自动化运维工具SaltStack详细部署及用SaltStack实现自动部署lamp架构

一、SaltStack简介

Salt是一种全新的基础设施管理方式,部署轻松,在几分钟内可运行起来,扩展性好,很容易管理上万台服务器,速度够快,服务器之间秒级通讯。
SaltStack是一个服务器基础架构集中化管理平台,具备配置管理、远程执行、监控等功能,一般可以理解为简化版的puppet和加强版的func。SaltStack基于Python语言实现,结合轻量级消息队列(ZeroMQ)与Python第三方模块(Pyzmq、PyCrypto、Pyjinjia2、python-msgpack和PyYAML等)构建。

通过部署SaltStack环境,我们可以在成千上万台服务器上做到批量执行命令,根据不同业务特性进行配置集中化管理、分发文件、采集服务器数据、操作系统基础及软件包管理等,SaltStack是运维人员提高工作效率、规范业务配置与操作的利器。

既然这么强大,那我们赶紧来体验下吧

二、SaltStack基础安装与配置

为方便交流学习,将本次实验的脚本上传到csdn了,有需要的可以下载来看看:srv.tar.gz
里面包含本次实验的所有脚本,以及部分源码,由于资源大小限制,mysql-boost-5.7.17.tar.gz 分开上传的,地址:mysql-boost-5.7.17.tar.gz

1.本次测试环境

系统环境IP地址hostname角色
redhat6.5172.25.27.5server5master
redhat6.5172.25.27.6server6minion

2.安装

官方文档 : http://docs.saltstack.cn/topics/installation/rhel.html

  • master端
[root@server5 ~]# vim /etc/yum.repos.d/salt.repo       ##配置yum源
[saltstack-repo]
name=SaltStack repo for RHEL/CentOS $releasever
baseurl=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest
enabled=1
gpgcheck=1
gpgkey=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest/SALTSTACK-GPG-KEY.pub

[root@server5 ~]# yum clean all
[root@server5 ~]# yum repolist
[root@server5 ~]# yum install -y salt-master

[root@server5 ~]# scp /etc/yum.repos.d/salt.repo server6:/etc/yum.repos.d
  • minion端
[root@server6 ~]# yum install -y salt-minion

安装完成,接下来配置SaltStack

3.SaltStack配置

  • master端
[root@server5 ~]# /etc/init.d/salt-master start
  • minion端
[root@server6 ~]# vim /etc/salt/minion
master: server5
[root@server6 ~]# /etc/init.d/salt-minion start
[root@server6 ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      888/sshd            
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      966/master          
tcp        0      0 172.25.27.6:22              172.25.27.250:39334         ESTABLISHED 1015/sshd           
tcp        0      0 172.25.27.6:47171           172.25.27.5:4506            ESTABLISHED 1733/python2.6      
tcp        0      0 :::22                       :::*                        LISTEN      888/sshd            
tcp        0      0 ::1:25                      :::*                        LISTEN      966/master 
  • master端
[root@server5 ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
server6
Rejected Keys:
[root@server5 ~]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
server6
Proceed? [n/Y] y
Key for minion server6 accepted.
[root@server5 ~]# salt-key -L
Accepted Keys:
server6
Denied Keys:
Unaccepted Keys:
Rejected Keys:
  • minion端
[root@server6 ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      888/sshd            
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      966/master          
tcp        0      0 172.25.27.6:47173           172.25.27.5:4506            TIME_WAIT   -                   
tcp        0      0 172.25.27.6:47175           172.25.27.5:4506            TIME_WAIT   -                   
tcp        0      0 172.25.27.6:39463           172.25.27.5:4505            ESTABLISHED 1733/python2.6      
tcp        0      0 172.25.27.6:22              172.25.27.250:39334         ESTABLISHED 1015/sshd           
tcp        0      0 172.25.27.6:47171           172.25.27.5:4506            TIME_WAIT   -                   
tcp        0      0 172.25.27.6:47174           172.25.27.5:4506            TIME_WAIT   -                   
tcp        0      0 :::22                       :::*                        LISTEN      888/sshd            
tcp        0      0 ::1:25                      :::*                        LISTEN      966/master 
  • 查看连接的服务(非必须)
    • master端
[root@server5 ~]# yum install -y lsof
[root@server5 ~]# lsof -i :4505
COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
salt-mast 1458 root   16u  IPv4  14542      0t0  TCP *:4505 (LISTEN)
salt-mast 1458 root   18u  IPv4  17087      0t0  TCP server5:4505->server6:39463 (ESTABLISHED)

三、用SaltStack实现自动部署lamp架构

1.Apache安装

[root@server5 ~]# mkdir -p /srv/salt
[root@server5 ~]# /etc/init.d/salt-master restart
Stopping salt-master daemon:                               [  OK  ]
Starting salt-master daemon:                               [  OK  ]
[root@server5 ~]# cd /srv/salt
[root@server5 salt]# mkdir apache
[root@server5 salt]# cd apache/
[root@server5 apache]# mkdir files
[root@server5 apache]# cd files/
[root@server5 files]# wget http://mirror.bit.edu.cn/apache/httpd/httpd-2.2.34.tar.bz2
[root@server5 files]# cd ..
[root@server5 apache]# vim install.sls

include:
  - pkg.depends
  - useradd.www

apache-install:
  file.managed:
    - name: /mnt/httpd-2.2.34.tar.bz2
    - source: salt://apache/files/httpd-2.2.34.tar.bz2

  cmd.run:
    - name: cd /mnt && tar xjf httpd-2.2.34.tar.bz2 && cd httpd-2.2.34 && ./configure --prefix=/usr/local/apache --with-included-apr --enable-so --enable-deflate=shared --enable-expires=shared --enable-rewrite=shared --enable-static-support --disable-userdir && make && make install
#     - cmd.apache
    - creates: /usr/local/apache

/var/www/virthost/:
  file.directory:
    - mode: 755

/var/www/virthost/index.html:
  file.managed:
    - source: salt://apache/files/index.html

/usr/local/apache/conf/httpd.conf:
  file.managed:
    - source: salt://apache/files/httpd.conf

/usr/local/apache/conf/extra/httpd-vhosts.conf:
  file.managed:
    - source: salt://apache/files/httpd-vhosts.conf

/usr/local/apache/conf/extra/httpd-default.conf:
  file.managed:
    - source: salt://apache/files/httpd-default.conf

/usr/local/apache/conf/extra/httpd-mpm.conf:
  file.managed:
    - source: salt://apache/files/httpd-mpm.conf

/etc/init.d/apachectl:
  file.managed:
    - source: salt://apache/files/apachectl
    - mode: 755
[root@server5 salt]# mkdir pkg
[root@server5 salt]# cd pkg/
[root@server5 pkg]# vim depends.sls

depends:
  pkg.installed:
    - pkgs:
      - gcc
      - pcre-devel
      - openssl-devel
      - zlib-devel

[root@server5 salt]# mkdir useradd
[root@server5 salt]# vim useradd/www.sls

www:
  group.present:
    - gid: 110
  user.present:
    - uid: 110
    - gid: 110
    - shell: /sbin/nologin
    - home: /usr/local/apache
    - createhome: false
[root@server5 salt]# vim apache/start.sls

include:
  - apache.install
apache-start:
  service.running:
    - name: apachectl
    - enable: true
#    - reload: true
    - watch:
      - file: /usr/local/apache/conf/httpd.conf
      - file: /usr/local/apache/conf/extra/httpd-default.conf
      - file: /usr/local/apache/conf/extra/httpd-vhosts.conf
      - file: /usr/local/apache/conf/extra/httpd-mpm.conf
      - file: /var/www/virthost/index.html

需要在 /srv/salt/apache/files 文件夹下准备以下文件:

apachectl       ##启动脚本
httpd-2.2.34.tar.bz2    ##安装包
httpd.conf          ##apache配置文件
httpd-default.conf      ##缺省配置文件
httpd-mpm.conf      ##Apache进程管理
httpd-vhosts.conf   ##Apache虚拟主机
index.html      ##发布页面,内容随意

接下来测试

[root@server5 ~]# vim /srv/salt/top.sls
base:
  'server6':
    - apache.start

[root@server5 salt]# tree
├── apache
│   ├── files
│   │   ├── apachectl
│   │   ├── httpd-2.2.34.tar.bz2
│   │   ├── httpd.conf
│   │   ├── httpd-default.conf
│   │   ├── httpd-mpm.conf
│   │   ├── httpd-vhosts.conf
│   │   └── index.html
│   ├── install.sls
│   ├── start.sls
│   └── start.sls.bak
├── pkg
│   └── apache.sls
├── top.sls
└── useradd
    └── www.sls

[root@server5 salt]# vim apache/files/index.html
<h1> my apache test</h1>
[root@server5 ~]# salt 'server6' state.highstate

没有报错则安装成功
这里写图片描述

这里写图片描述

2.mysql安装

1.依赖解决

[root@server5 salt]# vim pkg/mysql.sls
depends-mysql:
  pkg.installed:
    - pkgs:
      - pcre-devel
      - openssl-devel
      - zlib-devel
      - gcc-c++
      - bison
      - ncurses
      - ncurses-devel

2.用户添加

mysql:
  group.present:
    - gid: 111
  user.present:
    - uid: 111
    - gid: 111
    - shell: /sbin/nologin
    - home: /usr/local/mysql
    - createhome: false

3.mysql安装

[root@server5 salt]# mkdir -p mysql/files
[root@server5 salt]# vim mysql/install.sls
include:
  - pkg.mysql
  - useradd.mysql

cmake-install:
  file.managed:
    - name: /mnt/cmake-2.8.12.1.tar.gz
    - source: salt://mysql/files/cmake-2.8.12.1.tar.gz

  cmd.run:
    - name: cd /mnt && tar -zxf cmake-2.8.12.1.tar.gz && cd cmake-2.8.12.1 && ./bootstrap && gmake && gmake install
    - creates: /usr/local/bin/cmake

mysql-install:
  file.managed:
    - name: /mnt/mysql-boost-5.7.17.tar.gz
    - source: salt://mysql/files/mysql-boost-5.7.17.tar.gz

  cmd.run:
    - name: cd /mnt && tar -zxf mysql-boost-5.7.17.tar.gz && cd mysql-5.7.17 && cp -r boost/boost_1_59_0 /usr/local && rm -rf CMakeCache.txt && cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data -DWITH_BOOST=/usr/local/boost_1_59_0/ -DSYSCONFDIR=/etc -DEFAULT_CHARSET=utf8mb4 -DDEFAULT_COLLATION=utf8mb4_general_ci -DENABLED_LOCAL_INFILE=1 -DEXTRA_CHARSETS=all && make -j2 && make install
    - creates: /usr/local/mysql

4.mysql 初始化

[root@server5 salt]# vim mysql/initialize.sls
include:
  - mysql.install

mysql-initialize:
  cmd.run:
    - name: chown -R mysql:mysql /usr/local/mysql && sed -i.bak '\/datadir=\/var\/lib\/mysql/i\character_set_server=gbk' /etc/my.cnf && sed -i.bak 'N;2idefault-character-set=gbk' /etc/my.cnf && sed -i.bak 'N;2i[client]' /etc/my.cnf && cd /usr/local/mysql/&& sed -i.bak 's/socket=\/var\/lib\/mysql\/mysql.sock/socket=\/tmp\/mysql.sock/g' /etc/my.cnf && ./bin/mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data && cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld && ln -s /usr/local/mysql/bin/mysql /usr/local/bin/mysql && chkconfig --add mysqld
    - creates: /usr/local/mysql/data/mysql

5.启动mysql服务

[root@server5 salt]# vim mysql/start.sls 
include:
  - mysql.initialize

mysql-start:
  service.running:
    - name: mysqld
    - enable: True
    - reload: true
    - require:
      - file: /etc/init.d/mysqld
    - watch:
      - file: /etc/my.cnf

6.准备相应的包和配置文件

官网下载MySQL源码
官网: http://www.mysql.com
下载下来的文件为:mysql-boost-5.7.17.tar.gz
放到/srv/salt/mysql/files 目录下,也可以下载最新版的,脚本需要相应的作以改动

[root@server5 salt]# cd mysql/files/
[root@server5 files]# wget https://cmake.org/files/v2.8/cmake-2.8.12.1.tar.gz

7.安装测试

[root@server5 salt]# vim top.sls 
base:
  'server6':
    - apache.start
    - mysql.start
├── apache
│   ├── files
│   │   ├── apachectl
│   │   ├── httpd-2.2.34.tar.bz2
│   │   ├── httpd.conf
│   │   ├── httpd-default.conf
│   │   ├── httpd-mpm.conf
│   │   ├── httpd-vhosts.conf
│   │   └── index.html
│   ├── install.sls
│   ├── start.sls
│   └── start.sls.bak
├── mysql
│   ├── files
│   │   ├── cmake-2.8.12.1.tar.gz
│   │   └── mysql-boost-5.7.17.tar.gz
│   ├── initialize.sls
│   ├── install.sls
│   └── start.sls
├── pkg
│   ├── apache.sls
│   └── mysql.sls
├── top.sls
└── useradd
    ├── mysql.sls
    └── www.sls
[root@server5 salt]# salt 'server6' state.highstate

这里写图片描述

测试登陆mysql 并修改数据库密码,密码在 /var/log/mysqld.log 文件里

[root@server6 ~]# mysql -uroot -p
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.7.17 Source distribution

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> set password for root@localhost=password('mypasswd');
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> 
mysql> exit
Bye
[root@server6 ~]# mysql -uroot -pmypasswd

3.php安装

1.依赖解决

[root@server5 salt]# vim pkg/php.sls
depends-php:
  pkg.installed:
    - pkgs:
      - gcc
      - pcre-devel
      - openssl-devel
      - zlib-devel
      - libxml2-devel.x86_64
      - openssl-devel.x86_64
      - bzip2-devel.x86_64
      - t1lib.x86_64
      - libjpeg-turbo-devel.x86_64
      - libpng-devel.x86_64
      - freetype-devel.x86_64
      - /mnt/libmcrypt-2.5.7-5.el6.art.x86_64.rpm
      - /mnt/libmcrypt-devel-2.5.7-5.el6.art.x86_64.rpm

2.安装php

[root@server5 salt]# mkdir -p php/files
[root@server5 salt]# vim php/install.sls 
libmcrypt-pkg:
  file.managed:
    - name: /mnt/libmcrypt-2.5.7-5.el6.art.x86_64.rpm
    - source: salt://php/files/libmcrypt-2.5.7-5.el6.art.x86_64.rpm
libmcrypt-devel-pkg:
  file.managed:
    - name: /mnt/libmcrypt-devel-2.5.7-5.el6.art.x86_64.rpm
    - source: salt://php/files/libmcrypt-devel-2.5.7-5.el6.art.x86_64.rpm

include:
  - pkg.php

php-install:
  file.managed:
    - name: /mnt/php-5.6.31.tar.bz2
    - source: salt://php/files/php-5.6.31.tar.bz2

  cmd.run:
    - name: cd /mnt && tar xjf php-5.6.31.tar.bz2 && cd php-5.6.31 && ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs --with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-bz2 --with-openssl --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-ftp --enable-mbstring --enable-sockets --enable-exif --disable-ipv6 && make -j2 && make install
    - creates: /usr/local/php

/usr/local/php/etc:
  file.directory:
    - mode: 755

/usr/local/php/etc/php.ini:
  file.managed:
    - source: salt://php/files/php.ini

3准备相应的包和配置文件

[root@server5 salt]# cd php/files/
[root@server5 salt]# wget http://cn2.php.net/distributions/php-5.6.31.tar.bz2
[root@server5 salt]# wget http://www6.atomicorp.com/channels/atomic/centos/6/x86_64/RPMS/libmcrypt-2.5.7-5.el6.art.x86_64.rpm
[root@server5 salt]# wget http://www6.atomicorp.com/channels/atomic/centos/6/x86_64/RPMS/libmcrypt-devel-2.5.7-5.el6.art.x86_64.rpm

[root@server5 salt]# tree
.
├── apache
│   ├── files
│   │   ├── apachectl
│   │   ├── httpd-2.2.34.tar.bz2
│   │   ├── httpd.conf
│   │   ├── httpd-default.conf
│   │   ├── httpd-mpm.conf
│   │   ├── httpd-vhosts.conf
│   │   └── index.html
│   ├── install.sls
│   ├── start.sls
│   └── start.sls.bak
├── mysql
│   ├── files
│   │   ├── cmake-2.8.12.1.tar.gz
│   │   ├── cmake-2.8.12.2-2.el7.x86_64.rpm
│   │   └── mysql-boost-5.7.17.tar.gz
│   ├── initialize.sls
│   ├── install.sls
│   └── start.sls
├── php
│   ├── files
│   │   ├── libmcrypt-2.5.7-5.el6.art.x86_64.rpm
│   │   ├── libmcrypt-devel-2.5.7-5.el6.art.x86_64.rpm
│   │   ├── my.cnf
│   │   ├── php-5.6.31.tar.bz2
│   │   └── php.ini
│   └── install.sls
├── pkg
│   ├── apache.sls
│   ├── mysql.sls
│   └── php.sls
├── top.sls
└── useradd
    ├── mysql.sls
    └── www.sls

3.测试

[root@server5 salt]# vim top.sls 
base:
  'server6':
    - apache.start
    - mysql.start
    - php.install
[root@server5 salt]# salt 'server6' state.highstate

这里写图片描述

这里写图片描述
这里写图片描述
这里写图片描述

值得注意的是
在完成部署之后,你访问lamp服务器可能显示是你写进去的代码,并没有用php解析,或者弹出一个下载文件的提示框,这个时候就是你的apache配置文件写的有问题,注意修改以下几行,如果下载的是我上传的文件,这几行也是需要做修改的

vim /srv/salt/apache/files/httpd.conf

Listen 80

LoadModule deflate_module modules/mod_deflate.so
LoadModule expires_module modules/mod_expires.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule php5_module modules/libphp5.so

User www
Group www

ServerName localhost:80

DocumentRoot "/var/www/virthost/"

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
#    Deny from all
    Allow from all
</Directory>

<Directory "/var/www/virthost/">

<IfModule dir_module>
    DirectoryIndex index.php index.html
</IfModule>

ErrorLog "logs/error_log"

    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType application/x-httpd-php .php

Include conf/extra/httpd-mpm.conf

Include conf/extra/httpd-info.conf

Include conf/extra/httpd-vhosts.conf

Include conf/extra/httpd-default.conf

结语

至此,自动化运维工具SaltStack详细部署及用SaltStack实现自动部署lamp架构成功,可以完整地推到一台新的机器上

参与评论 您还未登录,请先 登录 后发表或查看评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
©️2022 CSDN 皮肤主题:大白 设计师:CSDN官方博客 返回首页

打赏作者

Running_free

你的鼓励将是我创作的最大动力

¥2 ¥4 ¥6 ¥10 ¥20
输入1-500的整数
余额支付 (余额:-- )
扫码支付
扫码支付:¥2
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、C币套餐、付费专栏及课程。

余额充值