exec资源:
主要功能调用系统命令,完成系统管理的基础操作.
exec { 'resource title': command => # (namevar) The actual command to execute. Must either be... creates => # A file to look for before running the command... cwd => # The directory from which to run the command. If environment => # Any additional environment variables you want to group => # The group to run the command as. This seems to... logoutput => # Whether to log command output in addition to... onlyif => # A test command that checks the state of the... path => # The search path used for command execution... provider => # The specific backend to use for this `exec... refresh => # An alternate command to run when the `exec... refreshonly => # The command should only be run as a refresh... returns => # The expected exit code(s). An error will be... timeout => # The maximum time the command should take. If... tries => # The number of times execution of the command... try_sleep => # The time to sleep in seconds between... umask => # Sets the umask to be used while executing this... unless => # A test command that checks the state of the... user => # The user to run the command as. Note that if... # ...plus any applicable metaparameters. }
参数解释:
command:指定要执行的系统命令,必须为被执行命令的绝对路径.
creates:此参数会创建一个临时文件,当此临时文件不存在时exec调用系统命令才会执行成功,防止出现同一时刻多次执行的情况.
cwd:系统命令执行的路径,指定目录不存在,命令执行将会失败.
environment:添加系统命令的附加环境变量,也可以加入自己的path环境变量来覆盖系统的环境变量.添加多个环境变量需要使用数组指定.
group:执行命令运行的账户组.
logoutput:决定是否记录输出日志信息.默认会根据exec资源的日志等级来记录输出信息,使用on_failure时只有命令执行有误的情况下才会记录输出信息.值可以为true、false、on_failure和任何合法的日志等级.
onlyif:只有onlyif指定命令执行返回结果为0的时候,命令才会执行.
path:命令执行的搜索路径,如果path没有定义,命令使用绝对路径,路径可以以数组或以冒号分割的形式来定义.
refresh:刷新命令执行状态.
refreshonly:作为1个更新机制,当依赖的对象改变时命令才会执行.exec资源通过subscribe和refreshonly监听到依赖文件的状态,则出发exec资源的执行.
returns:指定预期的返回码,如果执行的命令返回其他的代码将会出现错误,默认是0,可以指定一个单一的值也可以指定一个包含多个值的数组.
timeout:指定命令运行的超时时间,单位为秒,如果命令执行的时间超过了timeout设定的时间,就会认为命令执行失败并且会停止该命令.设置为0表示没有超时的限制.
tries:命令执行重试次数,默认为1.设置这个值之后会重试设置的次数知道正确的代码返回.
try_sleep:设置命令重试的时间间隔,单位是秒.
user:指定执行命令的账户.
provider:目前支持posix标准、shell和windows.
示例一:
修改selinux的值.
exec {"selinux": command => "sed -i '/^SELINUX=/s/=.*/=disabled/g' /etc/sysconfig/selinux", path => ["/bin/","/sbin/","/usr/bin/","/usr/sbin/"], user => root, group => root, }
示例二:
订阅haproxy.cfg文件发生变化就重启haproxy服务:
class haproxy { include haproxy::service } class haproxy::service { file {'/etc/haproxy/haproxy.cfg': ensure => present, source => 'puppet:///modules/haproxy/haproxy.cfg', } exec {"/etc/init.d/haproxy restart": path => ['/sbin','/bin',], command => 'service haproxy restart', subscribe => File['/etc/haproxy/haproxy.cfg'], timeout => '5', refreshonly => true, tries => '2', try_sleep => '3', } }
agent运行结果:
[root@sh-web1 haproxy]# puppet agent -t Notice: Ignoring --listen on onetime run Info: Retrieving pluginfacts Info: Retrieving plugin Info: Loading facts Info: Caching catalog for sh-web1.localdomain Info: Applying configuration version '1508344014' Notice: /Stage[main]/Haproxy::Service/File[/etc/haproxy/haproxy.cfg]/content: --- /etc/haproxy/haproxy.cfg2017-10-19 00:19:21.116720774 +0800 +++ /tmp/puppet-file20171019-127476-1tpjcag-02017-10-19 00:26:55.400720142 +0800 @@ -1,86 +1,86 @@ -#--------------------------------------------------------------------- -# Example configuration for a possible web application. See the -# full configuration options online. -# -# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt -# -#--------------------------------------------------------------------- - -#--------------------------------------------------------------------- -# Global settings -#--------------------------------------------------------------------- -global - # to have these messages end up in /var/log/haproxy.log you will - # need to: - # - # 1) configure syslog to accept network log events. This is done - # by adding the '-r' option to the SYSLOGD_OPTIONS in - # /etc/sysconfig/syslog - # - # 2) configure local2 events to go to the /var/log/haproxy.log - # file. A line like the following can be added to - # /etc/sysconfig/syslog - # - # local2.* /var/log/haproxy.log - # - log 127.0.0.1 local2 - - chroot /var/lib/haproxy - pidfile /var/run/haproxy.pid - maxconn 4000 - user haproxy - group haproxy - daemon - - # turn on stats unix socket - stats socket /var/lib/haproxy/stats - -#--------------------------------------------------------------------- -# common defaults that all the 'listen' and 'backend' sections will -# use if not designated in their block -#--------------------------------------------------------------------- -defaults - mode http - log global - option httplog - option dontlognull - option http-server-close - option forwardfor except 127.0.0.0/8 - option redispatch - retries 5 - timeout http-request 10s - timeout queue 1m - timeout connect 10s - timeout client 1m - timeout server 1m - timeout http-keep-alive 10s - timeout check 10s - maxconn 3000 - -#--------------------------------------------------------------------- -# main frontend which proxys to the backends -#--------------------------------------------------------------------- -frontend main *:5000 - acl url_static path_beg -i /static /p_w_picpaths /javascript /stylesheets - acl url_static path_end -i .jpg .gif .png .css .js - - use_backend static if url_static - default_backend app - -#--------------------------------------------------------------------- -# static backend for serving up p_w_picpaths, stylesheets and such -#--------------------------------------------------------------------- -backend static - balance roundrobin - server static 127.0.0.1:4331 check - -#--------------------------------------------------------------------- -# round robin balancing between the various backends -#--------------------------------------------------------------------- -backend app - balance roundrobin - server app1 127.0.0.1:5001 check - server app2 127.0.0.1:5002 check - server app3 127.0.0.1:5003 check - server app4 127.0.0.1:5004 check - +#--------------------------------------------------------------------- +# Example configuration for a possible web application. See the +# full configuration options online. +# +# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt +# +#--------------------------------------------------------------------- + +#--------------------------------------------------------------------- +# Global settings +#--------------------------------------------------------------------- +global + # to have these messages end up in /var/log/haproxy.log you will + # need to: + # + # 1) configure syslog to accept network log events. This is done + # by adding the '-r' option to the SYSLOGD_OPTIONS in + # /etc/sysconfig/syslog + # + # 2) configure local2 events to go to the /var/log/haproxy.log + # file. A line like the following can be added to + # /etc/sysconfig/syslog + # + # local2.* /var/log/haproxy.log + # + log 127.0.0.1 local2 + + chroot /var/lib/haproxy + pidfile /var/run/haproxy.pid + maxconn 4000 + user haproxy + group haproxy + daemon + + # turn on stats unix socket + stats socket /var/lib/haproxy/stats + +#--------------------------------------------------------------------- +# common defaults that all the 'listen' and 'backend' sections will +# use if not designated in their block +#--------------------------------------------------------------------- +defaults + mode http + log global + option httplog + option dontlognull + option http-server-close + option forwardfor except 127.0.0.0/8 + option redispatch + retries 3 + timeout http-request 10s + timeout queue 1m + timeout connect 10s + timeout client 1m + timeout server 1m + timeout http-keep-alive 10s + timeout check 10s + maxconn 3000 + +#--------------------------------------------------------------------- +# main frontend which proxys to the backends +#--------------------------------------------------------------------- +frontend main *:5000 + acl url_static path_beg -i /static /p_w_picpaths /javascript /stylesheets + acl url_static path_end -i .jpg .gif .png .css .js + + use_backend static if url_static + default_backend app + +#--------------------------------------------------------------------- +# static backend for serving up p_w_picpaths, stylesheets and such +#--------------------------------------------------------------------- +backend static + balance roundrobin + server static 127.0.0.1:4331 check + +#--------------------------------------------------------------------- +# round robin balancing between the various backends +#--------------------------------------------------------------------- +backend app + balance roundrobin + server app1 127.0.0.1:5001 check + server app2 127.0.0.1:5002 check + server app3 127.0.0.1:5003 check + server app4 127.0.0.1:5004 check + Info: Computing checksum on file /etc/haproxy/haproxy.cfg Info: /Stage[main]/Haproxy::Service/File[/etc/haproxy/haproxy.cfg]: Filebucketed /etc/haproxy/haproxy.cfg to puppet with sum 395150f853e91c149a7b18753c09a274 Notice: /Stage[main]/Haproxy::Service/File[/etc/haproxy/haproxy.cfg]/content: content changed '{md5}395150f853e91c149a7b18753c09a274' to '{md5}034aa86fec81774e5f81c691df0d92a3' Info: /Stage[main]/Haproxy::Service/File[/etc/haproxy/haproxy.cfg]: Scheduling refresh of Exec[/etc/init.d/haproxy restart] Notice: /Stage[main]/Haproxy::Service/Exec[/etc/init.d/haproxy restart]: Triggered 'refresh' from 1 events Notice: /Stage[main]/Admin/Exec[selinux]/returns: executed successfully Notice: Finished catalog run in 0.59 seconds
注意:puppet文件中改变一个参数的值更新,发现已经触发重启命令.