用saltstack搭建lamp架构
查看整体文件结构:
[root@master prod]# tree
.
├── modules
│ ├── application
│ │ └── php
│ │ ├── files
│ │ │ ├── init.d.php-fpm
│ │ │ ├── install.sh
│ │ │ ├── oniguruma-devel-6.8.2-2.el8.x86_64.rpm
│ │ │ ├── php-7.4.25.tar.gz
│ │ │ ├── php-fpm.conf.default
│ │ │ ├── php-fpm.service
│ │ │ ├── php.ini-production
│ │ │ └── www.conf.default
│ │ └── install.sls
│ ├── database
│ │ └── mysql
│ │ ├── files
│ │ │ ├── my.cnf
│ │ │ ├── mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
│ │ │ ├── mysqld.service
│ │ │ ├── mysqld.sh
│ │ │ └── mysql.server
│ │ └── install.sls
│ └── web
│ └── apache
│ ├── files
│ │ ├── apr-1.7.0.tar.gz
│ │ ├── apr-util-1.6.1.tar.gz
│ │ ├── httpd-2.4.48.tar.gz
│ │ ├── httpd.conf
│ │ ├── httpd.service
│ │ └── install.sh
│ └── install.sls
└── zabbix
├── apache.sls
├── files
│ ├── index.php
│ ├── my.cnf
│ ├── mysql.conf
│ └── vhosts.conf
├── main.sls
└── mysql.sls
编写 apache
[root@master apache]# pwd
/srv/salt/prod/modules/web/apache
[root@master apache]# vim install.sls
[root@master modules]# cat install.sls
"Development Tools":
pkg.group_installed
httpd-dep-pakcgae:
pkg.installed:
- pkgs:
- openssl-devel
- pcre-devel
- expat-devel
- libtool
- gcc
- gcc-c++
- make
create-user-apache:
user.present:
- name: apache
- createhome: false
- system: true
- shell: /sbin/nologin
copy-software-apache-pkg:
file.managed:
- names:
- /usr/src/apr-1.7.0.tar.gz:
- source: salt://modules/web/apache/files/apr-1.7.0.tar.gz
- /usr/src/apr-util-1.6.1.tar.gz:
- source: salt://modules/web/apache/files/apr-util-1.6.1.tar.gz
- /usr/src/httpd-2.4.48.tar.gz:
- source: salt://modules/web/apache/files/httpd-2.4.48.tar.gz
salt://modules/web/apache/files/install.sh:
cmd.script
/usr/local/apache/conf/httpd.conf:
file.managed:
- source: salt://modules/web/apache/files/httpd.conf
- user: root
- group: root
- mode: '0644'
/usr/lib/systemd/system/httpd.service:
file.managed:
- source: salt://modules/web/apache/files/httpd.service
- user: root
- group: root
- mode: '0644'
[root@master zabbix]# pwd
/srv/salt/prod/zabbix
[root@master zabbix]# vim apache.sls
[root@master zabbix]# cat apache.sls
include:
- modules.web.apache.install
/usr/include/httpd:
file.symlink:
- target: .usr/local/apache/include
/usr/local/apache/htdocs/zabbix:
file.directory:
- user: root
- group: root
- mode: '0755'
- makedirs: true
/usr/local/apache/conf/extra/vhosts.conf:
file.managed:
- source: salt://zabbix/files/vhosts.conf
- user: root
- group: root
- mode: '0644'
/usr/local/apache/htdocs/zabbix/index.php:
file.managed:
- source: salt://zabbix/files/index.php
- user: root
- group: root
- mode: '0644'
httpd.service:
service.running:
- enable: true
编写 mysql
[root@master mysql]# vim install.sls
[root@master mysql]# cat install.sls
ncurses-compat-libs:
pkg.installed
mysql:
user.present:
- system: true
- createhome: false
- shell: /sbin/nologin
/usr/local:
archive.extracted:
- source: salt://modules/database/mysql/files/mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
file.symlink:
- name: /usr/local/mysql
- target: /usr/local/mysql-5.7.35-linux-glibc2.12-x86_64
/usr/local/mysql:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- recurse:
- user
- group
/opt/data:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- makedirs: true
- recurse:
- user
- group
/etc/profile.d/mysqld.sh:
file.managed:
- source: salt://modules/database/mysql/files/mysqld.sh
- user: root
- group: root
- mode: '0755'
/usr/local/mysql/support-files/mysql.server:
file.managed:
- source: salt://modules/database/mysql/files/mysql.server
- user: mysql
- group: mysql
- mode: '0755'
/usr/lib/systemd/system/mysqld.service:
file.managed:
- source: salt://modules/database/mysql/files/mysqld.service
- user: root
- group: root
- mode: '0644'
mysql-initialize:
cmd.run:
- name: '/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data/'
[root@master mysql]# vim install.sls
[root@master mysql]# cat install.sls
ncurses-compat-libs:
pkg.installed
mysql:
user.present:
- system: true
- createhome: false
- shell: /sbin/nologin
/usr/local:
archive.extracted:
- source: salt://modules/database/mysql/files/mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
file.symlink:
- name: /usr/local/mysql
- target: /usr/local/mysql-5.7.35-linux-glibc2.12-x86_64
/usr/local/mysql:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- recurse:
- user
- group
/opt/data:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- makedirs: true
- recurse:
- user
- group
/etc/profile.d/mysqld.sh:
file.managed:
- source: salt://modules/database/mysql/files/mysqld.sh
- user: root
- group: root
- mode: '0755'
/usr/local/mysql/support-files/mysql.server:
file.managed:
- source: salt://modules/database/mysql/files/mysql.server
- user: mysql
- group: mysql
- mode: '0755'
/usr/lib/systemd/system/mysqld.service:
file.managed:
- source: salt://modules/database/mysql/files/mysqld.service
- user: root
- group: root
- mode: '0644'
mysql-initialize:
cmd.run:
- name: '/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data/'
[root@master zabbix]# pwd
/srv/salt/prod/zabbix
[root@master zabbix]# vim mysql.sls
[root@master zabbix]# cat mysql.sls
include:
- modules.database.mysql.install
lamp-dep-package:
pkg.installed:
- pkgs:
- ncurses-devel
- openssl-devel
- openssl
- cmake
- mariadb-devel
/usr/local/include/mysql:
file.symlink:
- target: /usr/local/mysql/include
/etc/ld.so.conf.d/mysql.conf:
file.managed:
- source: salt://zabbix/files/mysql.conf
- user: root
- group: root
- mode: '0644'
/etc/my.cnf:
file.managed:
- source: salt://zabbix/files/my.cnf
- user: root
- group: root
- mode: '0644'
mysqld.service:
service.running:
- enable: true
set-password-mysql:
cmd.run:
- name: /usr/local/mysql/bin/mysql -e "set password = password('147258');"
编写 php
[root@master php]# pwd
/srv/salt/prod/modules/application/php
[root@master php]# vim install.sls
[root@master php]# cat install.sls
/tmp/oniguruma-devel-6.8.2-2.el8.x86_64.rpm:
file.managed:
- source: salt://modules/application/php/files/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- user: root
- group: root
- mode: '0644'
cmd.run:
- name: yum -y install /tmp/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
php-dep-package:
pkg.installed:
- pkgs:
- libzip
- libzip-devel
- libxml2
- libxml2-devel
- libsqlite3x-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- libmcrypt
- libmcrypt-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- mhash
- mhash-devel
- php-mysqlnd
/usr/src:
archive.extracted:
- source: salt://modules/application/php/files/php-7.4.25.tar.gz
salt://modules/application/php/files/install.sh:
cmd.script
copy-file-php:
file.managed:
- names:
- /usr/local/php7/etc/php-fpm.conf:
- source: salt://modules/application/php/files/php-fpm.conf.default
- /usr/local/php7/etc/php-fpm.d/www.conf:
- source: salt://modules/application/php/files/www.conf.default
- /etc/php.ini:
- source: salt://modules/application/php/files/php.ini-production
- /etc/init.d/php-fpm:
- source: salt://modules/application/php/files/init.d.php-fpm
- user: root
- group: root
- mode: '0755'
- /usr/lib/systemd/system/php-fpm.service:
- source: salt://modules/application/php/files/php-fpm.service
php-fpm.service:
service.running:
- enable: true
编写总执行文件:
[root@master zabbix]# pwd
/srv/salt/prod/zabbix
[root@master zabbix]# vim main.sls
[root@master zabbix]# cat main.sls
include:
- zabbix.apache
- zabbix.mysql
- modules.application.php.install
最后执行:
[root@master zabbix]# salt 'node1' state.sls zabbix.main saltenv=prod
//node1上查看端口
[root@node1 ~]# ss -anlt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:9000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*
编写zabbix项目配置
[root@master ~]# tree /srv/salt/prod/zabbix/
/srv/salt/prod/zabbix/
├── apache.sls
├── files
│ ├── index.php
│ ├── my.cnf
│ ├── mysql.conf
│ └── vhosts.conf
├── main.sls
└── mysql.sls
1 directory, 7 files
[root@master ~]# cat /srv/salt/prod/zabbix/apache.sls
include:
- modules.web.httpd.install
/usr/include/httpd:
file.symlink:
- target: /usr/local/apache/include
/usr/local/apache/htdocs/zabbix:
file.directory:
- user: root
- group: root
- mode: '0755'
- makedirs: true
/usr/local/apache/conf/extra/vhosts.conf:
file.managed:
- source: salt://zabbix/files/vhosts.conf
- user: root
- group: root
- mode: '0664'
- require:
- cmd: httpd-install
/usr/local/apache/htdocs/zabbix/index.php:
file.managed:
- source: salt://zabbix/files/index.php
- user: root
- group: root
- mode: '0664'
httpd.service:
service.running:
- enable: true
- reload: true
- require:
- cmd: httpd-install
- file: /usr/lib/systemd/system/httpd.service
- watch:
- file: /usr/local/apache/conf/httpd.conf
- file: /usr/local/apache/conf/extra/vhosts.conf
[root@master ~]# cat /srv/salt/prod/zabbix/mysql.sls
include:
- modules.database.mysql.install
lamp-dep-package:
pkg.installed:
- pkgs:
- ncurses-devel
- openssl-devel
- openssl
- cmake
- mariadb-devel
- glibc
- glibc-gconv-extra
- libgcc
- libstdc++
/usr/local/include/mysql:
file.symlink:
- target: /usr/local/mysql/include
/etc/ld.so.conf.d/mysql.conf:
file.managed:
- source: salt://zabbix/files/mysql.conf
- user: root
- group: root
- mode: '0644'
/etc/my.cnf:
file.managed:
- source: salt://zabbix/files/my.cnf
- user: root
- group: root
- mode: '0644'
- watch_in:
- service: mysqld.service
mysqld.service:
service.running:
- enable: true
- reload: true
- require:
- archive: /usr/local
- file: /usr/lib/systemd/system/mysqld.service
- file: /etc/my.cnf
set-password-mysql:
cmd.run:
- name: /usr/local/mysql/bin/mysql -e "set password = password('1');"
- require:
- service: mysqld.service
- unless: /usr/local/mysql/bin/mysql -uroot -p1 -e 'exit'
[root@master ~]# cat /srv/salt/prod/zabbix/files/index.php
<?php
phpinfo();
?>
[root@master ~]# cat /srv/salt/prod/zabbix/files/my.cnf
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve
[root@master ~]# cat /srv/salt/prod/zabbix/files/mysql.conf
/usr/local/mysql/lib
[root@master ~]# cat /srv/salt/prod/zabbix/files/vhosts.conf
<VirtualHost *:80>
DocumentRoot "/usr/local/apache/htdocs/zabbix"
ServerName zabbix.example.com
ProxyRequests Off
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/usr/local/apache/htdocs/zabbix/$1
<Directory "/usr/local/apache/htdocs/zabbix">
Options none
AllowOverride none
Require all granted
</Directory>
</VirtualHost>
[root@master ~]# cat /srv/salt/prod/zabbix/main.sls
include:
- zabbix.apache
- zabbix.mysql
- modules.application.php.install
## 执行状态文件,部署lamp
[root@master prod]# salt 'minion' state.sls zabbix.main saltenv=prod
## minion上查看服务
[root@minion ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:9000 0.0.0.0:*
LISTEN 0 80 *:3306 *:*
LISTEN 0 128 *:80 *:*
LISTEN 0 128 [::]:22 [::]:*