saltstack部署lamp与zabbix
环境如下
主机名 | ip | 服务 |
---|---|---|
master | 192.168.47.115 | salt-master |
node1 | 192.168.47.120 | salt-minion |
[root@node1 ~]# yum -y install epel-*
[root@master lamp]# salt 'node1' test.ping
node1:
True
全局目录结构
[root@master ~]# cd /srv/salt/
[root@master salt]# tree base/
base/
├── apache
│ ├── files
│ │ ├── apr-1.7.0.tar.gz
│ │ ├── apr-util-1.6.1.tar.gz
│ │ ├── httpd-2.4.48.tar.gz
│ │ ├── httpd.service
│ │ └── install.sh
│ └── install.sls
├── lamp
│ ├── config.sls
│ ├── files
│ │ ├── httpd.conf
│ │ ├── index.php
│ │ └── my.cnf
│ └── install.sls
├── mysql
│ ├── files
│ │ ├── mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
│ │ ├── mysqld.service
│ │ ├── mysqld.sh
│ │ └── mysql.server
│ └── install.sls
├── php
│ ├── 1
│ ├── files
│ │ ├── init.d.php-fpm
│ │ ├── install.sh
│ │ ├── oniguruma-devel-6.8.2-2.el8.x86_64.rpm
│ │ ├── php-7.4.25.tar.gz
│ │ ├── php-fpm.conf.default
│ │ ├── php-fpm.service
│ │ ├── php.ini-production
│ │ └── www.conf.default
│ └── install.sls
└── zabbix
├── files
│ ├── httpd.conf
│ ├── init.d.php-fpm
│ ├── install.sh
│ ├── php-fpm.conf.default
│ ├── php.ini-production
│ ├── www.conf.default
│ └── zabbix-5.4.4.tar.gz
└── install.sls
10 directories, 34 files
apache
[root@master salt]# tree base/apache/
base/apache/
├── files
│ ├── apr-1.7.0.tar.gz
│ ├── apr-util-1.6.1.tar.gz
│ ├── httpd-2.4.48.tar.gz
│ ├── httpd.service.j2
│ └── install.sh
└── install.sls
[root@master ~]# cd /srv/salt/base/apache/
[root@master apache]# ls
files install.sls
[root@master apache]# cat install.sls
"Development Tools":
pkg.group_installed
httpd-dep-packages:
pkg.installed:
- pkgs:
- openssl-devel
- pcre-devel
- expat-devel
- libtool
- gcc
- gcc-c++
- make
create-httpd-user:
user.present:
- name: apache
- shell: /sbin/nologin
- createhome: false
- system: true
copy-software:
file.managed:
- names:
- /usr/src/apr-1.7.0.tar.gz:
- source: salt://apache/files/apr-1.7.0.tar.gz
- /usr/src/apr-util-1.6.1.tar.gz:
- source: salt://apache/files/apr-util-1.6.1.tar.gz
- /usr/src/httpd-2.4.48.tar.gz:
- source: salt://apache/files/httpd-2.4.48.tar.gz
salt://apache/files/install.sh:
cmd.script
- unless: test -d /usr/local/apache
/usr/lib/systemd/system/httpd.service:
file.managed:
- source: salt://apache/files/httpd.service.j2
- user: root
- group: root
- mode: '0644'
- template: jinja
[root@master files]# cat install.sh
#!/bin/bash
cd /usr/src
rm -rf apr-1.7.0 apr-util-1.6.1 httpd-2.4.48
tar xf apr-1.7.0.tar.gz
tar xf apr-util-1.6.1.tar.gz
tar xf httpd-2.4.48.tar.gz
cd /usr/src/apr-1.7.0
sed -i "/$RM "$cfgfile"/d" configure/
./configure --prefix=/usr/local/apr && make && make install
cd ../apr-util-1.6.1
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr && make && make install
cd ../httpd-2.4.48
./configure --prefix=/usr/local/apache \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/ \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork &&\
make && make install
[root@master files]# cat httpd.service
[Unit]
Description=Start httpd
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/apache/bin/apachectl start
ExecStop=/usr/local/apache/bin/apachectl stop
ExecReload=/bin/kill -WINCH
[Install]
WantedBy=multi-user.target
mysql
[root@master ~]# cd /srv/salt/base
[root@master base]# tree mysql/
mysql/
├── files
│ ├── mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
│ ├── mysqld.service
│ ├── mysqld.sh
│ └── mysql.server
└── install.sls
1 directory, 5 files
[root@master base]# cd mysql/
[root@master mysql]# ls
files install.sls
[root@master mysql]# cat install.sls
ncurses-compat-libs:
pkg.installed
mysql:
user.present:
- system: true
- createhome: false
- shell: /sbin/nologin
/usr/local:
archive.extracted:
- source: salt://mysql/files/mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
file.symlink:
- name: /usr/local/mysql
- target: /usr/local/mysql-5.7.34-linux-glibc2.12-x86_64
/usr/local/mysql:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- recurse:
- user
- group
/opt/data:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- makedirs: true
- recurse:
- user
- group
/etc/profile.d/mysqld.sh:
file.managed:
- source: salt://mysql/files/mysqld.sh
/usr/local/mysql/support-files/mysql.server:
file.managed:
- source: salt://mysql/files/mysql.server
- user: mysql
- group: mysql
- mode: '0755'
/usr/lib/systemd/system/mysqld.service:
file.managed:
- source: salt://mysql/files/mysqld.service
- user: root
- group: root
- mode: '0644'
mysql-initialize:
cmd.run:
- name: '/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data/'
- require: /usr/local/
- archive:
- file: /opt/data/
- user: mysql
- unless: test $(ls -l /opt/data/ |wc -l) -gt 1
[root@master mysql]# cd files/
[root@master files]# ls
mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz mysqld.service mysqld.sh mysql.server
[root@master files]# cat mysqld.sh
export PATH=/usr/local/mysql/bin:$PATH
[root@master files]# cat mysqld.service
[Unit]
Description=Start mysql
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/mysql/support-files/mysql.server start
ExecStop=/usr/local/mysql/support-files/mysql.server stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
php
[root@master ~]# cd /srv/salt/base/
[root@master base]# tree php/
php/
├── 1
├── files
│ ├── init.d.php-fpm
│ ├── install.sh
│ ├── oniguruma-devel-6.8.2-2.el8.x86_64.rpm
│ ├── php-7.4.25.tar.gz
│ ├── php-fpm.conf.default
│ ├── php-fpm.service
│ ├── php.ini-production
│ └── www.conf.default
└── install.sls
1 directory, 10 files
[root@master php]# cat install.sls
/tmp/oniguruma-devel-6.8.2-2.el8.x86_64.rpm:
file.managed:
- source: salt://php/files/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- user: root
- group: root
- mode: '0644'
cmd.run:
- name: yum -y install /tmp/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- unless: rpm -q oniguruma-devel
php-dep-package:
pkg.installed:
- pkgs:
- libxml2
- libxml2-devel
- libsqlite3x-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- libmcrypt
- libmcrypt-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- libzip
- libzip-devel
- mhash
- mhash-devel
- php-mysqlnd
- make
- gcc
- gcc-c++
/usr/src:
archive.extracted:
- source: salt://php/files/php-7.4.25.tar.gz
salt://php/files/install.sh:
cmd.script
- unless: test -d /usr/local/php7
copy-file-php:
file.managed:
- names:
- /usr/local/php7/etc/php-fpm.conf:
- source: salt://php/files/php-fpm.conf.default
- /usr/local/php7/etc/php-fpm.d/www.conf:
- source: salt://php/files/www.conf.default
- /etc/php.ini:
- source: salt://php/files/php.ini-production
- /etc/init.d/php-fpm:
- source: salt://php/files/init.d.php-fpm
- user: root
- group: root
- mode: '0755'
- /usr/lib/systemd/system/php-fpm.service:
- source: salt://php/files/php-fpm.service
- require:
- cmd: php-install
php-fpm.service:
service.running:
- enable: true
- reload: true
- require:
- file: php-copy-package
- watch:
- file: php-copy-package
lamp
[root@master ~]# cd /srv/salt/base/
[root@master base]# tree lamp/
lamp/
├── config.sls
├── files
│ ├── httpd.conf
│ ├── index.php
│ └── my.cnf
└── install.sls
1 directory, 5 files
[root@master base]# cd lamp/
[root@master lamp]# ls
config.sls files install.sls
[root@master lamp]# cat config.sls
/usr/local/apache/htdocs/test:
file.directory:
- user: apache
- group: apache
- mode: '0755'
- makedirs: true
- recurse:
- user
- group
copy-file:
file.managed:
- user: root
- group: root
- mode: '0644'
- names:
- /usr/local/apache/htdocs/test/index.php:
- source: salt://lamp/files/index.php
- /usr/local/apache/conf/httpd.conf:
- source: salt://lamp/files/httpd.conf
- /etc/my.cnf:
- source: salt://lamp/files/my.cnf
start-mysql:
service.running:
- name: mysqld
- enable: true
set-password:
cmd.run:
- name: /usr/local/mysql/bin/mysql -e "set password = password('123456');"
start-httpd:
service.running:
- name: httpd
- enable: true
php-fpm.service:
service.running:
- enable: true
[root@master lamp]# cat install.sls
include:
- apache.install
- mysql.install
- php.install
- lamp.config
使用salt
[root@master lamp]# salt 'node1' test.ping
node1:
True
[root@master lamp]# salt 'node1' state.sls lamp.install
·····
----------
ID: start-httpd
Function: service.running
Name: httpd
Result: True
Comment: Service httpd has been enabled, and is running
Started: 13:29:37.197483
Duration: 312.098 ms
Changes:
----------
httpd:
True
----------
ID: php-fpm.service
Function: service.running
Result: True
Comment: Service php-fpm.service has been enabled, and is running
Started: 13:29:37.509888
Duration: 432.704 ms
Changes:
----------
php-fpm.service:
True
Summary for node1
-------------
Succeeded: 36 (changed=35)
Failed: 0
-------------
Total states run: 36
Total run time: 1066.649 s
测试
zabbix
[root@master base]# tree zabbix/
zabbix/
├── files
│ ├── httpd.conf
│ ├── init.d.php-fpm
│ ├── install.sh
│ ├── php-fpm.conf.default
│ ├── php.ini-production
│ ├── www.conf.default
│ └── zabbix-5.4.4.tar.gz
└── install.sls
1 directory, 8 files
[root@master base]# cd zabbix/
[root@master zabbix]# ls
files install.sls
[root@master zabbix]# cat install.sls
zabbix-dep-package:
pkg.installed:
- pkgs:
- net-snmp-devel
- libevent-devel
- mysql-devel
create-zabbix-user:
user.present:
- name: zabbix
- shell: /sbin/nologin
- createhome: false
- system: true
/usr/src:
archive.extracted:
- source: salt://zabbix/files/zabbix-5.4.4.tar.gz
salt://zabbix/files/install.sh:
cmd.script
mkdir-directory-zabbix:
file.directory:
- name: /usr/local/apache/htdocs/zabbix
- user: apache
- group: apache
- mode: '0755'
- makedirs: true
- recurse:
- user
- group
/usr/local/apache/htdocs/zabbix:
file.recurse:
- source: salt://zabbix/files/zabbix
copy-files-php:
file.managed:
- names:
- /etc/php.ini:
- source: salt://zabbix/files/php.ini-production
- /usr/local/apache/conf/httpd.conf:
- source: salt://zabbix/files/httpd.conf
- /usr/local/etc/zabbix_server.conf:
- source: salt://zabbix/files/zabbix_server.conf
php-fpm.service:
service.running:
- reload: true
httpd:
service.running:
- reload: true
zabbix_server:
cmd.run
zabbix_agentd:
cmd.run
[root@master zabbix]# cd files/
[root@master files]# ls
httpd.conf install.sh php.ini-production zabbix zabbix-5.4.4.tar.gz zabbix_server.conf
[root@master files]# cat install.sh
#!/bin/bash
#/usr/local/mysql/bin/mysql -e "set password = password('123456');"
/usr/local/mysql/bin/mysql -uroot -p123456 -e "create database zabbix character set utf8 collate utf8_bin;"
/usr/local/mysql/bin/mysql -uroot -p123456 -e "grant all privileges on zabbix.* to 'zabbix'@'localhost' identified by 'zabbix123\!';"
/usr/local/mysql/bin/mysql -uroot -p123456 -e "flush privileges;"
cd /usr/src/zabbix-5.4.4/database/mysql && \
/usr/local/mysql/bin/mysql -uzabbix -p'zabbix123!' zabbix < schema.sql
/usr/local/mysql/bin/mysql -uzabbix -p'zabbix123!' zabbix < images.sql
/usr/local/mysql/bin/mysql -uzabbix -p'zabbix123!' zabbix < data.sql && \
cd /usr/src/zabbix-5.4.4 && \
./configure \
--enable-server \
--enable-agent \
--with-mysql \
--with-net-snmp \
--with-libcurl \
--with-libxml2 && \
make install
[root@master files]# cat php.ini-production
//修改以下参数
vim /etc/php.ini
post_max_size = 16
max_execution_time = 300
max_input_time = 300
date.timezone = Asia/Shanghai
[root@master files]# cat zabbix_server.conf
# Default:
DBPassword=zabbix123!
### Option: DBSocket
[root@master files]# cat httpd.conf
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/zabbix"
ServerName www.tanjie.com
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/usr/local/apache/htdocs/zabbix/
<Directory "/usr/local/apache/htdocs/zabbix">
Options none
AllowOverride none
Require all granted
</Directory>
</VirtualHost>
[root@master ~]# salt 'node1' state.sls zabbix.install