5.saltstack使用指南:使用saltstack部署nginx

使用saltstack部署nginx


搭建环境:

1.服务器列表:

salt-master:   192.168.42.131
salt-minion:   192.168.42.128(minion-192.168.42.128)
               192.168.42.130(minion-192.168.42.130)

2.环境:
(1)服务器之间互相可以通信(火墙关闭或者火墙允许通信)
(2)master对minion的主机名和ip做好解析


部署步骤

1.确定整个配置的目录文件结构:

#pcre软件安装
[root@server2 prod]# tree ./pcre/
./pcre/
├── files
│   └── pcre-8.38.tar.gz
└── install.sls

1 directory, 2 files

#nginx操作用户添加
[root@server2 prod]# tree ./user/
./user/
└── www.sls

0 directories, 1 file

#nginx安装
[root@server2 prod]# tree ./nginx/
./nginx/
├── files
│   ├── nginx-1.11.6.tar.gz
│   ├── nginx.conf
│   └── nginx.service
├── install.sls
└── service.sls

1 directory, 5 files

整个思路分为:创建用户安装基本组件安装服务开启服务这几个过程。

1.创建用户

在user目录的www.sls定义了www这个用户:

[root@server2 user]# cat www.sls 
www-user-group:
  group.present:
    - name: www
    - gid: 1100

  user.present:
    - name: www
    - fullname: www
    - shell: /sbin/nologin
    - uid: 1100
    - gid: 1100

2.安装基本组件
这个根据业务系统中所需nginx的模块决定,本例中以pcre为例,如果需要其他的模块可以按照类似的方式进行安装,pcre目录下的install.sls如下所示:

[root@server2 pcre]# pwd
/srv/salt/prod/pcre
[root@server2 pcre]# cat install.sls 
pcre-source-install:
  file.managed:
    - name: /usr/local/src/pcre-8.38.tar.gz
    - source: salt://pcre/files/pcre-8.38.tar.gz
    - user: root
    - group: root
    - mode: 755

  cmd.run:
    - name: cd /usr/local/src && tar xvf pcre-8.38.tar.gz && cd pcre-8.38 && ./configure --prefix=/usr/local/pcre && make && make install
    - unless: test -d /usr/local/pcre
    - require:
      - file: pcre-source-install

在/srv/salt/prod/pcre/files目录下包含pcre的源码安装包:

[root@server2 files]# pwd
/srv/salt/prod/pcre/files
[root@server2 files]# ll
total 2008
-rw-r--r-- 1 root root 2053336 Dec  6 20:58 pcre-8.38.tar.gz

3.pcre的安装是在nginx之前进行的,我们把pcre的安装包含在nginx的安装过程中,nginx的安装文件为install.sls:

[root@server2 nginx]# cat install.sls 
#包含用户创建以及pcre安装
include:
  - pcre.install
  - user.www

nginx-source-install:
  file.managed:
    - name: /usr/local/src/nginx-1.11.6.tar.gz
    - source: salt://nginx/files/nginx-1.11.6.tar.gz
    - user: root
    - group: root
    - mode: 0644

  cmd.run:
    - name: cd /usr/local/src && tar xvf nginx-1.11.6.tar.gz && cd nginx-1.11.6 && ./configure --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.38 && make && make install && chown www.www /usr/local/nginx -R
    - unless: test -d /usr/local/nginx
    - require:
      - user: www-user-group
      - file: nginx-source-install
      - cmd: pcre-source-install 

在nginx的install.sls文件中完成了nginx源码包的部署和配置,编译安装操作。

接下来需要设置nginx的配置文件以及启动nginx服务,尤其是在centos7
中,服务启动关闭的管理软件换为systemctl,需要编写相关service文件,以nginx为例,名称设置为nginx.service:

[root@server2 files]# cat nginx.service 
[Unit]  
Description=nginx service  
After=network.target

[Service]  
Type=forking   
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload 
ExecStop=/usr/local/nginx/sbin/nginx -s quit  
PrivateTmp=true  

[Install]  
WantedBy=multi-user.target  

4.nginx配置文件的部署和服务的开启,该内容在nginx目录的service.sls文件中:

[root@server2 nginx]# cat service.sls 
#包含nginx的安装设置
include:
  - nginx.install

nginx-init:
  file.managed:
    - name: /usr/lib/systemd/system/nginx.service
    - source: salt://nginx/files/nginx.service
    - user: root
    - group: root
    - mode: 754

/usr/local/nginx/conf/nginx.conf:
  file.managed:
    - name: /usr/local/nginx/conf/nginx.conf
    - source: salt://nginx/files/nginx.conf
    - user: www
    - group: www
    - mode: 644


nginx.service:
  cmd.run:
    - name: systemctl start nginx.service
    - require:
      - file: nginx-init
    - watch:
      - file: /usr/local/nginx/conf/nginx.conf

(1)在该文件的起始部分首先包含了nginx的安装:nginx.install;
(2)设置了nginx服务的启动脚本文件;
(3)设置nginx配置文件(这里可以使用salt的模板进行设置);
(4)启动nginx服务;


执行部署操作

部署操作非常的简单,在/srv/salt/prod/top.sls文件中添加nginx.service,然后进行部署:

[root@server2 prod]# salt '*' state.highstate 
minion-192.168.42.130:
----------
          ID: pcre-source-install
    Function: file.managed
        Name: /usr/local/src/pcre-8.38.tar.gz
      Result: True
     Comment: File /usr/local/src/pcre-8.38.tar.gz is in the correct state
     Started: 21:11:34.125059
    Duration: 145.506 ms
     Changes:   
----------
          ID: pcre-source-install
    Function: cmd.run
        Name: cd /usr/local/src && tar xvf pcre-8.38.tar.gz && cd pcre-8.38 && ./configure --prefix=/usr/local/pcre && make && make install
      Result: True
     Comment: unless execution succeeded
     Started: 21:11:34.272172
    Duration: 9.418 ms
     Changes:   
----------
          ID: www-user-group
    Function: group.present
        Name: www
      Result: True
     Comment: Group www is present and up to date
     Started: 21:11:34.282685
    Duration: 2.538 ms
     Changes:   
----------
          ID: www-user-group
    Function: user.present
        Name: www
      Result: True
     Comment: User www is present and up to date
     Started: 21:11:34.286017
    Duration: 31.402 ms
     Changes:   
----------
          ID: nginx-source-install
    Function: file.managed
        Name: /usr/local/src/nginx-1.11.6.tar.gz
      Result: True
     Comment: File /usr/local/src/nginx-1.11.6.tar.gz is in the correct state
     Started: 21:11:34.317595
    Duration: 72.0 ms
     Changes:   
----------
          ID: nginx-source-install
    Function: cmd.run
        Name: cd /usr/local/src && tar xvf nginx-1.11.6.tar.gz && cd nginx-1.11.6 && ./configure --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.38 && make && make install && chown www.www /usr/local/nginx -R
      Result: True
     Comment: unless execution succeeded
     Started: 21:11:34.390782
    Duration: 9.355 ms
     Changes:   
----------
          ID: nginx-init
    Function: file.managed
        Name: /usr/lib/systemd/system/nginx.service
      Result: True
     Comment: File /usr/lib/systemd/system/nginx.service is in the correct state
     Started: 21:11:34.400385
    Duration: 55.461 ms
     Changes:   
----------
          ID: /usr/local/nginx/conf/nginx.conf
    Function: file.managed
      Result: True
     Comment: File /usr/local/nginx/conf/nginx.conf is in the correct state
     Started: 21:11:34.455996
    Duration: 48.59 ms
     Changes:   
----------
          ID: nginx.service
    Function: cmd.run
        Name: systemctl start nginx.service
      Result: True
     Comment: Command "systemctl start nginx.service" run
     Started: 21:11:34.505367
    Duration: 15.254 ms
     Changes:   
              ----------
              pid:
                  22253
              retcode:
                  0
              stderr:
              stdout:

Summary for minion-192.168.42.130
------------
Succeeded: 9 (changed=1)
Failed:    0
------------
Total states run:     9
Total run time: 389.524 ms
minion-192.168.42.128:
----------
          ID: pcre-source-install
    Function: file.managed
        Name: /usr/local/src/pcre-8.38.tar.gz
      Result: True
     Comment: File /usr/local/src/pcre-8.38.tar.gz is in the correct state
     Started: 21:11:34.153260
    Duration: 135.174 ms
     Changes:   
----------
          ID: pcre-source-install
    Function: cmd.run
        Name: cd /usr/local/src && tar xvf pcre-8.38.tar.gz && cd pcre-8.38 && ./configure --prefix=/usr/local/pcre && make && make install
      Result: True
     Comment: unless execution succeeded
     Started: 21:11:34.289558
    Duration: 9.864 ms
     Changes:   
----------
          ID: www-user-group
    Function: group.present
        Name: www
      Result: True
     Comment: Group www is present and up to date
     Started: 21:11:34.300283
    Duration: 3.019 ms
     Changes:   
----------
          ID: www-user-group
    Function: user.present
        Name: www
      Result: True
     Comment: User www is present and up to date
     Started: 21:11:34.303914
    Duration: 29.652 ms
     Changes:   
----------
          ID: nginx-source-install
    Function: file.managed
        Name: /usr/local/src/nginx-1.11.6.tar.gz
      Result: True
     Comment: File /usr/local/src/nginx-1.11.6.tar.gz is in the correct state
     Started: 21:11:34.334260
    Duration: 75.035 ms
     Changes:   
----------
          ID: nginx-source-install
    Function: cmd.run
        Name: cd /usr/local/src && tar xvf nginx-1.11.6.tar.gz && cd nginx-1.11.6 && ./configure --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.38 && make && make install && chown www.www /usr/local/nginx -R
      Result: True
     Comment: unless execution succeeded
     Started: 21:11:34.409912
    Duration: 8.683 ms
     Changes:   
----------
          ID: nginx-init
    Function: file.managed
        Name: /usr/lib/systemd/system/nginx.service
      Result: True
     Comment: File /usr/lib/systemd/system/nginx.service is in the correct state
     Started: 21:11:34.418893
    Duration: 50.052 ms
     Changes:   
----------
          ID: /usr/local/nginx/conf/nginx.conf
    Function: file.managed
      Result: True
     Comment: File /usr/local/nginx/conf/nginx.conf is in the correct state
     Started: 21:11:34.469076
    Duration: 47.592 ms
     Changes:   
----------
          ID: nginx.service
    Function: cmd.run
        Name: systemctl start nginx.service
      Result: True
     Comment: Command "systemctl start nginx.service" run
     Started: 21:11:34.517608
    Duration: 21.014 ms
     Changes:   
              ----------
              pid:
                  23156
              retcode:
                  0
              stderr:
              stdout:

Summary for minion-192.168.42.128
------------
Succeeded: 9 (changed=1)
Failed:    0
------------
Total states run:     9
Total run time: 380.085 ms

在对应的节点192.168.42.128上查看nginx是否开启:

[root@server1 ~]# systemctl status nginx.service 
● nginx.service - nginx service
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2016-12-07 14:42:32 CST; 6h ago
  Process: 19352 ExecStart=/usr/local/nginx/sbin/nginx (code=exited, status=0/SUCCESS)
 Main PID: 19353 (nginx)
   Memory: 1.4M
   CGroup: /system.slice/nginx.service
           ├─19353 nginx: master process /usr/local/nginx/sbin/nginx
           └─19354 nginx: worker process

Dec 07 14:42:32 server1.example.com systemd[1]: Starting nginx service...
Dec 07 14:42:32 server1.example.com systemd[1]: Started nginx service.
Dec 07 21:11:34 server1.example.com systemd[1]: Started nginx service.

使用浏览器访问该页面,查看页面能否访问:
5.saltstack使用指南:使用saltstack部署nginx_第1张图片


小结

在个基础上还可以添加php模块,丰富nginx的功能。后续的章节将会进行介绍。

你可能感兴趣的:(saltstack,nginx)