saltstack部署zabbix
1.搭建lamp
zabbix服务基于lamp部署的,首先搭建lamp。
//模块化,将安装与配置分离
[root@master prod]# pwd
/srv/salt/prod
[root@master prod]# ls
modules zabbix
[root@master prod]# tree modules/
modules/
├── application
│ └── php
│ ├── files
│ │ ├── init.d.php-fpm
│ │ ├── install.sh
│ │ ├── php-7.4.24.tar.xz
│ │ ├── php-fpm.conf.default
│ │ ├── php-fpm.service
│ │ ├── php.ini-production
│ │ └── www.conf.default
│ └── install.sls
├── database
│ └── mysql
│ ├── files
│ │ ├── mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
│ │ ├── mysql.conf
│ │ ├── mysqld.service
│ │ ├── mysql.server
│ │ └── mysql.sh
│ └── install.sls
└── web
└── httpd
├── files
│ ├── apr-1.7.0.tar.gz
│ ├── apr-util-1.6.1.tar.gz
│ ├── httpd-2.4.49.tar.gz
│ ├── httpd.conf
│ ├── httpd.service
│ └── install.sh
└── install.sls
9 directories, 21 files
//apache安装
//状态文件
[root@master prod]# cat modules/web/httpd/install.sls
"Development Tools":
pkg.group_installed
apache_depend_package:
pkg.installed:
- pkgs:
- openssl-devel
- pcre-devel
- expat-devel
- libtool
- gcc
- gcc-c++
- make
apache:
user.present:
- createhome: false
- system: true
- shell: /sbin/nologin
unzip-apr:
archive.extracted:
- name: /usr/src
- source: salt://modules/web/httpd/files/apr-1.7.0.tar.gz
unzip-apr-util:
archive.extracted:
- name: /usr/src
- source: salt://modules/web/httpd/files/apr-util-1.6.1.tar.gz
unzip-httpd:
archive.extracted:
- name: /usr/src
- source: salt://modules/web/httpd/files/httpd-2.4.49.tar.gz
salt://modules/web/httpd/files/install.sh:
cmd.script
/usr/local/apache/conf/httpd.conf:
file.managed:
- source: salt://modules/web/httpd/files/httpd.conf
- user: root
- group: root
- mode: '0644'
/usr/lib/systemd/system/httpd.service:
file.managed:
- user: root
- group: root
- mode: '0644'
- source: salt://modules/web/httpd/files/httpd.service
//编译安装脚本
[root@master prod]# cat modules/web/httpd/files/install.sh
#!/bin/bash
cd /usr/src/apr-1.7.0/
sed -i '/$RM "$cfgfile"/d' configure
./configure --prefix=/usr/local/apr && make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
cd ../apr-util-1.6.1/
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr && \
make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
cd ../httpd-2.4.49/
./configure --prefix=/usr/local/apache \
--enable-so \
--enable-ssl \
--enable-cgi \
--enable-rewrite \
--with-zlib \
--with-pcre \
--with-apr=/usr/local/apr \
--with-apr-util=/usr/local/apr-util/ \
--enable-modules=most \
--enable-mpms-shared=all \
--with-mpm=prefork \
&& make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//mysql的安装
//状态文件
[root@master prod]# cat modules/database/mysql/install.sls
ncurses-compat-libs:
pkg.installed
mysql:
user.present:
- createhome: false
- system: true
- shell: /sbin/nologin
/usr/local:
archive.extracted:
- source: salt://modules/database/mysql/files/mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
file.symlink:
- name: /usr/local/mysql
- target: /usr/local/mysql-5.7.34-linux-glibc2.12-x86_64
/usr/local/mysql:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- recurse:
- user
- group
/opt/data:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- makedirs: true
- recurse:
- user
- group
/etc/profile.d/mysql.sh:
file.managed:
- user: root
- group: root
- mode: '0644'
- source: salt://modules/database/mysql/files/mysql.sh
/etc/ld.so.conf.d/mysql.conf:
file.managed:
- source: salt://modules/database/mysql/files/mysql.conf
- user: root
- group: root
- mode: '0644'
/usr/local/mysql/support-files/mysql.server:
file.managed:
- source: salt://modules/database/mysql/files/mysql.server
- user: mysql
- group: mysql
- mode: '0755'
/usr/lib/systemd/system/mysqld.service:
file.managed:
- source: salt://modules/database/mysql/files/mysqld.service
- user: root
- group: root
- mode: '0644'
initialize-mysql:
cmd.run:
- name: '/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data'
//php安装
//状态文件
[root@master prod]# cat modules/application/php/install.sls
install-depend-php:
pkg.installed:
- pkgs:
- libxml2
- libxml2-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- libmcrypt
- libmcrypt-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- mhash
- mhash-devel
- php-mysqlnd
- libsqlite3x-devel
- libzip-devel
install-oniguruma-devel:
cmd.run:
- name: 'yum -y install http://mirror.centos.org/centos/8-stream/PowerTools/x86_64/os/Packages/oniguruma-devel-6.8.2-2.el8.x86_64.rpm'
/usr/src:
archive.extracted:
- source: salt://modules/application/php/files/php-7.4.24.tar.xz
salt://modules/application/php/files/install.sh:
cmd.script
copy-file-php:
file.managed:
- names:
- /usr/local/php7/etc/php-fpm.conf:
- source: salt://modules/application/php/files/php-fpm.conf.default
- /usr/local/php7/etc/php-fpm.d/www.conf:
- source: salt://modules/application/php/files/www.conf.default
- /etc/php.ini:
- source: salt://modules/application/php/files/php.ini-production
- /etc/init.d/php-fpm:
- source: salt://modules/application/php/files/init.d.php-fpm
- user: root
- group: root
- mode: '0755'
- /usr/lib/systemd/system/php-fpm.service:
- source: salt://modules/application/php/files/php-fpm.service
php-fpm.service:
service.running:
- enable: true
//编译安装脚本
[root@master prod]# cat modules/application/php/files/install.sh
!/bin/bash
cd /usr/src/php-7.4.24
./configure --prefix=/usr/local/php7 \
--with-config-file-path=/etc \
--enable-fpm \
--disable-debug \
--disable-rpath \
--enable-shared \
--enable-soap \
--with-openssl \
--enable-bcmath \
--with-iconv \
--with-bz2 \
--enable-calendar \
--with-curl \
--enable-exif \
--enable-ftp \
--enable-gd \
--with-jpeg \
--with-zlib-dir \
--with-freetype \
--with-gettext \
--enable-mbstring \
--enable-pdo \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-readline \
--enable-shmop \
--enable-simplexml \
--enable-sockets \
--with-zip \
--enable-mysqlnd-compression-support \
--with-pear \
--enable-pcntl \
--enable-posix && \
make -j $(grep 'processor' /proc/cpuinfo | wc -l) && make install
//配置
[root@master prod]# tree zabbix/
zabbix/
├── apache.sls //apache配置
├── files
│ ├── index.php
│ ├── my.cnf
│ └── vhosts.conf
├── main.sls
└── mysql.sls //mysql配置
//配置apache
[root@master prod]# cat zabbix/apache.sls
include: //导入apache安装
- modules.web.httpd.install
/usr/include/httpd:
file.symlink:
- target: /usr/local/apache/include
/usr/local/apache/htdocs/zabbix:
file.directory:
- user: root
- group: root
- mode: '0755'
- makedirs: true
/usr/local/apache/conf/extra/vhosts.conf:
file.managed:
- source: salt://zabbix/files/vhosts.conf
- user: root
- group: root
- mode: '0644'
/usr/local/apache/htdocs/zabbix/index.php:
file.managed:
- source: salt://zabbix/files/index.php
- user: root
- group: root
- mode: '0644'
httpd.service:
service.running:
- enable: true
//配置mysql
[root@master prod]# cat zabbix/mysql.sls
include: //导入mysql安装
- modules.database.mysql.install
mysql-depend-package:
pkg.installed:
- pkgs:
- ncurses-devel
- openssl-devel
- openssl
- cmake
- mariadb-devel
/usr/local/include/mysql:
file.symlink:
- target: /usr/local/mysql/include
/etc/my.cnf:
file.managed:
- source: salt://zabbix/files/my.cnf
- user: root
- group: root
- mode: '0644'
mysqld.service:
service.running:
- enable: true
ste-password-mysql:
cmd.run:
- name: /usr/local/mysql/bin/mysql -e "set password = password('123456');"
//导入lamp的安装和配置
[root@master prod]# cat zabbix/main.sls
include:
- zabbix.apache
- zabbix.mysql
- modules.application.php.install
//执行main.sls文件搭建lamp
[root@master prod]# salt '*' satet.sls zabbix.main