Home > Others

SALT-API installation configuration and use

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Installation 
yum install salt-api -y
Configuration
    • Generate a self-signed certificate (for SSL)
cd  /etc/pki/tls/certs# 生成自签名证书, 过程中需要输入key密码及RDNsmake testcertcd /etc/pki/tls/private/# 解密key文件,生成无密码的key文件, 过程中需要输入key密码,该密码为之前生成证书时设置的密码openssl rsa -in localhost.key -out localhost_nopass.key
    • Create a user for Salt-api
useradd -M -s /sbin/nologin salt-apiecho "salt-api" | passwd salt-api —stdin
    • Modify the/etc/salt/master file
sed -i ‘/#default_include/s/#default/default/g‘ /etc/salt/master
    • New configuration file/etc/salt/master.d/api.conf
cat /etc/salt/master.d/api.confrest_cherrypy:  port: 8000  ssl_crt: /etc/pki/tls/certs/localhost.crt  ssl_key: /etc/pki/tls/private/localhost_nopass.key
    • New configuration file/etc/salt/master.d/eauth.conf
cat /etc/salt/master.d/eauth.conf  external_auth:    pam:      salt-api:        - .*        - ‘@wheel‘
    • Start Salt-master and Salt-api
systemctl start salt-mastersystemctl start salt-api
    • Install a Salt client
yum install salt-minion -y修改配置sed -i "/^#master: salt/c master: 192.168.104.76"  /etc/salt/minion启动 clientsystemctl start salt-minion
    • Accept key on Master
[[email protected] salt]# salt-key -LAccepted Keys:Denied Keys:Unaccepted Keys:node76Rejected Keys:[[email protected] salt]# salt-key -AThe following keys are going to be accepted:Unaccepted Keys:node76Proceed? [n/Y] YKey for minion node76 accepted.[[email protected] salt]# salt-key -LAccepted Keys:node76Denied Keys:Unaccepted Keys:Rejected Keys:
API usage
    • Get tokens with curl
 curl -k https://192.168.104.76:8000/login -H "Accept: application/x-yaml"  -d username=‘salt-api‘ -d password=‘salt-api‘  -d eauth=‘pam‘return:- eauth: pam  expire: 1520269544.2591  perms:  - .*  - ‘@wheel‘  - ‘@runner‘  start: 1520226344.259099  token: 593a7224f988f28b84d58b7cda38fe5e5ea07d98  user: salt-api

Token communication can be used after acquiring token

= = Note = =: Token change after restarting Salt-api

    • Testing the connectivity of the Minion end

      The following features are similar to "salt" * ' test.ping '

curl -k https://192.168.104.76:8000 -H "Accept: application/x-yaml" -H "X-Auth-Token: ded897184a942ca75683276c29d787ea71c207a9" -d client=‘local‘ -d tgt=‘*‘ -d fun=‘test.ping‘ return:- node76: true
    • Execute remote command

      The following functions resemble "salt ' * ' Cmd.run ifconfig"

curl -k https://192.168.104.76:8000 -H "Accept: application/x-yaml" -H "X-Auth-Token: ded897184a942ca75683276c29d787ea71c207a9" -d client=‘local‘ -d tgt=‘*‘ -d fun=‘cmd.run‘   -d arg=‘uptime‘return:- node76: ‘ 13:18:46 up 161 days,  2:23,  1 user,  load average: 0.15, 0.09, 0.10‘
    • Using State.sls

      The following functions resemble "salt ' * ' State.sls ifconfig"

 Curl-k Https://192.168.104.76:8000-H "Accept:application/x-yaml"-H "X-auth-token: Ded897184a942ca75683276c29d787ea71c207a9 "-D client= ' local '-D tgt= ' * '-D fun= ' State.sls '-D arg= ' ifconfig ' return:- Node76:cmd_|-ifconfig_|-ifconfig_|-run: __run_num__: 0 changes:pid:30954 Retcode     : 0 stderr: ' stdout: ' eth2 Link encap:ethernet HWaddr 00:50:56:b5:5c:28 \ \ \ inet addr:192.168.90.63 bcast:192.168.90.255 mask:255.255.255.0\n\ \ Inet6 addr:fe80::250:56ff:f EB5:5C28/64 scope:link\n \ Up broadcast RUNNING multicast mtu:1500 metric:1\n RX packets:8 25051\ \ errors:0 dropped:0 overruns:0 frame:0\n TX packets:434351 errors:0\ \ dropped:0 ov erruns:0 carrier:0\n collisions:0 txqueuelen:1000\ \ \ n RX bytes:60353823 (57.5 MiB) TX byte s:27062672 (25.8 MiB) \n\ \nlo Link encap:localLoopback \ inet addr:127.0.0.1 \ mask:255.0.0.0\n inet6 addr::: 1/128 scope:host\n Up\ \ LOOPBACK RUNNING mtu:16436 metric:1\n RX packets:808 errors:0\ \ dropped:0 Overr uns:0 frame:0\n TX packets:808 errors:0 dropped:0\ \ overruns:0 carrier:0\n collisions:0 txqu euelen:0 \ \ RX bytes:59931 (58.5 KiB) TX bytes:59931 (58.5 KiB) "Comment:command" ifconfig   "Run duration:11.991 name:ifconfig result:true start_time: ' 13:59:06.334112 '
    • Using targeting

      The following features are similar to "salt-l ' 192.168.90.61,192.168.90.63 ' test.ping"

 curl -k https://192.168.104.76:8000 -H "Accept: application/x-yaml" -H "X-Auth-Token: ded897184a942ca75683276c29d787ea71c207a9"  -d client=‘local‘ -d tgt=‘node76‘  -d expr_form=‘list‘  -d fun=‘test.ping‘ return:- node76: true
    • Output in JSON format
      curl -k https://192.168.104.76:8000 -H "Accept: application/json" -H "X-Auth-Token: ded897184a942ca75683276c29d787ea71c207a9"  -d client=‘local‘ -d tgt=‘node76‘  -d fun=‘cmd.run‘ -d arg=‘uptime‘{"return": [{"node76": " 13:25:20 up 161 days,  2:30,  1 user,  load average: 0.01, 0.06, 0.08"}]}

SALT-API installation configuration and use

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
computer installation and configuration installation and configuration firewall installation and configuration web server installation and configuration tortoise svn installation and configuration pbx installation and configuration pdf linux server installation and configuration

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More