Salt 系统初始化
目录
编辑states文件
1.DNS配置 dns.sls(在init目录下创建一个files文件,然后把resolv.conf放到文件下)
[root@master init]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- group: root
- mode: 644
2.History记录时间 history.sls
/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `whoami`"
3.命令操作审计 audit.sls
/etc/bashrc:
file.append:
- text:
- export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
4.内核参数优化 sysctl.sls
#尽量不适用交换分区
vm.swappiness:
sysctl.present:
- value: 0
#设置本地tcp可以使用的端口范围
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 65000
#可以打开的最大文件数
fs.file-max:
sysctl.present:
- value: 100000
5.初始化环境引用
[root@master init]# cat env_init.sls
include:
- init.dns
- init.history
- init.audit
- init.sysctl
6.top.sls
[root@master base]# cat top.sls
base:
'*':
- init.env_init
7.salt '*' state.highstate test=True #生产环境,先测试。
[root@master base]# salt '*' state.highstate test=True
master:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 12:30:43.157862
Duration: 18.748 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 12:30:43.176743
Duration: 1.729 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 12:30:43.178561
Duration: 2.567 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.187758
Duration: 48.668 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.236681
Duration: 24.351 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.261164
Duration: 37.234 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
minion:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 12:30:41.531639
Duration: 102.545 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 12:30:41.634380
Duration: 3.129 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 12:30:41.637660
Duration: 4.634 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.643958
Duration: 64.501 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.708701
Duration: 27.325 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.736186
Duration: 17.193 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
8.在所有minion上执行状态
salt '*' state.highstate
[root@master base]# salt '*' state.highstate
master:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 12:32:38.328695
Duration: 21.306 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:38.350110
Duration: 1.958 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:38.352156
Duration: 2.681 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 12:32:38.355787
Duration: 36.302 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 12:32:38.392247
Duration: 21.948 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 12:32:38.414352
Duration: 20.707 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
minion:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 12:32:36.770415
Duration: 12.964 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:36.783493
Duration: 2.182 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:36.785766
Duration: 2.806 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 12:32:36.789548
Duration: 20.265 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 12:32:36.809924
Duration: 17.308 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 12:32:36.827338
Duration: 17.754 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
9.查看是否成功
Salt 系统初始化的更多相关文章
- Saltstack生产案例之系统初始化
把之前的配置打个包 zip -r salt.zip * 拷贝到/root/tools目录 博客园文件里面也保留一份,删除之前所有的salt配置文件重新开始 想 1,系统初始化 2,功能模块:设置单独的 ...
- SaltStack生产案例-系统初始化
需求分析 一,系统初始化 1.1 关闭SELinux 1.2 关闭默认iptables 1.3 时间同步(配置NTP) 1.4 文件描述符(必备/etc/security/limmits.c ...
- saltstack系统初始化(九)
一.系统初始化需要的配置 当我们的服务器上架并安装好操作系统后,都会有一些基础的操作,所以生产环境中使用SaltStack,建议将所有服务器都会涉及的基础配置或者软件部署归类放在base环境下.此处, ...
- centos7 系统初始化脚本
现在自己的本地虚拟机系统,直接安装的是centos7.2 mini版,安装完成发现好多东西都没有安装,所以写了一个简单的系统初始化脚本,让自己可以省一些力气,哈哈 人懒主要是. 下面贴出写的脚本,脚本 ...
- ssh下:系统初始化实现ServletContextListener接口时,获取spring中数据层对象无效的问题
想要实现的功能:SSH环境下,数据层都交由Spring管理:在服务启动时,将数据库中的一些数据加载到ServletContext中缓存起来. 系统初始化类需要实现两个接口: ServletContex ...
- 详解linux系统的启动过程及系统初始化
一.linux系统的启动流程 关于linux系统的启动流程我们可以按步进行划分为如下: POST加电自检 -->BIOS(Boot Sequence)-->加载对应引导上的MBR(boot ...
- Ztack学习笔记(2)-系统初始化分析
main函数先执行初始化工作,包括硬件.网络层.任务等的初始化. 一 系统初始化 系统初始化函数主要完成内存分配.消息队列头.定时器.电源管理.任务系统及内存栈等的初始化,具体如下代码所示: //os ...
- Linux安装系统注意事项及系统初始化
Linux安装系统注意事项 1.分区 学习用途: /boot:200M /swap :内存的1到2倍 /:根据需要分配大小,比如虚拟机下总空间是15G,那么可以分配8——10G跟/分区,如果是生产 ...
- ucos系统初始化及启动过程
之前在ucos多任务切换中漏掉了一个变量, OSCtxSwCtr标识系统任务切换次数 主要应该还是用在调试功能中 Ucos系统初始化函数为OSInit(),主要完成以下功能 全局变量初始化 就绪任务表 ...
随机推荐
- Excel表格中第一个输入的零不显示怎么办?
Excel表格是办公的人经常要用到的软件,经常用它来统计和记录各种数据,但是有时候表格中第一个数字是零的时候,经常第一个零输入时不显示的,这个情况我们怎么解决呢?这里小编跟大家讲一下希望能帮助大家. ...
- 基于 fetch 的请求封装
原生 fetch 请求失败后(如无网络)状态会变成 reject 走 .catch .绝大多数情况下业务场景只需要给个 toast 等简单处理.每个请求都 .catch 会显得格外繁琐,并且如果不 . ...
- Typography convention
1 h1 Chapter title centered,number three in bold,used ##. 1.1 h2 The chapter is a section, and the s ...
- 如何用好 IDEA ,Java 撸码效率至少提升 5 倍?
以前的Java项目中,充斥着太多不友好的代码:POJO的getter/setter/toString:异常处理:I/O流的关闭操作等等,这些样板代码既没有技术含量,又影响着代码的美观,Lombok应运 ...
- 富文本编辑器实现从word中复制图片(外挂)
1问题 基于web的富文本编辑器的功能普遍较弱,而word是公认的宇宙第一好用的文档编辑器,所以许多人都习惯先在word中编辑,然后再将内容粘到web富文本编辑器中. 但是,这种操作有一个问题:图片带 ...
- 点分治模板 POJ 1741
#include<cstdio> #include<cstring> #include<algorithm> using namespace std; const ...
- How many ways?? HDU - 2157 矩阵快速幂
题目描述 春天到了, HDU校园里开满了花, 姹紫嫣红, 非常美丽. 葱头是个爱花的人, 看着校花校草竞相开放, 漫步校园, 心情也变得舒畅. 为了多看看这迷人的校园, 葱头决定, 每次上课都走不同的 ...
- appium-1-安装
1.appium安装 网盘地址,下载之后,一路点就可以了 链接:https://pan.baidu.com/s/1-X_ceUWisbuyosjztakKZw 密码:hxeu 系统变量中新增APPI ...
- JavaScript图形实例:Canvas API
1.Canvas概述 Canvas API(画布)用于在网页实时生成图像,并且可以操作图像内容,基本上它是一个可以用JavaScript操作的位图(bitmap). 要使用HTML5在浏览器窗口中绘制 ...
- Python并发编程03 /僵孤进程,孤儿进程、进程互斥锁,进程队列、进程之间的通信
Python并发编程03 /僵孤进程,孤儿进程.进程互斥锁,进程队列.进程之间的通信 目录 Python并发编程03 /僵孤进程,孤儿进程.进程互斥锁,进程队列.进程之间的通信 1. 僵尸进程/孤儿进 ...