python调用salt-api

在master安装api

yum install pyOpenSSL
yum -y install salt-api

使用自签名证书,也可以使用cfssl或者购买证书

salt-call --local tls.create_self_signed_cert

修改master配置文件支持API,在末尾添加

rest_cherrypy:
  host: 192.168.56.11
  port: 8000
  ssl_crt: /etc/pki/tls/certs/localhost.crt
  ssl_key: /etc/pki/tls/certs/localhost.key

external_auth:
  pam:
    saltapi:
      - .*
      - '@wheel'
      - '@runner'
      - '@jobs'

添加用户

useradd -M -s /sbin/nologin saltapi
echo "saltapi" | passwd saltapi --stdin

systemctl  restart salt-master
systemctl start salt-api
netstat -lntup|grep 8000

python文件测试

import json
import requests
requests.packages.urllib3.disable_warnings()        #取消禁用SSL验证警告

headers = {"Content-type": "application/json"}
url = 'https://192.168.56.11:8000/'

playload = {"username":"saltapi",
            "password":"saltapi",
            "eauth":"pam",
            "client":"local",
            "tgt":"*",
            "fun":"grains.items",}
            # "arg":"ip_interfaces"}
Token = requests.post(url+"run",verify=False,data=playload).text


token = json.loads(Token)['return']
for node in token:
    print(node)

后期在前端使用form表单或者ajax 发送数据,后端向salt-api发送请求,执行各种命令以及状态。



 

发表评论