exec资源:
主要功能调用系统命令,完成系统管理的基础操作.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
exec
{
'resource title'
:
command
=>
# (namevar) The actual command to execute. Must either be...
creates =>
# A file to look for before running the command...
cwd =>
# The directory from which to run the command. If
environment =>
# Any additional environment variables you want to
group =>
# The group to run the command as. This seems to...
logoutput =>
# Whether to log command output in addition to...
onlyif =>
# A test command that checks the state of the...
path =>
# The search path used for command execution...
provider =>
# The specific backend to use for this `exec...
refresh =>
# An alternate command to run when the `exec...
refreshonly =>
# The command should only be run as a refresh...
returns =>
# The expected exit code(s). An error will be...
timeout =>
# The maximum time the command should take. If...
tries =>
# The number of times execution of the command...
try_sleep =>
# The time to sleep in seconds between...
umask
=>
# Sets the umask to be used while executing this...
unless =>
# A test command that checks the state of the...
user =>
# The user to run the command as. Note that if...
# ...plus any applicable metaparameters.
}
|
参数解释:
command:指定要执行的系统命令,必须为被执行命令的绝对路径.
creates:此参数会创建一个临时文件,当此临时文件不存在时exec调用系统命令才会执行成功,防止出现同一时刻多次执行的情况.
cwd:系统命令执行的路径,指定目录不存在,命令执行将会失败.
environment:添加系统命令的附加环境变量,也可以加入自己的path环境变量来覆盖系统的环境变量.添加多个环境变量需要使用数组指定.
group:执行命令运行的账户组.
logoutput:决定是否记录输出日志信息.默认会根据exec资源的日志等级来记录输出信息,使用on_failure时只有命令执行有误的情况下才会记录输出信息.值可以为true、false、on_failure和任何合法的日志等级.
onlyif:只有onlyif指定命令执行返回结果为0的时候,命令才会执行.
path:命令执行的搜索路径,如果path没有定义,命令使用绝对路径,路径可以以数组或以冒号分割的形式来定义.
refresh:刷新命令执行状态.
refreshonly:作为1个更新机制,当依赖的对象改变时命令才会执行.exec资源通过subscribe和refreshonly监听到依赖文件的状态,则出发exec资源的执行.
returns:指定预期的返回码,如果执行的命令返回其他的代码将会出现错误,默认是0,可以指定一个单一的值也可以指定一个包含多个值的数组.
timeout:指定命令运行的超时时间,单位为秒,如果命令执行的时间超过了timeout设定的时间,就会认为命令执行失败并且会停止该命令.设置为0表示没有超时的限制.
tries:命令执行重试次数,默认为1.设置这个值之后会重试设置的次数知道正确的代码返回.
try_sleep:设置命令重试的时间间隔,单位是秒.
user:指定执行命令的账户.
provider:目前支持posix标准、shell和windows.
示例一:
修改selinux的值.
1
2
3
4
5
6
|
exec
{
"selinux"
:
command
=>
"sed -i '/^SELINUX=/s/=.*/=disabled/g' /etc/sysconfig/selinux"
,
path => [
"/bin/"
,
"/sbin/"
,
"/usr/bin/"
,
"/usr/sbin/"
],
user => root,
group => root,
}
|
示例二:
订阅haproxy.cfg文件发生变化就重启haproxy服务:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
class haproxy {
include haproxy::service
}
class haproxy::service {
file
{
'/etc/haproxy/haproxy.cfg'
:
ensure => present,
source
=>
'puppet:///modules/haproxy/haproxy.cfg'
,
}
exec
{
"/etc/init.d/haproxy restart"
:
path => [
'/sbin'
,
'/bin'
,],
command
=>
'service haproxy restart'
,
subscribe => File[
'/etc/haproxy/haproxy.cfg'
],
timeout =>
'5'
,
refreshonly =>
true
,
tries =>
'2'
,
try_sleep =>
'3'
,
}
}
|
agent运行结果:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
|
[root@sh-web1 haproxy]
# puppet agent -t
Notice: Ignoring --listen on onetime run
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog
for
sh-web1.localdomain
Info: Applying configuration version
'1508344014'
Notice:
/Stage
[main]
/Haproxy
::Service
/File
[
/etc/haproxy/haproxy
.cfg]
/content
:
---
/etc/haproxy/haproxy
.cfg2017-10-19 00:19:21.116720774 +0800
+++
/tmp/puppet-file20171019-127476-1tpjcag-02017-10-19
00:26:55.400720142 +0800
@@ -1,86 +1,86 @@
-
#---------------------------------------------------------------------
-
# Example configuration for a possible web application. See the
-
# full configuration options online.
-
#
-
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
-
#
-
#---------------------------------------------------------------------
-
-
#---------------------------------------------------------------------
-
# Global settings
-
#---------------------------------------------------------------------
-global
-
# to have these messages end up in /var/log/haproxy.log you will
-
# need to:
-
#
-
# 1) configure syslog to accept network log events. This is done
-
# by adding the '-r' option to the SYSLOGD_OPTIONS in
-
# /etc/sysconfig/syslog
-
#
-
# 2) configure local2 events to go to the /var/log/haproxy.log
-
# file. A line like the following can be added to
-
# /etc/sysconfig/syslog
-
#
-
# local2.* /var/log/haproxy.log
-
#
- log 127.0.0.1 local2
-
- chroot
/var/lib/haproxy
- pidfile
/var/run/haproxy
.pid
- maxconn 4000
- user haproxy
- group haproxy
- daemon
-
-
# turn on stats unix socket
- stats socket
/var/lib/haproxy/stats
-
-
#---------------------------------------------------------------------
-
# common defaults that all the 'listen' and 'backend' sections will
-
# use if not designated in their block
-
#---------------------------------------------------------------------
-defaults
- mode http
- log global
- option httplog
- option dontlognull
- option http-server-close
- option forwardfor except 127.0.0.0
/8
- option redispatch
- retries 5
- timeout http-request 10s
- timeout queue 1m
- timeout connect 10s
- timeout client 1m
- timeout server 1m
- timeout http-keep-alive 10s
- timeout check 10s
- maxconn 3000
-
-
#---------------------------------------------------------------------
-
# main frontend which proxys to the backends
-
#---------------------------------------------------------------------
-frontend main *:5000
- acl url_static path_beg -i
/static
/images
/javascript
/stylesheets
- acl url_static path_end -i .jpg .gif .png .css .js
-
- use_backend static
if
url_static
- default_backend app
-
-
#---------------------------------------------------------------------
-
# static backend for serving up images, stylesheets and such
-
#---------------------------------------------------------------------
-backend static
- balance roundrobin
- server static 127.0.0.1:4331 check
-
-
#---------------------------------------------------------------------
-
# round robin balancing between the various backends
-
#---------------------------------------------------------------------
-backend app
- balance roundrobin
- server app1 127.0.0.1:5001 check
- server app2 127.0.0.1:5002 check
- server app3 127.0.0.1:5003 check
- server app4 127.0.0.1:5004 check
-
+
#---------------------------------------------------------------------
+
# Example configuration for a possible web application. See the
+
# full configuration options online.
+
#
+
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
+
#
+
#---------------------------------------------------------------------
+
+
#---------------------------------------------------------------------
+
# Global settings
+
#---------------------------------------------------------------------
+global
+
# to have these messages end up in /var/log/haproxy.log you will
+
# need to:
+
#
+
# 1) configure syslog to accept network log events. This is done
+
# by adding the '-r' option to the SYSLOGD_OPTIONS in
+
# /etc/sysconfig/syslog
+
#
+
# 2) configure local2 events to go to the /var/log/haproxy.log
+
# file. A line like the following can be added to
+
# /etc/sysconfig/syslog
+
#
+
# local2.* /var/log/haproxy.log
+
#
+ log 127.0.0.1 local2
+
+ chroot
/var/lib/haproxy
+ pidfile
/var/run/haproxy
.pid
+ maxconn 4000
+ user haproxy
+ group haproxy
+ daemon
+
+
# turn on stats unix socket
+ stats socket
/var/lib/haproxy/stats
+
+
#---------------------------------------------------------------------
+
# common defaults that all the 'listen' and 'backend' sections will
+
# use if not designated in their block
+
#---------------------------------------------------------------------
+defaults
+ mode http
+ log global
+ option httplog
+ option dontlognull
+ option http-server-close
+ option forwardfor except 127.0.0.0
/8
+ option redispatch
+ retries 3
+ timeout http-request 10s
+ timeout queue 1m
+ timeout connect 10s
+ timeout client 1m
+ timeout server 1m
+ timeout http-keep-alive 10s
+ timeout check 10s
+ maxconn 3000
+
+
#---------------------------------------------------------------------
+
# main frontend which proxys to the backends
+
#---------------------------------------------------------------------
+frontend main *:5000
+ acl url_static path_beg -i
/static
/images
/javascript
/stylesheets
+ acl url_static path_end -i .jpg .gif .png .css .js
+
+ use_backend static
if
url_static
+ default_backend app
+
+
#---------------------------------------------------------------------
+
# static backend for serving up images, stylesheets and such
+
#---------------------------------------------------------------------
+backend static
+ balance roundrobin
+ server static 127.0.0.1:4331 check
+
+
#---------------------------------------------------------------------
+
# round robin balancing between the various backends
+
#---------------------------------------------------------------------
+backend app
+ balance roundrobin
+ server app1 127.0.0.1:5001 check
+ server app2 127.0.0.1:5002 check
+ server app3 127.0.0.1:5003 check
+ server app4 127.0.0.1:5004 check
+
Info: Computing checksum on
file
/etc/haproxy/haproxy
.cfg
Info:
/Stage
[main]
/Haproxy
::Service
/File
[
/etc/haproxy/haproxy
.cfg]: Filebucketed
/etc/haproxy/haproxy
.cfg to puppet with
sum
395150f853e91c149a7b18753c09a274
Notice:
/Stage
[main]
/Haproxy
::Service
/File
[
/etc/haproxy/haproxy
.cfg]
/content
: content changed
'{md5}395150f853e91c149a7b18753c09a274'
to
'{md5}034aa86fec81774e5f81c691df0d92a3'
Info:
/Stage
[main]
/Haproxy
::Service
/File
[
/etc/haproxy/haproxy
.cfg]: Scheduling refresh of Exec[
/etc/init
.d
/haproxy
restart]
Notice:
/Stage
[main]
/Haproxy
::Service
/Exec
[
/etc/init
.d
/haproxy
restart]: Triggered
'refresh'
from 1 events
Notice:
/Stage
[main]
/Admin/Exec
[selinux]
/returns
: executed successfully
Notice: Finished catalog run
in
0.59 seconds
|
注意:puppet文件中改变一个参数的值更新,发现已经触发重启命令.