Func is the unified network controller of the red hat company Fedora platform.
FuncFedora UnifiedNetwork Controller https://fedorahosted.org/func), designed to solve this series of unified management and monitoring issues and developed the basic framework of system management. Tools that can effectively simplify the management of multi-server systems are easy to learn, easy to use, easy to expand, and powerful.
Func has the following features:
1. Func can manage any number of server groups at a time on the master machine.
2. Func has established a Master-Slaves Master-slave SSL Certificate Control System Based on Certmasterhttps: // fedorahosted.org/certmaster/) to automatically distribute certificates to all controlled servers.
3. the Func command line can directly send remote commands or obtain data remotely.
4. Func developers have developed most common task modules, it includes the command execution module, file transmission module, IPtables module, view hardware information module, Mount module, process module, service module, and restart system module.
5. You can easily compile the extension module through the Python API provided by Func to implement specific function extension. In addition, any work that can be done by the Func command line can be implemented through API programming.
6. Func communication is based on XMLRPC and SSL standard protocols.
System: Master: centos 5.8x86
Minion: centos 6.3x86
Configure the hosts file so that the master and minions can parse each other.
Func Installation
1. Master control side configuration
1. Install the epel yum source released by fedora,
Rpm-Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
If it fails, you can download your own version from here.
Http://fedoraproject.org/wiki/EPEL
2. Install func
Func is based on certmaster. It will be installed together in the epel source. When I install it here, I will prompt python-simplejson, I searched one on the Internet (if your source has one, you don't need to download it)
Wget ftp://ftp.pbone.net/mirror/ftp.centos.org/5.9/ OS /i386/CentOS/python-simplejson-2.0.9-8.el5.i386.rpm
Rpm-ivh python-simplejson-2.0.9-8.el5.i386.rpm
Yum install func
3. Configure certmaster
Vi/etc/certmaster. conf
# Configuration for certmasterd and certmaster-ca
[Main]
Autosign = no
Listen_addr = 192.168.15.188 # Listen to the IP address, or do not write
Listen_port = 51235 # listener port, defined by yourself
Cadir =/etc/pki/certmaster/ca
Cert_dir =/etc/pki/certmaster
Certroot =/var/lib/certmaster/certs
Csrroot =/var/lib/certmaster/csrs
Cert_extension = cert
Sync_certs = False
######################################## #######################
4. iptables allows you to start the certmaster service.
# Func
/Sbin/iptables-a input-s 192.168.15.183-p tcp -- dport 51235-j ACCEPT
/Sbin/iptables-a input-s 192.168.1.200-p tcp -- dport 51235-j ACCEPT
Note: The Master server starts the certmaster service and the control server starts the funcd service.
#/Etc/init. d/certmaster start
2 minionControlled end
1. Install epel
Version 5
Wgethttp: // mirrors.yun-idc.com/epel/5/ I #/epel-release-5-4.noarch.rpm
Rpm-ivh epel-release-5-4.noarch.rpm
Version 6
Rpm-Uvh http://mirrors.yun-idc.com/epel/6/i386/epel-release-6-8.noarch.rpm
2. Install func
Similarly, if this package is still missing, it should be less than 5.5 or below.] If your system does not report an error or missing, you can skip this step.
Wget ftp://ftp.pbone.net/mirror/ftp.centos.org/5.9/ OS /i386/CentOS/python-simplejson-2.0.9-8.el5.i386.rpm
Rpm-ivh python-simplejson-2.0.9-8.el5.i386.rpm
Yum install func
3. Mini-ons client Configuration
Vi/etc/func/minion. conf
# Configuration for minions
[Main]
Log_level = INFO # The default log level is debug.
Acl_dir =/etc/func/minion-acl.d
Listen_addr =
Listen_port = 51234 # default port monitored by the host
Minion_name =
Method_log_dir =/var/log/func/methods/
The minion listener address can be configured here. In the/etc/func/minion. conf file, this listener port is used to respond to commands sent by the master. This modification must be completed before the certificate is applied. We do not recommend that you modify the port because you do not know more about it. Retain the default port 51234 .]
Associated configuration with certmaster
Vi/etc/certmaster/minion. conf
# Configuration for minions
[Main]
Certmaster = server.puppet.com # configure the master Address or master host name to be able to parse each other]
Certmaster_port = 51235 # server listening port
Log_level = DEBUG
Cert_dir =/etc/pki/certmaster
4. Start the funcd Service
/Sbin/iptables-a input-s 192.168.15.188-p tcp -- dport 51234-j ACCEPT # Allow the master to access minions
/Etc/init. d/funcd start
After the service is started, it will automatically submit a certificate application to the master server
If the service is successfully started, no error will be reported. If any error is reported, it will be in the log/var/log/func. log,
Note: When the master connects to minions, the minions must be listened on the same port.
Funcd's listening port can be configured in/etc/func/minion. conf inthe listen_port option.
Overlord's will also check this file and setting todetermine which ports to connect to the minions with. Note that currentlyoverlord requires all minions to be listening on the same port.
If no error is reported, you can sign the certificate in step 3.
3.Certificate Signing and Verification
1. master server
Certmaster-ca-l view certificate requests
Certmaster-ca-s hostname signs the certificate. This hostname is listed in-l) signs the certificate for the client.
Certmaster-ca -- list-signed check which certificates have been signed
2. the above operations can be seen in the log. The involved logs include:
/Var/log/certmaster /*
/Var/log/func /*
3. Use the master end of the simple example)
1. List the number of minions
[Root @ Master_station ~] # Func "*" list_minions
Myvmware_station.example.com
Myvmware_station2.example.com
2. check whether all minions are online.
[Root @ Master_station ~] # Func "*" ping
[OK...] myvmware_station.example.com
[OK...] myvmware_station2.example.com
3. [root @ server ~] # Func "myvmware_station2.example.com" call cpu usage
If data is returned, the installation is normal. For more information about the syntax, see.
4. Run funcd -- list-modules on the master side to view the existing modules.
4. Command example
You can use regular expression matching to list multiple operation objects separated by semicolons]
View existing modules
Funcd -- list-modules
View the list of minions hosts
Func "*" list_minions
Copy an object [copy to the remote end]
Func "myvmware_statio *" copyfile-f/tmp/check_disk.sh -- remotepath =/tmp/file1
Determine whether a file exists
Func "myvmware_statio *" call command exists/tmp/file1
Execute scripts
Func "myvmware_statio *" call command run "/tmp/file1"
Delete temporary files used
Func "myvmware_statio *" call command run "rm/tmp/file1"
This article from "Liu Yuan's blog" blog, please be sure to keep this source http://colynn.blog.51cto.com/5971950/1303808