Salt 系统初始化

最新推荐文章于 2024-04-27 23:54:59 发布

weixin_30266829

最新推荐文章于 2024-04-27 23:54:59 发布

阅读量94

点赞数

文章标签：运维开发工具网络

原文链接：http://www.cnblogs.com/Z-style/p/5996318.html

版权

编辑states文件

1.DNS配置 dns.sls(在init目录下创建一个files文件，然后把resolv.conf放到文件下)

[root@master init]# cat dns.sls 
/etc/resolv.conf:
     file.managed:
       - source: salt://init/files/resolv.conf
       - user: root
       - group: root
       - mode: 644

2.History记录时间 history.sls

/etc/profile:
    file.append:
        - text:
            - export HISTTIMEFORMAT="%F %T `whoami`"

3.命令操作审计 audit.sls

/etc/bashrc:
    file.append:
        - text:
            - export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'

4.内核参数优化 sysctl.sls

#尽量不适用交换分区
vm.swappiness: 
    sysctl.present: 
        - value: 0 
#设置本地tcp可以使用的端口范围
net.ipv4.ip_local_port_range: 
    sysctl.present: 
        - value: 10000 65000 
#可以打开的最大文件数
fs.file-max: 
    sysctl.present: 
        - value: 100000

5.初始化环境引用

[root@master init]# cat env_init.sls 
include: 
    - init.dns 
    - init.history
    - init.audit 
    - init.sysctl

6.top.sls

[root@master base]# cat top.sls 
base: 
    '*': 
        - init.env_init

7.salt '*' state.highstate test=True #生产环境，先测试。

[root@master base]# salt '*' state.highstate test=True 
master:
----------
          ID: /etc/resolv.conf
    Function: file.managed
      Result: None
     Comment: The file /etc/resolv.conf is set to be changed
     Started: 12:30:43.157862
    Duration: 18.748 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -1,3 +1,4 @@
                   # Generated by NetworkManager
                   search infinibase.cn
                   nameserver 114.114.114.114
                  +nameserver 202.106.196.115
----------
          ID: /etc/profile
    Function: file.append
      Result: None
     Comment: File /etc/profile is set to be updated
     Started: 12:30:43.176743
    Duration: 1.729 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -74,3 +74,4 @@
                   
                   unset i
                   unset -f pathmunge
                  +export HISTTIMEFORMAT="%F %T `whoami`"
----------
          ID: /etc/bashrc
    Function: file.append
      Result: None
     Comment: File /etc/bashrc is set to be updated
     Started: 12:30:43.178561
    Duration: 2.567 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -90,3 +90,4 @@
                       unset -f pathmunge
                   fi
                   # vim:ts=4:sw=4
                  +export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
          ID: vm.swappiness
    Function: sysctl.present
      Result: None
     Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
     Started: 12:30:43.187758
    Duration: 48.668 ms
     Changes:   
----------
          ID: net.ipv4.ip_local_port_range
    Function: sysctl.present
      Result: None
     Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
     Started: 12:30:43.236681
    Duration: 24.351 ms
     Changes:   
----------
          ID: fs.file-max
    Function: sysctl.present
      Result: None
     Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
     Started: 12:30:43.261164
    Duration: 37.234 ms
     Changes:   

Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed:    0
------------
Total states run:     6
minion:
----------
          ID: /etc/resolv.conf
    Function: file.managed
      Result: None
     Comment: The file /etc/resolv.conf is set to be changed
     Started: 12:30:41.531639
    Duration: 102.545 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -1,3 +1,4 @@
                   # Generated by NetworkManager
                   search infinibase.cn
                   nameserver 114.114.114.114
                  +nameserver 202.106.196.115
----------
          ID: /etc/profile
    Function: file.append
      Result: None
     Comment: File /etc/profile is set to be updated
     Started: 12:30:41.634380
    Duration: 3.129 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -74,3 +74,4 @@
                   
                   unset i
                   unset -f pathmunge
                  +export HISTTIMEFORMAT="%F %T `whoami`"
----------
          ID: /etc/bashrc
    Function: file.append
      Result: None
     Comment: File /etc/bashrc is set to be updated
     Started: 12:30:41.637660
    Duration: 4.634 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -90,3 +90,4 @@
                       unset -f pathmunge
                   fi
                   # vim:ts=4:sw=4
                  +export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
          ID: vm.swappiness
    Function: sysctl.present
      Result: None
     Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
     Started: 12:30:41.643958
    Duration: 64.501 ms
     Changes:   
----------
          ID: net.ipv4.ip_local_port_range
    Function: sysctl.present
      Result: None
     Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
     Started: 12:30:41.708701
    Duration: 27.325 ms
     Changes:   
----------
          ID: fs.file-max
    Function: sysctl.present
      Result: None
     Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
     Started: 12:30:41.736186
    Duration: 17.193 ms
     Changes:   

Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed:    0
------------
Total states run:     6

8.在所有minion上执行状态

salt '*' state.highstate

[root@master base]# salt '*' state.highstate
master:
----------
          ID: /etc/resolv.conf
    Function: file.managed
      Result: True
     Comment: File /etc/resolv.conf updated
     Started: 12:32:38.328695
    Duration: 21.306 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -1,3 +1,4 @@
                   # Generated by NetworkManager
                   search infinibase.cn
                   nameserver 114.114.114.114
                  +nameserver 202.106.196.115
----------
          ID: /etc/profile
    Function: file.append
      Result: True
     Comment: Appended 1 lines
     Started: 12:32:38.350110
    Duration: 1.958 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -74,3 +74,4 @@
                   
                   unset i
                   unset -f pathmunge
                  +export HISTTIMEFORMAT="%F %T `whoami`"
----------
          ID: /etc/bashrc
    Function: file.append
      Result: True
     Comment: Appended 1 lines
     Started: 12:32:38.352156
    Duration: 2.681 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -90,3 +90,4 @@
                       unset -f pathmunge
                   fi
                   # vim:ts=4:sw=4
                  +export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
          ID: vm.swappiness
    Function: sysctl.present
      Result: True
     Comment: Updated sysctl value vm.swappiness = 0
     Started: 12:32:38.355787
    Duration: 36.302 ms
     Changes:   
              ----------
              vm.swappiness:
                  0
----------
          ID: net.ipv4.ip_local_port_range
    Function: sysctl.present
      Result: True
     Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
     Started: 12:32:38.392247
    Duration: 21.948 ms
     Changes:   
              ----------
              net.ipv4.ip_local_port_range:
                  10000 65000
----------
          ID: fs.file-max
    Function: sysctl.present
      Result: True
     Comment: Updated sysctl value fs.file-max = 100000
     Started: 12:32:38.414352
    Duration: 20.707 ms
     Changes:   
              ----------
              fs.file-max:
                  100000

Summary
------------
Succeeded: 6 (changed=6)
Failed:    0
------------
Total states run:     6
minion:
----------
          ID: /etc/resolv.conf
    Function: file.managed
      Result: True
     Comment: File /etc/resolv.conf updated
     Started: 12:32:36.770415
    Duration: 12.964 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -1,3 +1,4 @@
                   # Generated by NetworkManager
                   search infinibase.cn
                   nameserver 114.114.114.114
                  +nameserver 202.106.196.115
----------
          ID: /etc/profile
    Function: file.append
      Result: True
     Comment: Appended 1 lines
     Started: 12:32:36.783493
    Duration: 2.182 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -74,3 +74,4 @@
                   
                   unset i
                   unset -f pathmunge
                  +export HISTTIMEFORMAT="%F %T `whoami`"
----------
          ID: /etc/bashrc
    Function: file.append
      Result: True
     Comment: Appended 1 lines
     Started: 12:32:36.785766
    Duration: 2.806 ms
     Changes:   
              ----------
              diff:
                  --- 
                  +++ 
                  @@ -90,3 +90,4 @@
                       unset -f pathmunge
                   fi
                   # vim:ts=4:sw=4
                  +export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
          ID: vm.swappiness
    Function: sysctl.present
      Result: True
     Comment: Updated sysctl value vm.swappiness = 0
     Started: 12:32:36.789548
    Duration: 20.265 ms
     Changes:   
              ----------
              vm.swappiness:
                  0
----------
          ID: net.ipv4.ip_local_port_range
    Function: sysctl.present
      Result: True
     Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
     Started: 12:32:36.809924
    Duration: 17.308 ms
     Changes:   
              ----------
              net.ipv4.ip_local_port_range:
                  10000 65000
----------
          ID: fs.file-max
    Function: sysctl.present
      Result: True
     Comment: Updated sysctl value fs.file-max = 100000
     Started: 12:32:36.827338
    Duration: 17.754 ms
     Changes:   
              ----------
              fs.file-max:
                  100000

Summary
------------
Succeeded: 6 (changed=6)
Failed:    0
------------
Total states run:     6

9.查看是否成功

转载于:https://www.cnblogs.com/Z-style/p/5996318.html

weixin_30266829

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Salt 系统初始化

目录编辑states文件1.DNS配置 dns.sls(在init目录下创建一个files文件，然后把resolv.conf放到文件下)[root@master init]# cat dns.sls /etc/resolv.conf: file.managed: - source: salt://init/files/resolv.conf...
复制链接

扫一扫