Puppet exec资源介绍(二十六)

432423423

exec资源:
主要功能调用系统命令,完成系统管理的基础操作.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

exec { 'resource title':   command     => # (namevar) The actual command to execute.  Must either be...   creates     => # A file to look for before running the command...   cwd         => # The directory from which to run the command.  If   environment => # Any additional environment variables you want to   group       => # The group to run the command as.  This seems to...   logoutput   => # Whether to log command output in addition to...   onlyif      => # A test command that checks the state of the...   path        => # The search path used for command execution...   provider    => # The specific backend to use for this `exec...   refresh     => # An alternate command to run when the `exec...   refreshonly => # The command should only be run as a refresh...   returns     => # The expected exit code(s).  An error will be...   timeout     => # The maximum time the command should take.  If...   tries       => # The number of times execution of the command...   try_sleep   => # The time to sleep in seconds between...   umask       => # Sets the umask to be used while executing this...   unless      => # A test command that checks the state of the...   user        => # The user to run the command as.  Note that if...   # ...plus any applicable metaparameters. }

参数解释:

command:指定要执行的系统命令,必须为被执行命令的绝对路径.

creates:此参数会创建一个临时文件,当此临时文件不存在时exec调用系统命令才会执行成功,防止出现同一时刻多次执行的情况.

cwd：系统命令执行的路径,指定目录不存在,命令执行将会失败.

environment:添加系统命令的附加环境变量,也可以加入自己的path环境变量来覆盖系统的环境变量.添加多个环境变量需要使用数组指定.

group:执行命令运行的账户组.

logoutput：决定是否记录输出日志信息.默认会根据exec资源的日志等级来记录输出信息,使用on_failure时只有命令执行有误的情况下才会记录输出信息.值可以为true、false、on_failure和任何合法的日志等级.

onlyif：只有onlyif指定命令执行返回结果为0的时候,命令才会执行.

path:命令执行的搜索路径,如果path没有定义，命令使用绝对路径,路径可以以数组或以冒号分割的形式来定义.

refresh：刷新命令执行状态.

refreshonly:作为1个更新机制,当依赖的对象改变时命令才会执行.exec资源通过subscribe和refreshonly监听到依赖文件的状态，则出发exec资源的执行.

returns:指定预期的返回码,如果执行的命令返回其他的代码将会出现错误,默认是0，可以指定一个单一的值也可以指定一个包含多个值的数组.

timeout:指定命令运行的超时时间,单位为秒,如果命令执行的时间超过了timeout设定的时间,就会认为命令执行失败并且会停止该命令.设置为0表示没有超时的限制.

tries:命令执行重试次数,默认为1.设置这个值之后会重试设置的次数知道正确的代码返回.

try_sleep：设置命令重试的时间间隔,单位是秒.

user:指定执行命令的账户.

provider:目前支持posix标准、shell和windows.

示例一:

修改selinux的值.

1 2 3 4 5 6

exec {"selinux":     command => "sed -i '/^SELINUX=/s/=.*/=disabled/g' /etc/sysconfig/selinux",     path => ["/bin/","/sbin/","/usr/bin/","/usr/sbin/"],     user => root,     group => root, }

示例二:

订阅haproxy.cfg文件发生变化就重启haproxy服务：

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

class haproxy {     include haproxy::service } class haproxy::service {     file {'/etc/haproxy/haproxy.cfg':         ensure => present,         source => 'puppet:///modules/haproxy/haproxy.cfg',     }     exec {"/etc/init.d/haproxy restart":         path => ['/sbin','/bin',],         command => 'service haproxy restart',         subscribe => File['/etc/haproxy/haproxy.cfg'],         timeout => '5',         refreshonly => true,         tries   => '2',         try_sleep => '3',     } }

agent运行结果:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190

[iyunv@sh-web1 haproxy]# puppet agent -t Notice: Ignoring --listen on onetime run Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for sh-web1.localdomain Info: Applying configuration version '1508344014' Notice: /Stage[main]/Haproxy::Service/File[/etc/haproxy/haproxy.cfg]/content: --- /etc/haproxy/haproxy.cfg2017-10-19 00:19:21.116720774 +0800 +++ /tmp/puppet-file20171019-127476-1tpjcag-02017-10-19 00:26:55.400720142 +0800 @@ -1,86 +1,86 @@ -#--------------------------------------------------------------------- -# Example configuration for a possible web application.  See the -# full configuration options online. -# -#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt -# -#--------------------------------------------------------------------- - -#--------------------------------------------------------------------- -# Global settings -#--------------------------------------------------------------------- -global -    # to have these messages end up in /var/log/haproxy.log you will -    # need to: -    # -    # 1) configure syslog to accept network log events.  This is done -    #    by adding the '-r' option to the SYSLOGD_OPTIONS in -    #    /etc/sysconfig/syslog -    # -    # 2) configure local2 events to go to the /var/log/haproxy.log -    #   file. A line like the following can be added to -    #   /etc/sysconfig/syslog -    # -    #    local2.*                       /var/log/haproxy.log -    # -    log         127.0.0.1 local2 - -    chroot      /var/lib/haproxy -    pidfile     /var/run/haproxy.pid -    maxconn     4000 -    user        haproxy -    group       haproxy -    daemon - -    # turn on stats unix socket -    stats socket /var/lib/haproxy/stats - -#--------------------------------------------------------------------- -# common defaults that all the 'listen' and 'backend' sections will -# use if not designated in their block -#--------------------------------------------------------------------- -defaults -    mode                    http -    log                     global -    option                  httplog -    option                  dontlognull -    option http-server-close -    option forwardfor       except 127.0.0.0/8 -    option                  redispatch -    retries                 5 -    timeout http-request    10s -    timeout queue           1m -    timeout connect         10s -    timeout client          1m -    timeout server          1m -    timeout http-keep-alive 10s -    timeout check           10s -    maxconn                 3000 - -#--------------------------------------------------------------------- -# main frontend which proxys to the backends -#--------------------------------------------------------------------- -frontend  main *:5000 -    acl url_static       path_beg       -i /static /images /javascript /stylesheets -    acl url_static       path_end       -i .jpg .gif .png .css .js - -    use_backend static          if url_static -    default_backend             app - -#--------------------------------------------------------------------- -# static backend for serving up images, stylesheets and such -#--------------------------------------------------------------------- -backend static -    balance     roundrobin -    server      static 127.0.0.1:4331 check - -#--------------------------------------------------------------------- -# round robin balancing between the various backends -#--------------------------------------------------------------------- -backend app -    balance     roundrobin -    server  app1 127.0.0.1:5001 check -    server  app2 127.0.0.1:5002 check -    server  app3 127.0.0.1:5003 check -    server  app4 127.0.0.1:5004 check - +#--------------------------------------------------------------------- +# Example configuration for a possible web application.  See the +# full configuration options online. +# +#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt +# +#--------------------------------------------------------------------- + +#--------------------------------------------------------------------- +# Global settings +#--------------------------------------------------------------------- +global +    # to have these messages end up in /var/log/haproxy.log you will +    # need to: +    # +    # 1) configure syslog to accept network log events.  This is done +    #    by adding the '-r' option to the SYSLOGD_OPTIONS in +    #    /etc/sysconfig/syslog +    # +    # 2) configure local2 events to go to the /var/log/haproxy.log +    #   file. A line like the following can be added to +    #   /etc/sysconfig/syslog +    # +    #    local2.*                       /var/log/haproxy.log +    # +    log         127.0.0.1 local2 + +    chroot      /var/lib/haproxy +    pidfile     /var/run/haproxy.pid +    maxconn     4000 +    user        haproxy +    group       haproxy +    daemon + +    # turn on stats unix socket +    stats socket /var/lib/haproxy/stats + +#--------------------------------------------------------------------- +# common defaults that all the 'listen' and 'backend' sections will +# use if not designated in their block +#--------------------------------------------------------------------- +defaults +    mode                    http +    log                     global +    option                  httplog +    option                  dontlognull +    option http-server-close +    option forwardfor       except 127.0.0.0/8 +    option                  redispatch +    retries                 3 +    timeout http-request    10s +    timeout queue           1m +    timeout connect         10s +    timeout client          1m +    timeout server          1m +    timeout http-keep-alive 10s +    timeout check           10s +    maxconn                 3000 + +#--------------------------------------------------------------------- +# main frontend which proxys to the backends +#--------------------------------------------------------------------- +frontend  main *:5000 +    acl url_static       path_beg       -i /static /images /javascript /stylesheets +    acl url_static       path_end       -i .jpg .gif .png .css .js + +    use_backend static          if url_static +    default_backend             app + +#--------------------------------------------------------------------- +# static backend for serving up images, stylesheets and such +#--------------------------------------------------------------------- +backend static +    balance     roundrobin +    server      static 127.0.0.1:4331 check + +#--------------------------------------------------------------------- +# round robin balancing between the various backends +#--------------------------------------------------------------------- +backend app +    balance     roundrobin +    server  app1 127.0.0.1:5001 check +    server  app2 127.0.0.1:5002 check +    server  app3 127.0.0.1:5003 check +    server  app4 127.0.0.1:5004 check + Info: Computing checksum on file /etc/haproxy/haproxy.cfg Info: /Stage[main]/Haproxy::Service/File[/etc/haproxy/haproxy.cfg]: Filebucketed /etc/haproxy/haproxy.cfg to puppet with sum 395150f853e91c149a7b18753c09a274 Notice: /Stage[main]/Haproxy::Service/File[/etc/haproxy/haproxy.cfg]/content: content changed '{md5}395150f853e91c149a7b18753c09a274' to '{md5}034aa86fec81774e5f81c691df0d92a3' Info: /Stage[main]/Haproxy::Service/File[/etc/haproxy/haproxy.cfg]: Scheduling refresh of Exec[/etc/init.d/haproxy restart] Notice: /Stage[main]/Haproxy::Service/Exec[/etc/init.d/haproxy restart]: Triggered 'refresh' from 1 events Notice: /Stage[main]/Admin/Exec[selinux]/returns: executed successfully Notice: Finished catalog run in 0.59 seconds

注意:puppet文件中改变一个参数的值更新,发现已经触发重启命令.