二 saltstack常用模塊和 jinja模版
https://www.unixhot.com/docs/saltstack/ref/states/highstate.html
狀態模塊的特點:
- 狀態是不可以回滾的。
- 寫好的狀態模塊要支持多次執行。
[root@salt-node4 ~]# cat /srv/salt/web/apache.sls apache-install: # 名稱聲明(id聲明) 高級狀態id必須唯一 ps: 一個id聲明下,狀態模塊不能重復使用。 pkg.installed: # 安裝模塊 ps:python裏模塊的應用是通過“.”來進行的。 - names: # 選項聲明 - httpd # 具體的選項,是一個list。 - httpd-devel
1. pkg模塊
pkg模塊是虛擬的,根據操作系統的不同,調用相關的工具安裝操作系統。
https://www.unixhot.com/docs/saltstack/ref/states/all/salt.states.pkg.html#module-salt.states.pkg
pkg模塊常用的方法:
pkg.installed 安裝
pkg.latest 確保最新版本
pkg.remove 卸載
pkg.purge 卸載並且刪除配置文件
使用pkg模塊安裝多個軟件:
lamp-pkg: pkg-installed: - pkgs: - httpd - php - mysql - maridb-server - php-mysql - php-cli - php-mbstring
2. file模塊
https://www.unixhot.com/docs/saltstack/ref/states/all/salt.states.file.html#module-salt.states.file
例子:
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://files/httpd.conf
- user: root
- group: root
- mode: 644
ps:上面如果不寫- name ,還可以寫成這樣,此時他直接管理聲明id:
例子: /etc/httpd/conf/httpd.conf: file.managed: - source: salt://files/httpd.conf - user: root - group: root - mode: 644
3. service模塊
https://www.unixhot.com/docs/saltstack/ref/states/all/salt.states.service.html#module-salt.states.service
例子:
apache-services:
service.running:
- name: httpd
- enable: True # 允許開機啟動
- reload: True # 允許重載
4. 狀態之間的關系
- 1我依賴誰? require
- 2我被誰依賴? require_in
- 3我監控誰? watch (包含require)
- 4我被誰監控?watch_in
- 5我引用誰?include
- 6我擴展誰?用到再說。
例子:
我依賴誰? require
apache-services:
service.running:
- name: httpd
- enable: True
- reload: True
- require: # 他們都正常執行了,我才執行。
- pkg: lamp-pkg
- file: apapche-config
我被誰依賴?(誰依賴我?)
mysql-config:
file.managed:
- name: /etc/my.conf
- source: salt://lamp/files/my.cnf
- user: root
- gropu: root
- mode: 644
- require_in: # 和 require
- service: mysql-service
我監控誰?
如果配置文件修改了,就重啟服務。
apache-services:
service.running:
- name: httpd
- enable: True
- reload: True
- require:
- pkg: lamp-pkg
- file: apapche-config
- watch:
- file: apache-config
1.如果監控到apache-config的狀態發生改變(就是配置文件改變了),就重載服務。
2.這裏需要註意,如果加上了relaod : True 就是重載,如果沒有就是重啟。
2 jinja模版
http://docs.jinkan.org/docs/jinja2/
使用背景:
有100臺機器,有一個配置文件需要更改為本機的ip地址。最佳實踐就是通過jinja模版來做。
二種分割符
{{...}} 表示變量的引用
{%...%} 表示表達式
jinja模版使用方法
相當於在jinja模版裏,定義了一個變量,模版配置文件裏面再去調用。
可以在模版文件裏,也可以寫在sls文件裏,然後模版文件直接調用。
1 告訴File模塊,你要使用jinja模版
- template: jinja
2 你要列出參數列表
- defaults:
PORT: 80
3 模版裏面進行引用
{{ PORT }}
例子1:
[root@salt-node4 /srv/salt/lamp]# cat config.sls
apache-config:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://lamp/files/httpd.conf
- user: root
- gropu: root
- mode: 644
- template: jinja # 告訴模塊使用jinjia模版
- defaults:
PORT: 88 # 定義的參數
例子2:
nginx-test-index-html:
file.managed:
- name: /usr/local/nginx/html/index.html
- source: salt://bbs/files/index.html
- user: root
- group: root
- mode: 755
- template: jinja
- HOST: {{grains[‘fqdn‘]}} # 獲取主機名使用grains
在模版裏面進行支持jinja模版
Listen {{PORT}}
# grains
# HOST: {{ grains[‘fqdn_ip4‘][0] }}:{{PORT}}
# 遠程執行模塊
# HWWARE: {{salt[‘network.hw_addr‘](‘eth0‘)}}
# pillar
# {{pillar[‘apache‘]}}
3 實戰 安裝LAMP環境
LAMP架構
1.安裝軟件包 pkg
2.修改配置文件。 file
3.啟動服務
sls文件內容
[root@salt-node4 /srv/salt]# tree lamp/
lamp/
├── files
│ ├── httpd.conf
│ ├── my.cnf
│ └── php.ini
└── lamp.sls
1 directory, 4 files
[root@salt-node4 lamp]# cat lamp.sls
apache-server:
pkg.installed:
- names:
- httpd
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://lamp/files/httpd.conf
- user: root
- group: root
- mode: 644
- template: jinja
- defaults:
PORT: 10000
- require:
- pkg: apache-server
service.running:
- name: httpd
- enable: True
- reload: True
- require:
- pkg: apache-server
- file: apache-server
- watch:
- file: apache-server
mysql-server:
pkg.installed:
- names:
- mariadb
- mariadb-server
file.managed:
- name: /etc/my.conf
- source: salt://lamp/files/my.cnf
- user: root
- group: root
- mode: 644
- require:
- pkg: mysql-server
service.running:
- name: mariadb
- enable: True
- reload: True
- require:
- pkg: mysql-server
- file: mysql-server
- watch:
- file: mysql-server
php-config:
pkg.installed:
- pkgs:
- php
- php-mysql
- php-cli
- php-mbstring
file.managed:
- name: /etc/php.ini
- source: salt://lamp/files/php.ini
- user: root
- group: root
- mode: 644
- require:
- pkg: php-config
[root@salt-node4 /srv/salt]# salt ‘*‘ state.sls lamp.lamp
4 實戰 一鍵安裝集群
集群架構圖
頭腦風暴
環境分類
- 開發環境
- 測試環境
- 預生產環境
- 生產環境
salt環境
-
base基礎環境
- 1 dns配置
- 2 歷史命令記錄
- 3 歷史命令記錄日誌
- 4 內核參數優化
- 5 安裝yum倉庫
- 6 安裝zabbix
- prod 生產環境
知識拓展
什麽叫做五元組?
源地址、源端口、目標地址、目標端口、協議
修改內核參數的模塊http://docs.saltstack.cn/ref/states/all/salt.states.sysctl.html#module-salt.states.sysctl
在調試時如果遇到報錯,請看報錯
1. 修改master配置文件
[root@salt-node4 /srv/salt/lamp]# vim /etc/salt/master
534 file_roots:
535 base:
536 - /srv/salt/base
537 prod:
538 - /srv/salt/prod
...
696 pillar_roots:
697 base:
698 - /srv/pillar/base
699 prod:
700 - /srv/pillar/prod
2. 新建對應的目錄。
[root@salt-node4 ~]# mkdir -p /srv/{pillar,salt}
[root@salt-node4 ~]# mkdir -p /srv/pillar/{base,prod}
[root@salt-node4 ~]# mkdir -p /srv/salt/{base,prod}
[root@salt-node4 ~]# tree /srv/
/srv/
├── pillar # 定義pillar相關
│ ├── base
│ └── prod
└── salt # 部署相關
├── base
└── prod
6 directories, 0 files
[root@salt-node4 /srv]# cd salt/base/
[root@salt-node4 /srv/salt/base]# mkdir init # 初始化文件夾啊
3. 系統初始化sls文件
參考趙班長寫好的sls文件。
[root@salt-node4 ~]# git clone https://github.com/unixhot/saltbook-code.git
Cloning into ‘saltbook-code‘...
remote: Counting objects: 87, done.
remote: Total 87 (delta 0), reused 0 (delta 0), pack-reused 87
Unpacking objects: 100% (87/87), done.
[root@salt-node4 ~]# cp -a saltbook-code/salt/base/* /srv/salt/base/
[root@salt-node4 ~]# tree /srv/salt/base/
/srv/salt/base/
├── init
│ ├── audit.sls
│ ├── dns.sls
│ ├── env_init.sls
│ ├── epel.sls
│ ├── files
│ │ ├── resolv.conf
│ │ └── zabbix_agentd.conf
│ ├── history.sls
│ ├── sysctl.sls
│ └── zabbix_agent.sls
└── top.sls
2 directories, 10 files
#歷史命令追加到/var/log/message
[root@salt-node4 /srv/salt/base/init]# cat audit.sls
/etc/bashrc:
file.append:
- text:
- export PROMPT_COMMAND=‘{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):[`pwd`]"$msg"; }‘
# 內核參數優化
[root@salt-node4 /srv/salt/base/init]# cat sysctl.sls
net.ipv4.ip_local_port_range:
sysctl.present:
- value: 10000 65000
fs.file-max:
sysctl.present:
- value: 2000000
net.ipv4.ip_forward:
sysctl.present:
- value: 1
vm.swappiness:
sysctl.present:
- value: 0
# dns修改
[root@salt-node4 /srv/salt/base/init]# cat dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- gourp: root
- mode: 644
# 更換epel源
[root@salt-node4 /srv/salt/base/init]# cat epel.sls
yum_repo_release:
pkg.installed:
- sources:
- epel-release: http://mirrors.aliyun.com/repo/epel-7.repo
- zabbix-epel: https://mirrors.aliyun.com/zabbix/zabbix/3.0/rhel/7/x86_64/zabbix-get-3.0.5-1.el7.x86_64.rpm
- unless: rpm -qa | grep epel-release-7-8.noarch
# 歷史命令增加時間
[root@salt-node4 /srv/salt/base/init]# cat history.sls
/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `whoami` "
# 安裝zabbix-agent
[root@salt-node4 init]# cat zabbix_agent.sls
zabbix-epel:
file.managed:
- name: /tmp/zabbix-release-3.0-1.el7.noarch.rpm
- source: salt://init/files/zabbix-release-3.0-1.el7.noarch.rpm
- backup: minion # 文件替換建議都加上這個參數,防止誤操作文件被替換
cmd.run:
- name: rpm -vih /tmp/zabbix-release-3.0-1.el7.noarch.rpm
- require:
- file: zabbix-epel
- unless: rpm -qa |grep zabbix-release
zabbix-agent:
pkg.installed:
- name: zabbix-agent
- require:
- file: zabbix-epel
file.managed:
- name: /etc/zabbix_agentd.conf
- source: salt://init/files/zabbix_agentd.conf
- backup: minion
- template: jinja
- defaults:
server: {{ pillar[‘zabbix-server‘] }} # 配置文件zabbix_agent.conf裏引用這個變量 {{ server }}
- require:
- pkg: zabbix-agent
service.running:
- enable: True
- watch:
- pkg: zabbix-agent
- file: zabbix-agent
zabbix_agentd.conf.d:
file.directory:
- name: /etc/zabbix_agentd.conf.d
- backup: minion
- watch_in:
- service: zabbix-agent
- require:
- pkg: zabbix-agent
- file: zabbix-agent
[root@salt-node4 init]# cat env_init.sls
include:
- init.dns
- init.history
- init.audit
- init.sysctl
- init.epel
- init.zabbix_agent
topfile文件
[root@salt-node4 base]# cat top.sls
base:
‘*‘:
- init.env_init
pillar 文件內容
[root@salt-node4 /srv]# cat pillar/base/top.sls
base:
‘*‘:
- zabbix.agent
[root@salt-node4 /srv]# cat pillar/base/zabbix/agent.sls
zabbix-server: 10.0.0.202
[root@salt-node4 /srv]#
知識拓展
http://docs.saltstack.cn/ref/states/all/salt.states.file.html#module-salt.states.file
在替換文件時建議加上 - backend: minion 參數。
文件在更改替換後,備份文件保存在/var/cache/salt/minion/file_backup下:
[root@salt-node4 /etc/yum.repos.d]# tree /var/cache/salt/minion/
/var/cache/salt/minion/
├── accumulator
├── extmods
├── file_backup
│ └── etc
│ └── zabbix_agentd.conf_Fri_Mar_17_05:11:38_395952_2017
4. 部署軟件
4.1 部署haproxy
1.新建相關目錄
# 對要安裝的內容進行拆分,拆的越小,靈活度越高。
[root@salt-node4 ~]# cd /srv/salt/prod
[root@salt-node4 prod]# mkdir {modules,cluster,bbs}
[root@salt-node4 prod]# cd modules/
[root@salt-node4 modules]# mkdir haproxy keepalived libevent memcached nginx pcre php pkg user
2.haproxy 和 依賴的模塊文件內容。
[root@salt-node4 modules]# cat haproxy/install.sls
include:
- modules.pkg.pkg-init
haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.6.3.tar.gz
- source: salt://modules/haproxy/files/haproxy-1.6.3.tar.gz
- mode: 755
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.6.3.tar.gz && cd haproxy-1.6.3 && make TARGET=linux2628 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy
- require:
- pkg: pkg-init
- file: haproxy-install
/etc/init.d/haproxy:
file.managed:
- source: salt://modules/haproxy/files/haproxy.init
- mode: 755
- user: root
- group: root
- require:
- cmd: haproxy-install
net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: 1
haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- mode: 755
- user: root
- group: root
haproxy-init:
cmd.run:
- name: chkconfig --add haproxy # 將haproxy添加到開機啟動裏。
- unless: chkconfig --list | grep haproxy # 如果已經添加到開機啟動了,就不執行這個操作。
- require:
- file: /etc/init.d/haproxy
[root@salt-node4 modules]#
依賴模塊內容
[root@salt-node4 modules]# cat pkg/pkg-init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
# haproxy 服務器啟動模塊
[root@salt-node4 /srv/salt/prod/cluster]# cat haproxy-outside.sls
include:
- modules.haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy-outside.cfg
- user: root
- group: root
- mode: 644
- backup: minion
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-install
- file: haproxy-service
- watch:
- file: haproxy-service
# top file文件
[root@salt-node4 /srv/salt/prod/cluster]# cat /srv/salt/base/top.sls
base:
‘*‘:
- init.env_init
prod:
‘*‘:
- cluster.haproxy-outside
[root@salt-node4 /srv/salt/prod/cluster]# salt ‘*‘ state.highstate
3測試
用戶名:haproxy
密碼:saltstack
網頁訪問:http://10.0.0.203:8888/haproxy-status
[root@salt-node4 prod]# netstat -tnlpau|grep ha
tcp 0 0 10.0.0.254:80 0.0.0.0:* LISTEN 95442/haproxy
tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 95442/haproxy
udp 0 0 0.0.0.0:26141 0.0.0.0:* 95442/haproxy
4.2 部署memcached 和 keepalived
知識擴充 什麽是seesion?
會話是在服務器端產生的,是為了標識唯一用戶。因為http是無狀態的。
每一個用戶連接服務器都會產生一個session,為了標識就用了session,session存儲在客戶端的cookie裏,客戶端連接服務器端,每次都會將cookie發送給服務器驗證。
用戶模塊:
用戶組模塊
用戶模塊
[root@salt-node4 /srv/salt/prod/modules]# cat memcached/install.sls
include:
- modules.libevent.install
memcached-install:
file.managed:
- name: /usr/local/src/memcached-1.4.24.tar.gz
- source: salt://modules/memcached/files/memcached-1.4.24.tar.gz
- require:
- cmd: libevent-source-install
cmd.run:
- name: cd /usr/local/src && tar zxf memcached-1.4.24.tar.gz && cd memcached-1.4.24&& ./configure --prefix=/usr/local/memcached --enable-64bit --with-libevent=/usr/local/libevent && make && make install
- unless: tess -d /usr/local/memcached
- require:
- file: memcached-install
[root@salt-node4 /srv/salt/prod/modules]# cat keepalived/
files/ install.sls
[root@salt-node4 /srv/salt/prod/modules]# cat keepalived/install.sls
keepalived-service:
file.managed:
- name: /usr/local/src/keepalived-1.2.17.tar.gz
- source: salt://modules/keepalived/files/keepalived-1.2.17.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf keepalived-1.2.17.tar.gz && cd keepalived-1.2.17 && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
- unless: test -d /usr/local/keepalived
- require:
- file: keepalived-service
keepalived-config:
file.managed:
- name: /etc/sysconfig/keepalived
- source: salt://modules/keepalived/files/keepalived.sysconfig
- user: root
- group: root
- mode: 755
- require:
- cmd: keepalived-service
keepalived-cmd:
file.managed:
- name: /etc/init.d/keepalived
- source: salt://modules/keepalived/files/keepalived.init
- user: root
- group: root
- mode: 755
- require:
- file: keepalived-config
keepalived-run:
cmd.run:
- name: chkconfig --add keepalived
- unless: chkconfig --list|grep keepalived
- require:
- cmd: keepalived-service
- file: keepalived-cmd
service.running:
- name: keepalived
- enable: True
- reload: True
keepalived-directory:
file.directory:
- name: /etc/keepalived
- user: root
- group: root
4.3 部署nginx php bbs
# nginx sls文件
[root@salt-node4 /srv/salt/prod/modules]# cat nginx/install.sls
include:
- modules.user.www
- modules.pcre.install
- modules.pkg.pkg-init
nginx-install:
file.managed:
- name: /usr/local/src/nginx-1.9.1.tar.gz
- source: salt://modules/nginx/files/nginx-1.9.1.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf nginx-1.9.1.tar.gz && cd nginx-1.9.1&& ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.37 && make && make install && chown -R www:www /usr/local/nginx
- unless: test -d /usr/local/nginx
- require:
- file: nginx-install
- user: www-user-group
- cmd: pcre-source-install
- pkg: pkg-init
nginx-config:
file.managed:
- name: /usr/local/nginx/conf/nginx.conf
- source: salt://modules/nginx/files/nginx.conf
- user: root
- group: root
- mode: 755
- require:
- cmd: nginx-install
nginx-directory-online:
file.directory:
- name: /usr/local/nginx/conf/vhost_online
- require:
- cmd: nginx-install
nginx-directory-offline:
file.directory:
- name: /usr/local/nginx/conf/vhost_offline
- require:
- cmd: nginx-install
nginx-cmd:
file.managed:
- name: /etc/init.d/nginx
- source: salt://modules/nginx/files/nginx-init
- user: root
- group: root
- mode: 755
- require:
- cmd: nginx-install
cmd.run:
- name: chkconfig --add nginx
- unless: chkconfig --list|grep nginx
- require:
- file: nginx-directory-offline
- file: nginx-cmd
- file: nginx-config
- cmd: nginx-install
service.running:
- name: nginx
- enable: True
- reload: True
- require:
- cmd: nginx-cmd
- watch:
- file: nginx-config
# php 安裝文件
[root@salt-node4 /srv/salt/prod/modules]# cat php/install.sls
include:
- modules.user.www
- modules.pkg.pkg-init
pkg-php:
pkg.installed:
- names:
- openssl-devel
- swig
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- freetype
- freetype-devel
- libxml2
- libxml2-devel
- zlib
- zlib-devel
- libcurl
- libcurl-devel
php-source-install:
file.managed:
- name: /usr/local/src/php-5.6.9.tar.gz
- source: salt://modules/php/files/php-5.6.9.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf php-5.6.9.tar.gz && cd php-5.6.9&& ./configure --prefix=/usr/local/php-fastcgi --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-mysql=mysqlnd --with-jpeg-dir --with-png-dir --with-zlib --enable-xml --with-libxml-dir --with-curl --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex --with-openssl --enable-mbstring --with-gd --enable-gd-native-ttf --with-freetype-dir=/usr/lib64 --with-gettext=/usr/lib64 --enable-sockets --with-xmlrpc --enable-zip --enable-soap --disable-debug --enable-opcache --enable-zip --with-config-file-path=/usr/local/php-fastcgi/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www && make && make install
- require:
- file: php-source-install
- user: www-user-group
- unless: test -d /usr/local/php-fastcgi
pdo-plugin:
cmd.run:
- name: cd /usr/local/src/php-5.6.9/ext/pdo_mysql/ && /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install
- unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/pdo_mysql.so
- require:
- cmd: php-source-install
php-ini:
file.managed:
- name: /usr/local/php-fastcgi/etc/php.ini
- source: salt://modules/php/files/php.ini-production
- user: root
- group: root
- mode: 644
php-fpm:
file.managed:
- name: /usr/local/php-fastcgi/etc/php-fpm.conf
- source: salt://modules/php/files/php-fpm.conf.default
- user: root
- group: root
- mode: 644
php-fastcgi-service:
file.managed:
- name: /etc/init.d/php-fpm
- source: salt://modules/php/files/init.d.php-fpm
- user: root
- group: root
- mode: 755
cmd.run:
- name: chkconfig --add php-fpm
- unless: chkconfig --list|grep php-fpm
- require:
- file: php-fastcgi-service
service.running:
- name: php-fpm
- enable: True
- reload: True
- require:
- cmd: php-fastcgi-service
- watch:
- file: php-ini
- file: php-fpm
[root@salt-node4 /srv/salt/prod/modules]# cat php/php-redis.sls
redis-plugin:
file.managed:
- name: /usr/local/src/redis-2.2.7.tgz
- source: salt://modules/php/files/redis-2.2.7.tgz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf redis-2.2.7.tgz && cd redis-2.2.7&& /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install
- unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/redis.so
require:
- file: redis-plugin
- cmd: php-install
redis-php-config:
file.append:
- name: /usr/local/php-fastcgi/etc/php.ini
- text:
- extension=redis.so
[root@salt-node4 /srv/salt/prod/modules]# cat php/php-memcache.sls
memcache-plugin:
file.managed:
- name: /usr/local/src/memcache-2.2.7.tgz
- source: salt://modules/php/files/memcache-2.2.7.tgz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf memcache-2.2.7.tgz && cd memcache-2.2.7&& /usr/local/php-fastcgi/bin/phpize && ./configure --enable-memcache --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install
- unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/memcache.so
require:
- file: memcache-plugin
- cmd: php-install
memcache-php-config:
file.append:
- name: /usr/local/php-fastcgi/etc/php.ini
- text:
- extension=memcache.so
# make模塊
[root@salt-node4 /srv/salt/prod/modules]# cat pkg/pkg-init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
# 增加www用戶的模塊
[root@salt-node4 /srv/salt/prod/modules]# cat user/www.sls
www-user-group:
group.present:
- name: www
- gid: 1000
user.present:
- name: www
- fullname: www
- shell: /sbin/nologin
- uid: 1000
- gid: 1000
# memcached 安裝模塊
[root@salt-node4 /srv/salt/prod]# cat bbs/memcached.sls
include:
- modules.user.www
- modules.memcached.install
memcached-service:
cmd.run:
- name: /usr/local/memcached/bin/memcached -d -m 128 -p 11211 -c 8096 -u www
- unless: netstat -tnlpua|grep 11211
- require:
- cmd: memcached-install
- user: www-user-group
- group: www-user-group
# bbs模塊
[root@salt-node4 /srv/salt/prod]# cat bbs/web.sls
include:
- modules.nginx.install
- modules.php.install
- modules.php.php-memcache
- modules.php.php-redis
nginx-vhost-online:
file.managed:
- name: /usr/local/nginx/conf/vhost_online/nginx_bbs.conf
- source: salt://bbs/files/nginx_bbs.conf
- user: root
- group: root
- mode: 644
- require:
- cmd: nginx-install
- watch_in:
- service: nginx-cmd
nginx-test-index-html:
file.managed:
- name: /usr/local/nginx/html/index.html
- source: salt://bbs/files/index.html
- user: root
- group: root
- mode: 755
- template: jinja
- HOST: {{grains[‘fqdn‘]}}
top file文件
[root@salt-node4 /srv/salt]# cat base/top.sls
base:
‘*‘:
- init.env_init
prod:
‘*‘:
- cluster.haproxy-outside
- cluster.haproxy-outside-keepalive
- bbs.web
二 saltstack常用模塊和 jinja模版