因为基本上生产环境中都是nginx+php的环境,所以就不单独列出salt部署php的过程了,这里就结合我在生产环境中的脚本进行nginx+php环境的部署。
部署规划:
1)编译安装libiconv、libmcrypt、mhash以及mcrypt
2)编译安装php
3)添加启动停止脚本
4)添加到系统服务并设置开机启动
5)拷贝日志切割脚本
6)添加日志切割定时任务
7)安装memcached/redis/protobuf扩展
8)修改php.ini加载php扩展
salt部署目录架构:
[root@salt-master ~]# tree /srv/salt/base/ /srv/salt/base/ ├── cron │ ├── files │ │ ├── nginx_cut_log.sh │ │ └── php_cut_log.sh │ ├── nginx.sls │ └── php.sls ├── nginx │ ├── files │ │ ├── nginx │ │ ├── nginx-1.6.3.tar.gz │ │ └── nginx.conf │ ├── install.sls │ └── service.sls ├── packages │ └── install.sls ├── pcre │ ├── files │ │ └── pcre-8.37.tar.gz │ └── install.sls ├── php │ ├── extension.sls │ ├── files │ │ ├── libmemcached-1.0.18.tar.gz │ │ ├── memcached-2.2.0.tgz │ │ ├── php-5.6.16.tar.gz │ │ ├── php-fpm │ │ ├── php-fpm.conf │ │ ├── php.ini │ │ ├── phpredis-2.2.4.tar.gz │ │ └── protobuf.so │ ├── install.sls │ ├── libiconv │ │ └── files │ │ └── libiconv-1.14.tar.gz │ ├── libiconv.sls │ ├── libmcrypt │ │ └── files │ │ └── libmcrypt-2.5.8.tar.gz │ ├── libmcrypt.sls │ ├── mcrypt │ │ └── files │ │ └── mcrypt-2.6.8.tar.gz │ ├── mcrypt.sls │ ├── mhash │ │ └── files │ │ └── mhash-0.9.9.9.tar.gz │ ├── mhash.sls │ └── service.sls ├── top.sls └── user ├── nginx.sls └── php.sls 18 directories, 34 files
安装libiconv:
[root@salt-master base]# cat php/libiconv.sls libiconv-source-install: file.managed: - name: /opt/tools/libiconv-1.14.tar.gz - source: salt://php/libiconv/files/libiconv-1.14.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools/ && tar -zxf libiconv-1.14.tar.gz && cd libiconv-1.14 && ./configure --prefix=/usr/local && make && make install && /sbin/ldconfig - unless: test -e /usr/local/lib/libiconv.so.2.5.1 - require: - file: libiconv-source-install
安装limcrypt:
[root@salt-master base]# cat php/libmcrypt.sls libmcrypt-source-install: file.managed: - name: /opt/tools/libmcrypt-2.5.8.tar.gz - source: salt://php/libmcrypt/files/libmcrypt-2.5.8.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools && tar -zxf libmcrypt-2.5.8.tar.gz && cd libmcrypt-2.5.8 && ./configure && make && make install && ldconfig && cd libltdl && ./configure --enable-ltdl-install && make && make install && /sbin/ldconfig - unless: test -e /usr/local/lib/libmcrypt.so.4.4.8 - require: - file: libmcrypt-source-install
安装mhash:
[root@salt-master base]# cat php/mhash.sls mhash-source-install: file.managed: - name: /opt/tools/mhash-0.9.9.9.tar.gz - source: salt://php/mhash/files/mhash-0.9.9.9.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools/ && tar -zxf mhash-0.9.9.9.tar.gz && cd mhash-0.9.9.9 && ./configure && make && make install && ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la && ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so && ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4 && ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8 && ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a && ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la && ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so && ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2 && ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1 && ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config - unless: test -e /usr/local/lib/libmhash.a - require: - file: mhash-source-install
安装mcrypt:
[root@salt-master base]# cat php/mcrypt.sls mcrypt-source-install: file.managed: - name: /opt/tools/mcrypt-2.6.8.tar.gz - source: salt://php/mcrypt/files/mcrypt-2.6.8.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /opt/tools/ && tar -zxf mcrypt-2.6.8.tar.gz && cd mcrypt-2.6.8 && /sbin/ldconfig && ./configure && make && make install - unless: test -e /usr/local/bin/mcrypt - require: - file: mcrypt-source-install
安装php:
[root@salt-master base]# cat php/install.sls include: - packages.install - user.php - php.libiconv - php.libmcrypt - php.mhash - php.mcrypt php-source-install: file.managed: - name: /opt/tools/php-5.6.16.tar.gz - source: salt://php/files/php-5.6.16.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools/ && tar -zxf php-5.6.16.tar.gz && cd php-5.6.16 && ./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-libxml-dir --enable-xml --enable-fpm --with-fpm-user=www --with-fpm-group=www --enable-bcmath --enable-mbstring --enable-gd-native-ttf --enable-sockets --enable-mysqlnd --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --enable-zip --enable-inline-optimization --with-gd --with-bz2 --with-zlib --with-mcrypt --with-mhash --with-openssl --with-xmlrpc --with-iconv-dir --with-freetype-dir --with-jpeg-dir --with-png-dir --without-pear --disable-ipv6 --disable-pdo --with-gettext --disable-debug --without-pdo-sqlite --disable-rpath --enable-shmop --enable-sysvsem --with-curl --with-curlwrappers --enable-mbregex --enable-pcntl --enable-soap --enable-sigchild --enable-pdo && make ZEND_EXTRA_LIBS='-liconv' && make install - unless: test -d /usr/local/php - require: - file: php-source-install - user: php-user-group - cmd: libiconv-source-install - cmd: libmcrypt-source-install - cmd: mcrypt-source-install - cmd: mhash-source-install
配置php服务:
[root@salt-master base]# cat php/service.sls include: - php.install - cron.php /usr/local/php/etc: file.directory: - user: www - group: www - mode: 644 - makedirs: True /usr/local/php/etc/php-fpm.conf: file.managed: - source: salt://php/files/php-fpm.conf - user: www - group: www - mode: 644 /etc/php.ini: file.managed: - source: salt://php/files/php.ini - user: www - group: www - mode: 644 /etc/profile: file.append: - text: - export PATH=$PATH:/usr/local/php/bin:/usr/local/php/sbin php-init: file.managed: - name: /etc/init.d/php-fpm - source: salt://php/files/php-fpm - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add php-fpm && source /etc/profile - unless: chkconfig --list|grep php-fpm - require: - file: php-init php-service: service.running: - name: php-fpm - enable: True - restart: True - require: - cmd: php-init - watch: - file: /etc/php.ini - file: /usr/local/php/etc/php-fpm.conf
部署定时任务:
[root@salt-master base]# cat cron/php.sls php-crond-job: file.managed: - name: /opt/tools/scripts/php_cut_log.sh - source: salt://cron/files/php_cut_log.sh - user: root - group: root - mode: 755 /bin/bash /opt/tools/scripts/php_cut_log.sh >/dev/null 2>&1: cron.present: - identifier: cut php daily logs job - user: root - minute: '0' - hour: '0' - require: - file: php-crond-job
安装php扩展:
[root@salt-master base]# cat php/extension.sls include: - php.service libmemcached-source-install: file.managed: - name: /opt/tools/libmemcached-1.0.18.tar.gz - source: salt://php/files/libmemcached-1.0.18.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /opt/tools && tar -zxf libmemcached-1.0.18.tar.gz && cd libmemcached-1.0.18 && ./configure --prefix=/usr/local/libmemcached --with-memcached && make && make install - unless: test -d /usr/local/libmemcached - require: - file: libmemcached-source-install memcached-source-install: file.managed: - name: /opt/tools/memcached-2.2.0.tgz - source: salt://php/files/memcached-2.2.0.tgz - user: root - group: root - mode: 644 cmd.run: - name: cd /opt/tools/ && tar -zxf memcached-2.2.0.tgz && cd memcached-2.2.0 && /usr/local/php/bin/phpize && ./configure --enable-memcached --with-php-config=/usr/local/php/bin/php-config --with-libmemcached-dir=/usr/local/libmemcached && make && make install - unless: test -x /usr/bin/memcached - require: - file: memcached-source-install phpredis-source-install: file.managed: - name: /opt/tools/phpredis-2.2.4.tar.gz - source: salt://php/files/phpredis-2.2.4.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /opt/tools && tar -zxf phpredis-2.2.4.tar.gz && cd phpredis-2.2.4 && /usr/local/php/bin/phpize && ./configure --with-php-config=/usr/local/php/bin/php-config && make && make install - unless: test -e /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/redis.so - require: - file: phpredis-source-install protobuf-extension: file.managed: - name: /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/protobuf.so - source: salt://php/files/protobuf.so - user: www - group: www - mode: 755 extension-init: file.managed: - name: /usr/local/php/etc/php.ini - source: salt://php/files/php.ini - user: www - group: www - replace: True - mode: 644 cmd.run: - name: chown -R www:www /usr/local/php && source /etc/profile - require: - file: protobuf-extension - file: extension-init - watch: - file: /usr/local/php/etc/php.ini
top.sls文件:
[root@salt-master base]# cat top.sls base: 'salt-minion02.contoso.com': - nginx.service - php.service - php.extension