4, Python automation operations-centralized management platform Saltstack

Centralized management platform--saltstack

SALTSTCK as a centralized management platform for server infrastructure, with configuration management, remote execution, monitoring and other functions. Can be simply understood as a simplified version of the Puppet, the enhanced version of Func. Don't say much nonsense, just get started.

Saltstack Install and configure the components required for installation

Main control: Salt-master
Controlled End: Salt-minion

installation process

1, install the required Epel as a saltstack to deploy the Yum Source:
Yum Install-y Epel

2, Installation Salt-master/salt-minion
Yum Install-y Salt-master
Yum Install-y salt-minion

3. Set up service boot
Systemctl Enable Salt-master/systemctl Enable Salt-minion

4. Add a firewall to the main control side
Iptables-a input-p TCP--dport 4405-j ACCEPT
Iptables-a input-p TCP--dport 4406-j ACCEPT

5. Modify server-side configuration and client configuration
Modifying the master configuration (/etc/salt/master)

interface: 192.168.118.132 #绑定Master通信IPauto_accept: True #自动认证file_roots: base:- /srv/salt#指定SaltStack文件目录

Restart the main terminal saltstack:service restart Salt-master

Modifying the managed terminal configuration (/etc/salt/minion)

master:192.168.118.132 #指定Master主机IP地址id：mbb_server #被控主机端识别ID

Restart the controlled end Saltstack:service restart Salt-minion

Test installation Result: Salt ' * ' test.ping

API Invocation Example:

Import Salt.client
Client = Salt.client.LocalClient ()

Common modules and APIs

Archive Module (Support Gunzip,gzip,rar,tar,unrar,unzip)
1, function: Realize the system level of compression package call, support Gunzip,gzip,rar,tar,unrar

解压操作：salt ‘*’ archive.gunzip /tmp/mbb.txt.gz压缩操作salt ‘*’ archive.gzip /tmp/mbb.txt

2. API call

client.cmd(‘*’,’archive.gzip’,[‘/tmp/mbb.txt’])

CMD module

1. Function: Implement remote command line call execution (default root operation, need to evaluate risk when using)

模块示例：salt ‘*’ cmd.run “free -m”

3. API call

client.cmd(‘*’,’cmd.run’,[‘free -m’])

CP Module

1, function: Realize remote files, directory replication, and download URL files and other operations

将指定被控端的文件复制到主控端的本地目录:salt ‘*’ cp.cache_local_file /etc/hosts

Cron Module

1, function: Realize the crontab operation of the controlled host

查看指定被控主机salt ‘mbb_208’ cron.raw_cron root未指定的被控端、root用户添加echo 1 > mbb.txt任务作业salt ‘mbb_208’ cron.set_job root ‘*’ ‘*’ ‘*’ ‘*’ 1 “echo 1 > mbb.txt”删除指定的被控端，root用户crontab的echo 1 > mbb.txt 任务作业salt ‘mbb_208‘ cron.rm_job root "echo 1 > lsk.txt"

2. API call

client.cnd(‘mbb_208’,’cron.rm_job’,[‘root’*’,’*’,’*’,’*’,1,”echo 1 > mbb.txt”])

Iptables module

1, realize the iptables operation of the controlled host

添加iptables规则salt ‘mbb_208‘ iptables.insert filter INPUT position=1 rule="-p tcp --dport 4405 -j ACCEPT"salt ‘mbb_208‘ iptables.append filter INPUT rule="-p tcp --dport 4406 -j ACCEPT"删除iptables规则salt ‘mbb_208‘ iptables.delete filter INPUT  position=1

2. API call

client.cmd(‘mbb_208‘,‘iptables.insert‘,[‘filter‘,‘INPUT‘,‘position=1‘,‘rule=\‘-p tcp --dport 21 -j ACCEPT\‘‘])

Network module

1, Function: Return the network information of the controlled end

获取dig，ping，traceroute目录域名信息salt ‘mbb_208‘ network.dig www.baidu.comsalt ‘mbb_208‘ network.ping www.baidu.comsalt ‘mbb_208‘ network.traceroute www.baidu.com获取被控端制定网卡绑定的mac地址salt ‘mbb_208‘ network.hwaddr eth0获取被控端网卡配置信息salt  mbb_208‘ network.interfaces获取被控端的ip地址配置信息salt ‘mbb_208‘ network.ip_addrs获取被控的子网信息salt ‘mbb_208‘ network.subnets

3. API call

client.cmd(‘mbb_208‘,‘network.interfaces‘)

PKG Module

1, Function: Controlled host program management, such as: Yum,apt-get

安装phpsalt ‘mbb_208’ pkg.install php卸载phpsalt ‘mbb_208’ pkg.remove php升级phpsalt ‘mbb_208’ pkg.upgrade php

2. API call

client.cmd(‘mbb_208’,’pkg.install’,[‘php’])

Service Module

1, Function: Managed host Package Service management

salt ‘mbb_208‘ service.start httpdsalt ‘mbb_208‘ service.stop httpdsalt ‘mbb_208‘ service.reload httpdsalt ‘mbb_208‘ service.restart httpdsalt ‘mbb_208‘ service.status httpdsalt ‘mbb_208‘ service.enable httpdsalt ‘mbb_208‘ service.disable httpd

2. API call

client.cmd(‘mbb_208’,’service.start’,[‘nginx’])

Grains components

Grains is one of the most important components of saltstack, the role of grains is to collect the basic information of the controlled side, which is generally static class data, including CPU, kernel, operating system, virtualization, etc.

获取被控主机的所有grains信息salt ‘*’ grains.items

Controlled host-side customization of specific Granis data

登录被控主机端，在/etc/salt/minion.d/ 目录下，添加”*.conf”配置文件grains:  roles:    - webserver    - memcache  deployment: datacenter4  cabinet: 13在主控端：salt ‘mbb_208‘ grains.item roles deployment cabinet

4, Python automation operations-centralized management platform Saltstack