saltstack部署lnmp架构
准备工作
本次项目我们使用到pillar,所以修改master配置文件来使用pillar
[root@master ~]# vim /etc/salt/master
......
pillar_roots: //取消注释并加上对应的目录
base:
- /srv/pillar/base
prod:
- /srv/pillar/prod
[root@master pillar]# tree
.
└── prod
├── mysql.sls
├── nginx.sls
├── php.sls
└── top.sls
[root@master pillar]# cat prod/nginx.sls
install_nginxdir: /usr/local/nginx
[root@master pillar]# cat prod/mysql.sls
install_mysqldir: /usr/local/mysql
[root@master pillar]# cat prod/php.sls
install_phpdir: /usr/local/php8
[root@master pillar]# cat prod/top.sls
prod:
'node1':
- apache
- nginx
- mysql
- php
[root@master prod]# salt node1 pillar.items
node1:
----------
install_mysqldir:
/usr/local/mysql
install_nginxdir:
/usr/local/nginx
install_phpdir:
/usr/local/php8
本次项目的树状图如下
[root@master prod]# tree
.
├── lnmp
│ ├── files
│ │ ├── index.php
│ │ ├── my.cnf
│ │ ├── mysql.conf
│ │ └── mysql.server
│ ├── main.sls
│ └── mysql.sls
├── modules
├── application
│ └── php
│ ├── files
│ │ ├── install.sh
│ │ ├── oniguruma-devel-6.8.2-2.el8.x86_64.rpm
│ │ ├── php-7.4.24.tar.gz
│ │ ├── php-8.0.12.tar.gz
│ │ ├── php-fpm
│ │ ├── php-fpm.conf
│ │ ├── php-fpm.service
│ │ ├── php.ini
│ │ └── www.conf
│ └── install.sls
├── database
│ └── mysql
│ ├── files
│ │ ├── install.sh
│ │ ├── mysql-5.7.36-linux-glibc2.12-x86_64.tar.gz
│ │ └── mysqld.service
│ └── install.sls
└── web
└── nginx
├── files
│ ├── install.sh
│ ├── nginx-1.20.1.tar.gz
│ ├── nginx.conf
│ ├── index.php
│ └── nginx.service.j2
└── install.sls
nginx
安装nginx的状态文件
[root@master prod]# cat modules/web/nginx/install.sls
"Development Tools":
pkg.group_installed
nginx-yilai:
pkg.installed:
- names:
- pcre-devel
- openssl
- openssl-devel
- gd-devel
- gcc
- gcc-c++
- make
nginx-useradd:
user.present:
- name: nginx
- system: true
- shell: /sbin/nologin
- createhome: false
nginx-copyfile:
file.managed:
- name: /usr/src/nginx-1.20.1.tar.gz
- source: salt://modules/web/nginx/files/nginx-1.20.1.tar.gz
nginx-install:
cmd.script:
- name: salt://modules/web/nginx/files/install.sh
- require:
- file: nginx-copyfile
- unless: test -d {{ pillar['install_nginxdir'] }}
nginx-config:
file.managed:
- name: {{ pillar['install_nginxdir'] }}/conf/nginx.conf
- source: salt://modules/web/nginx/files/nginx.conf
- user: root
- group: root
- mode: '0755'
- require:
- cmd: nginx-install
/usr/lib/systemd/system/nginx.service:
file.managed:
- source: salt://modules/web/nginx/files/nginx.service.j2
- template: jinja
{{ pillar['install_nginxdir'] }}/html/index.php:
file.managed:
- source: salt://modules/web/nginx/files/index.php
nginx-start:
service.running:
- name: nginx
- enable: true
- watch:
- file: {{ pillar['install_nginxdir'] }}/conf/nginx.conf
- require:
- file: /usr/lib/systemd/system/nginx.service
安装nginx的脚本
[root@master prod]# cat modules/web/nginx/files/install.sh
#!/bin/bash
cd /usr/src
rm -rf nginx-1.20.1
tar xf nginx-1.20.1.tar.gz
cd nginx-1.20.1
./configure --prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log && make && make install
echo "export PATH=/usr/local/nginx/sbin:\$PATH" > /etc/profile.d/nginx.sh
mysql
安装mysql的状态文件
[root@master prod]# cat modules/database/mysql/install.sls
mysql_user:
user.present:
- name: mysql
- system: true
- createhome: false
- shell: /sbin/nologin
mysql_yilai:
pkg.installed:
- pkgs:
- ncurses-devel
- openssl-devel
- openssl
- cmake
- mariadb-devel
- ncurses-compat-libs
create_datadir:
file.directory:
- name: /opt/data
- user: mysql
- group: mysql
- mode: '0755'
- makedirs: true
mysql-copyfile:
file.managed:
- name: /usr/src/mysql-5.7.36-linux-glibc2.12-x86_64.tar.gz
- source: salt://modules/database/mysql/files/mysql-5.7.36-linux-glibc2.12-x86_64.tar.gz
mysql-install:
cmd.script:
- name: salt://modules/database/mysql/files/install.sh
- require:
- file: mysql-copyfile
- unless: test -d {{ pillar['install_mysqldir'] }}
/usr/lib/systemd/system/mysqld.service:
file.managed:
- source: salt://modules/database/mysql/files/mysqld.service
- user: root
- group: root
- mode: '0755'
安装mysql的脚本
[root@master prod]# cat modules/database/mysql/files/install.sh
#!/bin/bash
cd /usr/src
tar xf mysql-5.7.36-linux-glibc2.12-x86_64.tar.gz
ln -s /usr/src/mysql-5.7.36-linux-glibc2.12-x86_64 /usr/local/mysql
chown -R mysql.mysql /usr/local/mysql*
echo "export PATH=/usr/local/mysql/bin:\$PATH" > /etc/profile.d/mysql.sh
/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data
项目中配置mysql的状态文件
[root@master prod]# cat lnmp/mysql.sls
include:
- modules.database.mysql.install
mysql_config:
file.managed:
- user: root
- group: root
- mode: '0755'
- names:
- /etc/my.cnf:
- source: salt://lnmp/files/my.cnf
- /etc/ld.so.conf.d/mysql.conf:
- source: salt://lnmp/files/mysql.conf
cmd.run:
- name: ldconfig
/usr/local/include/mysql:
file.symlink:
- target: {{ pillar['install_mysqldir'] }}/include
/etc/ld.so.conf.d/mysql.conf:
file.managed:
- source: salt://lnmp/files/mysql.conf
mysqld.service:
service.running:
- enable: true
- require:
- file: mysql_config
set_password:
cmd.run:
- name: /usr/local/mysql/bin/mysql -e "set password = password('123456');"
- unless: /usr/local/mysql/bin/mysql -uroot -p123456 -e "exit"
php
安装php的状态文件
[root@master prod]# cat modules/application/php/install.sls
/usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm:
file.managed:
- source: salt://modules/application/php/files/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- user: root
- group: root
- mode: '0644'
cmd.run:
- name: yum -y install /usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- unless: test ! -f /usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
php-yilai:
pkg.installed:
- pkgs:
- epel-release
- sqlite-devel
- libzip-devel
- libxml2
- libxml2-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg-turbo
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- oniguruma
- gcc
- gcc-c++
- make
php-copyfile:
file.managed:
- name: /usr/src/php-8.0.12.tar.gz
- source: salt://modules/application/php/files/php-8.0.12.tar.gz
php-install:
cmd.script:
- name: salt://modules/application/php/files/install.sh
- require:
- file: php-copyfile
- unless: test -d {{ pillar['install_phpdir'] }}
php_configfile:
file.managed:
- user: root
- group: root
- mode: '0644'
- names:
- {{ pillar['install_phpdir'] }}/etc/php-fpm.conf:
- source: salt://modules/application/php/files/php-fpm.conf
- {{ pillar['install_phpdir'] }}/etc/php-fpm.d/www.conf:
- source: salt://modules/application/php/files/www.conf
- require:
- cmd: php-install
/etc/init.d/php-fpm:
file.managed:
- source: salt://modules/application/php/files/php-fpm
- user: root
- group: root
- mode: '0755'
copy-php-servicefile:
file.managed:
- name: /usr/lib/systemd/system/php-fpm.service
- source: salt://modules/application/php/files/php-fpm.service
- user: root
- group: root
- mode: '0755'
php-fpm.service:
service.running:
- enable: true
- require:
- file: copy-php-servicefile
安装php的脚本
[root@master prod]# cat modules/application/php/files/install.sh
#!/bin/bash
cd /usr/src
tar xf /usr/src/php-8.0.12.tar.gz
cd php-8.0.12
./configure --prefix=/usr/local/php8 \
--with-config-file-path=/etc \
--enable-fpm \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-openssl \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--enable-exif \
--enable-ftp \
--enable-gd \
--enable-jpeg \
--with-zlib-dir \
--with-freetype \
--with-gettext \
--enable-mbstring \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-readline \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--with-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-pcntl \
--enable-posix && make && make install
组合为lnmp
[root@master prod]# cat lnmp/main.sls
include:
- modules.web.nginx.install
- lnmp.mysql
- modules.application.php.install
测试
|