saltstack api部署,使用.
from: http://jiechao2012.blog.51cto.com/3251753/1594077?utm_source=tuicool&utm_medium=referral
#這幾天一直在研究saltstack api,自己也走了很多坑,把部署,使用的過程記錄下來分享給大家,歡迎大家一起交流,探討。
#系統環境:Centos6.5 X86_64
#python版本:2.6.6
#安裝salt服務和依賴:
cat /etc/redhat-release
cd /etc/yum.repos.d/ && wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpmrpm -ivh epel-release-6-8.noarch.rpm
yum -y install kernel-firmware kernel-headers perf e2fsprogs
rpm -ivh libyaml-0.1.3-1.4.el6.x86_64.rpm
rpm -ivh PyYAML-3.10-3.1.el6.x86_64.rpm
yum -y install salt-master salt-api
#安裝pip:
wget https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#md5=01026f87978932060cc86c1dc527903e --no-check-certificatetar xvfz pip-1.5.6.tar.gz
cd pip-1.5.6
python setup.py build && python setup.py install && pip freeze
#使用pip安裝cherrypy:
pip install cherrypy==3.2.3
#配置openssl證書:
cd /etc/pki/tls/certs
[[email protected] certs]# make testcert
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > /etc/pki/tls/private/localhost.key
Generating RSA private key, 2048 bit long modulus
......................................+++
.....................+++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key /etc/pki/tls/private/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt -set_serial 0
Enter pass phrase for /etc/pki/tls/private/localhost.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:beijing
Locality Name (eg, city) [Default City]:beijing
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:[email protected]
cd ../private/
[[email protected] private]# openssl rsa -in localhost.key -out localhost_nopass.key
Enter pass phrase for localhost.key:
writing RSA key
[[email protected] private]# useradd -M -s /sbin/nologin jc
[[email protected] private]# passwd jc
Changing password for user jc.
New password:
BAD PASSWORD: it is too simplistic/systematic
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.
#salt master配置檔案:/etc/salt/master
#取消註釋
default_include: master.d/*.conf
mkdir -p /etc/salt/master.d
#saltstack服務端配置:
[[email protected] ~]# cat /etc/salt/master.d/api.conf
rest_cherrypy:
port: 8000
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/private/localhost_nopass.key
[[email protected] ~]# cat /etc/salt/master.d/eauth.conf
external_auth:
pam:
jc:
- .*
- '@wheel'
- '@runner'
#重啟salt-master和salt-api服務:
[[email protected] ~]# /etc/init.d/salt-master restart
Stopping salt-master daemon: [FAILED]
Starting salt-master daemon: [ OK ]
[[email protected] ~]# /etc/init.d/salt-api restart
Stopping salt-api daemon: [FAILED]
Starting salt-api daemon: [ OK ]
[[email protected] ~]# netstat -lntp|grep 8000
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 14695/python
#curl使用api:
[[email protected] ~]# curl -k https://192.168.1.10:8000/login -H "Accept: application/x-yaml" -d username='jc' -d password='123456' -d eauth='pam'
return:
- eauth: pam
expire: 1419373087.9501131
perms:
- .*
- '@wheel'
- '@runner'
start: 1419329887.9501131
token: e214657dba43b46c482501349123jkpo
user: jc
#saltstack安裝客戶端測試:
yum -y install salt-minion
#更改配置:/etc/salt/minion
master: 192.168.1.10
id: localhost
/etc/init.d/salt-minion restart
#API測試test.ping:
[[email protected] ~]# curl -k https://192.168.1.10:8000/ -H "Accept: application/x-yaml" -H "X-Auth-Token: e214657dba43b46c482501349123jkpo" -d client='local' -d tgt='*' -d fun='test.ping'
return:
- localhost: true
#Api測試檢視系統記憶體:
[[email protected] ~]# curl -k https://192.168.1.10:8000/ -H "Accept: application/x-yaml" -H "X-Auth-Token: e214657dba43b46c482501349123jkpo" -d client='local' -d tgt='*' -d fun='cmd.run' -d arg="free -m"
return:
- localhost: ' total used free shared buffers cached
Mem: 13830 3375 10523 0 253 467
-/+ buffers/cache: 655 11243
Swap: 9000 0 9000'
#指令碼:
[[email protected] ~]# cat saltapi.py
#!/usr/bin/env python
import urllib2,urllib
import time
try:
import json
except ImportError:
import simplejson as json
class SaltAPI(object):
__token_id = ''
def __init__(self,url,username,password):
self.__url = url.rstrip('/')
self.__user = username
self.__password = password
def token_id(self):
''' user login and get token id '''
params = {'eauth': 'pam', 'username': self.__user, 'password': self.__password}
encode = urllib.urlencode(params)
obj = urllib.unquote(encode)
content = self.postRequest(obj,prefix='/login')
try:
self.__token_id = content['return'][0]['token']
except KeyError:
raise KeyError
def postRequest(self,obj,prefix='/'):
url = self.__url + prefix
headers = {'X-Auth-Token' : self.__token_id}
req = urllib2.Request(url, obj, headers)
opener = urllib2.urlopen(req)
content = json.loads(opener.read())
return content
def list_all_key(self):
params = {'client': 'wheel', 'fun': 'key.list_all'}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
minions = content['return'][0]['data']['return']['minions']
minions_pre = content['return'][0]['data']['return']['minions_pre']
return minions,minions_pre
def delete_key(self,node_name):
params = {'client': 'wheel', 'fun': 'key.delete', 'match': node_name}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
ret = content['return'][0]['data']['success']
return ret
def accept_key(self,node_name):
params = {'client': 'wheel', 'fun': 'key.accept', 'match': node_name}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
ret = content['return'][0]['data']['success']
return ret
def remote_noarg_execution(self,tgt,fun):
''' Execute commands without parameters '''
params = {'client': 'local', 'tgt': tgt, 'fun': fun}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
ret = content['return'][0][tgt]
return ret
def remote_execution(self,tgt,fun,arg):
''' Command execution with parameters '''
params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
ret = content['return'][0][tgt]
return ret
def target_remote_execution(self,tgt,fun,arg):
''' Use targeting for remote execution '''
params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg, 'expr_form': 'nodegroup'}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
jid = content['return'][0]['jid']
return jid
def deploy(self,tgt,arg):
''' Module deployment '''
params = {'client': 'local', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
return content
def async_deploy(self,tgt,arg):
''' Asynchronously send a command to connected minions '''
params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
jid = content['return'][0]['jid']
return jid
def target_deploy(self,tgt,arg):
''' Based on the node group forms deployment '''
params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg, 'expr_form': 'nodegroup'}
obj = urllib.urlencode(params)
self.token_id()
content = self.postRequest(obj)
jid = content['return'][0]['jid']
return jid
def main():
sapi = SaltAPI(url='https://192.168.1.10:8000',username='jc',password='123456')
print sapi.list_all_key()
# sapi.token_id()
#sapi.delete_key('test-01')
print sapi.accept_key('localhost')
#sapi.deploy('test-01','nginx')
#print sapi.remote_noarg_execution('test-01','grains.items')
if __name__ == '__main__':
main()
#執行指令碼:
[[email protected] ~]# python saltapi.py
([u'localhost'], [])
True
相關推薦
saltstack api部署,使用.
from: http://jiechao2012.blog.51cto.com/3251753/1594077?utm_source=tuicool&utm_medium=referral #這幾天一直在研究saltstack api,自己也走了很多坑,把部
對文件存儲的輕量封裝,屏蔽不同雲環境api差異,方便開發和部署時隨意切換存儲環境
clas -c iyu public baseurl config 開發 wpc autoload 文件存儲 安裝 composer require pfinal/storage 本地存儲 Local 阿裏雲 AliOss 請先 composer requir
大資料之hbase(一) --- HBase介紹,特性,安裝部署,shell命令,client端與hbase的互動過程,程式設計API訪問hbase實現百萬寫入
一、HBase介紹 ---------------------------------------------- 1.基於hadoop的資料庫,具有分散式,可伸縮的大型資料儲存 2.用於對資料的隨機訪問,實時讀寫 3.巨大的表,十億行*百萬列
基於win10,GPU的Tensorflow Object Detection API部署及USB攝像頭目標檢測
1.TensorFlow安裝 安裝教程在CSDN上有很多文章,但最好依據官方教程,因為TensorFlow不斷更新,需要的CUDA、cudnn等版本也在變化。官方地址在GITHUB裡TensorFlow專案下可以找到安裝指南,https://www.
zookeeper開始三步驟:部署,擴充套件,c的API生成
zookeeper部署,擴充套件,c的API生成 201,229 1. 依賴:安裝JDK1.6或者以上版本並設定環境變數。 2. 安裝:解壓到指定目錄,即安裝完成:tar -xvf zookeeper-3.3.6.tar.gz 必須的 配置 3. cp conf/zoo
saltstack api wheel模塊報錯HTTP/1.1 401 Unauthorized
saltstack api saltapi salt-api報錯 當使用saltstack api調用wheel模塊的時候會出現沒有權限的報錯[[email protected]/* */ ~]# curl -k -v https://localhost:8000 -H "Ac
django項目的生產環境部署,利用nginx+uwsgi
python linux下 light location 準備 class thunder 連接 thread 1.壞境準備 centos6.5 django項目 python壞境(python3.6,) 所需的各種模塊(django,uwsgi,sqlite3
自動化運維工具SaltStack詳細部署【轉】
lib64 time 兩個 功能 .so odi 組件 部分 srv ==========================================================================================一、基礎介紹======
WebStorm 開發react熱部署,文件保存後頁面未更新
com system 熱部署 dev 刷新 使用 修改文件 保存 logs 使用腳手架創建的react項目,理論上使用npm run dev後,如果文件發生變化,網頁會自動發生更新,但在使用WebStorm開發時,發現修改文件後網頁內容為自動刷新,按如下方式修改即可。 F
HBase的完全分布式的搭建與部署,以及多master
servers image ast 每一個 設置 url 觀察 pos www. HBase的完全分布式的搭建與部署,以及多master 一:前提準備 1.設置時間同步 2.清空logs,datas 3.格式化集群 bin/hdfs namenode
saltstack安裝部署與入門使用
部署 centos6x saltstack 一、saltstack簡介 SaltStack 一種基於 C/S 架構的服務器基礎架構集中化管理平臺,管理端稱為 Master,客戶端稱為 Minion。SaltStack 具備配置管理、遠程執行、監控等功能,一般可以理解為是簡化版的 Puppe
Saltstack批量部署tomcat(多實例)
自動化運維 saltstack 批量安裝部署 上一篇講解了如何批量部署nginx,這篇說一說如何批量部署tomcat,其實方式上都差不多,tomcat多了個java必須配置,以及需要多個實例一起部署。方式方法上可能不是最優方案,功能上是都可以實現基本需求的。環境介紹:Centos 6.5t
SpringBoot多環境部署,在啟動時動態設置相應的配置文件
img nbsp rod boot 技術分享 ava 運行 不同的 span 項目中,往往在測試環境和正式環境擁有不同的配置,例如數據庫連接,第三方庫的appkey等。這時候,我們就要在不同的環境啟用不同的配置 下面新建三個文件,分別表示開發環境,生產環境和測試環境的配置文
Gradle Maven部署,轉化
修改 gradle posit art doc cred del schema nap 參考:(易百教程)http://www.yiibai.com/gradle/gradle_deployment.html 目錄: Gradle部署 Maven轉化為Gradle Gr
Centos 7 Saltstack自動化部署Haproxy+Keepalived
centos 7 saltstack haproxy keepalivedmaster node 10.10.10.1 minion node 10.10.10.2# cat /etc/salt/master |grep -v "#" |grep -v "^ *$"interface:
Centos 7 Saltstack自動化部署weblogic 12c
centos7 saltstack weblogic12c 自動化部署域 集群 受管。 # pwd/etc/salt/base# tree cluster/cluster/├── files│ ├── creat.rsp -------------1│ ├──
saltstack API(一)
pass strong master yam accept size style urn 測試 一)、安裝配置api [root@k8s_master ~]# pip install pyopenssl #安裝依賴包 [root@k8s_master
Redis Sentinel安裝與部署,實現redis的高可用
config pom else turn int 修改 align 表示 boot.s 前言 對於生產環境,高可用是避免不了要面對的問題,無論什麽環境、服務,只要用於生產,就需要滿足高可用;此文針對的是redis的高可用。 接下來會有系列文章,該系列是對spring
Https系列之二:https的SSL證書在服務器端的部署,基於tomcat,spring boot
onf 基於 分享 height 轉化 自簽名 size class ont 一:本文的主要內容介紹 CA證書的下載及相應文件的介紹 CA證書在tomcat的部署 CA證書在spring boot的部署 自簽名證書的部署 二:一些內容的回顧 在Https系列之一中已介
緬甸老百勝開戶咨詢13208831115無知還是帶節奏?蘇57領先殲20進行實戰部署,中國應買蘇57
武器裝備緬甸老百勝開戶咨詢13208831115網址www.lbs818.com前不久俄空軍已經前後派遣了2批4架家蘇-57戰鬥機趕赴敘利亞應對未來的局勢沖突升級,值得我們註意的是俄軍的蘇-57戰機還是一款未成熟的戰鬥機,然而卻被派遣上了戰場參加實戰訓練。消息一出就讓很多人不顧實際情況而盲目的大加贊賞,甚至有