角色 | 主机-ip | 部署安装 | 安装服务 |
---|---|---|---|
master | 172.25.30.1 | Salt-master;monion | monion haprox |
minion | 172.25.30.2 | Salt-minion | apache |
minion | 172.25.30.3 | Satt-minion | nginx |
一: 环境搭建安装
master:安装部署:
vim /etc/yum.repos.d/rhel-source.repo #配置yum源
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.30.250/rhel6.5
enabled=1
gpgcheck=0
[salt]
name=salt-stack
baseurl=http://172.25.30.250/rhel6
enabled=1
gpgcheck=0
[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.30.250/rhel6.5/LoadBalancer
enabled=1
gpgcheck=0
~
yum install salt-master -y
/etc/init.d/salt-master start
yum install tree lsof -y
Minion:server2;server3------>server1
yum install salt-minion
vim /etc/salt/minion#修改master:建立连接:
/etc/init.d/salt-minion start #4505端口
yum install tree -y
yum install lsof -y
master:
salt-key -L #列出salt-key
salt-key -A #接受所有Accept
salt-key -L
4505——>建立连接:
yum install -y python-setproctitle.x86_64
/etc/init.d/salt-master restart
ps -ax
vim master #定义base目录位置
/etc/init.d/salt-master restart
二.server2:安装部署httpd
安装php;httpd;修改httpd端口为8080
Vim /srv/salt/httpd/install.sls
apache-install: #安装apache
pkg.installed: #php;apche
- pkgs:
- httpd
- php
service.running:
- name: httpd
- enable: True #开机自启
- reload: True # 重新加载
- watch: 监控配置文件
- file: /etc/httpd/conf/httpd.conf
/etc/httpd/conf/httpd.conf:
file.managed:
- source: salt://httpd/files/httpd.conf #配置文件目录
- mode: 644 #权限
- user: root
vim /srv/salt/files/httpd.conf #在master端修改端口为8080
salt server2 state.sls httpd.install #推送/srv/salt/httpd/install.sls安装http 格式为sls在这里base路径为
三.Server3源码安装nginx:
cd /srv/salt/ #base根目录
mkdir nginx
mkdir files #存放了一个源码安装包
vim nginx/nginx.sls: 安装nginx
nginx.install:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
file.managed:
- name: /mnt/nginx-1.14.0.tar.gz
- source: salt://nginx/files/nginx-1.14.0.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-threads --with-file-aio &> /dev/null && make &> /dev/null && make install &> /dev/null
- create: /usr/local/nginx #如果有该目录则不执行编译安装动作
salt server2 state.sls nginx.nginx
节藕:有些时候我们需要安装但不需要运行有时候我们已经安装了只想开启服务这个时候可以利用节藕不同服务启用不同脚本。
cd /srv/salt/nginx
vim service.sls
cd /srv/salt/files #下载nginx脚本和配置文件
vim service.sls: #运行调用安装脚本
include:
- nginx.nginx #调用nginx/nginx.sls文件
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf #源配置文件
nginx-service:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx
- mode: 755
service.running:
- name: nginx
- reload: True
- watch:
- file: /usr/local/nginx/conf/nginx.conf
salt server2 state.sls nginx.service
创建nginx用户:
cd /srv/salt/
mkdir user
vim user/nginx_user.sls
nginx-group: #创建用户组
group.present:
- name: nginx
- gid: 800
nginx-user: #创建用户
user.present:
- name: nginx
- uid: 800
- gid: 800
- shell: /sbin/nologin
- createhome: False #不创建家目录
- home: /usr/local/nginx #家目录
在service中调用安装nginx和创建nginx脚本来实现安装源码nginx和创建nginx用户
vim /srv/salt/nginx/service.sls
include:
- user.nginx_user
- nginx.nginx
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
nginx-service:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx
- mode: 755
service.running:
- name: nginx
- reload: True
- watch:
- file: /usr/local/nginx/conf/nginx.conf
四.Haproxy:server1代理实现nginx和httpd均衡负载
cd /srv/salt/
mkdir haproxy
mkdir files
vim /etc/salt/haproxy/install.sls
haproxy_install:
pkg.installed:
- pkgs:
- haproxy
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://haproxy/files/haproxy.cfg
service.running:
- name: haproxy
- reload: True
- watch:
- file: haproxy_install
~
vim haproxy/files/haproxy.cfg #实现负载均衡
实现proxy负载均衡:
五.建立一个顶层模块
vim /srv/salt/top.sls # 顶层模块
base:
'server1':
- haproxy.install #server1安装haproxy;调用haproxy/install.sls
'server2':
- httpd.install #server2安装httpd;调用httpd/install.sls
'server3':
- nginx.service # server3安装nginx;调用nginx/service.sls
~
salt '*' state.highstate #高级推送
Server1-----haproxy:
Server2:nginx源码安装—–>创建nginx用户
六.修改模块名称:
1.修改minion配置文件:
vim /etc/salt/minion
/etc/init.d/salt-minion restart
2.编辑文件grains
vim /etc/salt/minion
roles:
- nginx
3.编辑py模块
mkdir /srv/salt/_grains
vim my_grains.py
#!/usr/bin/env python
def my_grains():
grains = {}
grains['server2'] = 'apache'
grains['salt'] = 'nginx'
return grains
salt server2 saltutil.sync_grains
在控制主机更改:
vim /etc/salt/master
mkdir /srv/pillar
cd /srv/pillar
mkdir web
vim web/install.sls
{% if grains['fqdn']== 'server2' %}
webserver: httpd
{% elif grains['fqdn']== 'server3'%}
webserver: nginx
{% endif %}
vim /srv/pillar/top.sls
base:
'*':
- web.install
Jinja:
cd /srv/salt/httpd/
vim install.sls #导入jinja模块设置变量引入配置文件
vim files/httpd.conf
Sever2:
引入局部变量优先级大于全局变量:
cd /srv/salt/httpd
vim lib.sls #设置端口为80
在配置文件导入该文件port变量:在模块最上面导入文件是在base路径下的:
推送:salt server2 state.sls httpd.install (pk-----80赢)
grain模块:
vim install.sls
vim files/httpd.conf
Pillar---->引入更改变量:
vim /srv/pillar/web/install.sls
vim /srv/salt/httpd/install.sls
salt server2 state.sls httpd.install