小述:
- states是Saltstack系統中的配置語言,在日常運維中需要編寫大量的states文件,states sls主使用YAML語言
一、實現目標
- 在虛擬機上實現多機通過編寫sls文件來全自動安裝LNMP架構,並實現服務的自動啓動,網站的正常運行等功能
1.環境設置
| 名稱 | IP |
|---|---|
| saltstack-master | 192.168.85.129 |
| saltstack-minion | 192.168.85.130 |
2.配置管理master和minion端
- 客戶端配置DNS解析等
詳細請點擊
3.配置管理LAMP部署
準備模板文件等,詳細內容如下
[master端]
[root@saltstack-master salt]# tree .
.
├── prod
│ ├── init
│ │ └── init.sls
│ ├── nginx
│ │ ├── files
│ │ │ ├── nginx-1.16.0.tar.gz
│ │ │ ├── nginx.conf
│ │ │ └── nginx.service
│ │ ├── install.sls
│ │ ├── service.sls
│ │ └── user.sls
│ ├── pcre
│ │ ├── files
│ │ │ └── pcre-8.39.tar.bz2
│ │ └── pcre.sls
│ ├── php
│ │ ├── files
│ │ │ ├── index.html
│ │ │ ├── php-5.6.29.tar.bz2
│ │ │ ├── php-5.6.29.tar.bz2.1
│ │ │ ├── php-5.6.29.tar.bz2.2
│ │ │ ├── php-5.6.29.tar.bz2.3
│ │ │ ├── php-fpm.conf
│ │ │ ├── php-fpm.service
│ │ │ └── php.ini
│ │ ├── install.sls
│ │ └── service.sls
│ └── web
│ ├── bbs.sls
│ ├── files
│ │ ├── bbs.conf
│ │ └── test.html
│ └── webroot.sls
└── top.sls
10 directories, 24 files
[root@saltstack-master salt]# cat prod/init/init.sls
dep-pkgs-install:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- bzip2
- gzip
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- freetype
- freetype-devel
- libxml2
- libxml2-devel
- libcurl
- libcurl-devel
- libxslt-devel
- openssl
- openssl-devel
- zlib
- zlib-devel
- swig
[root@saltstack-master salt]# cat prod/nginx/install.sls
include:
- init.init
- pcre.pcre
- nginx.user
nginx-source-file:
file.managed:
- name: /usr/local/src/nginx-1.16.0.tar.gz
- source: salt://nginx/files/nginx-1.16.0.tar.gz
cmd.run:
- name: cd /usr/local/src && tar -xf nginx-1.16.0.tar.gz && cd nginx-1.16.0 && ./configure --prefix=/usr/local/nginx --with-http_stub_status_module --prefix=/usr/local/nginx --user=nginx --group=nginx --with-pcre=/usr/local/src/pcre-8.39 && make && make install
- require:
- user: user-group
- pkg: dep-pkgs-install
- cmd: pcre-install
- file: nginx-source-file
- unless: test -d /usr/local/nginx
[root@saltstack-master salt]# cat prod/nginx/service.sls
include:
- nginx.install
nginx-systemd:
file.managed:
- name: /lib/systemd/system/nginx.service
- source: salt://nginx/files/nginx.service
- user: root
- group: root
- mode: 755
nginx-config:
file.managed:
- name: /usr/local/nginx/conf/nginx.conf
- source: salt://nginx/files/nginx.conf
- user: nginx
- group: nginx
- mode: 644
- require:
- cmd: nginx-source-file
nginx-vhost-directory:
file.directory:
- name: /usr/local/nginx/conf/vhost
- require:
- cmd: nginx-source-file
nginx-service:
service.running:
- name: nginx
- enable: True
- reload: True
- require:
- file: nginx-systemd
- watch:
- file: nginx-config
[root@saltstack-master salt]# cat prod/nginx/user.sls
user-group:
group.present:
- name: nginx
- gid: 2000
user.present:
- name: nginx
- fullname: nginx
- shell: /sbin/nologin
- uid: 2000
- gid: 2000
[root@saltstack-master salt]# cat prod/nginx/files/nginx.conf
user nginx;
worker_processes auto;
error_log logs/error.log info;
pid logs/nginx.pid;
worker_rlimit_nofile 40000;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
keepalive_timeout 20;
gzip on;
include /usr/local/nginx/conf/vhost/*.conf;
server {
listen 80;
server_name localhost;
location /nginx_status {
stub_status on;
access_log off;
allow all;
}
}
}
[root@saltstack-master salt]# cat prod/nginx/files/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/bin/rm -f /usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@saltstack-master salt]# cat prod/pcre/pcre.sls
pcre-tarfile:
file.managed:
- source: salt://pcre/files/pcre-8.39.tar.bz2
- name: /usr/local/src/pcre-8.39.tar.bz2
pcre-install:
cmd.run:
- name: cd /usr/local/src && tar xf pcre-8.39.tar.bz2 && tar xf pcre-8.39.tar.bz2 && cd pcre-8.39 && ./configure --prefix=/usr/local/pcre && make && make install
- unless: test -d /usr/local/pcre
- require:
- file: pcre-tarfile
[root@saltstack-master salt]# cat prod/php/install.sls
include:
- init.init
php-source-file:
file.managed:
- name: /usr/local/src/php-5.6.29.tar.bz2
- source: salt://php/files/php-5.6.29.tar.bz2
- user: root
- group: root
- mode: 755
php-source-install:
cmd.run:
- name: cd /usr/local/src && tar -xf php-5.6.29.tar.bz2 && cd php-5.6.29 &&./configure --prefix=/usr/local/php --with-curl --with-
freetype-dir --with-gd --with-gettext --with-iconv-dir --with-jpeg-dir --with-kerberos --with-libdir=lib64 --with-libxml-dir --with-mysql --with-mysqli --with-openssl --with-pcre-regex --with-pdo-mysql --with-pdo-sqlite --with-pear --with-png-dir --with-xmlrpc --with-xsl --with-zlib --enable-fpm --enable-bcmath --enable-libxml --enable-inline-optimization --enable-gd-native-ttf --enable-mbregex --enable-mbstring --enable-opcache --enable-pcntl --enable-shmop --enable-soap --enable-sockets --enable-sysvsem --
enable-xml --enable-zip && make && make install
- require:
- pkg: dep-pkgs-install
- file: php-source-file
- unless: test -d /usr/local/php
[root@saltstack-master salt]# cat prod/php/service.sls
include:
- php.install
php-ini:
file.managed:
- name: /usr/local/php/lib/php.ini
- source: salt://php/files/php.ini
- user: root
- group: root
- mode: 644
- require:
- cmd: php-source-install
php-fpm:
file.managed:
- name: /usr/local/php/etc/php-fpm.conf
- source: salt://php/files/php-fpm.conf
- user: root
- group: root
- mode: 644
- require:
- cmd: php-source-install
php-systemd:
file.managed:
- name: /etc/systemd/system/php-fpm.service
- source: salt://php/files/php-fpm.service
- user: root
- group: root
- mode: 755
php-service:
service.running:
- name: php-fpm
- enable: True
- reload: True
- require:
- file: php-systemd
- watch:
- file: php-ini
- file: php-fpm
[root@saltstack-master salt]# cat prod/web/bbs.sls
include:
- nginx.service
- php.install
- web.webroot
bbs-conf:
file.managed:
- name: /usr/local/nginx/conf/vhost/bbs.conf
- source: salt://web/files/bbs.conf
- require:
- service: nginx-service
- watch_in:
- service: nginx-service
bbs-root:
file.directory:
- name: /webroot/bbs
bbs-index:
file.managed:
- name: /webroot/bbs/index.php
- source: salt://web/files/index.php
- require:
- file: bbs-root
[root@saltstack-master salt]# cat prod/web/files/bbs.conf
server {
listen 80;
server_name bbs.t.com;
root /webroot/bbs;
index index.php index.html index.htm;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
[root@saltstack-master salt]# cat prod/web/files/test.html
<?php
phpinfo();
?>
[root@saltstack-master salt]# cat prod/web/webroot.sls
web-root:
file.directory:
- name: /webroot
[root@saltstack-master salt]# cat top.sls
prod:
'saltstack-minion[1-2]':
- match: pcre
- web.bbs
【minion端】
測試結果
[root@saltstack-minion1 ~]# systemctl status salt-minion.service
● salt-minion.service - The Salt Minion
Loaded: loaded (/usr/lib/systemd/system/salt-minion.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2019-06-16 17:43:08 CST; 8h ago
Main PID: 5710 (salt-minion)
CGroup: /system.slice/salt-minion.service
├─5710 /usr/bin/python /usr/bin/salt-minion
└─5713 /usr/bin/python /usr/bin/salt-minion
......
[root@saltstack-minion1 ~]# ps -aux |grep nginx
root 14081 0.0 0.2 120796 2096 ? Ss Jun16 0:00 nginx: master process /usr/sbin/nginx
nginx 14082 0.0 0.3 121180 3128 ? S Jun16 0:00 nginx: worker process
二、結果
