SaltStack项目实战(一)
- 系统架构图
一、初始化
1、salt环境配置,定义基础环境、生产环境(base、prod)
|
1
2
3
4
5
6
7
8
9
10
|
vim /etc/salt/master修改file_rootsfile_roots: base: - /srv/salt/base prod: - /srv/salt/prod mkdir -p /srv/salt/basemkdir -p /srv/salt/prod |
pillar配置
|
1
2
3
4
5
6
7
8
9
10
|
vim /etc/salt/master修改pillar_rootspillar_roots: base: - /srv/pillar/base pord: - /srv/pillar/prod mkdir -p /srv/pillar/basemkdir -p /srv/pillar/prod |
服务重启 systemctl restart salt-master
2、salt base环境初始化:
|
1
2
|
mkdir -p /srv/salt/base/init # 环境初始化目录mkdir -p /srv/salt/base/init/files # 配置文件目录 |
1)dns配置
准备dns配置文件,放入/srv/salt/base/init/files目录下
cp /etc/resolv.conf /srv/salt/base/init/files/
|
1
2
3
4
5
6
7
|
vi /srv/salt/base/init/dns.sls/etc/resolv.conf: file.managed: - source: salt://init/files/resolv.conf - user: root - gourp: root - mode: 644 |
2)histroy记录时间
|
1
2
3
4
5
|
vi /srv/salt/base/init/history.sls/etc/profile: file.append: - text: - export HISTTIMEFORMAT="%F %T `whoami` " |
3)记录命令操作
|
1
2
3
4
5
|
vi /srv/salt/base/init/audit.sls/etc/bashrc: file.append: - text: - export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }' |
4)内核参数优化
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
vi /srv/salt/base/init/sysctl.slsnet.ipv4.ip_local_port_range: sysctl.present: - value: 10000 65000fs.file-max: sysctl.present: - value: 2000000net.ipv4.ip_forward: sysctl.present: - value: 1vm.swappiness: sysctl.present: - value: 0 |
5)安装yum仓库
|
1
2
3
4
5
6
|
vi /srv/salt/base/init/epel.slsyum_repo_release: pkg.installed: - sources: - epel-release: http://mirrors.aliyun.com/epel/epel-release-latest-7.noarch.rpm - unless: rpm -qa | grep epel-release-latest-7 |
6)安装zabbix-agent
准备zabbix-agent配置文件,放入/srv/salt/base/init/files目录下
cp /etc/zabbix/zabbix_agentd.conf /srv/salt/base/init/files/
修改 vi /etc/zabbix/zabbix_agentd.conf
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
vi /srv/salt/base/init/zabbix_agent.slszabbix-agent: pkg.installed: - name: zabbix-agent file.managed: - name: /etc/zabbix/zabbix_agentd.conf - source: salt://init/files/zabbix_agentd.conf - template: jinja - backup: minion - defaults: Server: {{ pillar['zabbix-agent']['Zabbix_Server'] }} Hostname: {{ grains['fqdn'] }} - require: - pkg: zabbix-agent service.running: - enable: True - watch: - pkg: zabbix-agent - file: zabbix-agentzabbix_agentd.d: file.directory: - name: /etc/zabbix/zabbix_agentd.d - watch_in: - service: zabbix-agent - require: - pkg: zabbix-agent - file: zabbix-agent |
备注:“- backup: minion”表示备份,如果文件改动,会将之前的文件备份到/var/cache/salt/file_backup目录下
7)编写init.sls总文件,引用其它文件
|
1
2
3
4
5
6
7
8
|
vi /srv/salt/base/init/init.slsinclude: - init.dns - init.history - init.audit - init.sysctl - init.epel - init.zabbix_agent |
执行命令: salt "*" state.sls init.init
执行结果
1 linux-node1.example.com:
2 ----------
3 ID: /etc/resolv.conf
4 Function: file.managed
5 Result: True
6 Comment: File /etc/resolv.conf is in the correct state
7 Started: 04:39:32.998314
8 Duration: 181.548 ms
9 Changes:
10 ----------
11 ID: /etc/profile
12 Function: file.append
13 Result: True
14 Comment: File /etc/profile is in correct state
15 Started: 04:39:33.180034
16 Duration: 6.118 ms
17 Changes:
18 ----------
19 ID: /etc/bashrc
20 Function: file.append
21 Result: True
22 Comment: Appended 1 lines
23 Started: 04:39:33.186266
24 Duration: 6.608 ms
25 Changes:
26 ----------
27 diff:
28 ---
29
30 +++
31
32 @@ -90,3 +90,4 @@
33
34 unset -f pathmunge
35 fi
36 # vim:ts=4:sw=4
37 +export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
38 ----------
39 ID: net.ipv4.ip_local_port_range
40 Function: sysctl.present
41 Result: True
42 Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
43 Started: 04:39:33.261448
44 Duration: 212.528 ms
45 Changes:
46 ----------
47 net.ipv4.ip_local_port_range:
48 10000 65000
49 ----------
50 ID: fs.file-max
51 Function: sysctl.present
52 Result: True
53 Comment: Updated sysctl value fs.file-max = 2000000
54 Started: 04:39:33.474197
55 Duration: 122.497 ms
56 Changes:
57 ----------
58 fs.file-max:
59 2000000
60 ----------
61 ID: net.ipv4.ip_forward
62 Function: sysctl.present
63 Result: True
64 Comment: Updated sysctl value net.ipv4.ip_forward = 1
65 Started: 04:39:33.596905
66 Duration: 35.061 ms
67 Changes:
68 ----------
69 net.ipv4.ip_forward:
70 1
71 ----------
72 ID: vm.swappiness
73 Function: sysctl.present
74 Result: True
75 Comment: Updated sysctl value vm.swappiness = 0
76 Started: 04:39:33.632208
77 Duration: 36.226 ms
78 Changes:
79 ----------
80 vm.swappiness:
81 0
82 ----------
83 ID: yum_repo_release
84 Function: pkg.installed
85 Result: True
86 Comment: All specified packages are already installed
87 Started: 04:39:39.085699
88 Duration: 12627.626 ms
89 Changes:
90 ----------
91 ID: zabbix-agent
92 Function: pkg.installed
93 Result: True
94 Comment: Package zabbix-agent is already installed
95 Started: 04:39:51.713592
96 Duration: 6.677 ms
97 Changes:
98 ----------
99 ID: zabbix-agent
100 Function: file.managed
101 Name: /etc/zabbix/zabbix_agentd.conf
102 Result: True
103 Comment: File /etc/zabbix/zabbix_agentd.conf updated
104 Started: 04:39:51.720994
105 Duration: 152.077 ms
106 Changes:
107 ----------
108 diff:
109 ---
110 +++
111 @@ -90,7 +90,7 @@
112 #
113 # Mandatory: no
114 # Default:
115 -Server={{ Server }}
116 +Server=192.168.137.11
117
118 ### Option: ListenPort
119 # Agent will listen on this port for connections from the server.
120 ----------
121 ID: zabbix_agentd.d
122 Function: file.directory
123 Name: /etc/zabbix/zabbix_agentd.d
124 Result: True
125 Comment: Directory /etc/zabbix/zabbix_agentd.d is in the correct state
126 Started: 04:39:51.875082
127 Duration: 0.908 ms
128 Changes:
129 ----------
130 ID: zabbix-agent
131 Function: service.running
132 Result: True
133 Comment: Service restarted
134 Started: 04:39:51.932698
135 Duration: 205.223 ms
136 Changes:
137 ----------
138 zabbix-agent:
139 True
140
141 Summary for linux-node1.example.com
142 -------------
143 Succeeded: 12 (changed=7)
144 Failed: 0
145 -------------
146 Total states run: 12
147 Total run time: 13.593 s
148 linux-node2.example.com:
149 ----------
150 ID: /etc/resolv.conf
151 Function: file.managed
152 Result: True
153 Comment: File /etc/resolv.conf is in the correct state
154 Started: 12:46:38.639870
155 Duration: 182.254 ms
156 Changes:
157 ----------
158 ID: /etc/profile
159 Function: file.append
160 Result: True
161 Comment: Appended 1 lines
162 Started: 12:46:38.822236
163 Duration: 3.047 ms
164 Changes:
165 ----------
166 diff:
167 ---
168
169 +++
170
171 @@ -74,3 +74,4 @@
172
173
174 unset i
175 unset -f pathmunge
176 +export HISTTIMEFORMAT="%F %T `whoami` "
177 ----------
178 ID: /etc/bashrc
179 Function: file.append
180 Result: True
181 Comment: Appended 1 lines
182 Started: 12:46:38.825423
183 Duration: 3.666 ms
184 Changes:
185 ----------
186 diff:
187 ---
188
189 +++
190
191 @@ -90,3 +90,4 @@
192
193 unset -f pathmunge
194 fi
195 # vim:ts=4:sw=4
196 +export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }'
197 ----------
198 ID: net.ipv4.ip_local_port_range
199 Function: sysctl.present
200 Result: True
201 Comment: Updated sysctl value net.ipv4.ip_local_port_range = 10000 65000
202 Started: 12:46:39.011409
203 Duration: 132.499 ms
204 Changes:
205 ----------
206 net.ipv4.ip_local_port_range:
207 10000 65000
208 ----------
209 ID: fs.file-max
210 Function: sysctl.present
211 Result: True
212 Comment: Updated sysctl value fs.file-max = 2000000
213 Started: 12:46:39.144117
214 Duration: 33.556 ms
215 Changes:
216 ----------
217 fs.file-max:
218 2000000
219 ----------
220 ID: net.ipv4.ip_forward
221 Function: sysctl.present
222 Result: True
223 Comment: Updated sysctl value net.ipv4.ip_forward = 1
224 Started: 12:46:39.177821
225 Duration: 43.489 ms
226 Changes:
227 ----------
228 net.ipv4.ip_forward:
229 1
230 ----------
231 ID: vm.swappiness
232 Function: sysctl.present
233 Result: True
234 Comment: Updated sysctl value vm.swappiness = 0
235 Started: 12:46:39.221788
236 Duration: 39.882 ms
237 Changes:
238 ----------
239 vm.swappiness:
240 0
241 ----------
242 ID: yum_repo_release
243 Function: pkg.installed
244 Result: True
245 Comment: All specified packages are already installed
246 Started: 12:46:47.608597
247 Duration: 13989.554 ms
248 Changes:
249 ----------
250 ID: zabbix-agent
251 Function: pkg.installed
252 Result: True
253 Comment: Package zabbix-agent is already installed
254 Started: 12:47:01.598548
255 Duration: 1.265 ms
256 Changes:
257 ----------
258 ID: zabbix-agent
259 Function: file.managed
260 Name: /etc/zabbix/zabbix_agentd.conf
261 Result: True
262 Comment: File /etc/zabbix/zabbix_agentd.conf updated
263 Started: 12:47:01.600712
264 Duration: 82.425 ms
265 Changes:
266 ----------
267 diff:
268 ---
269 +++
270 @@ -90,8 +90,6 @@
271 #
272 # Mandatory: no
273 # Default:
274 -# Server=
275 -
276 Server=192.168.137.11
277
278 ### Option: ListenPort
279 @@ -117,7 +115,7 @@
280 # Mandatory: no
281 # Range: 0-100
282 # Default:
283 -StartAgents=3
284 +# StartAgents=3
285
286 ##### Active checks related
287
288 @@ -133,7 +131,7 @@
289 # Default:
290 # ServerActive=
291
292 -#ServerActive=192.168.137.11
293 +ServerActive=192.168.137.11
294
295 ### Option: Hostname
296 # Unique, case sensitive hostname.
297 @@ -144,7 +142,7 @@
298 # Default:
299 # Hostname=
300
301 -Hostname=linux-node2
302 +Hostname=Zabbix server
303
304 ### Option: HostnameItem
305 # Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.
306 @@ -174,7 +172,7 @@
307 #
308 # Mandatory: no
309 # Default:
310 -HostMetadataItem=system.uname
311 +# HostMetadataItem=
312
313 ### Option: RefreshActiveChecks
314 # How often list of active checks is refreshed, in seconds.
315 ----------
316 ID: zabbix_agentd.d
317 Function: file.directory
318 Name: /etc/zabbix/zabbix_agentd.d
319 Result: True
320 Comment: Directory /etc/zabbix/zabbix_agentd.d is in the correct state
321 Started: 12:47:01.684357
322 Duration: 0.93 ms
323 Changes:
324 ----------
325 ID: zabbix-agent
326 Function: service.running
327 Result: True
328 Comment: Service restarted
329 Started: 12:47:01.751277
330 Duration: 275.781 ms
331 Changes:
332 ----------
333 zabbix-agent:
334 True
335
336 Summary for linux-node2.example.com
337 -------------
338 Succeeded: 12 (changed=8)
339 Failed: 0
340 -------------
341 Total states run: 12
342 Total run time: 14.788 s
8)创建top文件
|
1
2
3
4
|
vi /srv/salt/base/top.slsbase: '*': - init.init |
测试 salt "*" state.highstate test=True
执行 salt "*" state.highstate
3、pillar base初始化
1)zabbix agent配置,指定zabbix server地址,用于sls文件引用
|
1
2
3
4
|
mkdir -p /srv/pillar/base/zabbixvi /srv/pillar/base/zabbix/agent.slszabbix-agent: Zabbix_Server: 192.168.137.11 |
编写top,引用/srv/pillar/base/zabbix/agent文件
|
1
2
3
4
|
vi /srv/pillar/base/top.slsbase: '*': - zabbix.agent |
测试 salt '*' pillar.items
二、haproxy
|
1
2
3
4
5
6
7
8
9
|
mkdir -p /srv/salt/prod/modules/haproxymkdir -p /srv/salt/prod/modules/keepalivedmkdir -p /srv/salt/prod/modules/memcachedmkdir -p /srv/salt/prod/modules/nginxmkdir -p /srv/salt/prod/modules/phpmkdir -p /srv/salt/prod/modules/pkgmkdir -p /srv/salt/prod/clustermkdir -p /srv/salt/prod/modules/haproxy/files/mkdir -p /srv/salt/prod/cluster/files |
1)系统gcc编译包等
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
vi /srv/salt/prod/pkg/make.slsmake-pkg: pkg.installed: - names: - gcc - gcc-c++ - glibc - make - autoconf - openssl - openssl-devel - pcre - pcre-devel |
2) 自安装
|
1
2
3
4
5
6
|
cd /usr/local/src tar xvf haproxy-1.6.3.tar.gzcd haproxy-1.6.3/make TARGET=linux2628 PREFIX=/usr/local/haproxy-1.6.3make install PREFIX=/usr/local/haproxy-1.6.3ln -s /usr/local/haproxy-1.6.3 /usr/local/haproxy |
修改启动脚本,放入salt下
|
1
2
3
|
vi /usr/local/src/haproxy-1.6.3/examples/haproxy.initBIN=/usr/local/haproxy/sbin/$BASENAMEcp /usr/local/src/haproxy-1.6.3/examples/haproxy.init /srv/salt/prod/modules/haproxy/files/ |
haproxy-1.6.3.tar.gz安装包放入/srv/salt/prod/modules/haproxy/files/目录下
3)创建install.sls文件,用于安装haproxy
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
vi /srv/salt/prod/modules/haproxy/install.slsinclude: - modules.pkg.make haproxy-install: file.managed: - name: /usr/local/src/haproxy-1.6.3.tar.gz - source: salt://modules/haproxy/files/haproxy-1.6.3.tar.gz - mode: 755 - user: root - group: root cmd.run: - name: cd /usr/local/src && tar zxf haproxy-1.6.3.tar.gz && cd haproxy-1.6.3 && make TARGET=linux2628 PREFIX=/usr/local/haproxy-1.6.3 && make install PREFIX=/usr/local/haproxy-1.6.3 && ln -s /usr/local/haproxy-1.6.3 /usr/local/haproxy - unless: test -L /usr/local/haproxy - require: - pkg: make-pkg - file: haproxy-installhaproxy-init: file.managed: - name: /etc/init.d/haproxy - source: salt://modules/haproxy/files/haproxy.init - mode: 755 - user: root - group: root - require_in: - file: haproxy-install cmd.run: - name: chkconfig --add haproxy - unless: chkconfig --list| grep haproxy net.ipv4.ip_nonlocal_bind: sysctl.present: - value: 1haproxy-config-dir: file.directory: - name: /etc/haproxy - mode: 755 - user: root - group: root |
备注: “- unless” 如果unless后面的命令返回为True,那么就不执行当前状态命令
4)创建haproxy配置文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
vi /srv/salt/prod/cluster/files/haproxy-outside.cfgglobalmaxconn 100000chroot /usr/local/haproxyuid 99gid 99daemonnbproc 1pidfile /usr/local/haproxy/logs/haproxy.pidlog 127.0.0.1 local3 infodefaultsoption http-keep-alivemaxconn 100000mode httptimeout connect 5000mstimeout client 50000mstimeout server 50000mslisten statsmode httpbind 0.0.0.0:8888stats enablestats uri /haproxy-statusstats auth haproxy:saltstackfrontend frontend_www_example_combind 192.168.137.21:80mode httpoption httploglog globaldefault_backend backend_www_example_combackend backend_www_example_comoption forwardfor header X-REAL-IPoption httpchk HEAD / HTTP/1.0balance sourceserver web-node1 192.168.137.11:8080 check inter 2000 rise 30 fall 15server web-node2 192.168.137.12:8080 check inter 2000 rise 30 fall 15 |
创建haproxy-outside.sls文件,用于配置haproxy
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
vi /srv/salt/prod/cluster/haproxy-outside.slsinclude: - modules.haproxy.installhaproxy-service: file.managed: - name: /etc/haproxy/haproxy.cfg - source: salt://cluster/files/haproxy-outside.cfg - user: root - group: root - mode: 644 service.running: - name: haproxy - enable: True - reload: True - require: - cmd: haproxy-install - watch: - file: haproxy-service |
5)配置top file
|
1
2
3
4
5
6
7
|
vi /srv/pillar/base/top.slsbase: '*': - zabbix.agentprod: 'linux-node*': - cluster.haproxy-outside |
测试 salt "*" state.highstate test=True
执行 salt "*" state.highstate
结果:
三、keepalived
1)创建files目录,将keepalived-1.2.17.tar.gz安装包、keepalived.sysconfig、keepalived.init放入
|
1
|
mkdir -p /srv/salt/prod/modules/keepalived/files |
2)创建install.sls文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
vi /srv/salt/prod/modules/keepalived/install.sls{% set keepalived_tar = 'keepalived-1.2.17.tar.gz' %}{% set keepalived_source = 'salt://modules/keepalived/files/keepalived-1.2.17.tar.gz' %}keepalived-install: file.managed: - name: /usr/local/src/{{ keepalived_tar }} - source: {{ keepalived_source }} - mode: 755 - user: root - group: root cmd.run: - name: cd /usr/local/src && tar zxf {{ keepalived_tar }} && cd keepalived-1.2.17 && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install - unless: test -d /usr/local/keepalived - require: - file: keepalived-install/etc/sysconfig/keepalived: file.managed: - source: salt://modules/keepalived/files/keepalived.sysconfig - mode: 644 - user: root - group: root/etc/init.d/keepalived: file.managed: - source: salt://modules/keepalived/files/keepalived.init - mode: 755 - user: root - group: rootkeepalived-init: cmd.run: - name: chkconfig --add keepalived - unless: chkconfig --list | grep keepalived - require: - file: /etc/init.d/keepalived/etc/keepalived: file.directory: - user: root - group: root |
执行命令:salt '*' state.sls modules.keepalived.install saltenv=prod
3)创建keepalived配置文件haproxy-outside-keepalived.conf
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
! Configuration File for keepalivedglobal_defs { notification_email { saltstack@example.com } notification_email_from keepalived@example.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id {{ROUTEID}}}vrrp_instance haproxy_ha {state {{STATEID}}interface eth0 virtual_router_id 36priority {{PRIORITYID}} advert_int 1authentication {auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.137.21 }} |
创建haproxy-outside-keepalived.sls
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
vi /srv/salt/prod/cluster/haproxy-outside-keepalived.slsinclude: - modules.keepalived.installkeepalived-server: file.managed: - name: /etc/keepalived/keepalived.conf - source: salt://cluster/files/haproxy-outside-keepalived.conf - mode: 644 - user: root - group: root - template: jinja {% if grains['fqdn'] == 'linux-node1.example.com' %} - ROUTEID: haproxy_ha - STATEID: MASTER - PRIORITYID: 150 {% elif grains['fqdn'] == 'linux-node2.example.com' %} - ROUTEID: haproxy_ha - STATEID: BACKUP - PRIORITYID: 100 {% endif %} service.running: - name: keepalived - enable: True - watch: - file: keepalived-server |
4)将keepalived加入top FILE
|
1
2
3
4
5
6
7
8
|
vi /srv/salt/base/top.slsbase: '*': - init.initprod: 'linux-node*': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived |
测试 salt "*" state.highstate test=True
执行 salt "*" state.highstate
####################################################################################################
四、memcached
1)创建www用户
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
mkdir -p /srv/salt/prod/modules/uservi /srv/salt/prod/modules/user/www.slswww-user-group: group.present: - name: www - gid: 1000 user.present: - name: www - fullname: www - shell: /sbin/nologin - uid: 1000 - gid: 1000 |
2)libevent,将安装包放入/srv/salt/prod/modules/libevent/files
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
mkdir -p /srv/salt/prod/modules/libevent/filesvi /srv/salt/prod/modules/libevent/install.slslibevent-source-install: file.managed: - name: /usr/local/src/libevent-2.0.22-stable.tar.gz - source: salt://modules/libevent/files/libevent-2.0.22-stable.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /usr/local/src && tar zxf libevent-2.0.22-stable.tar.gz && cd libevent-2.0.22-stable && ./configure --prefix=/usr/local/libevent && make && make install - unless: test -d /usr/local/libevent - require: - file: libevent-source-install |
3)创建files目录,将memcached-1.4.24.tar.gz安装包放入
|
1
|
mkdir -p /srv/salt/prod/modules/memcached/files |
4)创建install.sls文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
vi /srv/salt/prod/modules/memcached/install.slsinclude: - modules.libevent.installmemcached-source-install: file.managed: - name: /usr/local/src/memcached-1.4.24.tar.gz - source: salt://modules/memcached/files/memcached-1.4.24.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /usr/local/src && tar zxf memcached-1.4.24.tar.gz && cd memcached-1.4.24&& ./configure --prefix=/usr/local/memcached --enable-64bit --with-libevent=/usr/local/libevent && make && make install - unless: test -d /usr/local/memcached - require: - cmd: libevent-source-install - file: memcached-source-install |
5)负责业务部分的放入一个目录,如bbs
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
mkdir -p /srv/salt/prod/bbsvi /srv/salt/prod/bbs/memcached.slsinclude: - modules.memcached.install - modules.user.wwwmemcached-service: cmd.run: - name: /usr/local/memcached/bin/memcached -d -m 128 -p 11211 -c 8096 -u www - unless: netstat -ntlp | grep 11211 - require: - cmd: memcached-source-install - user: www-user-group |
6)将memcached加入top FILE
|
1
2
3
4
5
6
7
8
9
10
11
|
vi /srv/salt/base/top.slsbase: '*': - init.initprod: 'linux-node*': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived 'linux-node2*': - bbs.memcached |
测试 salt "*" state.highstate test=True
执行 salt "*" state.highstate
五、php
1)php安装包和相关文件放入/srv/salt/prod/modules/php/files
|
1
|
mkdir -p /srv/salt/prod/modules/php/files |
2)创建install.sls
vi /srv/salt/prod/modules/php/install.sls
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
include: - modules.pkg.make - modules.user.wwwpkg-php: pkg.installed: - names: - swig - libjpeg-turbo - libjpeg-turbo-devel - libpng - libpng-devel - freetype - freetype-devel - libxml2 - libxml2-devel - zlib - zlib-devel - libcurl - libcurl-develphp-source-install: file.managed: - name: /usr/local/src/php-5.6.9.tar.gz - source: salt://modules/php/files/php-5.6.9.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf php-5.6.9.tar.gz && cd php-5.6.9&& ./configure --prefix=/usr/local/php-fastcgi --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-mysql=mysqlnd --with-jpeg-dir --with-png-dir --with-zlib --enable-xml --with-libxml-dir --with-curl --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex --with-openssl --enable-mbstring --with-gd --enable-gd-native-ttf --with-freetype-dir=/usr/lib64 --with-gettext=/usr/lib64 --enable-sockets --with-xmlrpc --enable-zip --enable-soap --disable-debug --enable-opcache --enable-zip --with-config-file-path=/usr/local/php-fastcgi/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www && make && make install - require: - file: php-source-install - user: www-user-group - unless: test -d /usr/local/php-fastcgipdo-plugin: cmd.run: - name: cd /usr/local/src/php-5.6.9/ext/pdo_mysql/ && /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install - unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/pdo_mysql.so - require: - cmd: php-source-installphp-fpm: file.managed: - name: /usr/local/php-fastcgi/etc/php-fpm.conf - source: salt://modules/php/files/php-fpm.conf.default - user: root - group: root - mode: 644php-fastcgi-service: file.managed: - name: /etc/init.d/php-fpm - source: salt://modules/php/files/init.d.php-fpm - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add php-fpm - unless: chkconfig --list | grep php-fpm - require: - file: php-fastcgi-service |
创建php-memcache.sls
vi /srv/salt/prod/modules/php/php-memcache.sls
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
memcache-plugin: file.managed: - name: /usr/local/src/memcache-2.2.7.tgz - source: salt://modules/php/files/memcache-2.2.7.tgz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf memcache-2.2.7.tgz && cd memcache-2.2.7&& /usr/local/php-fastcgi/bin/phpize && ./configure --enable-memcache --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install - unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/memcache.so require: - file: memcache-plugin - cmd: php-install |
创建php-redis.sls
vi /srv/salt/prod/modules/php/php-redis.sls
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
redis-plugin: file.managed: - name: /usr/local/src/redis-2.2.7.tgz - source: salt://modules/php/files/redis-2.2.7.tgz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf redis-2.2.7.tgz && cd redis-2.2.7&& /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install - unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/redis.so require: - file: redis-plugin - cmd: php-install |
执行命令:salt '*' state.sls modules.php.install saltenv=prod
六、nginx
1)nginx安装包和相关文件放入/srv/salt/prod/modules/nginx/files
|
1
|
mkdir -p /srv/salt/prod/modules/nginx/files |
2)创建install.sls
vi /srv/salt/prod/modules/nginx/install.sls
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
include: - modules.pkg.make - modules.user.wwwnginx-source-install: file.managed: - name: /usr/local/src/nginx-1.9.1.tar.gz - source: salt://modules/nginx/files/nginx-1.9.1.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf nginx-1.9.1.tar.gz && cd nginx-1.9.1&& ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module && make && make install && chown -R www:www /usr/local/nginx - unless: test -d /usr/local/nginx - require: - user: www-user-group - file: nginx-source-install - pkg: make-pkg |
创建service.sls
vi /srv/salt/prod/modules/nginx/service.sls
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
include: - modules.nginx.installnginx-init: file.managed: - name: /etc/init.d/nginx - source: salt://modules/nginx/files/nginx-init - mode: 755 - user: root - group: root cmd.run: - name: chkconfig --add nginx - unless: chkconfig --list | grep nginx - require: - file: nginx-init/usr/local/nginx/conf/nginx.conf: file.managed: - source: salt://modules/nginx/files/nginx.conf - user: www - group: www - mode: 644 nginx-service: service.running: - name: nginx - enable: True - reload: True - require: - cmd: nginx-init - watch: - file: /usr/local/nginx/conf/nginx.conf - file: nginx-onlinenginx-online: file.directory: - name: /usr/local/nginx/conf/vhost_onlinenginx-offline: file.directory: - name: /usr/local/nginx/conf/vhost_offline |
执行命令:salt '*' state.sls modules.nginx.install saltenv=prod
4)/srv/salt/prod/bbs/files/nginx-bbs.conf
|
1
2
3
4
5
6
7
8
9
10
11
|
server { listen 8080; root /usr/local/nginx/html; index index.htm index.html index.php; location ~ \.php$ { fastcgi_pass unix:/usr/local/php-fastcgi/php-fpm.sock; fastcgi_index index.php; include fastcgi.conf; } } |
5)/srv/salt/prod/bbs目录下创建web.sls
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
include: - modules.php.install - modules.php.php-memcache - modules.php.php-redis - modules.nginx.servicebbs-php: file.managed: - name: /usr/local/php-fastcgi/etc/php.ini - source: salt://bbs/files/php.ini-production - user: root - group: root - mode: 644 service.running: - name: php-fpm - enable: True - require: - cmd: php-fastcgi-service - watch: - file: bbs-phpweb-bbs: file.managed: - name: /usr/local/nginx/conf/vhost_online/bbs.conf - source: salt://bbs/files/nginx-bbs.conf - user: root - group: root - mode: 644 - require: - service: bbs-php - watch_in: - service: nginx-service |
执行命令:salt '*' state.sls bbs.web saltenv=prod
6)将php、nginx加入top FILE
vi /srv/salt/base/top.sls
|
1
2
3
4
5
6
7
8
9
10
11
|
base: '*': - init.initprod: 'linux-node*': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived - bbs.web 'linux-node2*': - bbs.memcached |
测试 salt "*" state.highstate test=True
执行 salt "*" state.highstate
SaltStack项目实战(一)的更多相关文章
- SaltStack项目实战(六)
SaltStack项目实战 系统架构图 一.初始化 1.salt环境配置,定义基础环境.生产环境(base.prod) vim /etc/salt/master 修改file_roots file_r ...
- SaltStack项目实战(二)
架构图: 配置思路 (1).系统初始化 Base环境下存放所有系统都要执行的状态,调整内核参数,dns,装zabbix-agent等 (2).功能模块(如:上面的haproxy) 如上面的haprox ...
- SaltStack项目实战(七)
上文 http://www.cnblogs.com/shhnwangjian/p/6027992.html 四.memcached 1)创建www用户 mkdir -p /srv/salt/prod/ ...
- Asp.Net Core 项目实战之权限管理系统(4) 依赖注入、仓储、服务的多项目分层实现
0 Asp.Net Core 项目实战之权限管理系统(0) 无中生有 1 Asp.Net Core 项目实战之权限管理系统(1) 使用AdminLTE搭建前端 2 Asp.Net Core 项目实战之 ...
- 给缺少Python项目实战经验的人
我们在学习过程中最容易犯的一个错误就是:看的多动手的少,特别是对于一些项目的开发学习就更少了! 没有一个完整的项目开发过程,是不会对整个开发流程以及理论知识有牢固的认知的,对于怎样将所学的理论知识应用 ...
- 【腾讯Bugly干货分享】React Native项目实战总结
本文来自于腾讯bugly开发者社区,非经作者同意,请勿转载,原文地址:http://dev.qq.com/topic/577e16a7640ad7b4682c64a7 “8小时内拼工作,8小时外拼成长 ...
- Asp.Net Core 项目实战之权限管理系统(0) 无中生有
0 Asp.Net Core 项目实战之权限管理系统(0) 无中生有 1 Asp.Net Core 项目实战之权限管理系统(1) 使用AdminLTE搭建前端 2 Asp.Net Core 项目实战之 ...
- Asp.Net Core 项目实战之权限管理系统(1) 使用AdminLTE搭建前端
0 Asp.Net Core 项目实战之权限管理系统(0) 无中生有 1 Asp.Net Core 项目实战之权限管理系统(1) 使用AdminLTE搭建前端 2 Asp.Net Core 项目实战之 ...
- Asp.Net Core 项目实战之权限管理系统(2) 功能及实体设计
0 Asp.Net Core 项目实战之权限管理系统(0) 无中生有 1 Asp.Net Core 项目实战之权限管理系统(1) 使用AdminLTE搭建前端 2 Asp.Net Core 项目实战之 ...
随机推荐
- 用 UI 多线程处理 WPF 大量渲染的解决方案
众所周知, WPF 的 UI 渲染是单线程的,所以如果我们异步或者新建线程去进行数据处理的时候,处理完,想要更新 UI 的时候,需要调用一下 Dispatcher.Invoke,将处理完的数据推入到 ...
- SQL Server Cross/Outer Apply
SQL Server2005引入了APPLY运算符,它非常像连接子句,它允许两个表达式直接进行连接,即将左/外部表达式和右/内部表达式连接起来. CROSS APPLY(类比inner join)和O ...
- linux下确认裸盘是否使用-渐入佳境
--作者:飞翔的小胖猪 --创建时间:2021年3月9日 6.1 概述 在私有云和虚拟化环境中业务方经常会根据自己的业务情况申请磁盘用作数据存储用.如果申请了磁盘但没有使用的情况,将极大的造成资源的浪 ...
- 构造方法及方法(重载)与this关键字的使用
一:构造方法的概念: 构造方法是一种特殊的方法,它是一个与类同名的方法.对象的创建就是通过构造方法来完成,其功能主要是完成对象的初始化.当类实例化一个对象时会自动调用构造方法. ...
- docker学习笔记(2)- 仓库
Docker仓库是镜像存储.分发.部署的关键,制作好应用程序镜像后上传到仓库,使用Docker daemon从仓库拉取后运行,我们可以使用官方共有仓库docker hub或者搭建私有仓库 Docker ...
- HBase海量数据高效入仓解决方案
一.方案背景 现阶段部分业务数据存储在HBase中,这部分数据体量较大,达到数十亿.大数据需要增量同步这部分业务数据到数据仓库中,进行离线分析,目前主要的同步方式是通过HBase的hive映射表来实现 ...
- CF802O题解
太厉害啦,出题人究竟是怎么想到的. 首先这题很显然可以使用费用流:对于 \(i \leq j\),连接一条边 \((i,j+n)\),流量为 \(1\),费用为 \(a_i+b_j\).最后连接 \( ...
- xxl-job踩坑记录——执行器,执行10分钟自动失败
问题描述 上一篇Docker 部署xxl-job 报错:xxl-rpc remoting error(connect timed out), for url : xxxxxx - 这行代码没Bug - ...
- 做一个能对标阿里云的前端APM工具(上)
APM 全称是 Application Performance Monitor,即性能监控 这篇文章有三个前提: 从产品形态上看这肯定不是一个能够媲美阿里产品的竞品,所以抱歉我碰瓷了.你可以把这里的阿 ...
- petite-vue源码剖析-逐行解读@vue/reactivity之reactive
在petite-vue中我们通过reactive构建上下文对象,并将根据状态渲染UI的逻辑作为入参传递给effect,然后神奇的事情发生了,当状态发生变化时将自动触发UI重新渲染.那么到底这是怎么做到 ...