saltstack部署LAMP架构
实验环境
| 主机名 | IP地址 |
|---|---|
| master | 192.168.200.145 |
| node1 | 192.168.200.144 |
整体结构图
/srv/salt/prod/
├── lamp
│ ├── files
│ │ ├── index.php
│ │ ├── my.cnf
│ │ ├── mysql.conf
│ │ └── nginx.conf
│ ├── lamp.sls
│ ├── mysql.sls
│ └── nginx.sls
└── modules
├── application
│ └── php
│ ├── config
│ ├── files
│ │ ├── install.sh
│ │ ├── oniguruma-devel-6.8.2-2.el8.x86_64.rpm
│ │ ├── php-8.0.10.tar.gz
│ │ ├── php-fpm
│ │ ├── php-fpm.conf
│ │ ├── php-fpm.service
│ │ └── www.conf
│ └── install.sls
├── database
│ └── mysql
│ ├── config.sls
│ ├── files
│ │ ├── install.sh
│ │ ├── my.cnf
│ │ ├── mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
│ │ ├── mysqld.service
│ │ └── mysql.server
│ └── install.sls
└── web
├── apache
│ ├── files
│ │ ├── apr-1.7.0.tar.gz
│ │ ├── apr-util-1.6.1.tar.gz
│ │ ├── httpd-2.4.51.tar.gz
│ │ ├── httpd.conf
│ │ ├── httpd.service.j2
│ │ ├── index.php
│ │ └── install.sh
│ └── install.sls
└── nginx
├── files
│ ├── install.sh
│ ├── nginx-1.20.1.tar.gz
│ └── nginx.service
└── install.sls
1. nginx部分状态文件
modules/web/nginx/install.sls
[root@master prod]# cat modules/web/nginx/install.sls
install-package:
pkg.installed:
- pkgs:
- openssl
- openssl-devel
- gd-devel
- gcc
- gcc-c++
- make
create-nginx_user:
user.present:
- name: nginx
- shell: /sbin/nologin
- createhome: false
- system: true
/var/log/nginx:
file.directory:
- user: nginx
- group: nginx
- mode: '0775'
- makedirs: true
/usr/src/nginx-1.20.1.tar.gz:
file.managed:
- source: salt://modules/web/nginx/files/nginx-1.20.1.tar.gz
- uroot: root
- group: root
- mode: '0644'
nginx-install:
cmd.run:
- name: salt://modules/web/nginx/files/install.sh
- unless: test -d /usr/localnginx
modules/web/nginx/files/install.sh
[root@master nginx]# cat files/install.sh
#!/bin/bash
cd /usr/src
rm -rf nginx-1.20.1
tar xf nginx-1.20.1.tar.gz
cd nginx-1.20.1
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log &&
make && make install
echo 'export PATH=/usr/local/nginx/sbin:$PATH' > /etc/profile.d/nginx.sh
2. mysql 部分状态文件
/srv/salt/prod/modules/database/mysql
ncurses-compat-libs:
pkg.installed
create-mysql-user:
user.present:
- name: mysql
- system: true
- createhome: false
- shell: /sbin/nologin
create-datadir:
file.directory:
- name: /opt/data
- user: mysql
- group: mysql
- mode: '0755'
- makedirs: true
/usr/src/mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz:
file.managed:
- source: salt://modules/database/mysql/files/mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
- user: root
- group: root
- mode: '0644'
mysql-install:
cmd.script:
- name: salt://modules/database/mysql/files/install.sh
- unless: test -d /usr/local/mysql
trasfer-files:
file.managed:
- names:
- /usr/local/mysql/support-files/mysql.server:
- source: salt://modules/database/mysql/files/mysql.server
- /usr/lib/systemd/system/mysqld.service:
- source: salt://modules/database/mysql/files/mysqld.service
- require:
- cmd: mysql-install
/srv/salt/prod/modules/database/mysql/install.sh
#!/bin/bash
cd /usr/src
rm -rf mysql-5.7.35-linux-glibc2.12-x86_64
tar xf mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz -C /usr/local
ln -s /usr/local/mysql-5.7.35-linux-glibc2.12-x86_64 /usr/local/mysql
chown -R mysql.mysql /usr/local/mysql*
/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data/
echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
/srv/salt/prod/modules/database/mysql/mysqld.service
[Unit]
Description=Mysqklserve daemon
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/mysql/support-files/mysql.server start
ExecStop=/usr/local/mysql/support-files/mysql.servr stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
3. php部分状态文件
/prod/modules/application/php
/usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm:
file.managed:
- source: salt://modules/application/php/files/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- user: root
- group: root
- mode: '0644'
cmd.run:
- name: yum -y install /usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- unless: rpm -q oniguruma-devel
dep-package-install:
pkg.installed:
- pkgs:
- libxml2
- libxml2-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg-turbo
- libjpeg-turbo-devel
- libsqlite3x
- libsqlite3x-devel
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- libmcrypt
- libmcrypt-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- mhash
- mhash-devel
- php-mysqlnd
/usr/src/php-8.0.10.tar.gz:
file.managed:
- source: salt://modules/application/php/files/php-8.0.10.tar.gz
- user: root
- group: root
- mode: '0644'
php-install:
cmd.script:
- name: salt://modules/application/php/files/install.sh
- unless: test -d /usr/local/php8
copy-php:
file.managed:
- names:
- /etc/init.d/php-fpm:
- source: salt://modules/application/php/files/php-fpm
- user: root
- group: root
- mode: '0755'
- /usr/local/php8/etc/php-fpm.conf:
- source: salt://modules/application/php/files/php-fpm.conf
- /usr/local/php8/etc/php-fpm.d/www.conf:
- source: salt://modules/application/php/files/www.conf
- /usr/lib/systemd/system/php-fpm.service:
- source: salt://modules/application/php/files/php-fpm.service
- require:
- cmd: php-install
php-fpm.service:
service.running:
- enable: true
- reload: true
- require:
- cmd: php-install
- file: copy-php
- watch:
- file: copy-php
/prod/modules/application/php/files/install.sh
#!/bin/bash
cd /usr/src
rm -rf tar xf php-8.0.10
tar xf php-8.0.10.tar.gz
cd php-8.0.10
./configure --prefix=/usr/local/php8 \
--with-config-file-path=/etc \
--enable-fpm \
--enable-inline-optimization \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-openssl \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--enable-exif \
--enable-ftp \
--with-gd \
--with-jpeg-dir \
--with-png-dir \
--with-zlib-dir \
--with-freetype-dir \
--with-gettext \
--enable-json \
--enable-mbstring \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-readline \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--enable-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-pcntl \
--enable-posix && \
make && make install
prod/modules/application/php/files/php-fpm.service
[Unit]
Description=php-fpm server daemon
After=network.target
[Service]
Type=forking
ExecStart=/etc/init.d/php-fpm start
ExecStop=/etc/init.d/php-fpm stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
4 lnmp部分状态文件
/prod/lamp/nginx.sls
"Development Tools":
pkg.group_installed
include:
- modules.web.nginx.install
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://modules/web/nginx/files/nginx.conf
- user: root
- group: root
- mode: '0644'
- require:
- cmd: nginx-install
/usr/local/nginx/html/index.php:
file.managed:
- source: salt://modules/web/nginx/files/index.php
- user: root
- group: root
- mode: '644'
- require:
- cmd: nginx-install
"nginx -s reload":
cmd.run
/prod/lamp/mysql.sls
lamp-dep-package:
pkg.installed:
- pkgs:
- ncurses-devel
- openssl-devel
- openssl
- cmake
- mariadb-devel
include:
- modules.database.mysql.install
provides-mysql-files:
file.managed:
- user: root
- group: root
- mode: '0644'
- names:
- /etc/my.cnf:
- source: salt://lamp/files/my.cnf
- /etc/ld.so.conf.d/mysql.conf:
- source: salt://lamp/files/mysql.conf
/usr/local/include/mysql:
file.symlink:
- target: /usr/local/mysql/include
mysqld.service:
service.running:
- enable: true
- reload: true
- require:
- cmd: mysql-install
- trasfer-files
- watch:
- file: provides-mysql-files
mysqld-set-password:
cmd.run:
- name: /usr/local/mysql/bin/mysql -e "set password = password('123456');"
- require:
- service: mysqld.service
- unless: /usr/local/mysql/bin/mysql -uroot -p123456 -e "exit"
/salt/prod/lamp/lamp.sls
include:
- lamp.nginx
- lamp.mysql
- modules.application.php.install
访问测试
