saltstack部署lnmp
saltstack部署lnmp
环境:
| 系统/主机 | IP地址 | 服务 |
|---|---|---|
| RedHat8/server1 | 192.168.244.131 | salt-master salt-minion |
| RedHat8/node1 | 192.168.244.135 | salt-minion nginx mysql php |
树形结构
[root@server1 prod]# pwd
/srv/salt/prod
[root@server1 salt]# ls
base dev prod test
[root@server1 salt]# tree prod/
prod/
|-- lnmp
| |-- files
| | |-- index.php
| | |-- my.cnf
| | |-- mysql.conf
| | |-- nginx.conf
| |-- lnmp.sls
| |-- mysql.sls
| `-- nginx.sls
|-- modules
| |-- application
| | `-- php
| | |-- files
| | | |-- httpd.conf
| | | |-- index.php
| | | |-- install.sh
| | | |-- oniguruma-devel-6.8.2-2.el8.x86_64.rpm
| | | |-- php-7.4.24.tar.bz2
| | | |-- php-8.0.10.tar.xz
| | | |-- php-fpm
| | | |-- php-fpm.conf
| | | |-- php-fpm.service
| | | `-- www.conf
| | |-- files1
| | | |-- php-fpm
| | | |-- php-fpm.conf
| | | `-- www.conf
| | `-- install.sls
| |-- database
| | `-- mysql
| | |-- files
| | | |-- install.sh
| | | |-- mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
| | | |-- mysql.server
| | | `-- mysqld.service
| | `-- install.sls
| `-- web
| |-- apache
| | |-- bag
| | | |-- apr-1.7.0.tar.bz2
| | | |-- apr-util-1.6.1.tar.bz2
| | | `-- httpd-2.4.51.tar.gz
| | |-- files
| | | |-- httpd.conf
| | | |-- httpd.service
| | | `-- install.sh
| | `-- install.sls
| `-- nginx
| |-- files
| | |-- nginx-1.20.1.tar.gz
| | |-- nginx.service
| | `-- nginx.sh
| `-- install.sls
`-- zabbix
|-- apache.sls
|-- files
| |-- index.php
| |-- my.cnf
| |-- mysql.conf
| |-- vhosts.conf
| |-- zabbix-5.4.7.tar.gz
| `-- zabbix.sh
|-- lamp.sls
|-- mysql.sls
`-- zabbix.sls
部署nginx
nginx结构
[root@server1 web]# tree nginx/
nginx/
|-- files
| |-- nginx-1.20.1.tar.gz
| |-- nginx.service
| `-- nginx.sh
`-- install.sls
编写install.sls文件
[root@server1 nginx]# pwd
/srv/salt/prod/modules/web/nginx
[root@server1 nginx]# cat install.sls
create-user:
user.present:
- name: nginx
- shell: /sbin/nologin
- system: true
- createhome: false
pkg-nginx:
pkg.installed:
- pkgs:
- pcre-devel
- openssl
- openssl-devel
- gd-devel
- gcc
- gcc-c++
- make
copy-nginx-tar:
file.managed:
- names:
- /usr/src/nginx-1.20.1.tar.gz:
- source: salt://modules/web/nginx/files/nginx-1.20.1.tar.gz
nginx-install:
cmd.script:
- name: salt://modules/web/nginx/files/nginx.sh
- unless: test -d /usr/local/nginx
copy-nginx-service:
file.managed:
- names:
- /usr/lib/systemd/system/nginx.service:
- source: salt://modules/web/nginx/files/nginx.service
- require:
- cmd: nginx-install
nginx-service-reload:
cmd.run:
- name: systemctl daemon-reload
- watch:
- file: copy-nginx-service
编写脚本nginx.sh
[root@server1 nginx]# cat files/nginx.sh
#!/bin/bash
cd /usr/src/
tar xf nginx-1.20.1.tar.gz -C /usr/src/
cd nginx-1.20.1
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log &&\
make && make install
部署mysql
mysql结构
[root@server1 database]# tree mysql/
mysql/
|-- files
| |-- install.sh
| |-- mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
| |-- mysql.server
| `-- mysqld.service
`-- install.sls
编写install.sls文件
[root@server1 mysql]# cat install.sls
pkg-install-mysql:
pkg.installed:
- pkgs:
- ncurses-compat-libs
create-mysql-user:
user.present:
- name: mysql
- system: true
- createhome: false
- shell: /sbin/nologin
create-data:
file.directory:
- name: /opt/data
- user: mysql
- mode: '0755'
- group: mysql
- makedirs: True
/usr/src/mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz:
file.managed:
- source: salt://modules/database/mysql/files/mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
- user: mysql
- mode: '0755'
- group: mysql
mysql-install:
cmd.script:
- name: salt://modules/database/mysql/files/install.sh
- unless: test -d /opt/data/mysql
copy-files:
file.managed:
- names:
- /usr/local/mysql/support-files/mysql.server:
- source: salt://modules/database/mysql/files/mysql.server
- /usr/lib/systemd/system/mysqld.service:
- source: salt://modules/database/mysql/files/mysqld.service
- require:
- cmd: mysql-install
编写脚本
[root@server1 mysql]# cat files/install.sh
#!/bin/bash
cd /usr/src
tar xf mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz -C /usr/local
ln -s /usr/local/mysql-5.7.34-linux-glibc2.12-x86_64 /usr/local/mysql
chown -R mysql.mysql /usr/local/mysql*
/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data
部署PHP
树形结构
[root@server1 application]# tree php/
php/
|-- files
| |-- 1
| |-- httpd.conf
| |-- index.php
| |-- install.sh
| |-- oniguruma-devel-6.8.2-2.el8.x86_64.rpm
| |-- php-7.4.24.tar.bz2
| |-- php-8.0.10.tar.xz
| |-- php-fpm
| |-- php-fpm.conf
| |-- php-fpm.service
| `-- www.conf
|-- files1
| |-- php-fpm
| |-- php-fpm.conf
| `-- www.conf
`-- install.sls
编写install.sls文件
[root@server1 php]# cat install.sls
pkg-install-php:
pkg.installed:
- pkgs:
- libxml2
- libxml2-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- libmcrypt
- libmcrypt-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- mhash
- mhash-devel
- php-mysqlnd
- libsqlite3x-devel
- libzip-devel
- php-mysqlnd
- libzip-devel
- libsqlite3x-devel
/usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm:
file.managed:
- source: salt://modules/application/php/files/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- user: root
- group: root
- mode: '0644'
cmd.run:
- name: yum -y install /usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- unless: rpm -q oniguruma-devel
/usr/src/php-7.4.24.tar.bz2:
file.managed:
- source: salt://modules/application/php/files/php-7.4.24.tar.bz2
- user: root
- group: root
- mode: '0644'
php-install:
cmd.script:
- name: salt://modules/application/php/files/install.sh
- unless: test -d /usr/local/php7
copy-files-php:
file.managed:
- names:
- /etc/init.d/php-fpm:
- source: salt://modules/application/php/files1/php-fpm
- user: root
- group: root
- mode: '0755'
- /usr/local/php7/etc/php-fpm.conf:
- source: salt://modules/application/php/files1/php-fpm.conf
- /usr/local/php7/etc/php-fpm.d/www.conf:
- source: salt://modules/application/php/files1/www.conf
- /usr/lib/systemd/system/php-fpm.service:
- source: salt://modules/application/php/files/php-fpm.service
- require:
- cmd: php-install
systemctl daemon-reload:
cmd.run
php-service:
service.running:
- name: php-fpm
- enable: true
- require:
- cmd: php-install
- file: copy-files-php
- watch:
- file: copy-files-php
编写脚本
[root@server1 php]# cat files/install.sh
#!/bin/bash
cd /usr/src/
tar xf php-7.4.24.tar.bz2 -C /usr/src/
cd php-7.4.24
./configure --prefix=/usr/local/php7 \
--with-config-file-path=/etc \
--enable-fpm \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-openssl \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--enable-exif \
--enable-ftp \
--enable-gd \
--with-jpeg \
--with-zlib-dir \
--with-freetype \
--with-gettext \
--enable-mbstring \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-readline \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--with-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-pcntl \
--enable-posix && \
make && make install
组合
结构
[root@server1 prod]# tree lnmp/
lnmp/
|-- 1
|-- apache.sls
|-- files
| |-- index.php
| |-- my.cnf
| |-- mysql.conf
| `-- nginx.conf
|-- lnmp.sls
|-- mysql.sls
`-- nginx.sls
[root@server1 lnmp]# cat lnmp.sls
include:
- lnmp.nginx
- lnmp.mysql
- modules.application.php.install
[root@server1 lnmp]# cat nginx.sls
mkdir-log-nginx:
file.directory:
- name: /var/log/nginx
- user: root
- grep: root
- mode: 755
- makedirs: True
- unless: test -d /var/log/nginx
include:
- modules.web.nginx.install
copy-nginx-conf:
file.managed:
- names:
- /usr/local/nginx/conf/nginx.conf:
- source: salt://lnmp/files/nginx.conf
- /usr/local/nginx/html/index.php:
- source: salt://lnmp/files/index.php
- require:
- cmd: nginx-install
nginx-service:
service.running:
- name: nginx
- enable: True
- reload: true
- require:
- cmd: nginx-install
- watch:
- file: copy-nginx-conf
执行
[root@server1 lnmp]# salt node1 state.sls lnmp.lnmp saltenv=prod
访问
