saltstack-系统初始化
1 . 编写resolv.conf(dns) 文件# cat /srv/salt/system/dns/dns.sls /etc/resolv.conf: file.managed: - source: salt://system/dns/resolv.conf - user: root - group: root - mode: 6442 . 给历史命令(history)添加时间# cat /srv/salt/system/history/history.sls /etc/profile: file.append: - text: - export HISTTIMEFORMAT="%F %T `whoami`"
3 . 编写命令审计功能# cat audit.sls /etc/bashrc file.append: - text: - export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "":$(who am i):[`pwd`]"$msg"; }'
4 .更改内核参数# cat sysctl.sls vm.swappiness: sysctl.present: - value: 0 net.ipv4.ip_local_port_range: sysctl.present: - value: 10000 65000 fs.file-max: sysctl.present: - value: 100000
5.集中管理上面4个配置文件# cat /srv/salt/system/init.sls include: - system.dns - system.history- system.audit - system.sysctl
6.执行salt# salt '*' state.slssystem.dnssystem.historysystem.auditsystem.sysctl
7.查看minion端是否执行成功# salt '*' cmd.run 'cat /etc/resolv.conf' salt-minion: nameserver 8.8.8.8
页:
[1]