首先在/srv/salt下创建nginx目录
创建files文件夹将nginx的压缩文件放在这里
将nginx.conf文件也放在这里(将前面实验编译好的文件copy过来)
创建pkgs文件夹
写编译所需要为的库的安装文件pkgs.sls
nginx-make:
pkg.installed:
- pkgs:
- gcc
- make
- zlib-devel
- pcre-devel
创建nginx的安装脚本
include:
- pkgs.install
install-nginx:
file.managed:
- name: /mnt/nginx-1.15.8.tar.gz
- source: salt://nginx/files/nginx-1.15.8.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.15.8.tar.gz && cd nginx-1.15.8 && sed -i 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx && make && make install
- creates: /usr/local/nginx
创建nginx服务的启动脚本
并在修改nginx.conf后重启,
将所有脚本融合在一起
将nginx在子节点关闭
将所有进程杀死
kill -9 进程ID
在files配置将nginx添加到以systemd管理的配置文件
[Unit]
Description=The NGINX HTTP Server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.targe
修改service.sls
include:
- nginx.install
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
service-nginx:
file.managed:
- name: /usr/lib/systemd/system/nginx.service
- source: salt://nginx/files/nginx.service
service.running:
- name: nginx
- reload: True
- watch:
- file: /usr/local/nginx/conf/nginx.conf
执行salt server6(针对的主机) state.sls(执行的文件格式) nginx.service(执行的nginx下的servie)
保留字
默认保留字
系统上会有默认保留字访问还是非常快的
创建保留字
第一种方法在子节点的配置文件中添加
/etc/salt/minion
找到roles添加
重启minion
在主节点测试
salt server5 grains.item roles
第二种方法
在server6
在/etc/salt中创建
重启
测试
第三种方法
动态保留字
在master将pillar注释去掉
指定的文件不存在所以创建/srv/pillar
在pillar创建web为了好分类
写文件vars.sls
{% if grains['fqdn'] == 'server5' %}
webserver: httpd
{% elif grains['fqdn'] == 'server6' %}
webserver: nginx
{% endif %}
在pillar下写文件top.sls
base:
'*':
- web.vars
刷新
salt '*' saltutil.refresh_pillar
测试
salt '*' pillar.items
salt server5 pillar.items webserver
salt server6 pillar.items webserver
jinja模版
变量的添加
在install.sls文件中在-source下面添加
- template: jinjia
- context:
port: 80
将端口作为参数
将files下的httpd.conf中监听的端口修改为{{ port }}
推送
将主机名也作为变量测试
在install.sls添加host: 172.25.30.5
在httpd.conf{{ port }}前添加{{host}}:
去掉reload那一行
去掉是将reload策略换成restart默认是restart
将install.sls里面的host改成{{ grains['ipv4'][-1] }}
也可以在httpd.conf里修改
也可以在pillar里修改
将install.sls里的host改成{{ pillar['ip'] }}
将httpd.conf里改回host
在/srv/pillar/web下添加ip: 172.25.30.5
将http.conf下的listen{{ pillar['ip'] }}:{{ port }}
端口
在apache下创建lib.sls
{% set port = '80' %}
在httpd.conf第一行添加{% from 'apache/lib.sls' import port %}
实现keepalived高可用
在/srv/salt下创建keepalived文件夹
创建keepalived的安装文件install.sls
install-keepalived:
pkg.installed:
- pkgs:
- keepalived
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://keepalived/files/keepalived.conf
- template: jinja
- context:
STATE: {{ pillar['state'] }}
VRID: {{ pillar['vrid'] }}
PRIORITY: {{ pillar['priority'] }}
service.running:
- name: keepalived
# - reload: true
- watch:
- file: install-keepalived
在keepalived下创建files
将keepalived.conf拷贝过来进行修改
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id {{ VRID }}
priority {{ PRIORITY }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.30.100
}
}
将pillar下的web下的vars.sls添加变量
{% if grains['fqdn'] == 'server5' %}
ip: 172.25.30.5
state: MASTER
vrid: 30
priority: 100
{% elif grains['fqdn'] == 'server6' %}
state: BACKUP
vrid: 30
priority: 50
{% endif %}
在salt下top.sls
base:
'roles:apache':
- match: grain
- apache.install
- keepalived.install
'roles:nginx':
- match: grain
- nginx.service
- keepalived.install
将httpd的httpd.conf里修改listen
Listen {{ port }}
在server5的/var/www/html下创建index.html server5
推送
salt '*' state.highstate
测试
在server5上查看vip
在浏览器访问
server5关闭keepalived测试
因为在server6开启的是nginx所以应该访问到nginx欢迎界面
vip漂移到server6上
推zabbix
将返回值推到数据库中
在主节点
安装mariadb,安装MySQL-python
创建用户并给与授权
grant all on salt.* to salt@'localhost' identified by 'salt';
在/etc/salt/master 添加
master_job_cache: mysql
mysql.host: 'localhost'
mysql.user: 'salt'
mysql.pass: 'salt'
mysql.db: 'salt'
mysql.port: 3306
systemctl restart salt-master
测试
salt server6 test.ping
salt server6 cmd.run hostname
salt server6 cmd.run df