一、模块管理
1、管理文件,安装软件并更改其中文件
[root@server1 apache]# cat init.sls
apache:
pkg.installed:
- pkgs:
- httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/httpd.conf #相对路径/srv/salt
[root@server1 apache]# ls
httpd.conf init.sls
[root@server1 apache]# salt server2 state.sls apache #给server2安装apache
2、启动服务
apache:
pkg.installed:
- pkgs:
- httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/httpd.conf
service.running:
- name: httpd
3、更改文件时需要reload
service.running:
- name: httpd
- reload: true
- watch:
- file: apache
[root@server2 minion]# netstat -antlp #更改成功
tcp6 0 0 :::8080 :::* LISTEN 545/httpd
二、源码部署(生产环境不建议,过于冗长)
1、安装解压
[root@server1 nginx]# vim init.sls
[root@server1 nginx]# cat init.sls
install-nginx:
pkg.installed:
- pkgs:
- gcc
- make
- pcre-devel
- openssl-devel
archive.extracted:
- name: /mnt
- source: salt://nginx/nginx-1.17.10.tar.gz
[root@server1 nginx]# salt server4 state.sls nginx
[root@server4 ~]# ls /mnt/ #查看
nfs nginx-1.17.10
2、安装编译
[root@server1 nginx]# vim init.sls
[root@server1 nginx]# cat init.sls
install-nginx:
pkg.installed:
- pkgs:
- gcc
- make
- pcre-devel
- openssl-devel
archive.extracted:
- name: /mnt
- source: salt://nginx/nginx-1.17.10.tar.gz
cmd.run:
- name: cd /mnt/nginx-1.17.10 && sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/nginx
[root@server1 nginx]# salt server4 state.sls nginx
Comment: /usr/local/nginx exists #已经安装检验后不再重复
3、启动服务
(1)自己编写启动脚本
https://www.nginx.com/resources/wiki/start/topics/examples/systemd/
[root@server1 nginx]# \vi nginx.service
[root@server1 nginx]# cat nginx.service
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
(2)启动
[root@server1 nginx]# vim init.sls
[root@server1 nginx]# cat init.sls
install-nginx:
pkg.installed:
- pkgs:
- gcc
- make
- pcre-devel
- openssl-devel
archive.extracted:
- name: /mnt
- source: salt://nginx/nginx-1.17.10.tar.gz
cmd.run:
- name: cd /mnt/nginx-1.17.10 && sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/nginx
file.managed:
- name: /lib/systemd/system/nginx.service
- source: salt://nginx/nginx.service
[root@server1 nginx]# salt server4 state.sls nginx
[root@server4 nginx-1.17.10]# systemctl status nginx #识别成功
● nginx.service - The NGINX HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: inactive (dead)
(3)service.sls
[root@server1 nginx]# ls
init.sls nginx-1.17.10.tar.gz nginx.conf nginx.service service.sls
[root@server1 nginx]# cat service.sls
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/nginx.conf
service.running:
- name: nginx
- enable: true
- reload: true
- watch:
- file: /usr/local/nginx/conf/nginx.conf
[root@server1 nginx]# vim init.sls
[root@server1 nginx]# cat init.sls
install-nginx:
pkg.installed:
- pkgs:
- gcc
- make
- pcre-devel
- openssl-devel
archive.extracted:
- name: /mnt
- source: salt://nginx/nginx-1.17.10.tar.gz
cmd.run:
- name: cd /mnt/nginx-1.17.10 && sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/nginx
file.managed:
- name: /lib/systemd/system/nginx.service
- source: salt://nginx/nginx.service
include:
- nginx.service
错误:服务顺序有问题,先拷贝文件了,应该先安装软件包限制优先级。
(4)限制优先级
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/nginx.conf
- require:
- sls: nginx #限制先安装软件包
service.running:
- name: nginx
- enable: true
- reload: true
- watch:
- file: /usr/local/nginx/conf/nginx.conf