说明:
变量定义后可以直接调用变量名称使用范例:
$etcd_controller1='10.100.84.22' $etcd_controller2='10.100.84.23' $etcd_controller3='10.100.84.24' $etcd_host1='gx-yun-084022.vclound.com' $etcd_host2='gx-yun-084023.vclound.com' $etcd_host3='gx-yun-084024.vclound.com' $etcd_connect="$etcd_host1=http://$etcd_host1:2380,$etcd_host2=http://$etcd_host2:2380,$etcd_host3=http://$etcd_host3:2380" $etcdcluster="$etcd_controller1:2379,$etcd_controller2:2379,$etcd_controller3:2379"说明:
1. 对主机地址进行匹配, (可以利用 case , if 的方式进行判断, 效果一样) 2. 针对不同的主机, 定义不同的变量使用范例
$myipaddress=$ipaddress_vlanbr0 if $myipaddress =~ /^10\.201\.\\*/ { $ntpserver = '10.201.100.21' } elsif $myipaddress =~ /^10\.200\.\\*/ { $ntpserver = '10.200.100.21' } elsif $myipaddress =~ /^10\.205\.\\*/ { $ntpserver = '10.205.100.25' } elsif $myipaddress =~ /^192\.168\.\\*/ { $ntpserver = [ '10.199.129.21', '10.199.129.22' ] } elsif $myipaddress =~ /^10\.100\.\\*/ { $ntpserver = [ '10.199.129.21', '10.199.129.22' ] }作用:
1. 对主机地址进行匹配, 2. 利用匹配规则, 令不同的主机执行不同的命令范例:
case $myipaddress { $etcd_controller1, $etcd_controller2, $etcd_controller3 : { exec { 'exit': user => root, group => root, path => '/bin:/sbin:/usr/bin:/usr/sbin', unless => [ "/usr/bin/nmap $fqdn -p 2380 | /usr/bin/grep -o open" ], require => [ Package['nmap'], Class['initial'], Class['etcd::service'] ], } } default : { exec { 'exit': user => root, group => root, path => '/bin:/sbin:/usr/bin:/usr/sbin', unless => [ "/usr/bin/nmap $etcd_controller1 -p 2380 | /usr/bin/grep -o open && /usr/bin/nmap $etcd_controller2 -p 2380 | /usr/bin/grep -o open && /usr/bin/nmap $etcd_controller3 -p 2380 | /usr/bin/grep -o open" ], require => Package['nmap'], } } }参考下面语法 (config.pp)
convoy_config { 'Service/LimitMEMLOCK': value => $convoyLimitMEMLOCK; 'Service/LimitSTACK': value => $convoyLimitSTACK; 'Service/LimitNPROC': value => $convoyLimitNPROC; 'Service/LimitNOFILE': value => $convoyLimitNOFILE; 'Service/LimitCORE': value => $convoyLimitCORE; }当执行 puppet 后, 可以得到下面的常见的配置文件配置结果 (实际会得到 等号后的变量值 )
[Service] LimitMEMLOCK = $convoyLimitMEMLOCK LimitSTACK = $convoyLimitSTACK LimitNPROC = $convoyLimitNPROC LimitNOFILE = $convoyLimitNOFILE LimitCORE = $convoyLimitCORE要使用这样的配置方法, 必须添加下面两个模块库文件
/etc/puppet/modules/convoy ├── lib │ └── puppet │ ├── provider │ │ └── convoy_config │ │ └── ini_setting.rb <- 添加 │ └── type │ └── convoy_config.rb <- 添加 ├── manifests │ ├── config.pp <- 添加后, 配置才生效 │ ├── directlvm.pp │ ├── init.pp/etc/puppet/modules/convoy/lib/puppet/provider/convoy_config/ini_setting.rb
Puppet::Type.type(:convoy_config).provide( :ini_setting, :parent => Puppet::Type.type(:ini_setting).provider(:ruby) ) do def section resource[:name].split('/', 2).first end def setting resource[:name].split('/', 2).last end def separator '=' end def self.file_path '/usr/lib/systemd/system/convoy.service' end def file_path self.class.file_path end end/etc/puppet/modules/convoy/lib/puppet/type/convoy_config.rb
Puppet::Type.newtype(:convoy_config) do ensurable newparam(:name, :namevar => true) do desc 'Section/setting name to manage from /usr/lib/systemd/system/convoy.service' newvalues(/\S+\/\S+/) end newproperty(:value) do desc 'The value of the setting to be defined.' munge do |value| value = value.to_s.strip value.capitalize! if value =~ /^(true|false)$/i value end end end模块下载位置
https://github.com/crayfishx/puppet-firewalld配置语法 一段端口配置方法
firewalld_port { 'Open port 1000-50000 in the public zone tcp': ensure => present, zone => 'public', port => 1000-50000, protocol => 'tcp', } firewalld_port { 'Open port 1000-50000 in the public zone udp': ensure => present, zone => 'public', port => 1000-50000, protocol => 'udp', }一个端口配置方法
firewalld_port { 'Open port 2476 in the public zone': ensure => present, zone => 'public', port => 2476, protocol => 'tcp', } firewalld_port { 'Open port 8080 in the public zone': ensure => present, zone => 'public', port => 8080, protocol => 'tcp', } 相关资源:七夕情人节表白HTML源码(两款)