一、简述
最近学了django框架,恰好又学了saltstack,感觉saltstack是个非常不错的管理工具。但是命令行的操作多少没有图形界面直观,所以考虑搭建一个可以管理多个运维工具的在线管理平台。参考了众多开源资料,目前算是搭起来一个框架,欢迎感兴趣的同学们可以一起交流。
二、部署开始
1.架构
了解架构才能更好的部署与运用,简单画了个拓扑图
2.实验环境
操作系统:redhat7.2
需要的环境:
- Django 1.11.6
- Python 2.7.5
- Saltstack
- Salt API
- MariaDB
- MySQL-python
- Nginx
- uwsgi
3.pip 安装
后面用到pip会方便不少,我们就先安装pip
pip官网:https://pypi.python.org/pypi/pip
pip下载:https://pypi.python.org/packages/11/b6/abcb525026a4be042b486df43905d6893fb04f05aac21c32c638e939e447/pip-9.0.1.tar.gz#md5=35f01da33009719497f01a4ba69d63c9
安装pip需要setuptools
setuptools下载:https://pypi.python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz
下载pip和setuptools放到家目录
redhat7.2自带python,如无python需要下载安装
[root@server1 ~]# which python
/usr/bin/python
[root@server1 ~]# python
Python 2.7.5 (default, Oct 11 2015, 17:47:16)
[root@server1 ~]# ls
pip-9.0.1.tar.gz setuptools-7.0.tar.gz
[root@server1 setuptools-7.0]# python setup.py install
[root@server1 ~]# tar -zxf pip-9.0.1.tar.gz
[root@server1 ~]# cd pip-9.0.1/
[root@server1 pip-9.0.1]# python setup.py install
pip 安装完成
4.Saltstack安装
请参阅:
自动化运维工具SaltStack详细部署及用SaltStack实现自动部署lamp架构
这里简单示范
server1为master端,server2为minion端
[root@server1 ~]# vim /etc/yum.repos.d/saltstack.repo
[saltstack-repo]
name=SaltStack repo for RHEL/CentOS $releasever
baseurl=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest
enabled=1
gpgcheck=1
gpgkey=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest/SALTSTACK-GPG-KEY.pub
[root@server1 ~]# yum clean all
[root@server1 ~]# yum repolist
[root@server1 ~]# yum install -y salt-master
##server2一样配置,只不过安装的包不一样
[root@server2 ~]# yum install -y salt-minion
接下来进行配置
[root@server2 ~]# sed -i.bak 's/#master: salt/master: server1/g' /etc/salt/minion
[root@server1 ~]# systemctl start salt-master
[root@server2 ~]# systemctl start salt-minion
[root@server1 ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
server2
Rejected Keys:
配置成功
5.MariaDB安装
[root@server1 ~]# yum install -y mariadb-server
[root@server1 ~]# systemctl start mariadb
[root@server1 ~]# mysql ##刚装上是无密码的,为安全,我们设个密码吧
[root@server1 ~]# mysql_secure_installation ##出来提示除了输密码,其他均可直接回车
[root@server1 ~]# mysql -uroot -p
Enter password:
安装MySQL-python模块
[root@server1 ~]# yum install -y MySQL-python
MariaDB安装完成
6.nginx环境
请参阅:
nginx安装与基本配置
简单示范
下载好nginx放到根目录
[root@server1 ~]# tar -zxf nginx-1.12.1.tar.gz
[root@server1 ~]# cd nginx-1.12.1/
[root@server1 nginx-1.12.1]# sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h
[root@server1 nginx-1.12.1]# sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc
[root@server1 nginx-1.12.1]# yum install -y gcc-c++ pcre-devel openssl-devel
[root@server1 nginx-1.12.1]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-file-aio --with-threads --with-http_stub_status_module
[root@server1 nginx-1.12.1]# make && make install
[root@server1 nginx-1.12.1]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@server1 nginx-1.12.1]# nginx -t
[root@server1 nginx-1.12.1]# nginx
网页访问测试 http://172.25.27.1/
安装成功,后续再配置
7.Salt API安装配置
[root@server1 ~]# yum install -y salt-api
[root@server1 ~]# salt-api --version
salt-api 2017.7.2 (Nitrogen)
[root@server1 ~]# cd /etc/pki/tls/private
[root@server1 private]# openssl genrsa 2048 > localhost.key
Generating RSA private key, 2048 bit long modulus
.+++
...........+++
e is 65537 (0x10001)
[root@server1 private]# cd /etc/pki/tls/certs
[root@server1 certs]# make testcert
[root@server1 certs]# vim /etc/salt/master
default_include: master.d/*.conf ##注释去掉
[root@server1 ~]# useradd saltapi
[root@server1 ~]# passwd saltapi
[root@server1 ~]# vim /etc/salt/master.d/api.conf
rest_cherrypy:
port: 8000
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/private/localhost.key
[root@server1 ~]# vim /etc/salt/master.d/eauth.conf
external_auth:
pam:
saltapi:
- .*
- '@wheel'
- '@runner'
- '@jobs'
[root@server1 ~]# systemctl restart salt-master
[root@server1 ~]# systemctl start salt-api
7.Django开发环境搭建
- 用pip安装
[root@server1 ~]# pip install django==1.11.6
测试Django是否安装成功
[root@server1 ~]# python
>>> import django
>>> django.get_version()
'1.11.6'
Django 创建第一个项目HelloDjango
[root@server1 ~]# django-admin.py startproject HelloDjango
[root@server1 ~]# tree HelloDjango/
HelloDjango/
├── HelloDjango
│ ├── __init__.py
│ ├── settings.py
│ ├── urls.py
│ └── wsgi.py
└── manage.py
[root@server1 HelloDjango]# python manage.py runserver 0.0.0.0:8888
在浏览器输入你服务器的ip及端口号,如果正常启动,输出结果如下:
如果如下图所示,则修改settings文件即可
[root@server1 HelloDjango]# sed -i.bak 's/ALLOWED_HOSTS = \[\]/ALLOWED_HOSTS = \["*"\]/g' HelloDjango/settings.py
[root@server1 HelloDjango]# vim HelloDjango/view.py
from django.http import HttpResponse
def hello(request):
return HttpResponse("Hello Django ! ")
[root@server1 HelloDjango]# vim HelloDjango/urls.py
from django.conf.urls import url
#from django.contrib import admin
from . import view
urlpatterns = [
url(r'^hello/', view.hello),
]
[root@server1 HelloDjango]# python manage.py runserver 0.0.0.0:8888
访问 http://172.25.27.1:8888/hello/
如下图则django框架正常
8.下载并部署oms
代码已经放到github上,传送门:github
[root@server1 ~]# yum install git -y
[root@server1 ~]# git clone https://github.com/valor7/oms_valor7.git
[root@server1 ~]# cd oms_valor7/
[root@server1 oms-valor7]# vim oms_valor7/settings.py
1.Django数据库连接设置
1.建库并授权
[root@server1 oms-valor7]# mysql -p
MariaDB [(none)]> CREATE DATABASE saltDB;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL ON saltDB.* TO django@'localhost' IDENTIFIED BY 'redhat';
2.配置Django与数据库连接
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'saltDB',
'USER': 'django',
'PASSWORD': 'redhat',
'HOST': '127.0.0.1',
'PORT': '3306',
}
}
[root@server1 oms-valor7]# pip install xlwt
[root@server1 oms-valor7]# python manage.py makemigrations
[root@server1 oms-valor7]# python manage.py migrate
登录MariaDB数据库验证数据库同步
[root@server1 oms-valor7]# mysql -h127.0.0.1 -udjango -p
MariaDB [(none)]> USE saltDB;
MariaDB [saltDB]> SHOW tables;
+--------------------------------+
| Tables_in_saltDB |
+--------------------------------+
| asset_areas |
| asset_cities |
| asset_idcasset |
| asset_provinces |
同步成功,创建应用的超级登录用户
[root@server1 oms-valor7]# python manage.py createsuperuser
[root@server1 oms-valor7]# python manage.py runserver 0.0.0.0:9999
浏览器访问然后用刚才创建的用户登录
发现这里有台未授权主机,点击操作那一栏的加号,给它授权
也可以通过命令行输入命令
[root@server1 oms-valor7]# salt-key -A
来添加授权
OMS在线运维管理平台到这里就搭建就完成了,接下来整合NGINX
三、部署进阶
1.配置Nginx支持Django
1.安装uwsgi
[root@server1 ~]# pip install uwsgi
##如果出现以下错误:
plugins/python/uwsgi_python.h:2:20: fatal error: Python.h: No such file or directory
#include <Python.h>
^
compilation terminated.
----------------------------------------
Command "/usr/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-cj_mjG/uwsgi/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-sHka7Q-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-cj_mjG/uwsgi/
[root@server1 ~]# yum install python-devel
[root@server1 ~]# pip install uwsgi ##安装python-devel之后再安装就ok了
Collecting uwsgi
Using cached uwsgi-2.0.15.tar.gz
Installing collected packages: uwsgi
Running setup.py install for uwsgi ... done
Successfully installed uwsgi-2.0.15
[root@server1 ~]# uwsgi --version ##查看版本
2.0.15
- 测试uwsgi的可用性
[root@server1 ~]# vim uwsgi.py
def application(env, start_response):
start_response('200 OK', [('Content-Type','text/html')])
return "Hello Uwsgi"
[root@server1 ~]# uwsgi --http :8888 --wsgi-file uwsgi.py
访问 http://172.25.27.1:8888/ 出现以下结果则uwsgi 安装成功
2.配置NGINX支持uwsgi
Django结合了nginx之后就不需要再执行runserver来启动服务了,而且访问端口就是nginx的默认端口80,使用时方便许多
[root@server1 ~]# vim /usr/local/nginx/conf/nginx.conf
user root;
server {
listen 80;
server_name localhost;
#charset koi8-r;
root /root/oms_valor7;
#access_log logs/host.access.log main;
access_log logs/host.access.log;
location / {
root /root/oms_valor7;
include uwsgi_params;
uwsgi_pass 127.0.0.1:9999;
uwsgi_param UWSGI_CHDIR /root/oms_valor7;
uwsgi_param UWSGI_SCRIPT oms_valor7.wsgi;
}
location /static {
alias /root/oms_valor7/static;
}
3.uwsgi 配置
uwsgi支持ini、xml等多种配置方式,本文以 ini 为例, 在/root/oms_valor7/目录下新建uwsgi.ini,添加如下配置
[uwsgi]
chdir=/root/oms_valor7/
module=oms_valor7.wsgi:application
master=True
pidfile=/var/run/uwsgi9999.pid
vacuum=True
max-requests=5000
daemonize=/root/oms_valor7/uwsgi9999.log
socket=0.0.0.0:9999
4.启动服务,运行平台
重载nginx ,并将uwsgi后台运行
[root@server1 oms-valor7]# cd
[root@server1 ~]# mv oms-valor7 oms_valor7 ##配置文件里路径写串了,这里改下
[root@server1 oms-valor7]# nginx -t
[root@server1 oms-valor7]# nginx -s reload
[root@server1 oms-valor7]# uwsgi --ini uwsgi.ini &
直接访问ip即可
可以执行远程命令等
至此,OMS运维管理平台搭建完成