Salt 系统初始化
目录
编辑states文件
1.DNS配置 dns.sls(在init目录下创建一个files文件,然后把resolv.conf放到文件下)
[root@master init]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- group: root
- mode: 644
2.History记录时间 history.sls
/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `whoami`"
3.命令操作审计 audit.sls
/etc/bashrc:
file.append:
- text:
- export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
4.内核参数优化 sysctl.sls
#尽量不适用交换分区
vm.swappiness:
sysctl.present:
- value: 0
#设置本地tcp可以使用的端口范围
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 65000
#可以打开的最大文件数
fs.file-max:
sysctl.present:
- value: 100000
5.初始化环境引用
[root@master init]# cat env_init.sls
include:
- init.dns
- init.history
- init.audit
- init.sysctl
6.top.sls
[root@master base]# cat top.sls
base:
'*':
- init.env_init
7.salt '*' state.highstate test=True #生产环境,先测试。
[root@master base]# salt '*' state.highstate test=True
master:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 12:30:43.157862
Duration: 18.748 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 12:30:43.176743
Duration: 1.729 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 12:30:43.178561
Duration: 2.567 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.187758
Duration: 48.668 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.236681
Duration: 24.351 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:43.261164
Duration: 37.234 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
minion:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 12:30:41.531639
Duration: 102.545 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 12:30:41.634380
Duration: 3.129 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 12:30:41.637660
Duration: 4.634 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.643958
Duration: 64.501 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.708701
Duration: 27.325 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max might be changed, we failed to check config file at /etc/sysctl.d/99-salt.conf. The file is either unreadable, or missing.
Started: 12:30:41.736186
Duration: 17.193 ms
Changes: Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
8.在所有minion上执行状态
salt '*' state.highstate
[root@master base]# salt '*' state.highstate
master:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 12:32:38.328695
Duration: 21.306 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:38.350110
Duration: 1.958 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:38.352156
Duration: 2.681 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 12:32:38.355787
Duration: 36.302 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 12:32:38.392247
Duration: 21.948 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 12:32:38.414352
Duration: 20.707 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
minion:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 12:32:36.770415
Duration: 12.964 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
search infinibase.cn
nameserver 114.114.114.114
+nameserver 202.106.196.115
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:36.783493
Duration: 2.182 ms
Changes:
----------
diff:
---
+++
@@ -74,3 +74,4 @@ unset i
unset -f pathmunge
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 12:32:36.785766
Duration: 2.806 ms
Changes:
----------
diff:
---
+++
@@ -90,3 +90,4 @@
unset -f pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 12:32:36.789548
Duration: 20.265 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 12:32:36.809924
Duration: 17.308 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 12:32:36.827338
Duration: 17.754 ms
Changes:
----------
fs.file-max:
100000 Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
9.查看是否成功
Salt 系统初始化的更多相关文章
- Saltstack生产案例之系统初始化
把之前的配置打个包 zip -r salt.zip * 拷贝到/root/tools目录 博客园文件里面也保留一份,删除之前所有的salt配置文件重新开始 想 1,系统初始化 2,功能模块:设置单独的 ...
- SaltStack生产案例-系统初始化
需求分析 一,系统初始化 1.1 关闭SELinux 1.2 关闭默认iptables 1.3 时间同步(配置NTP) 1.4 文件描述符(必备/etc/security/limmits.c ...
- saltstack系统初始化(九)
一.系统初始化需要的配置 当我们的服务器上架并安装好操作系统后,都会有一些基础的操作,所以生产环境中使用SaltStack,建议将所有服务器都会涉及的基础配置或者软件部署归类放在base环境下.此处, ...
- centos7 系统初始化脚本
现在自己的本地虚拟机系统,直接安装的是centos7.2 mini版,安装完成发现好多东西都没有安装,所以写了一个简单的系统初始化脚本,让自己可以省一些力气,哈哈 人懒主要是. 下面贴出写的脚本,脚本 ...
- ssh下:系统初始化实现ServletContextListener接口时,获取spring中数据层对象无效的问题
想要实现的功能:SSH环境下,数据层都交由Spring管理:在服务启动时,将数据库中的一些数据加载到ServletContext中缓存起来. 系统初始化类需要实现两个接口: ServletContex ...
- 详解linux系统的启动过程及系统初始化
一.linux系统的启动流程 关于linux系统的启动流程我们可以按步进行划分为如下: POST加电自检 -->BIOS(Boot Sequence)-->加载对应引导上的MBR(boot ...
- Ztack学习笔记(2)-系统初始化分析
main函数先执行初始化工作,包括硬件.网络层.任务等的初始化. 一 系统初始化 系统初始化函数主要完成内存分配.消息队列头.定时器.电源管理.任务系统及内存栈等的初始化,具体如下代码所示: //os ...
- Linux安装系统注意事项及系统初始化
Linux安装系统注意事项 1.分区 学习用途: /boot:200M /swap :内存的1到2倍 /:根据需要分配大小,比如虚拟机下总空间是15G,那么可以分配8——10G跟/分区,如果是生产 ...
- ucos系统初始化及启动过程
之前在ucos多任务切换中漏掉了一个变量, OSCtxSwCtr标识系统任务切换次数 主要应该还是用在调试功能中 Ucos系统初始化函数为OSInit(),主要完成以下功能 全局变量初始化 就绪任务表 ...
随机推荐
- SpringBoot--异常统一处理
先上代码,不捕获异常和手动捕获异常处理: @GetMapping("/error1") public String error1() { int i = 10 / 0; retur ...
- egret.sys.TextNode
class Test extends egret.Shape{ protected textNode:egret.sys.TextNode; constructor(){ this.width = t ...
- Shader专题:卡通着色(一)控制颜色的艺术
什么是 Shader? 关于什么是 Shader ,各种百科各种教程都有说过,但是今天我们就从一个另一个角度去试着理解什么是 Shader? 我们先看下 Shade 的英文意思,如下: v.给...遮 ...
- Nginx之upstream的四种配置方式
1.轮询(weight) 指定轮询几率,weight和访问比率成正比,用于后端服务器性能不均的情况.默认当weight不指定时,各服务器weight相同,每个请求按时间顺序逐一分配到不同的后端服务 ...
- Oauth2.0认证流程
- Python3笔记019 - 4.4 字典
第4章 序列的应用 python的数据类型分为:空类型.布尔类型.数字类型.字节类型.字符串类型.元组类型.列表类型.字典类型.集合类型 在python中序列是一块用于存放多个值的连续内存空间. py ...
- Python3笔记011 - 3.2 选择语句
第3章 流程控制语句 3.2 选择语句 1.if语句 if 表达式: 语句块 执行的流程是:当表达式的布尔值为真时,执行语句块,为假时,离开if语句,程序往下执行. 2.if...else语句 if ...
- h5页面自动播放视频、音频_关于媒体文件自动全屏播放的实现方式
在移动端(ios和android)播放视频的时候,我们即使定义了autoplay属性,仍然不能自动播放.这是由于手机浏览器为了防止浪费用户的网络流量,在默认情况下是不允许媒体文件自动播放的,除非用户自 ...
- PE文件格式详解(六)
0x00 前言 前面两篇讲到了输出表的内容以及涉及如何在hexWorkShop中找到输出表及输入DLL,感觉有几个地方还是没有理解好,比如由数据目录表DataDirectory[16]找到输出表表后以 ...
- mysql解压缩版安装和卸载
所有的cmd命令都是在管理员模式下输入 官方下载网址:https://dev.mysql.com/downloads/mysql/ 安装mysql mysqld install //安装mysql:卸 ...