SALT-API Study Note One

Source: Internet
Author: User
Tags saltstack

Online to find a lot of documents can not access Salt-api, made a long time, finally fix, write a note, convenient later query

If you need to call Saltstack through a third party, the Python API that comes with Saltstack does not meet your needs well. You can use the Saltstack based RESTful style HTTP API. The API module is not built-in and needs to be installed separately.


Introduction to Salt REST API

Here is a simple explanation, Saltstack officially support three kinds of rest API, respectively, is rest_cherry; Rest_tonado and Rest_wsgi

    • Rest_cherry and Rest_tonado Two modules enable listening on a specified port for all IPs receive requests

    • Rest_wsgi only supports native access and binds only 127.0.0.1


Installing the SALT-API Service
shell> yum-y Install gcc make python-devel libffi-devel
shell> pip install pyopenssl==0.15. 1


Using the salt tool to generate certificates
shell> Salt-call--local Tls.create_self_signed_cert

Salt-call is the Salt-minion tool, if you do not have this command, you can install Minion on the master side, and then execute the above command


Configure Users and Permissions

- s /sbin/nologin SA
Echo "Sapassword" | passwd SA--stdin


At the end of the Salt-master configuration file, add the following configuration

External_auth:
Pam: #认证模式, Pam refers to the user authentication mode of Linux itself
SA: #Linux系统中真实存在的用户名
- ' * ': #设置用户的权限, which hosts the user is allowed to manipulate, * represents all
- test.* #允许操作的模块及方法
- cmd.*


Configuring the SALT-API Service

at the end of the Salt-master configuration file, add the following configuration

Rest_cherrypy:
1559 #默认监听所有IP的1559 Port
SSL_CRT:/etc/pki/tls/certs/localhost.crt #引用的正是前面创建的证书
Ssl_key:/etc/pki/tls/certs/localhost.key


Start the service
Shell> Service Salt-api Start


Login to get token
- S Sk https://www. 20150509. CN:1559/login \
' Accept:application/x-yaml ' \
- d username=sa \
- d password=sapassword \
- D eauth=pam


Copy the token that gets

Curl- sSk https://localhost:8000 \
- H ' Accept:application/x-yaml ' \
- H ' x-auth-token:697adbdc8fe971d09ae4c2a3add7248859c87079 '\
- D client=local \
- D tgt=' * ' \
- d fun=test.ping


Accessing the API using Python scripts
 Import json
Import urllib
Import urllib2

#在python2.6x, the following two lines are not required
import SSL
Ssl._create_default_https_context = Ssl._create_unverified_context

url= 'https://www.20150509.cn:1559 ' #salt coordinates of-API

def test():
Pre_data = [{"client":"local", "TGT":"*", "Fun":"test.ping" }] #根据上面官方文档的要求组成数组嵌套字典的形式
json_data = json.dumps (pre_data) #将其转化为json格式
 
Header = {"Content-type":"Application/json", "Accept":"Application/json", "X-auth-token":"697adbdc8fe971d09ae4c2a3add7248859c87079"}
#这里说明下, Content-type is the format that declares what data is passed to the API, which is specified in JSON, because the Pre_data data above is converted into JSON format by me
#Accept是声明返回结果以什么样的格式显示, this also specifies the JSON format to display the returned results

request = Urllib2. Request (URL, json_data, header) #构造一次请求
response = Urllib2.urlopen (request) #构造一次HTTP访问

html = response.read ()
print HTML


if __name__=="__main__":
Test ()



This article is from the "Linux is belong to You" blog, make sure to keep this source http://jwh5566.blog.51cto.com/7394620/1760855

SALT-API Study Note One

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.