查看已有模块
funcd --list-modules
查看minions主机列表
func “*” list_minions
==========================================================================
1、call 模块用于运行远端minions主机的func模块,格式如下:
THE "CALL" MODULE
The "call" module is used for running func modules remotely.
Format: func"*.example.org" call
2、查看远端minions主机可以使用的module
LISTING REMOTE MODULES AVAILABLE
It’s possible to ask func minions what modules they have installed:
func "*.example.org" call system list_modules
3、查看远端可用的functions
LISTING REMOTE FUNCTIONS AVAILABLE IN AMODULE
It is also possible to ask remote func modules what functions theysupport:
func target.example.org call modulename list_methods
4、查看远端某模块功能函数的可用参数
语法:func "web1"call modulename get_method_args
func " myvmware_station.example.com" call mount get_method_args
5、定义func的输出格式【紧跟在call之后,不要在模块后,模块后为方法,参数;否则就会被作为参数,而无法执行】
OUTPUT FORMATS
The "call" command by default outputs data using a"pretty printer". Otherdisplay options include --raw, --json, and --xmlrpc, which may be
more desirable if you are running func inside another script or preferto read those display formats.
Example: func "*" call --json service inventory
===============================================================================
模块使用简介
参照:https://fedorahosted.org/func/wiki/ModulesList
Copy File 用于从master拷贝文件到远端minions,对于小文件很有用,可以替换scp。
functarget.example.org copyfile -f localfile--remotepath /remotepath/filename
PullFile
Thismodule makes it easy to pull a file (from a web/ftp server) and store itlocally.
func “*” call pullfile get http://testserver/super.conf /tmp/file1.txt
CommandModule
func target.example.org call command exists /bin/foo
func target.example.org call command run "/bin/foo arg1 arg2arg3"
注意判定文件是否存在时,执行func命令的用户要对该文件有执行权限,如下示例:【所以func只可以判定目录、可执行文件存在与否】
[root@Master_station install]# func"myvmware_station.example.com" call command exists /tmp/f1 【/tmp/f1 是普通文件】
{'myvmware_station.example.com': False}
[root@Master_station install]#
[root@Master_station install]# func"myvmware_station.example.com" call command run "chmod u+x/tmp/f1" 【为/tmp/f1 添加可执行权限】
('myvmware_station.example.com', [0, '',''])
[root@Master_station install]# func"myvmware_station.example.com" call command exists /tmp/f1
{'myvmware_station.example.com': True}
[root@Master_station install]#
[root@Master_station install]# func"myvmware_station.example.com" call command exists /etc 【判定 /etc 存在与否】
{'myvmware_station.example.com': True}
[root@Master_station install]#
[root@Master_station install]# func"myvmware_station.example.com" call command run "ls -dl /etc/" 【查看目录权限】
('myvmware_station.example.com',
[0,'drwxr-xr-x. 103 root root 12288 Oct 10 10:43 /etc/\n', ''])
CpuModule
func target.example.org call cpu usage
func target.example.org call cpu jiffies
DiskModule
functarget.example.org call disk usage
HardwareModule
functarget.example.org call hardware info
NetworkTest
Takes in all commands that ping takes via*args magic. You must define -c!【必须定义 -c】
func “*” call networktest ping www.baidu.com -c 2
func“*” call networktest netstat
func“*” call networktest isportopen localhost22 【所有minions本机的22端口开放情况】
Iptablesmodule
Theiptables module can be used to make basic changes in your firewallconfiguration. It currently only supports modifying filter table.【目前仅支持filter表】
func"*" call iptables policy
[root@Master_station~]# func "*" call iptables drop_from 192.168.0.10 【丢弃来自192.168.0.10的包】
{'myvmware_station.example.com': 0, 'myvmware_station2.example.com':0}
[root@Master_station ~]# func"myvmware_station2.example.com" call iptables.port drop_to 53192.168.0.0/24 udp src 【丢弃到192.168.0.0/24的udp 53端口的数据包。】
{'myvmware_station2.example.com': 0}
Set default policy for OUTPUT:
func '*' call iptables policy OUTPUT DROP
Run '/sbin/iptables' command with arguments given.
func '*' calliptables run "-L INPUT"
func '*' call command run"iptables -nvL"
Mount Module
func target.example.org call mount /dev/device /path/to/dir
ProcessModule
functarget.example.org call process info "aux"
func target.example.org call process mem
func "*" call process pkill nginx -9 杀掉所有minions主机的nginx进程
func "*" call process kill firefox-bin SIGHUP
Service Module
functarget.example.org call service start httpd
Sysctl Module
Configure your minions kernel parameters at runtime.
Command line usage:
func"*" call sysctl list
func"*" call sysctl get
func"*" call sysctl set
YumcmdModule
func target.example.org call yumcmd check_update
func target.example.org call yumcmd install [pkg]
func target.example.org call yumcmd update [pkg]
func target.example.org call yumcmd remove [pkg]
生产应用场景示例:
想更改所有linux主机的监控由以前的常数检测,改为通过传参来实现更合理监控,通过func管理,脚本来实现。
1、为所有minions主机拷贝脚本文件
func "web_*" copyfile -f /tmp/check_disk.sh --remotepath=/tmp/file1
判断文件是否存在【是否上传成功】
func "web_*"call command exists /tmp/file1
2、在所有minions主机上执行脚本
func "web_*"call command run " /tmp/file1"
删除使用的临时文件
func "web_*"call command run "rm /tmp/file1"
再次判断是否存在【确认是否删除成功】
func "web_*"call command exists /tmp/file1