saltstack实战4--综合练习1
规范配置管理
实际工作中可能会有现网环境,基线环境,开发环境。 需要使用saltstack统一管理。机器多了,业务多了,可能配置文件存放的会比较乱,因此可以统一管理起来
我们可以再加2个目录,test是测试环境,prod是生产环境,base是基线环境。
操作如下,新添加2个目录,同时调整基线目录
# Example:
# file_roots:
# base:
# - /srv/salt/
# dev:
# - /srv/salt/dev/services
# - /srv/salt/dev/states
# prod:
# - /srv/salt/prod/services
# - /srv/salt/prod/states
#
file_roots:
base:
- /srv/salt/base
test:
- /srv/salt/test
prod:
- /srv/salt/prod
重启服务让配置生效,创建目录,调整原先的配置文件到新的base目录下
[root@master pillar]# /etc/init.d/salt-master restart
Stopping salt-master daemon: [ OK ]
Starting salt-master daemon: [ OK ]
[root@master pillar]# mkdir /srv/salt/base -p
[root@master pillar]# mkdir /srv/salt/test -p
[root@master pillar]# mkdir /srv/salt/prod -p
[root@master pillar]# cd /srv/salt/
[root@master salt]# ls
apache.sls base prod test top.sls
[root@master salt]# mv apache.sls base/
[root@master salt]# mv top.sls base/
[root@master salt]# ll
total 12
drwxr-xr-x 2 root root 4096 Jan 1 19:33 base
drwxr-xr-x 2 root root 4096 Jan 1 19:32 prod
drwxr-xr-x 2 root root 4096 Jan 1 19:32 test
[root@master salt]#
文件管理的练习
对minion的dns文件进行统一管理
先在base目录下创建个files目录,专门存放文件,这里给这个dns文件追加个不一样的东西,便于标识
[root@master salt]# cd /srv/salt/base/
[root@master base]# mkdir files
[root@master base]# cd files/
[root@master files]# ls
[root@master files]# cp /etc/resolv.conf .
[root@master files]# ls
resolv.conf
[root@master files]# cat resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.11
[root@master files]# echo "#create by zyx" >> resolv.conf
[root@master files]# cat resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
[root@master files]#
编辑配置文件,用于管理这个dns文件给minion,需要进行一些配置,存放的路径,来源,权限,数组等
注意下面两种写法等价的
[root@master files]# cd ..
[root@master base]# pwd
/srv/salt/base
[root@master base]# vim dns.sls
[root@master base]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://files/resolv.conf
- user: root
- group: root
- mode: 644
[root@master base]#
等价于下面的,默认你没有定义name的话,salt会把id当成name的默认值,下面的resolv-file是个id,随便定义,只要唯一即可
[root@master base]# cat dns.sls
resolv-file:
file.managed:
- source: salt://files/resolv.conf
- name: /etc/resolv.conf
- user: root
- group: root
- mode: 644
[root@master base]#
执行一下,可以看到Changes的变化的部分
[root@master base]# salt 'minion01' state.sls dns
minion01:
----------
ID: resolv-file
Function: file.managed
Name: /etc/resolv.conf
Result: True
Comment: File /etc/resolv.conf updated
Started: 19:53:15.932376
Duration: 11.4 ms
Changes:
----------
diff:
---
+++
@@ -1,2 +1,3 @@
# Generated by NetworkManager
nameserver 10.0.1.11
+#create by zyx Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
去minion01上验证下,没问题
[root@minion01 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
[root@minion01 ~]#
再把配置文件改成如下内容,对minion02执行操作
[root@master base]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://files/resolv.conf
- user: root
- group: root
- mode: 644
[root@master base]# salt 'minion02' state.sls dns
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 19:57:27.628894
Duration: 13.128 ms
Changes:
----------
diff:
---
+++
@@ -1,2 +1,3 @@
# Generated by NetworkManager
nameserver 10.0.1.11
+#create by zyx Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
之前讲了top.sls,这个入口文件,我们还可以通过这个入口文件进行管理
这个也叫通过高级状态管理
[root@master base]# ls
apache.sls dns.sls files top.sls
[root@master base]# echo "#second" >> files/resolv.conf
[root@master base]# cat files/resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
#second
[root@master base]# vim top.sls
[root@master base]# cat top.sls
base:
'*':
- dns
[root@master base]# salt 'minion02' state.highstate
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 20:00:17.814797
Duration: 19.636 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
+#second Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
以后对现网管理的话,可以把它们分类,这样针对哪台机器需要安装或者配置什么东西时,把配置文件include进来即可。降低模块之间的耦合性。更加灵活和方便
可以分为:
系统初始化
功能模块
业务模块
另外配置文件中语法格式要严格遵守YAML语法规则。
jinja模板的使用
在日常管理中,有时候会遇到这种情况,对A机器某个文件管理,比如此文件中有一处的配置不固定,比如端口号或者IP
A机器可能是80端口,可能过几天需要使用8080端口,而我们每次去更改源文件比较麻烦,我们此时可以通过使用jinja模板把变化的部分用变量代替
然后,在配置管理文件里面定义此变量的值。
例如,dns服务器的IP经常发生变化。
先修改源文件,把原先的值的部分用变量代替
然后修改配置管理文件,声明使用jinja模板,同时设置变量的值,如下,为了加以区分,我们把dns值设置为10.0.1.111
[root@master files]# cat resolv.conf
# Generated by NetworkManager
nameserver {{ DNS_SERVER }}
#create by zyx
#third
[root@master files]# pwd
/srv/salt/base/files
[root@master files]# cd ..
[root@master base]# vim dns.sls
[root@master base]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://files/resolv.conf
- user: root
- group: root
- mode: 644
- template: jinja
- defaults:
DNS_SERVER: 10.0.1.111
[root@master base]#
关于jinja的用法
执行测试下
[root@master base]# salt 'minion02' state.highstate
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 20:21:10.739601
Duration: 12.108 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,4 @@
# Generated by NetworkManager
-nameserver {{ DNS_SERVER }}
+nameserver 10.0.1.111
#create by zyx
#third Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
在minion02上验证下,ok
[root@minion02 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.111
#create by zyx
#third
[root@minion02 ~]#
以上就是配置管理结合jinja的用法
配置管理结合grains和jinja
比如我们把系统信息加入到minion上
[root@master base]# salt '*' grains.get os
minion01:
CentOS
minion02:
CentOS
[root@master base]#
如下操作,把需要更换的地方写成jinja模板形式的grains变量,然后执行
[root@master base]# cat files/resolv.conf
# Generated by NetworkManager
nameserver {{ DNS_SERVER }}
#create by zyx
#{{ grains['os'] }}
[root@master base]# salt 'minion02' state.highstate
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 20:26:12.450712
Duration: 32.907 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,4 @@
# Generated by NetworkManager
nameserver 10.0.1.111
#create by zyx
-#third
+#CentOS Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
minion02上验证确认下,没问题,系统信息加进来了
[root@minion02 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.111
#create by zyx
#CentOS
[root@minion02 ~]#
配置管理--系统初始化
对于一台机器的管理,可以分解为3部分,从下到上依次为
系统初始化,功能模块,业务模块
再次对我们的base目录进行改造
base基础目录下,init目录用于存放系统初始化的东西
在init下面建立files文件夹用于存放源文件类的东西,top.sls入口文件不用动,它需要在base目录下
[root@master base]# cd /srv/salt/base/
[root@master base]# ls
apache.sls dns.sls files top.sls
[root@master base]# mkdir init
[root@master base]# mv dns.sls init/
[root@master base]# mv files/ init/
[root@master base]# ls
apache.sls init top.sls
[root@master base]# mv apache.sls init/
[root@master base]# ls
init top.sls
[root@master base]# tree
1、配置好dns相关的东西
[root@master init]# rm -f apache.sls
[root@master init]# ls
dns.sls files
[root@master init]# vim dns.sls
[root@master init]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- group: root
- mode: 644
[root@master init]# vim files/resolv.conf
[root@master init]# cat files/resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
[root@master init]# pwd
/srv/salt/base/init
[root@master init]#
2、关于系统初始化,可能我们还想让history命令显示时间和用户,通过修改环境变量能达到要求
export HISTTIMEFORMAT="%F %T `whoami`"
[root@master init]# history | tail
613 rm -f apache.sls
614 ls
615 vim dns.sls
616 cat dns.sls
617 vim files/resolv.conf
618 cat files/resolv.conf
619 pwd
620 history | tail
621 export HISTTIMEFORMAT="%F %T `whoami`
622 history | tail
[root@master init]# export HISTTIMEFORMAT="%F %T `whoami`"
[root@master init]# history | tail
615 2017-01-01 21:20:26 root vim dns.sls
616 2017-01-01 21:20:59 root cat dns.sls
617 2017-01-01 21:21:05 root vim files/resolv.conf
618 2017-01-01 21:21:24 root cat files/resolv.conf
619 2017-01-01 21:21:40 root pwd
620 2017-01-01 21:23:11 root history | tail
621 2017-01-01 21:23:14 root export HISTTIMEFORMAT="%F %T `whoami`
622 2017-01-01 21:23:34 root history | tail
623 2017-01-01 21:23:37 root export HISTTIMEFORMAT="%F %T `whoami` "
624 2017-01-01 21:23:39 root history | tail
[root@master init]#
我们把它变成配置文件可以管理的方式,新建一个sls文件,用于管理历史命令
[root@master init]# pwd
/srv/salt/base/init
[root@master init]# vim history.sls
[root@master init]# cat history.sls
/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `whoami`"
[root@master init]#
3、我们还想记录日志:时间,哪个IP执行的,执行时所在的目录,执行的命令等都记录到系统日志里面
这里使用了logger命令
[root@master ~]# logger hehe
[root@master ~]# tail -1 /var/log/messages
Jan 1 21:35:13 master root: hehe
[root@master ~]#
logger命令能把东西记录到messages里面
以及系统自带的变量
[root@master init]# echo $(whoami)
root
[root@master init]# echo $(who am i)
root pts/0 2017-01-01 14:04 (10.0.1.53)
[root@master init]#
export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
[root@master init]# w
21:28:59 up 2 days, 6:24, 2 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 10.0.1.53 14:04 0.00s 0.68s 0.00s w
root pts/1 10.0.1.53 16:14 1:33m 0.01s 0.01s -bash
[root@master init]# tail -3 /var/log/messages
Jan 1 03:24:01 master rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="1807" x-info="http://www.rsyslog.com"] rsyslogd was HUPed
Jan 1 07:59:59 master kernel: Clock: inserting leap second 23:59:60 UTC
Jan 1 08:00:00 master ntpd[2197]: 0.0.0.0 061b 0b leap_event
[root@master init]# export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
[root@master init]# w
21:29:12 up 2 days, 6:24, 2 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 10.0.1.53 14:04 0.00s 0.69s 0.00s w
root pts/1 10.0.1.53 16:14 1:33m 0.01s 0.01s -bash
[root@master init]# tail -3 /var/log/messages
Jan 1 08:00:00 master ntpd[2197]: 0.0.0.0 061b 0b leap_event
Jan 1 21:29:10 master root: [euid=root]:root pts/0 2017-01-01 14:04 (10.0.1.53):[/srv/salt/base/init]2017-01-01 21:29:10 root export PROMPT_COMMAND='{ msg=$(history 1 |
{ read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
Jan 1 21:29:12 master root: [euid=root]:root pts/0 2017-01-01 14:04 (10.0.1.53):[/srv/salt/base/init]2017-01-01 21:29:12 root w
[root@master init]#
通过配置文件管理,如下书写
[root@master init]# cat audit.sls
/etc/bashrc:
file.append:
- text:
- export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
[root@master init]#
现在已经写了3个用于初始化的脚本
dns.sls
history.sls
audit.sls
4、在写一个关于修改内核的脚本
saltstack提供了一个改内核参数的模块,可以使用这个模块配置它
直接vim /etc/sysctl 这个文件不是特别好的方法
因为下面这些机器的比如下面参数是根据自己的内存自动生成的,肯定不会是所有机器一样
直接修改这个文件不是特别好,但是可以往里面加东西
saltstack提供了一个改内核参数的模块,可以使用这个模块配置它
先查看下minion01的内核一些当前信息
[root@master ~]# cat /proc/sys/net/ipv4/ip_local_port_range
32768 61000
[root@master ~]# cat /proc/sys/fs/file-max
199704
[root@master ~]#
在master上编辑一个修改内核参数的配置文件
[root@master init]# cat sysctl.sls
vm.swappiness:
sysctl.present:
- value: 0 net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 65000 fs.file-max:
sysctl.present:
- value: 100000
[root@master init]#
5、对以上配置管理文件进行统一管理
再写个sls,把上面这些文件全包含进去,这样的好处在于我们不必把所有初始化的文件都写在一个配置文件里,不方便管理,耦合性太高也容易出错
[root@master init]# cat env_init.sls
include:
- init.dns
- init.history
- init.audit
- init.sysctl
[root@master init]# ll
total 24
-rw-r--r-- 1 root root 173 Jan 1 21:39 audit.sls
-rw-r--r-- 1 root root 131 Jan 1 21:20 dns.sls
-rw-r--r-- 1 root root 70 Jan 1 22:00 env_init.sls
drwxr-xr-x 2 root root 4096 Jan 1 21:21 files
-rw-r--r-- 1 root root 88 Jan 1 21:25 history.sls
-rw-r--r-- 1 root root 174 Jan 1 21:55 sysctl.sls
[root@master init]#
编辑top.sls文件
[root@master init]# cd ..
[root@master base]# pwd
/srv/salt/base
[root@master base]# ls
init top.sls
[root@master base]# vim top.sls
[root@master base]# cat top.sls
base:
'*':
- init.env_init
[root@master base]#
先模拟执行下,它不会实际执行,但是会检测一些配置文件语法,以及目录是否存在,非常推荐
salt '*' state.highstate test=True
如下先测试执行
[root@master base]# salt '*' state.highstate test=True
minion01:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: The file /etc/resolv.conf is in the correct state
Started: 22:05:48.111142
Duration: 7.639 ms
Changes:
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 22:05:48.118875
Duration: 1.63 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,4 @@
unset i
unset -f pathmunge
alias grep='grep --colour=auto'
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 22:05:48.120587
Duration: 2.44 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,4 @@
unset pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness set to be changed to 0
Started: 22:05:48.141832
Duration: 16.828 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range set to be changed to 10000 65000
Started: 22:05:48.158827
Duration: 18.668 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max set to be changed to 100000
Started: 22:05:48.177674
Duration: 14.656 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=5, changed=2)
Failed: 0
------------
Total states run: 6
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 22:05:48.134972
Duration: 12.997 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,3 @@
# Generated by NetworkManager
-nameserver 10.0.1.111
+nameserver 10.0.1.11
#create by zyx
-#CentOS
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 22:05:48.148060
Duration: 1.399 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,4 @@
unset i
unset -f pathmunge
alias grep='grep --colour=auto'
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 22:05:48.149538
Duration: 2.107 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,4 @@
unset pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness set to be changed to 0
Started: 22:05:48.160959
Duration: 18.914 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range set to be changed to 10000 65000
Started: 22:05:48.180074
Duration: 19.039 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max set to be changed to 100000
Started: 22:05:48.199277
Duration: 24.507 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
[root@master base]#
测试没有报错,再执行,执行成功
[root@master base]# salt '*' state.highstate
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 22:14:43.627474
Duration: 10.609 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,3 @@
# Generated by NetworkManager
-nameserver 10.0.1.111
+nameserver 10.0.1.11
#create by zyx
-#CentOS
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 22:14:43.638288
Duration: 1.464 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,4 @@
unset i
unset -f pathmunge
alias grep='grep --colour=auto'
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 22:14:43.639836
Duration: 2.311 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,4 @@
unset pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 22:14:43.642987
Duration: 20.94 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 22:14:43.664127
Duration: 29.233 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 22:14:43.693544
Duration: 57.214 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
minion01:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf is in the correct state
Started: 22:14:43.624330
Duration: 7.383 ms
Changes:
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 22:14:43.631814
Duration: 1.944 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,4 @@
unset i
unset -f pathmunge
alias grep='grep --colour=auto'
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 22:14:43.633859
Duration: 2.36 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,4 @@
unset pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 22:14:43.637105
Duration: 22.344 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 22:14:43.660304
Duration: 26.502 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 22:14:43.686990
Duration: 57.781 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=5)
Failed: 0
------------
Total states run: 6
[root@master base]#
在minion上验证测试,由于涉及到环境变量的更改,需要断开终端重新连接
测试没问题
[root@minion01 ~]# history | tail
293 2017-01-01 22:16:21 rootrpm -qa httpd
294 2017-01-01 22:16:21 rootrpm -qa httpd-devel
295 2017-01-01 22:16:21 rootchkconfig --list httpd
296 2017-01-01 22:16:21 rootps -ef |grep yum
297 2017-01-01 22:16:21 rootps -ef | grep httpd
298 2017-01-01 22:16:21 rootsalt --version
299 2017-01-01 22:16:21 rootsalt-call --version
300 2017-01-01 22:16:21 rootsalt-minion --version
301 2017-01-01 22:16:21 rootcat /etc/resolv.conf
302 2017-01-01 22:16:21 roothistory | tail
[root@minion01 ~]# tail -1 /var/log/messages
Jan 1 22:16:23 minion01 root: [euid=root]:root pts/0 2017-01-01 22:16 (10.0.1.53):[/root]2017-01-01 22:16:21 roothistory | tail
[root@minion01 ~]# cat /proc/sys/net/ipv4/ip_local_port_range
10000 65000
[root@minion01 ~]# cat /proc/sys/fs/file-max
100000
[root@minion01 ~]#
上面内核的修改,不仅直接生效了,在配置文件里也变更了
[root@minion01 ~]# tail -3 /etc/sysctl.conf
vm.swappiness = 0
net.ipv4.ip_local_port_range = 10000 65000
fs.file-max = 100000
[root@minion01 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
[root@minion01 ~]#
saltstack实战4--综合练习1的更多相关文章
- SaltStack实战
SaltStack实战 #安装 安装注意几点 python-libs-2.6.6-64.el6.x86_64 conflicts with file from package python-2.6.6 ...
- zz《分布式服务架构 原理、设计与实战》综合
这书以分布式微服务系统为主线,讲解了微服务架构设计.分布式一致性.性能优化等内容,并介绍了与微服务系统紧密联系的日志系统.全局调用链.容器化等. 还是一样,每一章摘抄一些自己觉得有用的内容,归纳整理, ...
- saltstack实战4--综合练习3
Saltstack配置管理-业务引用haproxy 在业务模块里写它的配置 各个业务是不同的,这里有差异性,所以没写在配置模块里. 对minion02也执行安装haproxy [root@master ...
- saltstack实战4--综合练习4
Saltstack配置管理-给minion增加Zabbix-agent zabbix-agent的包 [root@A ~]# rpm -qa |grep zabbix zabbix-2.4.8-1.e ...
- saltstack实战4--综合练习2
Saltstack配置管理-功能模块-安装haproxy 配置管理,我们分了3层 最底层是系统初始化部分 倒数二层是功能模块,就是具体的产品的安装了 假如你的环境需要nginx,php,memcach ...
- saltstack实战3--配置管理之pillar
数据系统-Pillar pillar和grains类似,但是它能给minion指定它想要的数据,安全性较好,另外它是在master端设置的 应用场景: grains的特性–每次启动汇报.静态决定了 ...
- saltstack实战3--配置管理之grains
grains是什么 grains是minion服务启动后,采集的客户端的一些基本信息,硬件信息,软件信息,网络信息,软件版本等.你可以在minion上自定义一些grains信息. 它是静态的信息,mi ...
- saltstack实战3--配置管理之YAML语法
本文来自如下链接http://docs.saltstack.cn/topics/yaml/index.html 了解YAML 默认的SLS文件的renderer是YAML renderer.YAML是 ...
- saltstack实战2--远程执行之目标(target)
target 就是目标的意思,你要在那台机器上执行此命令或此状态.或者说将此动作或者状态文件推送给谁来执行,让那个minion执行可以进行一些匹配 对于拥有大量机器的环境,如果单独一台台的执行指定mi ...
随机推荐
- POJ 2240 Arbitrage (求负环)
Arbitrage 题目链接: http://acm.hust.edu.cn/vjudge/contest/122685#problem/I Description Arbitrage is the ...
- codeforces 630B Moore's Law
B. Moore's Law time limit per test 0.5 seconds memory limit per test 64 megabytes input standard inp ...
- 关闭Linux里边的selinux
首先我们可以用命令来查看selinux的状态 getenforce 这个命令可以查看到selinux的状态,当前可以看到是关闭状态的. 还有一个命令也可以查看出selinux的状态. sest ...
- POJ 1511 - Invitation Cards (dijkstra优先队列)
题目链接:http://poj.org/problem?id=1511 就是求从起点到其他点的最短距离加上其他点到起点的最短距离的和 , 注意路是单向的. 因为点和边很多, 所以用dijkstra优先 ...
- 基于 Paramiko 的 SSH 通讯类
# -*- coding: UTF-8 -*-import paramikoimport time################################################### ...
- Python3批量爬取网页图片
所谓爬取其实就是获取链接的内容保存到本地.所以爬之前需要先知道要爬的链接是什么. 要爬取的页面是这个:http://findicons.com/pack/2787/beautiful_flat_ico ...
- CentOS6.4 64位系统安装jdk
1. CentOS操作安装好了以后,系统自带了openJDK,先查看相关的安装信息: $rpm -qa | grep java tzdata-java-2013b-1.el6.noarchjava-1 ...
- C++ 中复杂的声明
1.方法也是有类型的,方法的类型由返回类型和形参表决定.比如int F (int)的类型就是去掉方法名,int (int). 2.对于方法类型,在返回类型和形参表之间,加上一个名称F,就表示一个特定的 ...
- 对CAB文件进行数字签名
对CAB文件进行数字签名 传说中数字签名之后就能够不出现提示而自己主动下载,所以也试试: 在\Microsoft Visual Studio .NET 2003\SDK\v1.1\Bin 中间有三个小 ...
- 在Zend Studio中为ThinkPHP添加代码自动提示功能
身边很多朋友都使用ThinkPHP或CodeIgniter等开发框架为自己的项目提高开发效率. 在得力于这些优秀框架良好的设计结构的同时,也头疼于代码的自动完成提示功能没有纯PHP网站那么完善了.经常 ...