运维工具
系统备份和恢复
Clonezilla
install clonezilla network boot system
clonezilla push setting
clonezilla pxelinux.cfg default config
clonezilla pxe boot password
kickstart
kickstart centos5.6-i386 config
kickstart auto install
kickstart example
Cobbler
cobbler backups-restore
aomei 傲梅
傲梅集中备份
傲梅备份 分类
系统监控工具
collectd
collectd 收集系统性能
NMON monitor
Nmon monitor system
njmon script initd code
nmon 2 data to influx db
Zabbix
zabbix 3.2 install on centos 6
zabbix firewall
zabbix support windows
Supervisor
supervisor shell script
supervisor config example
boot supervisrd with systemd on centos7
webhook and github to do file sync with supervisor
日志管理系统
Grafana
grafana install on centos 6
grafana install plugin
grafana influx version
Filebeat
filebeat yum install
Kibana
kibana yum install
Logstash
logstash install on centos
Elasticsearch
yum install elasticsearch 6.8
elasticsearch install on Centos 6.7
ELK init env config
Elasticsearch 错误集锦
Rsyslog
centos 6 rsyslog 日志实时同步
Rsyslog mysql log to master analyzer
Deploy
Jumpserver
jumpserver 0.3.2 install on centos 6
jumpserver 0.3.2 docker install on centos 7
jumpserver 0.5 install on centos 7
Opsmanage
opsmanage install centos7
Jenkins
jenkins install on centos 6
install plugin in jenkins…
jenkins set time execution
tomcat jenkins ansible
jenkins ansible ad-hoc command
jenkins ansible playbook project
jenkins publish over_ssh
Paramike
PSSH
Centos7部署工具pssh
Ansible
how to install ansible with yum
bit rpm install ansible
source to install ansible
ansible init system centos 6
ansible using method
ansible install httpd servers
copy code with ansible-playbook
ansible ping host actived
ansible add username
ansible config parameter
ansible config write format
ansible api study
ansible hosts config ssh
ansible get nmon data
ansible setup filter information
yum repo with ansible-playbook
ansible gitlab ci runner
ansible get data list
ansible get text content
ansible get linux release debug infor
ansible support windows pywinrm
Saltshaker
saltshaker use docker
how to install saltstack
saltshaker manual install
salt install and config
salt init system
deploy saltshaker on centos7
salt file config desc
salt cmdb
saltshaker dj mq mysql build
salt data to mysql
Rsync
rsync + inotify 数据实时同步
代码仓库
Gitlab
yum install gitlab
gitlab-ce and runner
gitlib api example
gitlab config
gitlab ce and ee
Gogs
Gitea
虚拟化系统
Vmware
centos 6 install vmware 14
Vagrant
从零开始创建基础 Box
打包我的 BOX
Vagrantfile Config
Vagrant简易教程
给 Vagrant 从 VirtualBox换用 VMware 或 虚拟机
优化 vagrantFile config
Vagrant 主机定义
vagrant SSH
Vagrant 搭建 说明
WSL
pycharm 安装支持 WSL
windows-WSL 安装
Docker
how to install docker on centos 6
docker config source daoclound
how to use docker by step
how to creat docker subnet
gogs deploy on docker
jenkins use docker to deploy
mysql use docker to deploy
docker-example-1
docker-example-2
mac-osx-toolbox-install-docker
Data DB
Influx DB
InfluxDB install on centos
Mysql DB
centos 6 install mysql 5.5
mysql 5.7 install centos 6
install percona mysql 5.6 with yum
centos 7 install mysql config
mysql data rsync from master/slave
About me
本文档使用 MrDoc 发布
-
+
首页
salt init system
# salt init system --- ## 一 环境规划 ### 实验 $ vim /etc/hosts ```python 172.16.237.131 salt-master 172.16.237.133 salt-api-1 172.16.237.135 salt-ssh ``` ### salt 配置 $ vim /etc/salt/master ```python interface: 172.16.237.131 file_roots: base: - /srv/salt/base prod: - /srv/salt/prod pillar_roots: base: - /srv/pillar/base prod: - /srv/pillar/prod ``` ### crate foler $ mkdir -p /srv/salt/{base,prod} $ mkdir -p /srv/pillar/{base,prod} ### folder $ tree /srv/ ```python /srv/ |-- pillar | |-- base | `-- prod `-- salt |-- base |-- dev | |-- http.sls | `-- top.sls `-- prod ``` ### restart salt $ /etc/init.d/salt-master restart ## 二、系统初始化 $ mkdir /srv/salt/base/init ### 1 setting DNS $ vim /srv/salt/base/init/dns.sls ```python /etc/resolv.conf: file.managed: - source: salt://init/files/resolv.conf - user: root - group: root - mode: 644 ``` $ mkdir /srv/salt/base/init/files/ $ cp /etc/resolv.conf /srv/salt/base/init/files/ ```python ; generated by /sbin/dhclient-script search localdomain nameserver 172.16.237.2 ``` ### 2 History 记录时间 $ vim /srv/salt/base/init/history.sls ```python /etc/profile: file.append: - text: - export HISTTIMEFORMAT="%F %T `whoami` " ``` ### 3 命令操作审计 ```python /etc/bashrc: file.append: - text: - export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):['prod']"$msg"; }' ``` ### 4 system kernel setting $ vim /srv/salt/base/init/sysctl.sls ```python net.ipv4.ip_local_port_range: sysctl.present: - value: 10000 65000 fs.file_max: sysctl.present: - value: 2000000 net.ipv4.ip_forward: sysctl.present: - value: 1 vm.swappiness: sysctl.present: - value: 0 ``` ### 5 EPEL repo $ vim /srv/salt/base/init/epel.sls ```python yum_repo_release: pkg.installed: - sources: - epel-release: http://mirrors.aliyun.com/epel/epel-release-latest-6.noarch.rpm - unless: rpm -qa | grep epel-release-6 ``` ### 6 system init env $ vim /srv/salt/base/init/env_init.sls ```python include: - init.dns - init.history - init.audit - init.sysctl - init.epel ``` ### 7 salt base top $ vim /srv/salt/base/top.sls ```python base: '*': - init.env_init ``` ## 三 run salt state $ salt 'salt-api-1' state.highstate test=True ### log ```python salt-api-1: ---------- ID: /etc/resolv.conf Function: file.managed Result: True Comment: The file /etc/resolv.conf is in the correct state Started: 13:06:17.000396 Duration: 82.762 ms Changes: ---------- ID: /etc/profile Function: file.append Result: None Comment: File /etc/profile is set to be updated Started: 13:06:17.084209 Duration: 13.052 ms Changes: ---------- diff: --- +++ @@ -76,3 +76,4 @@ unset i unset -f pathmunge +export HISTTIMEFORMAT="%F %T `whoami` " ---------- ID: /etc/bashrc Function: file.append Result: None Comment: File /etc/bashrc is set to be updated Started: 13:06:17.097518 Duration: 9.472 ms Changes: ---------- diff: --- +++ @@ -84,3 +84,4 @@ unset pathmunge fi # vim:ts=4:sw=4 +export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):['prod']"$msg"; }' ---------- ID: net.ipv4.ip_local_port_range Function: sysctl.present Result: None Comment: Sysctl option net.ipv4.ip_local_port_range set to be changed to 10000 65000 Started: 13:06:17.116376 Duration: 58.264 ms Changes: ---------- ID: fs.file_max Function: sysctl.present Result: None Comment: Sysctl option fs.file_max would be changed to 2000000 Started: 13:06:17.175017 Duration: 50.671 ms Changes: ---------- ID: net.ipv4.ip_forward Function: sysctl.present Result: None Comment: Sysctl option net.ipv4.ip_forward would be changed to 1 Started: 13:06:17.226083 Duration: 69.091 ms Changes: ---------- ID: vm.swappiness Function: sysctl.present Result: None Comment: Sysctl option vm.swappiness set to be changed to 0 Started: 13:06:17.295580 Duration: 44.913 ms Changes: ---------- ID: yum_repo_release Function: pkg.installed Result: True Comment: unless condition is true Started: 13:06:19.160673 Duration: 3090.546 ms Changes: Summary for salt-api-1 ------------ Succeeded: 8 (unchanged=6, changed=2) Failed: 0 ------------ Total states run: 8 Total run time: 3.419 s ```
Bobby
2021年12月20日 06:37
分享文档
收藏文档
阅读
96
上一篇
下一篇
微信扫一扫
复制链接
手机扫一扫进行分享
复制链接
关于 MrDoc
觅思文档MrDoc
是
州的先生
开发并开源的在线文档系统,其适合作为个人和小型团队的云笔记、文档和知识库管理工具。
如果觅思文档给你或你的团队带来了帮助,欢迎对作者进行一些打赏捐助,这将有力支持作者持续投入精力更新和维护觅思文档,感谢你的捐助!
>>>捐助鸣谢列表
微信
支付宝
QQ
PayPal
Markdown文件
分享
链接
类型
密码
更新密码
