saltstack-api
2016-11-18 00:00
134 查看
机器:master上操作即可
1:salt-API 安装
1) yum
yum install salt-api
2) pip
wget https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#md5=01026f87978932060cc86c1dc527903e --no-check-certificate
tar xvfz pip-1.5.6.tar.gz
cd pip-1.5.6
python setup.py build
python setup.py install
安装完成后可以用pip freeze查看已安装的packages
pip freeze
pip install cherrypy==3.2.3
pip install salt-api==0.8.3
2:创建证书与秘钥
cd /etc/pki/tls/certs
[root@GZ-newzzb-207 certs]# make testcert
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > /etc/pki/tls/private/localhost.key
Generating RSA private key, 2048 bit long modulus
................+++
...........+++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key /etc/pki/tls/private/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt -set_serial 0
Enter pass phrase for /etc/pki/tls/private/localhost.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:guangzhou
Locality Name (eg, city) [Default City]:tianhe
Organization Name (eg, company) [Default Company Ltd]:bw
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:
[root@GZ-newzzb-207 certs]#
cd ../private/
openssl rsa -in localhost.key -out localhost_nopass.key
useradd -M -s /sbin/nologin saltapi
passwd saltapi
3:创建文件并添加内容:
vim etc/salt/master.d/eauth.conf
external_auth:
pam:
saltapi:
- .*
vim /etc/salt/master.d/api.conf
rest_cherrypy:
port: 8888
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/private/localhost_nopass.key
4:低版本的centos系统可以下载启动脚本
##下载压缩包,salt-api-0.8.4.1.tar.gz\salt-api-0.8.4.1\pkg\rpm此目录下有启动脚本
https://github.com/saltstack/salt-api/tags
5:启动服务,验证
重启master和salt-API服务
systemctl restart salt-master.service
systemctl restart salt-api.service
master上测试
salt \* test.ping
172.16.0.*:
True
172.16.0.*:
True
172.16.0.*:
True
###返回结果true表明正常
###获取token
curl -k https://192.168.186.134:8888/login -H "Accept: application/x-yaml" -d username='saltapi' -d password='password' -d eauth='pam'
return:
- eauth: pam
expire: 1479416422.718242
perms:
- .*
start: 1479373222.718241
token: 6cc874de22fbfb9fa601cb2c775b2a9e40668a24
user: saltapi
###根据token获取机器的详细信息
curl -k https://172.16.0.*:8888/minions/172.16.0.* -H "Accept: application/x-yaml" -H "X-Auth-Token: 7844c6fd3a6c49915ad4dfa6c9e9aa51c6484edd"
1:salt-API 安装
1) yum
yum install salt-api
2) pip
wget https://pypi.python.org/packages/source/p/pip/pip-1.5.6.tar.gz#md5=01026f87978932060cc86c1dc527903e --no-check-certificate
tar xvfz pip-1.5.6.tar.gz
cd pip-1.5.6
python setup.py build
python setup.py install
安装完成后可以用pip freeze查看已安装的packages
pip freeze
pip install cherrypy==3.2.3
pip install salt-api==0.8.3
2:创建证书与秘钥
cd /etc/pki/tls/certs
[root@GZ-newzzb-207 certs]# make testcert
umask 77 ; \
/usr/bin/openssl genrsa -aes128 2048 > /etc/pki/tls/private/localhost.key
Generating RSA private key, 2048 bit long modulus
................+++
...........+++
e is 65537 (0x10001)
Enter pass phrase:
Verifying - Enter pass phrase:
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key /etc/pki/tls/private/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt -set_serial 0
Enter pass phrase for /etc/pki/tls/private/localhost.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:guangzhou
Locality Name (eg, city) [Default City]:tianhe
Organization Name (eg, company) [Default Company Ltd]:bw
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:
[root@GZ-newzzb-207 certs]#
cd ../private/
openssl rsa -in localhost.key -out localhost_nopass.key
useradd -M -s /sbin/nologin saltapi
passwd saltapi
3:创建文件并添加内容:
vim etc/salt/master.d/eauth.conf
external_auth:
pam:
saltapi:
- .*
vim /etc/salt/master.d/api.conf
rest_cherrypy:
port: 8888
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/private/localhost_nopass.key
4:低版本的centos系统可以下载启动脚本
##下载压缩包,salt-api-0.8.4.1.tar.gz\salt-api-0.8.4.1\pkg\rpm此目录下有启动脚本
https://github.com/saltstack/salt-api/tags
5:启动服务,验证
重启master和salt-API服务
systemctl restart salt-master.service
systemctl restart salt-api.service
master上测试
salt \* test.ping
172.16.0.*:
True
172.16.0.*:
True
172.16.0.*:
True
###返回结果true表明正常
###获取token
curl -k https://192.168.186.134:8888/login -H "Accept: application/x-yaml" -d username='saltapi' -d password='password' -d eauth='pam'
return:
- eauth: pam
expire: 1479416422.718242
perms:
- .*
start: 1479373222.718241
token: 6cc874de22fbfb9fa601cb2c775b2a9e40668a24
user: saltapi
###根据token获取机器的详细信息
curl -k https://172.16.0.*:8888/minions/172.16.0.* -H "Accept: application/x-yaml" -H "X-Auth-Token: 7844c6fd3a6c49915ad4dfa6c9e9aa51c6484edd"
相关文章推荐
- Saltstack API以及对应的Python模板
- saltstack官方文档——File Server Client API
- saltstack的rest接口salt-api开发―基于flask-restful
- 运维工具SaltStack之二常见模块及API
- saltstack api部署,使用.
- saltstack - salt-api安装配置
- Saltstack-Salt常用模块及API
- Saltstack API 配置管理
- Saltstack系列3:Saltstack常用模块及API
- Saltstack (modules、返回值cache、syndic、salt-ssh、API)
- Saltstack-API(十二)
- saltstack python api 调用
- saltstack使用ssh连接,salstack的api使用
- saltstack api部署,使用
- Saltstack常用模块及API之查看主机支持的模块清单
- Saltstack常用模块及API(4)
- SaltStack的salt-api里如何指定用户执行cmd.script
- Saltstack-Salt常用模块及API
- Saltstack之Salt-api安装使用
- saltstack常用操作----salt-api 实现 通过http请求远程调用saltstack的步骤