puppet學習筆記之node/package/service/file/user/group/cron/exec管理
#節點管理;
node 'c1','c2','c3' {
include package::install
include services::system
include services::lamp
include privileges
include software::distribution
include directory::distribution
include user::add
include user::delete
#include group::add
include group::delete
include crontab
include exec::shell
}
########################################################
#軟件包管理;
#以數組的方式來定義須要安裝的軟件包;
class package::install {
package { ["nmap","telnet","mlocate","vim-enhanced","wget","bison","httpd","mysql","mysql-server"]:
ensure => latest,
allow_virtual => false,
}
}
######################################################
#系統服務管理;
#有些人iptalbes的running測試沒成功,stopped 測試OK,不知道爲何?
#這是因爲您停掉iptables後,再使用iptables -nL命令查看iptables的狀態致使,不信您能夠測試一下,這是血的教訓哈;
class services::system {
service {
["iptables","auditd","sshd","crond","rsyslog"]:
ensure => 'running',
#ensure => 'stopped',
hasstatus => true,
hasrestart => true,
path => "/etc/init.d",
enable => "true", #設置開機自啓動;
#start => "/etc/init.d/iptables start";
}
}
class services::lamp {
service {"/etc/init.d/mysqld":
name => "mysqld",
ensure => 'running',
hasstatus => true,
hasrestart => true,
path => "/etc/init.d",
enable => "true", #設置開機自啓動;
#start => "/etc/init.d/mysqld start";
}
service {
"httpd":
ensure => "running",
}
}
#######################################################
#文件及目錄管理;
#文件權限(4種方式);
class privileges {
File { #統一設置文件默認屬性;
ensure => present,
owner => "apache",
group => "apache",
mode => "644",
}
file {
"www":
path => "/var/www/html/",
recurse => true,
}
file {
#ensure => present|absent|file|directory|link,
["/etc/passwd","/etc/shadow","/etc/resolv.conf"]: #數組方式自定義文件屬性;
owner => "root",
group => "root",
mode => "644";
"/etc/ssh/sshd_config": #title=name方式自定義文件屬性;
owner => "root",
group => "root",
mode => "600";
"hosts": #title!=name方式自定義文件屬;
name => "/etc/hosts",
owner => "root",
g roup => "root",
mode => "644";
}
}
#文件分發;
#須要先配置文件服務,編輯/etc/puppet/fileserver.conf文件;
#若是服務端的文件有更改,客戶端會從新同步;同理,若是客戶端的文件被改動,一樣會從新同步,以服務端的文件爲準;
class software::distribution {
file {
["/data","/data/backup","/data/share"]:
ensure => "directory";
}
file {
"key.sql":
name => "key.sql",
path => "/data/share/key.sql",
source => "puppet://puppet-master-180/files/key.sql",
}
file {
"optimize.sh":
path => "/data/share/cname.sh",#客戶端路徑及文件名能夠隨意指定,只要目錄存在便可;
source => "puppet://puppet-master-180/files/optimize.sh",
backup => ".bak_$uptime_seconds",#存在同名文件,MD5值不一樣,先備份再覆蓋;
}
file {
"httpd.conf":
path => "/etc/httpd/conf/httpd.conf",
source => "puppet://puppet-master-180/conf/httpd.conf",
backup => ".bak_$uptime_seconds",
}
exec {
"service httpd restart":
command => "service httpd restart",
path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",
subscribe => File["httpd.conf"],
refreshonly => "true";#當上面定義的httpd.conf文件有變化的時候,觸發重啓服務的指令;
}
}
#目錄分發;
#須要先配置目錄服務,編輯/etc/puppet/fileserver.conf文件;
class directory::distribution {
file {
"soft":
name => "soft",
path => "/data/soft",
source => "puppet://puppet-master-180/directory/soft",
recurse => true, #在遠程和本地都進行遞歸調用;
}
}
#########################################################
#用戶管理;
#puppet默認不會在/home目錄下建立用戶的家目錄;
#新增用戶不用指定gid,因爲gid不存在,會報錯,默認會自動建立跟uid同樣的gid;
#Password的值用grub-md5-crypt生成,而且注意用單引號把它括起來;
class user::add {
user {"add user":
name => "nd",
uid => 2015,
#gid => 2015,
password => '$1$zHS7H$zF6NeOpE.ruAfwn5V8bEg/',
home => "/home/nd",
shell => "/bin/bash",
allowdupe => false, #不容許相同的UID存在;
}
}
class user::delete {
user {
["lp","games","ftp"]:
ensure => "absent",
}
}
######################################################
#用戶組管理;
class group::add {
group {
"add group":
ensure => "present",
name => "csgroup",
gid => "2010",
allowdupe => false,
}
}
class group::delete {
group {
["lp","games","ftp"]:
ensure => "absent",
}
}
#####################################################
#計劃任務;
#到客戶端使用命令:crontab -l 查詢結果;
class crontab {
cron {
"sync ntpdate":
command => "sh /tmp/shell.sh",
user => "root",
minute => "03",
hour => "03",
}
}
#######################################################
#執行外部命令及腳本管理;
class exec::shell {
exec {
"ntpdate":
cwd => "/tmp",
command => "sh /tmp/shell.sh",#客戶端腳本必須存在,不然會報錯;
user => "root",
path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",
}
exec {
"exec-mkdir-test":
#cwd => "/data/share",#命令執行的路徑,如指定的路徑不存在,命令執行將失敗,系統命令部分可不用指定;
command => "mkdir -p /data/share/{test,test1,test2}",
user => "root",
path => "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin",
}
}
#END
相關文章
- 1. puppet學習筆記
- 2. Puppet學習之文件管理
- 3. Puppet學習之cron任務的管理
- 4. Puppet學習筆記(CentOS6.3+Puppet3.01)
- 5. STM32之內存管理 學習筆記
- 6. tomcat 學習筆記之 Session管理
- 7. Linux學習筆記之系統管理
- 8. saltstack學習筆記之crond管理
- 9. Linux學習筆記之服務管理
- 10. MYSQL學習筆記2---之MySQL 管理
- 更多相關文章...
- • Swarm 集羣管理 - Docker教程
- • Maven 依賴管理 - Maven教程
- • Tomcat學習筆記(史上最全tomcat學習筆記)
- • 適用於PHP初學者的學習線路和建議
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. Duang!超快Wi-Fi來襲
- 2. 機器學習-補充03 神經網絡之**函數(Activation Function)
- 3. git上開源maven項目部署 多module maven項目(多module maven+redis+tomcat+mysql)後臺部署流程學習記錄
- 4. ecliple-tomcat部署maven項目方式之一
- 5. eclipse新導入的項目經常可以看到「XX cannot be resolved to a type」的報錯信息
- 6. Spark RDD的依賴於DAG的工作原理
- 7. VMware安裝CentOS-8教程詳解
- 8. YDOOK:Java 項目 Spring 項目導入基本四大 jar 包 導入依賴,怎樣在 IDEA 的項目結構中導入 jar 包 導入依賴
- 9. 簡單方法使得putty(windows10上)可以免密登錄樹莓派
- 10. idea怎麼用本地maven
歡迎關注本站公眾號,獲取更多信息
