salt-key -L # 查看当前证书签证情况
salt-key -A -y #同意签证所有没有接受的签证请求
salt-key -d #删除指定的key
salt-key -D #删除所有的key
salt-minion -l debug
salt 'Minion' test.ping #测试连通情况
salt '*' grains.item os #显示被控主机的操作系统
salt -G 'os:Centos' test.ping #根据被控主机的grains信息进行匹配过滤
salt -G 'lsb_distrib_release:15.4'
salt -G 'lsb_distrib_description:Deepin 15.4' #匹配系统为15.4版本的主机
salt '*' cmd.exec_code python 'import sys; print sys.version' #远程代码执行测试
salt -S '192.168.1.0/24' test.ping
仓库目录:file_roots (/etc/salt/master定义目录,默认/srv/salt)
salt '*' cp.get_dir salt://mastertest /root/mastertest #将file_roots目录下的mastertest目录复制到 被控制端/root/目录下面
salt '*' cp.get_file salt://master/test.txt /root/test.txt #....
salt '*' cp.get_url http://mirrors.sohu.com/apache/httpd-2.4.25.tar.gz /root/httpd-2.4.25.tar.gz #下载指定内容到被控制端服务器目录
##远程命令调用执行
salt '*' cmd.run 'uptime'
salt '*' cmd.run 'netstat -ntlp'
## 为指定的被控主机、root用户添加crontab信息
salt '*' cron.set_job root '*/5' '*' '*' '*' '*' 'date >/dev/null 2>&1'
salt '*' cron.raw_cron root
## 删除指定的被控主机、root用户的crontab信息
salt '*' cron.rm_job root 'date >/dev/null 2>&1'
salt '*' cron.raw_cron root
## 为被控主机添加指定的hosts主机配置项
salt '*' dnsutil.hosts_append /etc/hosts 127.0.0.1 master
salt '*' hosts.add_host 1.1.1.1 test.com
##file模块(被控主机文件常见操作,包括文件读写、权限、查找、校验等)
salt '*' file.get_sum /etc/resolv.conf md5
salt '*' file.stats /etc/resolv.conf
##network模块(返回被控主机网络信息)
salt '*' network.ip_addrs #显示IP地址
salt '*' network.interfaces
##pkg包管理模块(被控主机程序包管理,如yum、apt-get等)
salt '*' pkg.install httpd #安装httpd服务
salt '*' pkg.file_list httpd #查看软件安装以后生成的路径文件
##service 服务模块(被控主机程序包服务管理)
salt '*' service.enable httpd
salt '*' service.disable httpd
salt '*' service.status httpd
salt '*' service.stop httpd
salt '*' service.start httpd
salt '*' service.restart httpd
salt '*' service.reload httpd
salt 'Minion' state.sls one (one.sls)
saltstack YAML样例
[root@master base]# cat init/zabbix_agent.sls
zabbix-agent:
pkg.installed:
- name: zabbix-agent
file.managed:
- name: /etc/zabbix_agentd.conf
- source: salt://zabbix/files/zabbix_agentd.conf
- template: jinja
- defaults:
- Server: {{ pillar['zabbix-agent']['Zabbix_Server'] }}
- require:
- pkg: zabbix-agent
service.running:
- enable: True
- watch:
- pkg: zabbix-agent
- file: zabbix-agent
zabbix_agentd.conf.d:
file.directory:
- name: /etc/zabbix_agentd.conf.d
- watch_in:
- service: zabbix-agent
- require:
- pkg: zabbix-agent
- file: zabbix-agent
[root@master init]# cat history.sls
/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `whoami` "
[root@master init]# cat sysctl.sls
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 65000
fs.file-max:
sysctl.present:
- value: 2000000
net.ipv4.ip_forward:
sysctl.present:
- value: 1
vm.swappiness:
sysctl.present:
- value: 0
[root@master init]# cat epel.sls
yum_repo_release:
pkg.installed:
- sources:
- epel-release: http://repo.zabbix.com/zabbix/3.2/rhel/6/x86_64/zabbix-release-3.2-1.el6.noarch.rpm
- unless: rpm -qa | grep 'zabbix-release-3.2-1.el6'
./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql --with-openssl --with-mysqli=/usr/local/mysql/bin/mysql_config --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-apxs2=/usr/sbin/apxs --with-mcrypt --with-config-file-path=/etc --with-config-file-scan-dir=/etc/php.d --with-bz2 --enable-maintainer-zts --with-gd --with-png-dir --with-jpeg-dir --with-freetype-dir -enable-bcmath --with-gettext