Linux自动化工具之SaltStack 实战项目1(系统初始化)
2020-02-26自动化运维90root289°c
A+ A-实验架构图如下:
一、系统初始化
1 . 编写resolv.conf(dns) 文件
[[email protected] init]# cat /etc/salt/states/init/dns.sls /etc/resolv.conf: file.managed: - source: salt://init/files/resolv.conf - user: root - group: root - mode: 644
2 . 给历史命令(history)添加时间
[[email protected] init]# cat /etc/salt/states/init/history.sls /etc/profile: file.append: - text: - export HISTTIMEFORMAT="%F %T `whoami`"
3 . 编写命令审计功能
[[email protected] init]# cat audit.sls /etc/bashrc file.append: - text: - export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
4 .更改内核参数
[[email protected] init]# cat sysctl.sls vm.swappiness: -> 尽量不使用交换分区 sysctl.present: - value: 0 net.ipv4.ip_local_port_range: -> 设置本地tcp可以使用的端口范围 sysctl.present: - value: 10000 65000 fs.file-max: -> 设置可以打开的最大文件数 sysctl.present: - value: 100000 net.ipv4.ip_forward: -> 开启ip转发 sysctl.present: - value: 1
5.集中管理上面4个配置文件
[[email protected] init]# cat env_init.sls include: - init.dns - init.history - init.audit - init.sysctl
6.编写top.sls文件
[[email protected] init]# cd .. [[email protected] states]# cat top.sls base: '*': - init.env_init
7.执行salt
[[email protected] states]# salt '*' state.highstate test=True #模拟运行(生成环境运行方法)
[[email protected] states]# salt '*' state.highstate
8.查看minion端是否执行成功
[[email protected] init]# salt '*' state.highstate [[email protected] init]# salt '*' cmd.run 'cat /etc/resolv.conf' node2.90root.com: ; generated by /sbin/dhclient-script search localdomain nameserver 114.114.114.114 node3.90root.com: ; generated by /sbin/dhclient-script search localdomain nameserver 114.114.114.114