规范配置管理
实际工作中可能会有现网环境,基线环境,开发环境。 需要使用saltstack统一管理。机器多了,业务多了,可能配置文件存放的会比较乱,因此可以统一管理起来
我们可以再加2个目录,test是测试环境,prod是生产环境,base是基线环境。
操作如下,新添加2个目录,同时调整基线目录
# Example:
# file_roots:
# base:
# - /srv/salt/
# dev:
# - /srv/salt/dev/services
# - /srv/salt/dev/states
# prod:
# - /srv/salt/prod/services
# - /srv/salt/prod/states
#
file_roots:
base:
- /srv/salt/base
test:
- /srv/salt/test
prod:
- /srv/salt/prod
重启服务让配置生效,创建目录,调整原先的配置文件到新的base目录下
[root@master pillar]# /etc/init.d/salt-master restart Stopping salt-master daemon: [ OK ] Starting salt-master daemon: [ OK ] [root@master pillar]# mkdir /srv/salt/base -p [root@master pillar]# mkdir /srv/salt/test -p [root@master pillar]# mkdir /srv/salt/prod -p [root@master pillar]# cd /srv/salt/ [root@master salt]# ls apache.sls base prod test top.sls [root@master salt]# mv apache.sls base/ [root@master salt]# mv top.sls base/ [root@master salt]# ll total 12 drwxr-xr-x 2 root root 4096 Jan 1 19:33 base drwxr-xr-x 2 root root 4096 Jan 1 19:32 prod drwxr-xr-x 2 root root 4096 Jan 1 19:32 test [root@master salt]#
文件管理的练习
对minion的dns文件进行统一管理
先在base目录下创建个files目录,专门存放文件,这里给这个dns文件追加个不一样的东西,便于标识
[root@master salt]# cd /srv/salt/base/ [root@master base]# mkdir files [root@master base]# cd files/ [root@master files]# ls [root@master files]# cp /etc/resolv.conf . [root@master files]# ls resolv.conf [root@master files]# cat resolv.conf # Generated by NetworkManager nameserver 10.0.1.11 [root@master files]# echo "#create by zyx" >> resolv.conf [root@master files]# cat resolv.conf # Generated by NetworkManager nameserver 10.0.1.11 #create by zyx [root@master files]#
编辑配置文件,用于管理这个dns文件给minion,需要进行一些配置,存放的路径,来源,权限,数组等
注意下面两种写法等价的
[root@master files]# cd ..
[root@master base]# pwd
/srv/salt/base
[root@master base]# vim dns.sls
[root@master base]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://files/resolv.conf
- user: root
- group: root
- mode: 644
[root@master base]#
等价于下面的,默认你没有定义name的话,salt会把id当成name的默认值,下面的resolv-file是个id,随便定义,只要唯一即可
[root@master base]# cat dns.sls
resolv-file:
file.managed:
- source: salt://files/resolv.conf
- name: /etc/resolv.conf
- user: root
- group: root
- mode: 644
[root@master base]#
执行一下,可以看到Changes的变化的部分
[root@master base]# salt 'minion01' state.sls dns
minion01:
----------
ID: resolv-file
Function: file.managed
Name: /etc/resolv.conf
Result: True
Comment: File /etc/resolv.conf updated
Started: 19:53:15.932376
Duration: 11.4 ms
Changes:
----------
diff:
---
+++
@@ -1,2 +1,3 @@
# Generated by NetworkManager
nameserver 10.0.1.11
+#create by zyx
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
去minion01上验证下,没问题
[root@minion01 ~]# cat /etc/resolv.conf # Generated by NetworkManager nameserver 10.0.1.11 #create by zyx [root@minion01 ~]#
再把配置文件改成如下内容,对minion02执行操作
[root@master base]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://files/resolv.conf
- user: root
- group: root
- mode: 644
[root@master base]# salt 'minion02' state.sls dns
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 19:57:27.628894
Duration: 13.128 ms
Changes:
----------
diff:
---
+++
@@ -1,2 +1,3 @@
# Generated by NetworkManager
nameserver 10.0.1.11
+#create by zyx
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
之前讲了top.sls,这个入口文件,我们还可以通过这个入口文件进行管理
这个也叫通过高级状态管理
[root@master base]# ls
apache.sls dns.sls files top.sls
[root@master base]# echo "#second" >> files/resolv.conf
[root@master base]# cat files/resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
#second
[root@master base]# vim top.sls
[root@master base]# cat top.sls
base:
'*':
- dns
[root@master base]# salt 'minion02' state.highstate
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 20:00:17.814797
Duration: 19.636 ms
Changes:
----------
diff:
---
+++
@@ -1,3 +1,4 @@
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
+#second
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
以后对现网管理的话,可以把它们分类,这样针对哪台机器需要安装或者配置什么东西时,把配置文件include进来即可。降低模块之间的耦合性。更加灵活和方便
可以分为:
系统初始化
功能模块
业务模块
另外配置文件中语法格式要严格遵守YAML语法规则。
jinja模板的使用
在日常管理中,有时候会遇到这种情况,对A机器某个文件管理,比如此文件中有一处的配置不固定,比如端口号或者IP
A机器可能是80端口,可能过几天需要使用8080端口,而我们每次去更改源文件比较麻烦,我们此时可以通过使用jinja模板把变化的部分用变量代替
然后,在配置管理文件里面定义此变量的值。
例如,dns服务器的IP经常发生变化。
先修改源文件,把原先的值的部分用变量代替
然后修改配置管理文件,声明使用jinja模板,同时设置变量的值,如下,为了加以区分,我们把dns值设置为10.0.1.111
[root@master files]# cat resolv.conf
# Generated by NetworkManager
nameserver {{ DNS_SERVER }}
#create by zyx
#third
[root@master files]# pwd
/srv/salt/base/files
[root@master files]# cd ..
[root@master base]# vim dns.sls
[root@master base]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://files/resolv.conf
- user: root
- group: root
- mode: 644
- template: jinja
- defaults:
DNS_SERVER: 10.0.1.111
[root@master base]#
关于jinja的用法
执行测试下
[root@master base]# salt 'minion02' state.highstate
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 20:21:10.739601
Duration: 12.108 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,4 @@
# Generated by NetworkManager
-nameserver {{ DNS_SERVER }}
+nameserver 10.0.1.111
#create by zyx
#third
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
在minion02上验证下,ok
[root@minion02 ~]# cat /etc/resolv.conf # Generated by NetworkManager nameserver 10.0.1.111 #create by zyx #third [root@minion02 ~]#
以上就是配置管理结合jinja的用法
配置管理结合grains和jinja
比如我们把系统信息加入到minion上
[root@master base]# salt '*' grains.get os
minion01:
CentOS
minion02:
CentOS
[root@master base]#
如下操作,把需要更换的地方写成jinja模板形式的grains变量,然后执行
[root@master base]# cat files/resolv.conf
# Generated by NetworkManager
nameserver {{ DNS_SERVER }}
#create by zyx
#{{ grains['os'] }}
[root@master base]# salt 'minion02' state.highstate
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 20:26:12.450712
Duration: 32.907 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,4 @@
# Generated by NetworkManager
nameserver 10.0.1.111
#create by zyx
-#third
+#CentOS
Summary
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
[root@master base]#
minion02上验证确认下,没问题,系统信息加进来了
[root@minion02 ~]# cat /etc/resolv.conf # Generated by NetworkManager nameserver 10.0.1.111 #create by zyx #CentOS [root@minion02 ~]#
配置管理--系统初始化
对于一台机器的管理,可以分解为3部分,从下到上依次为
系统初始化,功能模块,业务模块
再次对我们的base目录进行改造
base基础目录下,init目录用于存放系统初始化的东西
在init下面建立files文件夹用于存放源文件类的东西,top.sls入口文件不用动,它需要在base目录下
[root@master base]# cd /srv/salt/base/ [root@master base]# ls apache.sls dns.sls files top.sls [root@master base]# mkdir init [root@master base]# mv dns.sls init/ [root@master base]# mv files/ init/ [root@master base]# ls apache.sls init top.sls [root@master base]# mv apache.sls init/ [root@master base]# ls init top.sls [root@master base]# tree
1、配置好dns相关的东西
[root@master init]# rm -f apache.sls
[root@master init]# ls
dns.sls files
[root@master init]# vim dns.sls
[root@master init]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- group: root
- mode: 644
[root@master init]# vim files/resolv.conf
[root@master init]# cat files/resolv.conf
# Generated by NetworkManager
nameserver 10.0.1.11
#create by zyx
[root@master init]# pwd
/srv/salt/base/init
[root@master init]#
2、关于系统初始化,可能我们还想让history命令显示时间和用户,通过修改环境变量能达到要求
export HISTTIMEFORMAT="%F %T `whoami`"
[root@master init]# history | tail 613 rm -f apache.sls 614 ls 615 vim dns.sls 616 cat dns.sls 617 vim files/resolv.conf 618 cat files/resolv.conf 619 pwd 620 history | tail 621 export HISTTIMEFORMAT="%F %T `whoami` 622 history | tail [root@master init]# export HISTTIMEFORMAT="%F %T `whoami`" [root@master init]# history | tail 615 2017-01-01 21:20:26 root vim dns.sls 616 2017-01-01 21:20:59 root cat dns.sls 617 2017-01-01 21:21:05 root vim files/resolv.conf 618 2017-01-01 21:21:24 root cat files/resolv.conf 619 2017-01-01 21:21:40 root pwd 620 2017-01-01 21:23:11 root history | tail 621 2017-01-01 21:23:14 root export HISTTIMEFORMAT="%F %T `whoami` 622 2017-01-01 21:23:34 root history | tail 623 2017-01-01 21:23:37 root export HISTTIMEFORMAT="%F %T `whoami` " 624 2017-01-01 21:23:39 root history | tail [root@master init]#
我们把它变成配置文件可以管理的方式,新建一个sls文件,用于管理历史命令
[root@master init]# pwd
/srv/salt/base/init
[root@master init]# vim history.sls
[root@master init]# cat history.sls
/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `whoami`"
[root@master init]#
3、我们还想记录日志:时间,哪个IP执行的,执行时所在的目录,执行的命令等都记录到系统日志里面
这里使用了logger命令
[root@master ~]# logger hehe [root@master ~]# tail -1 /var/log/messages Jan 1 21:35:13 master root: hehe [root@master ~]#
logger命令能把东西记录到messages里面
以及系统自带的变量
[root@master init]# echo $(whoami) root [root@master init]# echo $(who am i) root pts/0 2017-01-01 14:04 (10.0.1.53) [root@master init]#
export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
[root@master init]# w
21:28:59 up 2 days, 6:24, 2 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 10.0.1.53 14:04 0.00s 0.68s 0.00s w
root pts/1 10.0.1.53 16:14 1:33m 0.01s 0.01s -bash
[root@master init]# tail -3 /var/log/messages
Jan 1 03:24:01 master rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="1807" x-info="http://www.rsyslog.com"] rsyslogd was HUPed
Jan 1 07:59:59 master kernel: Clock: inserting leap second 23:59:60 UTC
Jan 1 08:00:00 master ntpd[2197]: 0.0.0.0 061b 0b leap_event
[root@master init]# export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
[root@master init]# w
21:29:12 up 2 days, 6:24, 2 users, load average: 0.00, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
root pts/0 10.0.1.53 14:04 0.00s 0.69s 0.00s w
root pts/1 10.0.1.53 16:14 1:33m 0.01s 0.01s -bash
[root@master init]# tail -3 /var/log/messages
Jan 1 08:00:00 master ntpd[2197]: 0.0.0.0 061b 0b leap_event
Jan 1 21:29:10 master root: [euid=root]:root pts/0 2017-01-01 14:04 (10.0.1.53):[/srv/salt/base/init]2017-01-01 21:29:10 root export PROMPT_COMMAND='{ msg=$(history 1 |
{ read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
Jan 1 21:29:12 master root: [euid=root]:root pts/0 2017-01-01 14:04 (10.0.1.53):[/srv/salt/base/init]2017-01-01 21:29:12 root w
[root@master init]#
通过配置文件管理,如下书写
[root@master init]# cat audit.sls
/etc/bashrc:
file.append:
- text:
- export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
[root@master init]#
现在已经写了3个用于初始化的脚本
dns.sls
history.sls
audit.sls
4、在写一个关于修改内核的脚本
saltstack提供了一个改内核参数的模块,可以使用这个模块配置它
直接vim /etc/sysctl 这个文件不是特别好的方法 因为下面这些机器的比如下面参数是根据自己的内存自动生成的,肯定不会是所有机器一样 直接修改这个文件不是特别好,但是可以往里面加东西
saltstack提供了一个改内核参数的模块,可以使用这个模块配置它
先查看下minion01的内核一些当前信息
[root@master ~]# cat /proc/sys/net/ipv4/ip_local_port_range 32768 61000 [root@master ~]# cat /proc/sys/fs/file-max 199704 [root@master ~]#
在master上编辑一个修改内核参数的配置文件
[root@master init]# cat sysctl.sls
vm.swappiness:
sysctl.present:
- value: 0
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 65000
fs.file-max:
sysctl.present:
- value: 100000
[root@master init]#
5、对以上配置管理文件进行统一管理
再写个sls,把上面这些文件全包含进去,这样的好处在于我们不必把所有初始化的文件都写在一个配置文件里,不方便管理,耦合性太高也容易出错
[root@master init]# cat env_init.sls include: - init.dns - init.history - init.audit - init.sysctl [root@master init]# ll total 24 -rw-r--r-- 1 root root 173 Jan 1 21:39 audit.sls -rw-r--r-- 1 root root 131 Jan 1 21:20 dns.sls -rw-r--r-- 1 root root 70 Jan 1 22:00 env_init.sls drwxr-xr-x 2 root root 4096 Jan 1 21:21 files -rw-r--r-- 1 root root 88 Jan 1 21:25 history.sls -rw-r--r-- 1 root root 174 Jan 1 21:55 sysctl.sls [root@master init]#
编辑top.sls文件
[root@master init]# cd ..
[root@master base]# pwd
/srv/salt/base
[root@master base]# ls
init top.sls
[root@master base]# vim top.sls
[root@master base]# cat top.sls
base:
'*':
- init.env_init
[root@master base]#
先模拟执行下,它不会实际执行,但是会检测一些配置文件语法,以及目录是否存在,非常推荐
salt '*' state.highstate test=True
如下先测试执行
[root@master base]# salt '*' state.highstate test=True
minion01:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: The file /etc/resolv.conf is in the correct state
Started: 22:05:48.111142
Duration: 7.639 ms
Changes:
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 22:05:48.118875
Duration: 1.63 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,4 @@
unset i
unset -f pathmunge
alias grep='grep --colour=auto'
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 22:05:48.120587
Duration: 2.44 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,4 @@
unset pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness set to be changed to 0
Started: 22:05:48.141832
Duration: 16.828 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range set to be changed to 10000 65000
Started: 22:05:48.158827
Duration: 18.668 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max set to be changed to 100000
Started: 22:05:48.177674
Duration: 14.656 ms
Changes:
Summary
------------
Succeeded: 6 (unchanged=5, changed=2)
Failed: 0
------------
Total states run: 6
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: None
Comment: The file /etc/resolv.conf is set to be changed
Started: 22:05:48.134972
Duration: 12.997 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,3 @@
# Generated by NetworkManager
-nameserver 10.0.1.111
+nameserver 10.0.1.11
#create by zyx
-#CentOS
----------
ID: /etc/profile
Function: file.append
Result: None
Comment: File /etc/profile is set to be updated
Started: 22:05:48.148060
Duration: 1.399 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,4 @@
unset i
unset -f pathmunge
alias grep='grep --colour=auto'
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: None
Comment: File /etc/bashrc is set to be updated
Started: 22:05:48.149538
Duration: 2.107 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,4 @@
unset pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: None
Comment: Sysctl option vm.swappiness set to be changed to 0
Started: 22:05:48.160959
Duration: 18.914 ms
Changes:
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: None
Comment: Sysctl option net.ipv4.ip_local_port_range set to be changed to 10000 65000
Started: 22:05:48.180074
Duration: 19.039 ms
Changes:
----------
ID: fs.file-max
Function: sysctl.present
Result: None
Comment: Sysctl option fs.file-max set to be changed to 100000
Started: 22:05:48.199277
Duration: 24.507 ms
Changes:
Summary
------------
Succeeded: 6 (unchanged=6, changed=3)
Failed: 0
------------
Total states run: 6
[root@master base]#
测试没有报错,再执行,执行成功
[root@master base]# salt '*' state.highstate
minion02:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf updated
Started: 22:14:43.627474
Duration: 10.609 ms
Changes:
----------
diff:
---
+++
@@ -1,4 +1,3 @@
# Generated by NetworkManager
-nameserver 10.0.1.111
+nameserver 10.0.1.11
#create by zyx
-#CentOS
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 22:14:43.638288
Duration: 1.464 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,4 @@
unset i
unset -f pathmunge
alias grep='grep --colour=auto'
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 22:14:43.639836
Duration: 2.311 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,4 @@
unset pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 22:14:43.642987
Duration: 20.94 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 22:14:43.664127
Duration: 29.233 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 22:14:43.693544
Duration: 57.214 ms
Changes:
----------
fs.file-max:
100000
Summary
------------
Succeeded: 6 (changed=6)
Failed: 0
------------
Total states run: 6
minion01:
----------
ID: /etc/resolv.conf
Function: file.managed
Result: True
Comment: File /etc/resolv.conf is in the correct state
Started: 22:14:43.624330
Duration: 7.383 ms
Changes:
----------
ID: /etc/profile
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 22:14:43.631814
Duration: 1.944 ms
Changes:
----------
diff:
---
+++
@@ -77,3 +77,4 @@
unset i
unset -f pathmunge
alias grep='grep --colour=auto'
+export HISTTIMEFORMAT="%F %T `whoami`"
----------
ID: /etc/bashrc
Function: file.append
Result: True
Comment: Appended 1 lines
Started: 22:14:43.633859
Duration: 2.36 ms
Changes:
----------
diff:
---
+++
@@ -84,3 +84,4 @@
unset pathmunge
fi
# vim:ts=4:sw=4
+export PROMPT_COMMAND='{ msg=$(history 1 | { read x y;echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
----------
ID: vm.swappiness
Function: sysctl.present
Result: True
Comment: Updated sysctl value vm.swappiness = 0
Started: 22:14:43.637105
Duration: 22.344 ms
Changes:
----------
vm.swappiness:
0
----------
ID: net.ipv4.ip_local_port_range
Function: sysctl.present
Result: True
Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
Started: 22:14:43.660304
Duration: 26.502 ms
Changes:
----------
net.ipv4.ip_local_port_range:
10000 65000
----------
ID: fs.file-max
Function: sysctl.present
Result: True
Comment: Updated sysctl value fs.file-max = 100000
Started: 22:14:43.686990
Duration: 57.781 ms
Changes:
----------
fs.file-max:
100000
Summary
------------
Succeeded: 6 (changed=5)
Failed: 0
------------
Total states run: 6
[root@master base]#
在minion上验证测试,由于涉及到环境变量的更改,需要断开终端重新连接
测试没问题
[root@minion01 ~]# history | tail 293 2017-01-01 22:16:21 rootrpm -qa httpd 294 2017-01-01 22:16:21 rootrpm -qa httpd-devel 295 2017-01-01 22:16:21 rootchkconfig --list httpd 296 2017-01-01 22:16:21 rootps -ef |grep yum 297 2017-01-01 22:16:21 rootps -ef | grep httpd 298 2017-01-01 22:16:21 rootsalt --version 299 2017-01-01 22:16:21 rootsalt-call --version 300 2017-01-01 22:16:21 rootsalt-minion --version 301 2017-01-01 22:16:21 rootcat /etc/resolv.conf 302 2017-01-01 22:16:21 roothistory | tail [root@minion01 ~]# tail -1 /var/log/messages Jan 1 22:16:23 minion01 root: [euid=root]:root pts/0 2017-01-01 22:16 (10.0.1.53):[/root]2017-01-01 22:16:21 roothistory | tail [root@minion01 ~]# cat /proc/sys/net/ipv4/ip_local_port_range 10000 65000 [root@minion01 ~]# cat /proc/sys/fs/file-max 100000 [root@minion01 ~]#
上面内核的修改,不仅直接生效了,在配置文件里也变更了
[root@minion01 ~]# tail -3 /etc/sysctl.conf vm.swappiness = 0 net.ipv4.ip_local_port_range = 10000 65000 fs.file-max = 100000 [root@minion01 ~]# cat /etc/resolv.conf # Generated by NetworkManager nameserver 10.0.1.11 #create by zyx [root@minion01 ~]#