saltstack部署nginx进阶
上一篇其实对通过saltstack部署nginx做了演示,但是可能与我目前的环境还是有点出入,然后sls的结构也不太清晰,所以就又做了改变和优化,叫做进阶可能有点噱头了,不过还是记录如下:
创新互联公司坚持“要么做到,要么别承诺”的工作理念,服务领域包括:成都做网站、网站建设、企业官网、英文网站、手机端网站、网站推广等服务,满足客户于互联网时代的怀远网站设计、移动媒体设计的需求,帮助企业找到有效的互联网解决方案。努力成为您成熟可靠的网络建设合作伙伴!
nginx安装目标:
1)安装必要依赖
2)准备pcre安装包
2)源码安装pcre
3)准备nginx安装包
4)源码安装nginx
nginx配置:
1)拷贝nginx.conf配置文件
2)拷贝启停脚本
3)添加系统服务并设置开机启动
4)拷贝日志切割脚本
5)添加定时任务
salt master上的目录结构如下:
[root@salt-master base]# tree /srv/salt/base/ /srv/salt/base/ ├── cron │ ├── files │ │ └── nginx_cut_log.sh │ └── nginx.sls ├── nginx │ ├── files │ │ ├── nginx │ │ ├── nginx-1.6.3.tar.gz │ │ └── nginx.conf │ ├── install.sls │ └── service.sls ├── packages │ └── install.sls ├── pcre │ ├── files │ │ └── pcre-8.37.tar.gz │ └── install.sls └── user └── nginx.sls 8 directories, 11 files
安装必要软件包:
[root@salt-master base]# cat packages/install.sls yum_pcre_packages: pkg.installed: - names: - gcc - gcc-c++ - autoconf - automake - zlib - zlib-devel - make - openssl - openssl-devel - libpng - libpng-devel - freetype - freetype-devel - libxml2 - libxml2-devel - glibc - glibc-devel - glib2 - glib-devel - bzip2 - bzip2-devel - ncurses - ncurses-devel - curl - cmake
编译安装pcre:
[root@salt-master base]# cat pcre/install.sls include: - packages.install pcre-source-install: file.managed: - source: salt://pcre/files/pcre-8.37.tar.gz - name: /opt/tools/pcre-8.37.tar.gz - user: root - group: root - mode: 755 - makedirs: True - dir_mode: 644 cmd.run: - name: cd /opt/tools/ && tar -zxf pcre-8.37.tar.gz && cd pcre-8.37 && ./configure --prefix=/usr/local/pcre && make && make install - unless: test -d /usr/local/pcre - require: - file: pcre-source-install
创建nginx用户和组:
[root@salt-master base]# cat user/nginx.sls nginx-user-group: group.present: - name: nginx - gid: 601 user.present: - name: nginx - fullname: nginx - shell: /sbin/nologin - uid: 601 - gid: 601
编译安装nginx:
[root@salt-master base]# cat nginx/install.sls include: - pcre.install - user.nginx nginx-source-install: file.managed: - source: salt://nginx/files/nginx-1.6.3.tar.gz - name: /opt/tools/nginx-1.6.3.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools/ && tar -zxf nginx-1.6.3.tar.gz && mkdir -p /usr/local/nginx/tmp/{client,proxy,fcgi} && cd nginx-1.6.3 && ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/nginx/tmp/client/ --http-proxy-temp-path=/usr/local/nginx/tmp/proxy/ --http-fastcgi-temp-path=/usr/local/nginx/tmp/fcgi/ --with-poll_module --with-file-aio --with-http_realip_module --with-http_addition_module --with-http_addition_module --with-http_random_index_module --with-http_stub_status_module --http-uwsgi-temp-path=/usr/local/nginx/uwsgi_temp --http-scgi-temp-path=/usr/local/nginx/scgi_temp --with-pcre=/opt/tools/pcre-8.37 && make && make install && chown -R nginx:nginx /usr/local/nginx/ - unless: test -e /usr/local/nginx/sbin/nginx - require: - file: nginx-source-install - cmd: pcre-source-install
添加定时任务:
[root@salt-master base]# cat cron/nginx.sls /opt/tools/scripts/: file.directory: - user: root - group: root - mode: 644 - makedirs: True nginx-crond-job: file.managed: - name: /opt/tools/scripts/nginx_cut_log.sh - source: salt://cron/files/nginx_cut_log.sh - user: root - group: root - mode: 755 /bin/bash /opt/tools/scripts/nginx_cut_log.sh >/dev/null 2>&1: cron.present: - identifier: SUPERCRON - user: root - minute: 0 - hour: 0
启动nginx并设置开机启动:
[root@salt-master base]# cat nginx/service.sls include: - nginx.install - cron.nginx nginx-init: file.managed: - name: /etc/init.d/nginx - source: salt://nginx/files/nginx - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add nginx - unless: chkconfig --list|grep nginx - require: - file: nginx-init /usr/local/nginx/conf/nginx.conf: file.managed: - source: salt://nginx/files/nginx.conf - user: nginx - group: nginx - mode: 644 nginx-service: file.directory: - name: /usr/local/nginx/conf.d - require: - cmd: nginx-source-install service.running: - name: nginx - enable: True - reload: True - require: - cmd: nginx-init - watch: - file: /usr/local/nginx/conf/nginx.conf
部署命令:[root@salt-master base]# salt 'salt-minion02.contoso.com' state.sls nginx.service
部署结果:
[root@salt-minion02 logs]# ll /usr/local/pcre/ total 16 drwxr-xr-x 2 root root 4096 Jun 8 10:29 bin drwxr-xr-x 2 root root 4096 Jun 8 10:29 include drwxr-xr-x 3 root root 4096 Jun 8 10:29 lib drwxr-xr-x 4 root root 4096 Jun 8 10:29 share [root@salt-minion02 logs]# id nginx uid=601(nginx) gid=601(nginx) groups=601(nginx) [root@salt-minion02 logs]# ll /usr/local/nginx/ total 32 drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 conf drwxr-xr-x 2 root root 4096 Jun 8 10:30 conf.d drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 html drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 logs drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 sbin drwx------ 2 nginx root 4096 Jun 8 10:30 scgi_temp drwxr-xr-x 5 nginx nginx 4096 Jun 8 10:29 tmp drwx------ 2 nginx root 4096 Jun 8 10:30 uwsgi_temp [root@salt-minion02 logs]# /usr/local/nginx/sbin/nginx -V nginx version: nginx/1.6.3 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-17) (GCC) TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/nginx/tmp/client/ --http-proxy-temp-path=/usr/local/nginx/tmp/proxy/ --http-fastcgi-temp-path=/usr/local/nginx/tmp/fcgi/ --with-poll_module --with-file-aio --with-http_realip_module --with-http_addition_module --with-http_addition_module --with-http_random_index_module --with-http_stub_status_module --http-uwsgi-temp-path=/usr/local/nginx/uwsgi_temp --http-scgi-temp-path=/usr/local/nginx/scgi_temp --with-pcre=/opt/tools/pcre-8.37 [root@salt-minion02 logs]# /etc/init.d/nginx status nginx (pid 11422 11421 11420 11419 11416) is running... [root@salt-minion02 logs]# chkconfig --list|grep nginx nginx 0:off1:off2:on3:on4:on5:on6:off [root@salt-minion02 logs]# crontab -l 0 * * * * /usr/sbin/ntpdate 210.72.145.44 64.147.116.229 time.nist.gov >/dev/null 2>&1 # Lines below here are managed by Salt, do not edit # SALT_CRON_IDENTIFIER:SUPERCRON 0 0 * * * /bin/bash /opt/tools/scripts/nginx_cut_log.sh >/dev/null 2>&1 [root@salt-minion02 logs]# ll /opt/tools/scripts/nginx_cut_log.sh -rwxr-xr-x 1 root root 1100 Jun 8 10:30 /opt/tools/scripts/nginx_cut_log.sh
当前文章:saltstack部署nginx进阶
本文路径:http://ybzwz.com/article/pgcojc.html