SaltStack常用的模块

Posted 卑微小胡

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了SaltStack常用的模块相关的知识,希望对你有一定的参考价值。

SaltStack常用的模块

文章目录

SaltStack模块介绍

Module是日常使用SaltStack接触最多的一个组件,其用于管理对象操作,这也是SaltStack通过Push的方式进行管理的入口,比如我们日常简单的执行命令、查看包安装情况、查看服务运行情况等工作都是通过SaltStack Module来实现的。

当安装好Master和Minion包后,系统上会安装很多Module,大家可以通过以下命令查看支持的所有Module列表:

#查看所有module列表
[root@master ~]# salt '*' sys.list_modules
minion1:
    - acl
    - aliases
    - alternatives
    - ansible
    - archive
    - artifactory
    - baredoc
    - beacons
    - bigip
    - btrfs
    - buildout
    - chroot
    - cloud
    - cmd
    - composer
    - config
    - consul
    - container_resource
    - cp
    - cron
    - cryptdev
    - data
    - defaults
    - devinfo
    - devmap
    - disk
    - django
    - dnsmasq
    - dnsutil
    - drbd
    - environ
    - ethtool
    - event
    - extfs
    - file
    - firewalld
    - freezer
    - gem
    - genesis
    - glassfish
    - gnome
    - google_chat
    - grafana4
    - 此处省略n行
#查看指定module的所有function
[root@master ~]# salt 'minion1' sys.list_functions cmd
minion1:
    - cmd.exec_code
    - cmd.exec_code_all
    - cmd.has_exec
    - cmd.powershell
    - cmd.powershell_all
    - cmd.retcode
    - cmd.run
    - cmd.run_all
    - cmd.run_bg
    - cmd.run_chroot
    - cmd.run_stderr
    - cmd.run_stdout
    - cmd.script
    - cmd.script_retcode
    - cmd.shell
    - cmd.shell_info
    - cmd.shells
    - cmd.tty
    - cmd.which
    - cmd.which_bin
#查看指定module的用法
[root@master ~]# salt 'minion1' sys.doc cmd
cmd.exec_code:

    Pass in two strings, the first naming the executable language, aka -
    python2, python3, ruby, perl, lua, etc. the second string containing
    the code you wish to execute. The stdout will be returned.

    All parameters from :mod:`cmd.run_all <salt.modules.cmdmod.run_all>` except python_shell can be used.

    CLI Example:

        salt '*' cmd.exec_code ruby 'puts "cheese"'
        salt '*' cmd.exec_code ruby 'puts "cheese"' args='["arg1", "arg2"]' env='"FOO": "bar"'
    

cmd.exec_code_all:

    Pass in two strings, the first naming the executable language, aka -
    python2, python3, ruby, perl, lua, etc. the second string containing
    the code you wish to execute. All cmd artifacts (stdout, stderr, retcode, pid)
    will be returned.
...此处省略N行...
#SaltStack默认也支持一次执行多个Module,Module之间通过逗号隔开,默认传参之间也是用逗号分隔,也支持指定传参分隔符号--args-separator=@即可
[root@master ~]# salt 'minion1' test.echo,cmd.run,service.status bwxh,date,salt-minion
minion1:
    ----------
    cmd.run:
        Tue Jul  6 22:51:04 CST 2021
    service.status:
        True
    test.echo:
        bwxh

SaltStack常用模块

SaltStack常用模块之network

network.active_tcp

返回所有活动的tcp连接

[root@master ~]# salt '*' network.active_tcp
minion1:
    ----------
    0:
        ----------
        local_addr:
            192.168.96.133
        local_port:
            22
        remote_addr:
            192.168.96.1
        remote_port:
            51773
    1:
        ----------
        local_addr:
            192.168.96.133
        local_port:
            56306
        remote_addr:
            192.168.96.129
        remote_port:
            4505

network.calc_net

通过IP和子网掩码计算出网段

[root@master ~]# salt '*' network.calc_net 192.168.96.133 255.255.255.0
minion1:
    192.168.96.0/24
[root@master ~]# salt '*' network.calc_net 192.168.96.133 255.255.255.240
minion1:
    192.168.96.128/28

network.connect

测试minion至某一台服务器的网络是否连通

[root@master ~]# salt '*' network.connect www.baidu.com 80
minion1:
    ----------
    comment:
        Successfully connected to www.baidu.com (14.215.177.38) on tcp port 80
    result:
        True

network.default_route

查看默认路由

[root@master ~]# salt '*' network.default_route
minion1:
    |_
      ----------
      addr_family:
          inet
      destination:
          0.0.0.0
      flags:
          UG
      gateway:
          192.168.96.2
      interface:
          ens33
      netmask:
          0.0.0.0

network.get_fqdn

查看主机的fqdn(完全限定域名)

[root@master ~]# salt '*' network.get_fqdn
minion1:
    minion1

network.get_hostname

获取主机名

[root@master ~]# salt '*' network.get_hostname
minion1:
    minion1

network.get_route

查询到一个目标网络的路由信息

[root@master ~]# salt '*' network.get_route 192.168.96.129
minion1:
    ----------
    destination:
        192.168.96.129
    gateway:
        None
    interface:
        ens33
    source:
        192.168.96.133

network.hw_addr

返回指定网卡的MAC地址

[root@master ~]# salt '*' network.hw_addr ens33
minion1:
    00:0c:29:ff:e0:83

network.ifacestartswith

从特定CIDR检索接口名称

[root@master ~]# salt '*' network.ifacestartswith 192.168
minion1:
    - ens33

network.in_subnet

判断当前主机是否在某一个网段内

[root@master ~]# salt '*' network.in_subnet 192.168.96.0/24
minion1:
    True
[root@master ~]# salt '*' network.in_subnet 192.168.98.0/24
minion1:
    False

network.interface

返回指定网卡的信息

[root@master ~]# salt '*' network.interface ens33
minion1:
    |_
      ----------
      address:
          192.168.96.133
      broadcast:
          192.168.96.255
      label:
          ens33
      netmask:
          255.255.255.0

network.interface_ip

返回指定网卡的IP地址

[root@master ~]# salt '*' network.interface_ip ens33
minion1:
    192.168.96.133

network.interfaces

返回当前系统中所有的网卡信息

[root@master ~]# salt '*' network.interfaces
minion1:
    ----------
    ens33:
        ----------
        hwaddr:
            00:0c:29:ff:e0:83
        inet:
            |_
              ----------
              address:
                  192.168.96.133
              broadcast:
                  192.168.96.255
              label:
                  ens33
              netmask:
                  255.255.255.0
        inet6:
            |_
              ----------
              address:
                  fe80::20c:29ff:feff:e083
              prefixlen:
                  64
              scope:
                  link
        up:
            True
    lo:
        ----------
        hwaddr:
            00:00:00:00:00:00
        inet:
            |_
              ----------
              address:
                  127.0.0.1
              broadcast:
                  None
              label:
                  lo
              netmask:
                  255.0.0.0
        inet6:
            |_
              ----------
              address:
                  ::1
              prefixlen:
                  128
              scope:
                  host
        up:
            True

network.ip_addrs

返回一个IPv4的地址列表
该函数将会忽略掉127.0.0.1的地址

[root@master ~]# salt '*' network.ip_addrs
minion1:
    - 192.168.96.133

network.netstat

返回所有打开的端口和状态

[root@master ~]# salt '*' network.netstat
minion1:
    |_
      ----------
      inode:
          29285
      local-address:
          192.168.96.133%ens33:68
      program:
          NetworkManager
      proto:
          udp
      recv-q:
          0
      remote-address:
          192.168.96.254:67
      send-q:
          0
      user:
          0
    |_
      ----------
      inode:
          28655
      local-address:
          0.0.0.0:80
      program:
          nginx
      proto:
          tcp
      recv-q:
          0
      remote-address:
          0.0.0.0:*
      send-q:
          128
      state:
          LISTEN
      user:
          0
    |_
      ----------
      inode:
          28029
      local-address:
          0.0.0.0:22
      program:
          sshd
      proto:
          tcp
      recv-q:
          0
      remote-address:
          0.0.0.0:*
      send-q:
          128
      state:
          LISTEN
      user:
          0
    |_
      ----------
      inode:
          31137
      local-address:
          192.168.96.133:22
      program:
          sshd
      proto:
          tcp
      recv-q:
          0
      remote-address:
          192.168.96.1:51773
      send-q:
          0
      state:
          ESTABLISHED
      user:
          0
    |_
      ----------
      inode:
          0
      local-address:
          192.168.96.133:40192
      program:
      proto:
          tcp
      recv-q:
          0
      remote-address:
          192.168.96.129:4506
      send-q:
          0
      state:
          TIME-WAIT
      user:
          0
    |_
      ----------
      inode:
          31695
      local-address:
          192.168.96.133:56306
      program:
          salt-minion
      proto:
          tcp
      recv-q:
          0
      remote-address:
          192.168.96.129:4505
      send-q:
          0
      state:
          ESTABLISHED
      user:
          0
    |_
      ----------
      inode:
          28656
      local-address:
          [::]:80
      program:
          nginx
      proto:
          tcp
      recv-q:
          0
      remote-address:
          [::]:*
      send-q:
          128
      state:
          LISTEN
      user:
          0
    |_
      ----------
      inode:
          28037
      local-address:
          [::]:22
      program:
          sshd
      proto:
          tcp
      recv-q:
          0
      remote-address:
          [::]:*
      send-q:
          128
      state:
          LISTEN
      user:
          0

network.ping

使用ping命令测试到某主机的连通性

[root@master ~]# salt '*' network.ping www.baidu.com
minion1:
    PING www.a.shifen.com (14.215.177.39) 56(84) bytes of data.
    64 bytes from 14.215.177.39 (14.215.177.39): icmp_seq=1 ttl=128 time=26.2 ms
    64 bytes from 14.215.177.39 (14.215.177.39): icmp_seq=2 ttl=128 time=26.6 ms
    64 bytes from 14.215.177.39 (14.215.177.39): icmp_seq=3 ttl=128 time=25.7 ms
    64 bytes from 14.215.177.39 (14.215.177.39): icmp_seq=4 ttl=128 time=29.7 ms
    
    --- www.a.shifen.com ping statistics ---
    4 packets transmitted, 4 received, 0% packet loss, time 3006ms
    rtt min/avg/max/mdev = 25.734/27.025/29.656/1.559 ms

network.reverse_ip

返回一个指定的IP地址的反向地址

root@master ~]# salt '*' network.reverse_ip 192.168.96.129
minion1:
    129.96.168.192.in-addr.arpa

SaltStack常用模块之service

service.available

判断指定的服务是否可用

[root@master ~]# salt '*' service.available nginx
minion1:
    True
[root@master ~]# salt '*' service.available httpd
minion1:
    False

service.get_all

获取所有正在运行的服务

[root@master ~]# salt '*' service.get_all
minion1:
    - NetworkManager
    - NetworkManager-dispatcher
    - NetworkManager-wait-online
    - auditd
    - autovt@
    - basic.target
    - blk-availability
    - bluetooth.target
    - boot-complete.target
    - console-getty
    - container-getty@
    - cpupower
    - crond
    - cryptsetup-pre.target
    - cryptsetup.target
    - ctrl-alt-del.target
    - dbus
    - dbus-org.fedoraproject.FirewallD1
    - dbus-org.freedesktop.hostname1
	- 此处省略n行

service.disabled

检查指定服务是否开机不自动启动

[root@master ~]# salt '*' service.disabled nginx
minion1:
    False

service.enabled

检查指定服务是否开机自动启动

[root@master ~]# salt '*' service.enabled nginx
minion1:
    True

service.disable

设置指定服务开机不自动启动

[root@master ~]# salt '*' service.disable nginx
minion1:
    True
[root@master ~]# salt '*' service.enabled nginx
minion1:
    False

service.enable

设置指定服务开机自动启动

[root@master ~]# salt '*' service.enable nginx
minion1:
    True
[root@master ~]# salt '*' service.enabled nginx
minion1:
    True

service.reload

重新加载指定服务

[root@minion1 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor pr>
   Active: active (running) since Tue 2021-07-06 22:25:56 CST; 1h 7min ago
 Main PID: 979 (nginx)
    Tasks: 2 (limit: 4767)
   Memory: 11.0M
   CGroup: /system.slice/nginx.service
           ├─979 nginx: master process /usr/sbin/nginx
           └─980 nginx: worker process

Jul 06 22:25:55 localhost.localdomain systemd[1]: Starting The nginx HTTP an>
Jul 06 22:25:56 localhost.localdomain nginx[952]: nginx: the configuration f>
Jul 06 22:25:56 localhost.localdomain nginx[952]: nginx: configuration file >
Jul 06 22:25:56 localhost.localdomain systemd[1]: Started The nginx HTTP and>
[root@master ~]# salt '*' service.reload nginx
minion1:
    True
[root@minion1 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor pr>
   Active: active (running) since Tue 2021-07-06 22:25:56 CST; 1h 7min ago
  Process: 2206 ExecReload=/bin/kill -s HUP $MAINPID (code=exited, status=0/>
 Main PID: 979 (nginx)
    Tasks: 2 (limit: 4767)
   Memory: 12.2M
   CGroup: /system.slice/nginx.service
           ├─ 979 nginx: master process /usr/sbin/nginx
           └─2211 nginx: worker process

Jul 06 22:25:55 localhost.localdomain systemd[1]: Starting The nginx HTTP an>
Jul 06 22:25:56 localhost.localdomain nginx[952]: nginx: the configuration f>
Jul 06 22:25:56 localhost.localdomain nginx[952]: nginx: configuration file >
Jul 06 22:25:56 localhost.localdomain systemd[1]: Started The nginx HTTP and>
Jul 06 23:33:41 minion1 systemd[1]: Reloading The nginx HTTP and reverse pro>
Jul 06 23:33:41 minion1 systemd[1]: Reloaded The nginx HTTP and reverse prox>

service.stop

停止指定服务

[root@master ~]# salt '*' service.stop nginx
minion1:
    True
[root@minion1 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor pr>
   Active: inactive (dead) since Tue 2021-07-06 23:36:01 CST; 15s ago
  Process: 2206 ExecReload=/bin/kill -s HUP $MAINPID (code=exited, status=0/>
 Main PID: 979 (code=exited, status=0/SUCCESS)

Jul 06 22:25:55 localhost.localdomain systemd[1]: Starting The nginx HTTP an>
Jul 06 22:25:56 localhost.localdomain nginx[952]: nginx: the configuration f>
Jul 06 22:25:56 localhost.localdomain nginx[952]: nginx: configuration file >
Jul 06 22:25:56 localhost.localdomain systemd[1]: Started The nginx HTTP and>
Jul 06 23:33:41 minion1 systemd[1]: Reloading The nginx HTTP and reverse pro>
Jul 06 23:33:41 minion1 systemd[1]: Reloaded The nginx HTTP and reverse prox>
Jul 06 23:36:01 minion1 systemd[1]: Stopping The nginx HTTP and reverse prox>
Jul 06 23:36:01 minion1 systemd[1]: nginx.service: Succeeded.
Jul 06 23:36:01 minion1 systemd[1]: Stopped The nginx HTTP and reverse proxy

service.start

启动指定服务

[root@master ~]# salt '*' service.start nginx
minion1:
    True
[root@minion1 ~]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor pr>
   Active: active (running) since Tue 2021-07-06 23:37:14 CST; 9s ago
  Process: 2206 ExecReload=/bin/kill -s HUP $MAINPID (code=exited, status=0/>
  Process: 2237 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 2235 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCE>
  Process: 2234 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, sta>
 Main PID: 2239 (nginx)
    Tasks: 2 (limit: 4767)
   Memory: 3.7M
   CGroup: /system.slice/nginx.service
           ├─2239 nginx: master process /usr/sbin/nginx
           └─2240 nginx: worker process

Jul 06 23:37:14 minion1 systemd[1]: Starting The nginx HTTP and reverse prox>
Jul 06 23:37:14 minion1 nginx[2235]: nginx: the configuration file /etc/ngin>
Jul 06 23:37:14 minion1 nginx[2235]: nginx: configuration file /etc/nginx/ng>
Jul 06 23:37:14 minion1 systemd[1]: nginx.service: Failed to parse PID from >
Jul 06 23:37:14 minion1 systemd[1]: Started The nginx HTTP and reverse proxy>

service.restart

重启指定服务

[root@master ~]# salt '*' service.restart nginx
minion1:
    True

service.status

查看指定服务的状态

[root@master ~]# salt '*' service.status nginx
minion1:
    True
[root@master ~]# salt '*' service.stop nginx
minion1:
    True
[root@master ~]# salt '*' service.status nginx
minion1:
    False

SaltStack常用模块之pkg

pkg.download

只下载软件包但不安装
此功能将会下载指定的软件包,但是需要在minion端安装yum-utils,可以使用 cmd.run 进行远程安装

[root@master ~]# salt '*' pkg.download httpd
minion1:
    ----------
    httpd:
        /var/cache/yum/packages/httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64.rpm #下载好的软件放在这里
[root@minion1 ~]# ls /var/cache/yum/packages/
httpd-2.4.37-40.module_el8.5.0+852+0aafc63b.x86_64.rpm

pkg.file_list

列出指定包或系统中已安装的所有包的文件

[root@master ~]# salt '*' pkg.file_list nginx
minion1:
    ----------
    errors:
    files:
        - /etc/logrotate.d/nginx
        - /etc/nginx/fastcgi.conf
        - /etc/nginx/fastcgi.conf.default
        - /etc/nginx/fastcgi_params
        - /etc/nginx/fastcgi_params.default
        - /etc/nginx/koi-utf
        - /etc/nginx/koi-win
        - /etc/nginx/mime.types
        - /etc/nginx/mime.types.default
        - /etc/nginx/nginx.conf
        - /etc/nginx/nginx.conf.default
        - /etc/nginx/scgi_params
        - /etc/nginx/scgi_params.default
        - /etc/nginx/uwsgi_params
        - /etc/nginx/uwsgi_params.default
        - /etc/nginx/win-utf
        - /usr/bin/nginx-upgrade
        - /usr/lib/.build-id
        - /usr/lib/.build-id/2d
        - /usr/lib/.build-id/2d/da6018ae12edb856ad3d2cf61bf586b6b4873c
        - /usr/lib/systemd/system/nginx.service
        - /usr/lib64/nginx/modules
        - /usr/sbin/nginx
        - /usr/share/doc/nginx
        - /usr/share/doc/nginx/CHANGES
        - /usr/share/doc/nginx/README
        - /usr/share/doc/nginx/README.dynamic
        - /usr/share/licenses/nginx
        - /usr/share/licenses/nginx/LICENSE
        - /usr/share/man/man3/nginx.3pm.gz
        - /usr/share/man/man8/nginx-upgrade.8.gz
        - /usr/share/man/man8/nginx.8.gz
        - /usr/share/nginx/html/404.html
        - /usr/share/nginx/html/50x.html
        - /usr/share/nginx/html/index.html
        - /usr/share/nginx/html/nginx-logo.png
        - /usr/share/nginx/html/poweredby.png
        - /usr/share/vim/vimfiles/ftdetect/nginx.vim
        - /usr/share/vim/vimfiles/indent/nginx.vim
        - /usr/share/vim/vimfiles/syntax/nginx.vim
        - /var/lib/nginx
        - /var/lib/nginx/tmp
        - /var/log/nginx
#当不提供参数时,将会列出当前系统中所有已安装软件的文件列表当不提供参数时,将会列出当前系统中所有已安装软件的文件列表
[root@master ~]# salt '*' pkg.file_list
minion1:
    ----------
    errors:
    files:
        VALUE_TRIMMED

pkg.group_info

查看包组的信息

[root@master ~]# salt '*' pkg.group_info 'Development Tools'
minion1:
    ----------
    conditional:
    default:
        - asciidoc
        - byacc
        - ctags
        - diffstat
        - elfutils-libelf-devel
        - git
        - intltool
        - jna
        - ltrace
        - patchutils
        - perl-Fedora-VSP
        - perl-Sys-Syslog
        - perl-generators
        - pesign
        - source-highlight
        - systemtap
        - valgrind
        - valgrind-devel
    description:
        A basic development environment.
    group:
        Development Tools
    id:
        None
    mandatory:
        - autoconf
        - automake
        - binutils
        - bison
        - flex
        - gcc
        - gcc-c++
        - gdb
        - glibc-devel
        - libtool
        - make
        - pkgconf
        - pkgconf-m4
        - pkgconf-pkg-config
        - redhat-rpm-config
        - rpm-build
        - rpm-sign
        - strace
    optional:
        - cmake
        - expect
        - rpmdevtools
        - rpmlint
    type:
        package group

pkg.group_list

列出系统中所有的包组

[root@master ~]# salt '*' pkg.group_list
minion1:
    ----------
    available:
        - Backup Client
        - base-x
        - Conflicts AppStream
        - Container Management
        - Debugging Tools
        - Desktop Debugging and Performance Tools
        - .NET Core Development
        - FTP Server
        - GNOME Applications
        - Graphics Creation Tools
        - Guest Agents
        - Guest Desktop Agents
        - Input Methods
        - Internet Applications
        - Internet Browser
        - Java Platform
        - Legacy X Window System Compatibility
        - Multimedia
        - Office Suite and Productivity
        - Atomic Host ostree support
        - KVM platform specific packages
        - Hyper-v platform specific packages
        - Printing Client
        - Remote Desktop Clients
        - RPM Development Tools
        - TeX formatting system
        - Virtualization Client
        - Virtualization Hypervisor
        - Virtualization Platform
        - Virtualization Tools
        - Basic Web Server
        - Additional Development
        - Anaconda tools
        - Base
        - Conflicts BaseOS
        - Development Tools
        - Dial-up Networking Support
        - File and Storage Server
        - Fonts
        - GNOME
        - Graphical Administration Tools
        - Hardware Monitoring Utilities
        - Hardware Support
        - Headless Management
        - Infiniband Support
        - Large Systems Performance
        - Legacy UNIX Compatibility
        - Mail Server
        - Mainframe Access
        - Network File System Client
        - Network Servers
        - Networking Tools
        - Common NetworkManager submodules
        - Performance Tools
        - Platform Development
        - Python Web
        - Remote Management for Linux
        - Scientific Support
        - Security Tools
        - Server product core
        - Smart Card Support
        - Windows File Server
        - Standard
        - System Tools
        - Workstation product core
    available environments:
        - Server with GUI
        - Server
        - Workstation
        - Virtualization Host
        - Custom Operating System
    available languages:
        ----------
    installed:
        - VMware platform specific packages
        - Core
    installed environments:
        - Minimal Install

pkg.install

安装软件

[root@master ~]# salt '*' pkg.install wget
minion1:
    ----------
    wget:
        ----------
        new:
            1.19.5-10.el8
        old:

pkg.list_downloaded

列出已下载到本地的软件包

[root@master ~]# salt '*' pkg.list_downloaded
minion1:
    ----------

pkg.list_pkgs

以字典的方式列出当前已安装的软件包

[root@master ~]# salt '*' pkg.group_list
minion1:
    ----------
    available:
        - Backup Client
        - base-x
        - Conflicts AppStream
        - Container Management
        - Debugging Tools
        - Desktop Debugging and Performance Tools
        - .NET Core Development
        - FTP Server
        - GNOME Applications
        - Graphics Creation Tools
        - Guest Agents
        - Guest Desktop Agents
        - Input Methods
        - Internet Applications
        - Internet Browser
        - Java Platform
        - Legacy X Window System Compatibility
		- 此处省略n行

pkg.owne

列出指定文件是由哪个包提供的

[root@master ~]# salt '*' pkg.owner /usr/sbin/nginx
minion1:
    nginx
[root@master ~]# salt '*' pkg.owner /usr/sbin/nginx /etc/nginx/nginx.conf
minion1:
    ----------
    /etc/nginx/nginx.conf:
        nginx
    /usr/sbin/nginx:
        nginx

pkg.remove

卸载指定软件

[root@master ~]# salt '*' cmd.run 'rpm -qa | grep wget'
minion1:
    wget-1.19.5-10.el8.x86_64
[root@master ~]# salt '*' pkg.remove wget
minion1:
    ----------
    wget:
        ----------
        new:
        old:
            1.19.5-10.el8
#若要卸载多个文件,中间需要用逗号隔开

pkg.upgrade

升级系统中所有的软件包或升级指定的软件包

[root@master ~]# salt '*' pkg.upgrade name=openssl
minion1:
    ----------
    openssl:
        ----------
        new:
            1:1.1.1k-1.el8
        old:
            1:1.1.1g-15.el8_3
    openssl-libs:
        ----------
        new:
            1:1.1.1k-1.el8
        old:
            1:1.1.1g-15.el8_3
#若想升级系统中所有的软件包则把 name 参数去掉即可

SaltStack常用模块之state

state.show_highstate

显示当前系统中有哪些高级状态

[root@master ~]# salt '*' state.show_highstate
minion1:
    ----------
    nginx-install:
        ----------
        __env__:
            base
        __sls__:
            web.nginx.install
        pkg:
            |_
              ----------
              name:
                  nginx
            - installed
            |_
              ----------
              order:
                  10000
    nginx-service:
        ----------
        __env__:
            base
        __sls__:
            web.nginx.install
        service:
            |_
              ----------
              name:
                  nginx
            |_
              ----------
              enable:
                  True
            - running
            |_
              ----------
              order:
                  10001

state.highstate

执行高级状态

[root@master ~]# salt '*' state.highstate web.nginx.install
minion1:
----------
          ID: nginx-install
    Function: pkg.installed
        Name: nginx
      Result: True
     Comment: All specified packages are already installed
     Started: 00:05:51.880116
    Duration: 561.255 ms
     Changes:   
----------
          ID: nginx-service
    Function: service.running
        Name: nginx
      Result: None
     Comment: Service nginx is set to start
     Started: 00:05:52.446185
    Duration: 58.923 ms
     Changes:   

Summary for minion1
------------
Succeeded: 2 (unchanged=1)
Failed:    0
------------
Total states run:     2
Total run time: 620.178 ms

state.show_state_usage

显示当前系统中的高级状态执行情况

[root@master ~]# salt '*' state.show_state_usage
minion1:
    ----------
    base:
        ----------
        count_all:
            2
        count_unused:
            1
        count_used:
            1
        unused:
            - top
        used:
            - web.apache.apache
    dev:
        ----------
        count_all:
            0
        count_unused:
            0
        count_used:
            0
        unused:
        used:
    prod:
        ----------
        count_all:
            0
        count_unused:
            0
        count_used:
            0
        unused:
        used:
    test:
        ----------
        count_all:
            0
        count_unused:
            0
        count_used:
            0
        unused:
        used:

state.show_top

返回minion将用于highstate的顶级数据

[root@master ~]# salt '*' state.show_top
minion1:
    ----------
    base:
        - web.nginx.installs

state.top

执行指定的top file,而不是默认的

[root@master ~]# salt '*' state.top bwxh.sls
minion1:
----------
          ID: apache-install
    Function: pkg.installed
        Name: httpd
      Result: True
     Comment: All specified packages are already installed
     Started: 20:17:20.129390
    Duration: 917.659 ms
     Changes:
----------
          ID: apache-service
    Function: service.running
        Name: httpd
      Result: True
     Comment: The service httpd is already running
     Started: 20:17:21.048144
    Duration: 46.958 ms
     Changes:

Summary for 192.168.69.202
------------
Succeeded: 2
Failed:    0
------------
Total states run:     2
Total run time: 964.617 ms

state.show_sls

显示 master 上特定sls或sls文件列表中的状态数据

[root@master ~]# salt '*' state.show_sls web.nginx.install
minion1:
    ----------
    nginx-install:
        ----------
        __env__:
            base
        __sls__:
            web.nginx.install
        pkg:
            |_
              ----------
              name:
                  nginx
            - installed
            |_
              ----------
              order:
                  10000
    nginx-service:
        ----------
        __env__:
            base
        __sls__:
            web.nginx.install
        service:
            |_
              ----------
              name:
                  nginx
            |_
              ----------
              enable:
                  True
            - running
            |_
              ----------
              order:
                  10001

SaltStack常用模块之salt-cp

salt-cp能够很方便的把 master 上的文件批量传到 minion上

[root@master ~]# salt '*' cmd.run 'ls /root'
minion1:
    anaconda-ks.cfg
[root@master ~]# salt-cp '*' /root/abc /root
minion1:
    ----------
    /root/abc:
        True
[root@master ~]# salt '*' cmd.run 'ls /root'
minion1:
    abc
    anaconda-ks.cfg
#拷贝多个文件到目标主机的/usr/src目录下
[root@master ~]# salt-cp '*' /root/123 /tmp/456 /root
minion1:
    ----------
    /root/123:
        True
    /root/456:
        True
[root@master ~]# salt '*' cmd.run 'ls /root'
minion1:
    123
    456
    abc
    anaconda-ks.cfg

SaltStack常用模块之user

user.add

#创建用户
[root@master ~]# salt '*' user.add bwxh
minion1:
    True
[root@minion1 ~]# id bwxh
uid=1000(bwxh) gid=1000(bwxh) groups=1000(bwxh)
#创建用户时指定shell
[root@master ~]# salt '*' user.add test shell=/sbin/nologin 
minion1:
    True
#创建用户指定不创建家目录
[root@master ~]# salt '*' user.add test1 createhome=False
minion1:
    True
[root@minion1 ~]# ls /home/
bwxh  test
#创建用户时指定附加组
[root@master ~]# salt '*' user.add test2 groups=nginx
minion1:
    True

user.list_groups test

查看指定用户的所有的组

[root@master ~]# salt '*' user.list_groups nginx
minion1:
    - nginx

user.list_users

查看所有用户

[root@master ~]# salt '*' user.list_users
minion1:
    - adm
    - bin
    - bwxh
    - daemon
    - dbus
    - ftp
    - games
    - halt
    - lp
    - mail
    - nginx
    - nobody
    - operator
    - polkitd
    - root
    - shutdown
    - sshd
    - sssd
    - sync
    - systemd-coredump
    - systemd-resolve
    - test
    - test1
    - test2
    - tss
    - unbound

user.delete

删除用户

[root@master ~]# salt '*' user.delete test remove=True
minion1:
    True
[root@master ~]# salt '*' cmd.run 'id test'
minion1:
    id: 'test': no such user

SaltStack常用模块之cron

cron.set_job

为指定用户设置计划任务

[root@master ~]# salt '*' cron.set_job root 00 00 '*' '*' 1 /bin/bash /scripts/nginx_install.sh
minion1:
    new

cron.list_tab

查看指定用户的计划任务

[root@master ~]# salt '*' cron.list_tab root
minion1:
    ----------
    crons:
        |_
          ----------
          cmd:
              /bin/bash
          comment:
              None
          commented:
              False
          daymonth:
              *
          dayweek:
              1
          hour:
              0
          identifier:
              None
          minute:
              0
          month:
              *
    env:
    pre:
    special:

cron.raw_cron

查看指定用户的计划任务

[root@master ~]# salt '*' cron.raw_cron root
minion1:
    # Lines below here are managed by Salt, do not edit
    0 0 * * 1 /bin/bash

cron.rm_job

删除指定用户的计划任务、如果这个计划任务指定了时间,则需要指定的参数匹配的时候才会删除

[root@master ~]# salt '*' cron.rm_job root /bin/bash dayweek =1
minion1:
    absent

以上是关于SaltStack常用的模块的主要内容,如果未能解决你的问题,请参考以下文章

saltstack详解+部署apache服务

saltstack 常用模块

saltstack state.sls常用功能模板编写

ansible安装部署和配置常用模块整理

Saltstack 常用的模块及API

saltstack使用指南----常用执行模块