目录

编辑states文件

1.DNS配置  dns.sls(在init目录下创建一个files文件,然后把resolv.conf放到文件下)

[root@master init]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- group: root
- mode: 644

2.History记录时间  history.sls

/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `whoami`"

3.命令操作审计 audit.sls

/etc/bashrc:
file.append:
- text:
- export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'

4.内核参数优化  sysctl.sls

#尽量不适用交换分区
vm.swappiness:
sysctl.present:
- value: 0
#设置本地tcp可以使用的端口范围
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 65000
#可以打开的最大文件数
fs.file-max:
sysctl.present:
- value: 100000

5.初始化环境引用

[root@master init]# cat env_init.sls
include:
- init.dns
- init.history
- init.audit
- init.sysctl

6.top.sls

[root@master base]# cat top.sls
base:
'*':
- init.env_init

7.salt '*'  state.highstate test=True       #生产环境,先测试。

[root@master base]# salt '*' state.highstate test=True
master:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 12:30:43.157862
Duration: 18.748 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 12:30:43.176743
Duration: 1.729 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 12:30:43.178561
Duration: 2.567 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.187758
Duration: 48.668 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.236681
Duration: 24.351 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.261164
Duration: 37.234 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
minion:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 12:30:41.531639
Duration: 102.545 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 12:30:41.634380
Duration: 3.129 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 12:30:41.637660
Duration: 4.634 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.643958
Duration: 64.501 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.708701
Duration: 27.325 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.736186
Duration: 17.193 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6

8.在所有minion上执行状态

salt '*' state.highstate

[root@master base]# salt '*' state.highstate
master:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 12:32:38.328695
Duration: 21.306 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:38.350110
Duration: 1.958 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:38.352156
Duration: 2.681 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 12:32:38.355787
Duration: 36.302 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 12:32:38.392247
Duration: 21.948 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 12:32:38.414352
Duration: 20.707 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
minion:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 12:32:36.770415
Duration: 12.964 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:36.783493
Duration: 2.182 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:36.785766
Duration: 2.806 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 12:32:36.789548
Duration: 20.265 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 12:32:36.809924
Duration: 17.308 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 12:32:36.827338
Duration: 17.754 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6

9.查看是否成功

 

Salt 系统初始化的更多相关文章

  1. Saltstack生产案例之系统初始化

    把之前的配置打个包 zip -r salt.zip * 拷贝到/root/tools目录 博客园文件里面也保留一份,删除之前所有的salt配置文件重新开始 想 1,系统初始化 2,功能模块:设置单独的 ...

  2. SaltStack生产案例-系统初始化

    需求分析 一,系统初始化 1.1  关闭SELinux 1.2  关闭默认iptables 1.3  时间同步(配置NTP)  1.4  文件描述符(必备/etc/security/limmits.c ...

  3. saltstack系统初始化(九)

    一.系统初始化需要的配置 当我们的服务器上架并安装好操作系统后,都会有一些基础的操作,所以生产环境中使用SaltStack,建议将所有服务器都会涉及的基础配置或者软件部署归类放在base环境下.此处, ...

  4. centos7 系统初始化脚本

    现在自己的本地虚拟机系统,直接安装的是centos7.2 mini版,安装完成发现好多东西都没有安装,所以写了一个简单的系统初始化脚本,让自己可以省一些力气,哈哈 人懒主要是. 下面贴出写的脚本,脚本 ...

  5. ssh下:系统初始化实现ServletContextListener接口时,获取spring中数据层对象无效的问题

    想要实现的功能:SSH环境下,数据层都交由Spring管理:在服务启动时,将数据库中的一些数据加载到ServletContext中缓存起来. 系统初始化类需要实现两个接口: ServletContex ...

  6. 详解linux系统的启动过程及系统初始化

    一.linux系统的启动流程 关于linux系统的启动流程我们可以按步进行划分为如下: POST加电自检 -->BIOS(Boot Sequence)-->加载对应引导上的MBR(boot ...

  7. Ztack学习笔记(2)-系统初始化分析

    main函数先执行初始化工作,包括硬件.网络层.任务等的初始化. 一 系统初始化 系统初始化函数主要完成内存分配.消息队列头.定时器.电源管理.任务系统及内存栈等的初始化,具体如下代码所示: //os ...

  8. Linux安装系统注意事项及系统初始化

      Linux安装系统注意事项 1.分区 学习用途: /boot:200M /swap :内存的1到2倍 /:根据需要分配大小,比如虚拟机下总空间是15G,那么可以分配8——10G跟/分区,如果是生产 ...

  9. ucos系统初始化及启动过程

    之前在ucos多任务切换中漏掉了一个变量, OSCtxSwCtr标识系统任务切换次数 主要应该还是用在调试功能中 Ucos系统初始化函数为OSInit(),主要完成以下功能 全局变量初始化 就绪任务表 ...

随机推荐

  1. C# 接口(interface) 抽象类(abstract)

    类代码: interface Employee { void ShowEmp(); } abstract class EmployeeInPostion: Employee { public abst ...

  2. 图解resilience4j容错机制

    Resilience4j是一个轻量级.易于使用的容错库,其灵感来自Netflix Hystrix,但专为Java 8和函数式编程设计.轻量级,因为库只使用Vavr,它没有任何其他外部库依赖项.相比之下 ...

  3. Python-使用tkinter实现的Django服务进程管理工具

    import tkinter import subprocess import os import time import re import sys from tkinter import Labe ...

  4. 什么才是市场急需的前端工程师?要价1.8W,HR不敢还嘴!

    据统计,国外的前端开发人员和后端开发人员比例约1:1,但是在国内比例却在1:3以下, Web前端开发职位人才缺口巨大.前端工程师的发展之路十分有“钱”景. 每天,HR 群都有人在吐槽招不到前端工程师. ...

  5. Python-数据结构-最全六种排序代码实现

    1.冒泡排序 def bubble_sort(alist): """冒泡排序""" n = len(alist) for j in rang ...

  6. 前端工程化的的理解,浅谈web工程化的开发流程

    1. 什么是前端工程化 自有前端工程师这个称谓以来,前端的发展可谓是日新月异.相比较已经非常成熟的其他领域,前端虽是后起之秀,但其野蛮生长是其他领域不能比的.虽然前端技术飞快发展,但是前端整体的工程生 ...

  7. C++栈(stack)、队列(queue)、链表(list)的常用函数

    C++队列Queue是一种容器适配器,它给予程序员一种先进先出(FIFO)的数据结构.1.back() 返回一个引用,指向最后一个元素2.empty() 如果队列空则返回真3.front() 返回第一 ...

  8. Code Forces 796C Bank Hacking(贪心)

    Code Forces 796C Bank Hacking 题目大意 给一棵树,有\(n\)个点,\(n-1\)条边,现在让你决策出一个点作为起点,去掉这个点,然后这个点连接的所有点权值+=1,然后再 ...

  9. JAVA的8种基本数据类型分析

    基本数据类型(8个) 1.整数类型(4个)   字节个数 取值范围 byte(字节) 1(8位) -2^7~2^7-1 short(短整型) 2(16位) -2^15~2^15-1 int(整形) 4 ...

  10. SSTI-服务端模板注入

    SSTI-服务端模板注入漏洞 原理: 服务端模板注入是由于服务端接收了用户的输入,将其作为 Web 应用模板内容的一部分,在进行目标编译渲染的过程中,执行了用户插入的恶意内容,因而导致了敏感信息泄露. ...