yanggs07/yii2-salt-api

Saltstack api客户端的yii2实现

维护者

详细信息

github.com/yanggs07/yii2-salt-api

源代码

问题

安装: 3

依赖: 0

建议者: 0

安全: 0

星星: 0

关注者: 2

分支: 0

开放问题: 0

类型:yii2-extension

1.0.1 2022-04-22 00:17 UTC

Requires

BSD-3-Clause 9c465b65d8fb690f98ca7167c0b1a73cccf78e89

  • ygs <ygs.woop@cgcal.com>

extensionsaltyii2saltstacksalt-api

This package is auto-updated.

Last update: 2024-09-22 05:36:25 UTC

README

在开始使用此salt-api PHP SDK之前,需要为salt master启用salt-api。

Salt-api安装和配置

salt-api

为Linux安装salt-api

# yum -y install salt-api
or
# apt -y install salt-api
or
whatever your linux system can do this

使用正确的api主机域名生成自签名证书

salt-call --local tls.create_self_signed_cert CN=salt-master.server days=3650
local:
    Created Private Key: "/etc/pki/tls/certs/salt-master.server.key." Created Certificate: "/etc/pki/tls/certs/salt-master.server.crt."

稍后我们将使用https://salt-master.server:8000进行远程API调用,并使用自定义CA证书文件。将CA公钥文件/etc/pki/tls/certs/salt-master.server.crt复制到您的PHP项目路径。

配置salt-api和salt-master

确保master conf包含master.d

[root@salt-master ~]# vim /etc/salt/master
default_include: master.d/*.conf

创建新的api conf

[root@salt-master ~]# vim /etc/salt/master.d/api.conf
rest_cherrypy:
  host: <ip_salt-api_would_listen>
  port: 8000
  ssl_crt: /etc/pki/tls/certs/salt-master.server.crt
  ssl_key: /etc/pki/tls/certs/salt-master.server.key

使用您的密码创建salt-api用户!

[root@salt-master ~]# useradd -M -s /sbin/nologin saltapi
[root@salt-master ~]# echo 'saltapi' | passwd --stdin saltapi

创建auth conf

[root@salt-master ~]# vim /etc/salt/master.d/auth.conf
external_auth:
  pam:
    saltapi:
      - .*
      - '@wheel'
      - '@runner'
      - '@jobs'

重启服务

[root@salt-master ~]# systemctl restart salt-master
[root@salt-master ~]# systemctl start salt-api
[root@salt-master ~]# systemctl enable salt-api

SDK演示代码

tes.php:

<?php
require '../vendor/autoload.php';


$client = new \yanggs07\saltapi\ApiClient([
    'host' => 'salt-master.server',
    'port' => 8000,
    'cacert' => '/path/to/your/salt-api_self-signed/ca.crt', // or use
    // if you do not have the ca crt file, use this instead
    // 'skipCertCheck' => true 
    'username' => 'saltapi',
    'password' => 'saltapi',
]);

$session = $client->pamLogin();
$ret = $client->localAsyncRun($session, "*", 'cmd.run', 'w');
$jid = $ret['jid'];
for ($i = 0;$i < 30; $i++) {
    $ret = $client->job($session, $jid);
    var_dump($ret);
    sleep(1);
}
?>

待办事项

  1. 更多API调用
  2. 使用缓存接口实现会话持久化
  3. 更好的异常处理
  4. 更多...