Salt 系统初始化
目录
编辑states文件
1.DNS配置 dns.sls(在init目录下创建一个files文件,然后把resolv.conf放到文件下)
[root@master init]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- group: root
- mode: 644
2.History记录时间 history.sls
/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `whoami`"
3.命令操作审计 audit.sls
/etc/bashrc:
file.append:
- text:
- export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
4.内核参数优化 sysctl.sls
#尽量不适用交换分区
vm.swappiness:
sysctl.present:
- value: 0
#设置本地tcp可以使用的端口范围
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 65000
#可以打开的最大文件数
fs.file-max:
sysctl.present:
- value: 100000
5.初始化环境引用
[root@master init]# cat env_init.sls
include:
- init.dns
- init.history
- init.audit
- init.sysctl
6.top.sls
[root@master base]# cat top.sls
base:
'*':
- init.env_init
7.salt '*' state.highstate test=True #生产环境,先测试。
[root@master base]# salt '*' state.highstate test=True
master:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 12:30:43.157862
Duration: 18.748 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 12:30:43.176743
Duration: 1.729 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 12:30:43.178561
Duration: 2.567 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.187758
Duration: 48.668 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.236681
Duration: 24.351 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.261164
Duration: 37.234 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
minion:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 12:30:41.531639
Duration: 102.545 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 12:30:41.634380
Duration: 3.129 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 12:30:41.637660
Duration: 4.634 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.643958
Duration: 64.501 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.708701
Duration: 27.325 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.736186
Duration: 17.193 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
8.在所有minion上执行状态
salt '*' state.highstate
[root@master base]# salt '*' state.highstate
master:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 12:32:38.328695
Duration: 21.306 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:38.350110
Duration: 1.958 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:38.352156
Duration: 2.681 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 12:32:38.355787
Duration: 36.302 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 12:32:38.392247
Duration: 21.948 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 12:32:38.414352
Duration: 20.707 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
minion:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 12:32:36.770415
Duration: 12.964 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:36.783493
Duration: 2.182 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:36.785766
Duration: 2.806 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 12:32:36.789548
Duration: 20.265 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 12:32:36.809924
Duration: 17.308 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 12:32:36.827338
Duration: 17.754 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
9.查看是否成功
Salt 系统初始化的更多相关文章
- Saltstack生产案例之系统初始化
把之前的配置打个包 zip -r salt.zip * 拷贝到/root/tools目录 博客园文件里面也保留一份,删除之前所有的salt配置文件重新开始 想 1,系统初始化 2,功能模块:设置单独的 ...
- SaltStack生产案例-系统初始化
需求分析 一,系统初始化 1.1 关闭SELinux 1.2 关闭默认iptables 1.3 时间同步(配置NTP) 1.4 文件描述符(必备/etc/security/limmits.c ...
- saltstack系统初始化(九)
一.系统初始化需要的配置 当我们的服务器上架并安装好操作系统后,都会有一些基础的操作,所以生产环境中使用SaltStack,建议将所有服务器都会涉及的基础配置或者软件部署归类放在base环境下.此处, ...
- centos7 系统初始化脚本
现在自己的本地虚拟机系统,直接安装的是centos7.2 mini版,安装完成发现好多东西都没有安装,所以写了一个简单的系统初始化脚本,让自己可以省一些力气,哈哈 人懒主要是. 下面贴出写的脚本,脚本 ...
- ssh下:系统初始化实现ServletContextListener接口时,获取spring中数据层对象无效的问题
想要实现的功能:SSH环境下,数据层都交由Spring管理:在服务启动时,将数据库中的一些数据加载到ServletContext中缓存起来. 系统初始化类需要实现两个接口: ServletContex ...
- 详解linux系统的启动过程及系统初始化
一.linux系统的启动流程 关于linux系统的启动流程我们可以按步进行划分为如下: POST加电自检 -->BIOS(Boot Sequence)-->加载对应引导上的MBR(boot ...
- Ztack学习笔记(2)-系统初始化分析
main函数先执行初始化工作,包括硬件.网络层.任务等的初始化. 一 系统初始化 系统初始化函数主要完成内存分配.消息队列头.定时器.电源管理.任务系统及内存栈等的初始化,具体如下代码所示: //os ...
- Linux安装系统注意事项及系统初始化
Linux安装系统注意事项 1.分区 学习用途: /boot:200M /swap :内存的1到2倍 /:根据需要分配大小,比如虚拟机下总空间是15G,那么可以分配8——10G跟/分区,如果是生产 ...
- ucos系统初始化及启动过程
之前在ucos多任务切换中漏掉了一个变量, OSCtxSwCtr标识系统任务切换次数 主要应该还是用在调试功能中 Ucos系统初始化函数为OSInit(),主要完成以下功能 全局变量初始化 就绪任务表 ...
随机推荐
- LeetCode64. 最小路径和
这题和62题以及63题类似,只不过dp数组的状态表示变了,这里dp数组不再表示方案数,而是到当前格子的最小路径和.可以发现:要到达第i行第j列的格子,只有从第i - 1行第j列的格子或第i行第j - ...
- windows 下 node 安装 react
当前node.npm都已安装了. 可是在执行 安装 react的时候总是报错 最后会生成一个报错的txt文件( <npm-@googlegroups.com>npm-debug.log) ...
- 洛谷 P1347 【排序】
这篇题解没有用拓补排序 (嗐 菜就直说) 个人感觉这道题拓补排序没有变种\(Floyd\)好写吧,思维难度也低一点(亲眼目睹机房dalao这道题拓补排序调了很久). 吐槽结束,开始正题~ 对于这道题为 ...
- 告别传统机房:3D 机房数据可视化实现智能化与VR技术的新碰撞
前言 随着各行业对计算机依赖性的日益提高,计算机信息系统的发展使得作为其网络设备.主机服务器.数据存储设备.网络安全设备等核心设备存放地的计算机机房日益显现出它的重要地位,而机房的环境和动力设备如供配 ...
- Netty 源码解析(四): Netty 的 ChannelPipeline
今天是猿灯塔“365篇原创计划”第四篇. 接下来的时间灯塔君持续更新Netty系列一共九篇 Netty 源码解析(一): 开始 Netty 源码解析(二): Netty 的 Channel Netty ...
- js实现json格式化,以及json校验工具的简单实现
JSON(JavaScript Object Notation) 是一种轻量级的数据交换格式,采用完全独立于语言的文本格式,但是也使用了类似于C语言家族的习惯(包括C, C++, C#, Java, ...
- MySQL调优 优化需要考虑哪些方面
MySQL调优 优化需要考虑哪些方面 优化目标与方向定位 总体目标:使得响应时间更快,吞吐量更大. (throughout --- 吞吐量:单位时间内处理事务的数量) 如何找到需要优化的地方 使用 ...
- jmeter察看结果树-响应数据乱码
打开jmeter下的目录:\bin\jmeter.properties文件,搜索“encoding”关键字,找到如下配置: # The encoding to be used if none is p ...
- Scala 基础(三):Scala语言快速开发入门
1.Scala执行流程分析 2.Scala程序开发注意事项(重点) Scala源文件以 “.scala" 为扩展名. Scala程序的执行入口是main()函数. Scala语言严格区分大小 ...
- python 并发专题(十二):基础部分补充(四)协程
相关概念: 协程:一个线程并发的处理任务 串行:一个线程执行一个任务,执行完毕之后,执行下一个任务 并行:多个CPU执行多个任务,4个CPU执行4个任务 并发:一个CPU执行多个任务,看起来像是同时执 ...