return of SaltStack component
The return component can be understood as the SaltStack system stores or returns the data returned by Minion to other programs. It supports a variety of storage methods, such as MySQL, MongoDB, Redis, Memcache, etc. through return, we can record each operation of SaltStack and provide a data source for future log audit. At present, 30 return data storage and interfaces are officially supported. We can easily configure and use it. Of course, it also supports self-defined returns. Custom returns need to be written in python. After selecting and configuring the return to use, just specify return after the salt command.
[root@master ~]# salt '*' sys.list_returners
node1:
- carbon
- couchdb
- etcd
- highstate
- local
- local_cache
- mattermost
- multi_returner
- pushover
- rawfile_json
- slack
- slack_webhook
- smtp
- splunk
- sqlite3
- syslog
- telegram
//Only a part is shown here. There will be more than 30 kinds of details on the official website
return process
Return is to trigger the task on the Master side, and then Minion accepts the processing task, directly establishes a connection with the return storage server, and then saves the data return to the storage server. It must be noted that the Minion side operates the storage server in this process, so it is necessary to ensure that the configuration and dependency package of the Minion side are correct, which means that we must install the specified return mode dependency package on each Minion. If Mysql is used as the return storage mode, we will install Python Mysql module on each Minion.
return workflow:
Use mysql as the return storage method
- Install MySQL Python module on all minion s
[root@master ~]# salt '*' pkg.install python3-PyMySQL
node1:
----------
python3-PyMySQL:
----------
new:
0.10.1-2.module_el8.5.0+761+faacb0fb
......
[root@master ~]# salt '*' cmd.run 'rpm -qa|grep python3-PyMySQL'
node1:
python3-PyMySQL-0.10.1-2.module_el8.5.0+761+faacb0fb.noarch
- Deploy a mysql server as a storage server. Here, deploy it directly on the host 192.168.218.130
//Installing mariadb
[root@return ~]# yum -y install mariadb mariadb-server
[root@return ~]# systemctl enable --now mariadb
//Create database and table structures
MariaDB [(none)]> CREATE DATABASE `salt`
-> DEFAULT CHARACTER SET utf8
-> DEFAULT COLLATE utf8_general_ci;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]>
MariaDB [(none)]> USE `salt`;
Database changed
MariaDB [salt]> DROP TABLE IF EXISTS `jids`;
Query OK, 0 rows affected, 1 warning (0.001 sec)
MariaDB [salt]> CREATE TABLE `jids` (
-> `jid` varchar(255) NOT NULL,
-> `load` mediumtext NOT NULL,
-> UNIQUE KEY `jid` (`jid`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.007 sec)
MariaDB [salt]> DROP TABLE IF EXISTS `salt_returns`;
Query OK, 0 rows affected, 1 warning (0.000 sec)
MariaDB [salt]> CREATE TABLE `salt_returns` (
-> `fun` varchar(50) NOT NULL,
-> `jid` varchar(255) NOT NULL,
-> `return` mediumtext NOT NULL,
-> `id` varchar(255) NOT NULL,
-> `success` varchar(10) NOT NULL,
-> `full_ret` mediumtext NOT NULL,
-> `alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-> KEY `id` (`id`),
-> KEY `jid` (`jid`),
-> KEY `fun` (`fun`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.008 sec)
DROP TABLE IF EXISTS `salt_events`;
CREATE TABLE `salt_events` (
`id` BIGINT NOT NULL AUTO_INCREMENT,
`tag` varchar(255) NOT NULL,
`data` mediumtext NOT NULL,
`alter_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`master_id` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `tag` (`tag`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
MariaDB [salt]> show tables;
+----------------+
| Tables_in_salt |
+----------------+
| jids |
| salt_events |
| salt_returns |
+----------------+
3 rows in set (0.000 sec)
//Authorized access
MariaDB [salt]> grant all on salt.* to 'salt'@'%' identified by 'salt';
Query OK, 0 rows affected (0.000 sec)
MariaDB [salt]> flush privileges;
Query OK, 0 rows affected (0.000 sec)
//minion host login test
[root@node1 ~]# mysql -usalt -psalt -h192.168.218.130
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
//You can log in and authorize without problems
- Configure minion
[root@node1 ~]# vim /etc/salt/minion ...... ############################################ # Default Minion returners. Can be a comma delimited string or a list: # #return: mysql # #return: mysql,slack,redis # #return: # - mysql # - hipchat # - slack ...... //Add the following lines mysql.host: '192.168.218.130' //Database host IP mysql.user: 'salt' //Authorized user mysql.pass: 'salt' //Authorized user password mysql.db: 'salt' mysql.port: 3306 //Restart minion [root@node1 ~]# systemctl restart salt-minion
- Store the test in mysql on the Master
[root@master ~]# salt '*' test.ping --return mysql
// --return to store the returned information in the mysql database
node1:
True
//Query in database
MariaDB [salt]> select * from salt_returns\G
*************************** 1. row ***************************
fun: test.ping
jid: 20211108025018476905
return: true
id: node1
success: 1
full_ret: {"success": true, "return": true, "retcode": 0, "jid": "20211108025018476905", "fun": "test.ping", "fun_args": [], "id": "node1"}
alter_time: 2021-11-08 10:50:20
1 row in set (0.000 sec)
//If you want to put the returned information into the data every time, you can modify the minion configuration file on the minion side
[root@node1 ~]# vim /etc/salt/minion
......
############################################
# Default Minion returners. Can be a comma delimited string or a list:
#
#return: mysql / / you can cancel the comment on this line without specifying -- return. Each returned information is stored in the database by default
#
#return: mysql,slack,redis
#
#return:
# - mysql
# - hipchat
# - slack
......
//Add the following lines
mysql.host: '192.168.218.130' //Database host IP
mysql.user: 'salt' //Authorized user
mysql.pass: 'salt' //Authorized user password
mysql.db: 'salt'
mysql.port: 3306
//After modifying the configuration file, remember to restart salt minion
job cache of SaltStack component
job cache process
When returning, the Minion directly interacts with the storage server. Therefore, it is necessary to install modules with specified storage methods on each Minion, such as Python mysql. Can we directly store the returned results on the Master to the storage server?
The answer is yes. This method is called job cache. It means that after Minion returns the results to the Master, the Master caches the results locally, and then stores the cached results to the specified storage server, such as mysql.
job cache workflow:
Note: when using job cache, be sure to close return. Choose one of the two. You can't use it at the same time
- Install MySQL Python module on master
//This package must be installed on the master, otherwise it cannot be connected when connecting to the database [root@master ~]# yum -y install python3-PyMySQL
- Open the master on the master side_ job_ cache
[root@master ~]# vim /etc/salt/master ...... #job_cache: True # Add the following lines master_job_cache: mysql mysql.host: '192.168.218.130' //Database storage host IP mysql.user: 'salt' mysql.pass: 'salt' mysql.db: 'salt' mysql.port: 3306 ...... //Restart the master [root@master ~]# systemctl restart salt-master
- Test again on the master to see if it can be stored in the database
[root@master ~]# salt '*' test.ping
node1:
True
- Query in database
MariaDB [salt]> select * from salt_returns\G
*************************** 1. row ***************************
fun: test.ping
jid: 20211108031957837042
return: true
id: node1
success: 1
full_ret: {"cmd": "_return", "id": "node1", "success": true, "return": true, "retcode": 0, "jid": "20211108031957837042", "fun": "test.ping", "fun_args": [], "_stamp": "2021-11-08T03:19:58.217681"}
alter_time: 2021-11-08 11:19:59