本文详细介绍了使用SaltStack在Linux环境中部署LNMT(Linux, Nginx, MySQL, Tomcat)的全过程,包括批量安装salt-minion、配置证书、创建环境目录、配置各组件状态文件等步骤,最终实现Nginx与Tomcat的交互并验证成功访问。"
125379607,11384697,Python基础教程:文件操作与IO技术,"['Python', '开发语言', '文件操作', '序列化', '文件系统']
环境:
| 角色 | 主机名 | IP | 应用 |
|---|---|---|---|
| master | node01 | 172.16.78.125 | salt-master salt-ssh salt-minion |
| minion | nginx | 172.16.78.128 | nginx salt-minion |
| minion | mysql | 172.16.78.129 | mysql salt-minion |
| minion | tomcat | 172.16.78.130 | tomcat salt_minion |
步骤:
1. 使用salt-ssh进行批量安装salt-minion
关于如何使用批量安装可以参考 SaltStack之salt-ssh
[root@node01 ~]# vim /etc/salt/roster
node02:
host: 172.16.78.128
user: root
passwd: 123
node03:
host: 172.16.78.129
user: root
passwd: 123
node04:
host: 172.16.78.130
user: root
passwd: 123
[root@node01 ~]# salt-ssh '*' state.highstate
...省略状态执行返回值
Changes:
----------
salt-minion:
True
Summary for node04
------------
Succeeded: 5 (changed=5)
Failed: 0
------------
Total states run: 5
Total run time: 26.573 s
2. 接受minion的证书,并使用salt命令测试连通性
[root@node01 ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
mysql
nginx
tomcat
[root@node01 ~]# salt-key -yA
[root@node01 ~]# salt-key -L
Accepted Keys:
mysql
nginx
tomcat
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@node01 ~]# salt '*' test.ping
tomcat:
True
mysql:
True
nginx:
True
3. 创建环境目录
[root@node01 ~]# mkdir -p /srv/salt/base
[root@node01 ~]# cd /srv/salt/base/
[root@node01 base]# mkdir -p lnmt/{nginx,mysql,tomcat,repo}
[root@node01 base]# cd lnmt/
[root@node01 lnmt]# ls
mysql nginx tomcat repo
4. 配置repo状态文件
[root@node01 lnmt]# cd repo
[root@node01 repo]# mkdir file
[root@node01 repo]# cd file/
[root@node01 file]# wget https://mirrors.aliyun.com/repo/Centos-7.repo
[root@node01 file]# sed -i 's/\$releasever/7/g' Centos-7.repo
[root@node01 file]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' Centos-7.repo
[root@node01 file]# wget http://mirrors.aliyun.com/repo/epel-7.repo
[root@node01 file]# cd ..
[root@node01 repo]# vim repo.sls
/etc/yum.repos.d/Centos-7.repo:
file.managed:
- source: salt://lnmt/repo/file/Centos-7.repo
/etc/yum.repos.d/epel-7.repo:
file.managed:
- source: salt://lnmt/repo/file/epel-7.repo
cmd.run:
- name: yum clean all && yum makecache && yum -y groups mark install 'Development Tools'
pkg.installed:
- pkgs:
- pcre-devel
- openssl
- openssl-devel
- gd-devel
- gcc
- gcc-c++
- wget
5. 配置nginx状态文件
[root@node01 lnmt]# cd nginx/
[root@node01 nginx]# mkdir file
[root@node01 nginx]# cd file
[root@node01 file]# wget http://nginx.org/download/nginx-1.18.0.tar.gz
[root@node01 file]# vim install.sh
#!/bin/bash
cd /usr/src
tar xf nginx-1.18.0.tar.gz
cd nginx-1.18.0
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-debug \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_image_filter_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log && \
make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
-------------------------------------------------------------------
[root@node01 file]# vim nginx.service
[Unit]
Description=The nginx HTTP Server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true
[Install]
WantedBy=multi-user.target
-------------------------------------------------------------------
[root@node01 nginx]# vim install.sls
include:
- lnmt.repo.repo
/usr/src/nginx-1.18.0.tar.gz:
file.managed:
- source: salt://lnmt/nginx/file/nginx-1.18.0.tar.gz
/opt/install.sh:
file.managed:
- source: salt://lnmt/nginx/file/install.sh
cmd.run:
- name: /bin/bash /opt/install.sh
- unless: test -d /usr/src/nginx-1.18.0
nginx:
user.present:
- shell: /sbin/nologin
- createhome: False
- system: True
/var/log/nginx:
file.directory:
- user: nginx
- group: nginx
- mode: 644
- makedirs: True
/etc/systemd/system/nginx.service:
file.managed:
- source: salt://lnmt/nginx/file/nginx.service
cmd.run:
- name: systemctl daemon-reload
-------------------------------------------------------------------
[root@node01 nginx]# vim server.sls
nginx-server:
service.running:
- name: nginx
- enable: True
6. 配置mysql状态文件
[root@node01 base]# cd lnmt/mysql/
[root@node01 mysql]# mkdir file
[root@node01 mysql]# cd file
[root@node01 file]# wget https://dev.mysql.com/get/Downloads/MySQL-5.7/mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz
[root@node01 file]# vim my.cnf
[mysqld]
basedir = /usr/local/mysql
datadir = /opt/data
socket = /tmp/mysql.sock
port = 3306
pid-file = /opt/data/mysql.pid
user = mysql
skip-name-resolve
-------------------------------------------------------------------
[root@node01 file]# vim mysql.service
[Unit]
Description=MySQL Server
After=network.target
[Install]
WantedBy=multi-user.target
[Service]
Type=forking
TimeoutSec=0
PermissionsStartOnly=true
ExecStart=/usr/local/mysql/bin/mysqld --defaults-file=/etc/my.cnf --daemonize
LimitNOFILE = 65535
Restart=on-failure
RestartSec=3
RestartPreventExitStatus=1
PrivateTmp=false
-------------------------------------------------------------------
[root@node01 mysql]# vim install.sls
include:
- lnmt.repo.repo
Install-dependency-package:
pkg.installed:
- pkgs:
- ncurses-devel
- cmake
- mariadb-devel
- libaio
- libaio-devel
mysql:
user.present:
- shell: /sbin/nologin
- createhome: False
- system: True
/usr/src/mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz:
file.managed:
- source: salt://lnmt/mysql/file/mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz
cmd.run:
- name: cd /usr/src && tar xf mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz -C /usr/local/
- unless: test -d /usr/local/mysql-5.7.30-linux-glibc2.12-x86_64
/usr/local/mysql:
file.symlink:
- target: /usr/local/mysql-5.7.30-linux-glibc2.12-x86_64
cmd.run:
- name: chown -R mysql.mysql /usr/local/mysql && echo 'export PATH=/usr/local/mysql/bin:$PATH' > /etc/profile.d/mysql.sh
/opt/data:
file.directory:
- user: mysql
- group: mysql
- mode: 755
- makedirs: True
init_mysql:
cmd.run:
- name: /usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data
- unless: test -d /opt/data/mysql
/usr/local/include/mysql:
file.symlink:
- target: /usr/local/mysql/include
cmd.run:
- name: echo '/usr/local/mysql/lib' > /etc/ld.so.conf.d/mysql.conf && ldconfig
/etc/my.cnf:
file.managed:
- source: salt://lnmt/mysql/file/my.cnf
/usr/lib/systemd/system/mysqld.service:
file.managed:
- source: salt://lnmt/mysql/file/mysql.service
- user: root
- group: root
- mode: 644
cmd.run:
- name: systemctl daemon-reload
-------------------------------------------------------------------
[root@node01 mysql]# vim server.sls
mysql-server:
service.running:
- name: mysqld
- enable: True
7. 配置tomcat状态文件
[root@node01 lnmt]# cd tomcat/
[root@node01 tomcat]# mkdir file
[root@node01 tomcat]# cd file/
[root@node01 file]# wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-9/v9.0.37/bin/apache-tomcat-9.0.37.tar.gz
[root@node01 tomcat]# cat install.sls
include:
- lnmt.repo.repo
install_java_package:
pkg.installed:
- pkgs:
- java-1.8.0-openjdk
- java-1.8.0-openjdk-devel
/usr/src/apache-tomcat-9.0.37.tar.gz:
file.managed:
- source: salt://lnmt/tomcat/file/apache-tomcat-9.0.37.tar.gz
cmd.run:
- name: cd /usr/src && tar xf apache-tomcat-9.0.37.tar.gz -C /usr/local/
- unless: test -d /usr/local/apache-tomcat-9.0.37
/usr/local/tomcat:
file.symlink:
- target: /usr/local/apache-tomcat-9.0.37
-------------------------------------------------------------------
[root@node01 tomcat]# cat server.sls
tomcat_server:
cmd.run:
- name: /usr/local/tomcat/bin/catalina.sh start
8. 配置nginx与tomcat交互
[root@node01 nginx]# cat file/nginx.conf
...
#access_log logs/host.access.log main;
location / {
proxy_pass http://172.16.78.130:8080; //修改此行
}
...
[root@node01 nginx]# cat config.sls
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://lnmt/nginx/file/nginx.conf
nginx:
service.running:
- reload: True
- watch:
- file: /usr/local/nginx/conf/nginx.conf
9. 配置高级状态
[root@node01 base]# vim top.sls
base:
'nginx':
- lnmt.nginx.install
- lnmt.nginx.server
- lnmt.nginx.config
'mysql':
- lnmt.mysql.install
- lnmt.mysql.server
'tomcat':
- lnmt.tomcat.install
- lnmt.tomcat.server
10. 整个base环境结构
[root@node01 base]# tree
.
└── lnmt
├── mysql
│ ├── file
│ │ ├── my.cnf
│ │ ├── mysql-5.7.30-linux-glibc2.12-x86_64.tar.gz
│ │ └── mysql.service
│ ├── install.sls
│ └── server.sls
├── nginx
│ ├── config.sls
│ ├── file
│ │ ├── install.sh
│ │ ├── nginx-1.18.0.tar.gz
│ │ ├── nginx.conf
│ │ └── nginx.service
│ ├── install.sls
│ └── server.sls
├── repo
│ ├── file
│ │ ├── Centos-7.repo
│ │ └── epel-7.repo
│ └── repo.sls
└── tomcat
├── file
│ └── apache-tomcat-9.0.37.tar.gz
├── install.sls
└── server.sls
9 directories, 18 files
11. 执行高级状态
[root@node01 base]# salt '*' state.highstate
...省略状态返回值
12. 访问验证
访问nginx服务器IP,成功跳转至tomcat页面了
4703
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
