用Cfengine自动化基础架构进行系统管理(1)(3)
清单 4. 示例 update.cf
####################################################### ### update.cf – config file used by the base delivery system ####################################################### bundle agent update { vars: "master_inputs" string => "/var/cfmasterfiles/inputs"; "master_scripts" string => "/var/cfmasterfiles/scripts"; "master_ppkeys" string => "/var/cfmasterfiles/ppkeys"; "master_server" slist => { "localhost" }; redhat|centos:: "update_crontab" string => "/var/spool/cron/root"; SuSE:: "update_crontab" string => "/var/spool/cron/tabs/root"; #define others as needed (darwin, macOSX should support below) (!SuSE).(!redhat):: "update_crontab" string => "/var/spool/cron/crontabs/root"; classes: "exec_fix" not => regline(".*cf-execd.*","$(update_crontab)"); files: "/var/cfengine/inputs" handle => "update_inputs", comment => "Update the base inputs directory for client", perms => u_p("600"), copy_from => update_scp("$(master_inputs)","$(master_server)"), depth_search => recurse_svn("inf"), file_select => cf3_config, action => update_immediate; "/var/cfengine/scripts" handle => "update_scripts", comment => "Update the base scripts directory for client", perms => u_p("750"), copy_from => update_scp("$(master_scripts)","$(master_server)"), depth_search => recurse_svn("inf"), file_select => cf3_scripts, action => update_immediate; "/var/cfengine/ppkeys" handle => "update_ppkeys", comment => "Update the base ppkeys directory for client", perms => u_p("600"), copy_from => update_scppubs("$(master_ppkeys)","$(master_server)"), depth_search => recurse_svn("inf"), file_select => cf3_pub, action => update_immediate; exec_fix:: "$(update_crontab)" handle => "update_cron", comment => "Ensure that cron entry exists", create => "true", action => update_immediate, edit_line => update_add2cron, classes => update_repaired("updated_cron"); commands: bootstrap_mode:: "/bin/echo" args => "Running Bootstrap, version: $(sys.cf_version) Workdir is: $(sys.workdir) ", handle => "callback_bootstrap", comment => "Callback Bootstrap happened", action => update_immediate; failsafe:: "/bin/echo" args => "Running Failsafe, version: $(sys.cf_version) Workdir is: $(sys.workdir) ", handle => "callback_failsafe", comment => "Callback Failsafe happened", action => update_immediate; !bootstap.!failsafe:: "/bin/echo" args => "Running Normal, version: $(sys.cf_version) Workdir is: $(sys.workdir)", handle => "callback_normalrun", comment => "Callback Normal Run Happened", contain => update_root, action => update_immediate; } ############################################ body perms u_p(p) { mode => "$(p)"; } body depth_search recurse_svn(d) { depth => "$(d)"; exclude_dirs => { "\.svn" }; } ############################################ add_cron:: "Added a 15 minute schedule to crontab"; } body file_select cf3_config { leaf_name => { "^.svn", ".*\.cf" , ".*\.sh" }; file_result => "leaf_name"; } body file_select cf3_scripts { leaf_name => { ".*\.sh", ".*.py" }; file_result => "leaf_name"; } body file_select cf3_pub { leaf_name => { "^localhost*", ".*\.pub" }; file_result => "leaf_name"; } ######################################################### body copy_from update_scp(from,server) { source => "$(from)"; servers => { "$(server)" }; compare => "digest"; verify => "true"; purge => "true"; trustkey => "true"; } body copy_from update_scppubs(from,server) { source => "$(from)"; servers => { "$(server)" }; compare => "digest"; verify => "true"; purge => "false"; trustkey => "true"; } body action update_immediate { ifelapsed => "0"; } body classes update_repaired(class) { promise_repaired => { "$(class)" }; } body action update_background { ifelapsed => "0"; action_policy => "fix"; } body contain update_root { exec_owner => "root"; useshell => "true"; } ######################################################### # bundle for bodies ######################################################### bundle edit_line update_add2cron { classes: "add_cron" not => regline("^#*[CF3 normal run]","$(edit.filename)"); insert_lines: add_cron:: "5,15,30,45 * * * * /var/cfengine/bin/cf-execd -F #CF3 normal run"; reports: add_cron:: "Added a 15 minute schedule to crontab"; }
清单 5. 示例 site.cf
####################################################### # Copyright (C) Cfengine AS # This file is part of Cfengine 3 # site.cf - Site specific promises ####################################################### bundle common g { vars: !failsafe||!bootstrap:: "message" string => "All Looks good"; bootstrap:: "message" string => "Running bootstrap"; failsafe:: "message" string => "Running Failsafe"; } ####################################################### # General site issues can be in bundles like this one ####################################################### bundle agent main { ### This would be a place to add something new! commands: cfengine_3_1_4:: "/bin/echo" args => "Example Command with message param: '$(g.message)'", handle => "echo_command", comment => "Example of the echo command", action => local_immediate, classes => local_define("cmd_1","life"); } ####################################################### # Garbage collection issues ####################################################### bundle agent garbage_collection { files: "$(sys.workdir)/outputs" delete => local_tidy, file_select => local_days_old("5"), depth_search => local_recurse("inf"); }
清单 6. 示例测试执行
############################################################ # # Simple test execution – test.cf # ########################################################### body common control { bundlesequence => { "testbundle" }; } ########################################################### bundle agent testbundle { vars: "size" int => "46k"; "rand" int => randomint("33","$(size)"); commands: "/bin/echo" args => "Hello world - $(size)/$(rand)", contain => standard, classes => cdefine("followup","alert"); followup:: "/bin/ls" contain => standard; reports: alert:: "What happened?"; } ########################################################### body contain standard { exec_owner => "mark"; useshell => "true"; } ########################################################### body classes cdefine(class,alert) { promise_repaired => { "$(class)" }; repair_failed => { "$(alert)" }; }
结束语
在本文中,您了解了如何初始化一个 Cfengine V3 策略/发布服务器以及 Cfengine V3 客户端。您可以安装二进制包,也可以从源代码编译。您还了解了如何使用下载的代码为您的环境构建二进制包。另外,您也了解了一些样例配置文件来运行 Cfengine,也学习了如何检查它们的准确性以及如何将它们应用到您的运行环境。
原文:http://www.ibm.com/developerworks/cn/os-cfengine1/index.html?ca=drs-
评论暂时关闭