key.list_all'} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) minions = content['return'][0]['data']['return']['minions'] minions_pre = content['return'][0]['data']['return']['minions_pre'] return minions,minions_pre def delete_key(self,node_name): params = {'client': 'wheel', 'fun': 'key.delete', 'match': node_name} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) ret = content['return'][0]['data']['success'] return ret def accept_key(self,node_name): params = {'client': 'wheel', 'fun': 'key.accept', 'match': node_name} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) ret = content['return'][0]['data']['success'] return ret def remote_noarg_execution(self,tgt,fun): ''' Execute commands without parameters ''' params = {'client': 'local', 'tgt': tgt, 'fun': fun} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) ret = content['return'][0][tgt] return ret def remote_execution(self,tgt,fun,arg): ''' Command execution with parameters ''' params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) ret = content['return'][0][tgt] return ret def target_remote_execution(self,tgt,fun,arg): ''' Use targeting for remote execution ''' params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg, 'expr_form': 'nodegroup'} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) jid = content['return'][0]['jid'] return jid def deploy(self,tgt,arg): ''' Module deployment ''' params = {'client': 'local', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) return content def async_deploy(self,tgt,arg): ''' Asynchronously send a command to connected minions ''' params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) jid = content['return'][0]['jid'] return jid def target_deploy(self,tgt,arg): ''' Based on the node group forms deployment ''' params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg, 'expr_form': 'nodegroup'} obj = urllib.urlencode(params) self.token_id() content = self.postRequest(obj) jid = content['return'][0]['jid'] return jiddef main(): sapi = SaltAPI(url='https://192.168.1.10:8000',username='jc',password='123456') print sapi.list_all_key()# sapi.token_id() #sapi.delete_key('test-01') print sapi.accept_key('localhost') #sapi.deploy('test-01','nginx') #print sapi.remote_noarg_execution('test-01','grains.items')if __name__ == '__main__': main() #执行脚本:[root@localhost ~]# python saltapi.py ([u'localhost'], [])True 0 0
- saltstack api部署,使用.
- 使用saltstack部署openstack
- 4.saltstack使用指南:使用saltstack部署zabbix
- 5.saltstack使用指南:使用saltstack部署nginx
- SaltStack部署
- Saltstack之Salt-api安装使用
- 使用gitlab+jenkins+saltstack+rsync自动部署Web应用
- saltstack使用
- Saltstack:Crontab部署
- Saltstack 安装部署
- SaltStack 部署及入门
- Saltstack自动化环境部署
- saltstack部署lamp
- Saltstack部署和简介
- saltstack 初次部署
- saltstack部署openstack
- saltstack 实现lamp批量部署
- CentOS 7 部署saltstack服务
- 内存存储 MemoryStore
- 栈&队列面试题之两个队列实现一个栈
- 【从C到C++学习笔记】C++介绍/推荐书籍/开发工具
- 配置管理篇(2)_SaltStack grains
- 用flask开发个人博客(2)—— Flask中的请求对象request
- saltstack api部署,使用.
- cocoapods的安装笔记
- MyEclipse——主题设置
- xml学习
- 915
- JSP学习
- 【从C到C++学习笔记】bool类型/const限定符/#define//结构体对齐
- java 8 函数式接口
- Cuckoo安装指南(一)
