SaltStack一键部署Nginx + Php + Memcached
系统架构图
1. 部署Memcached
[root@linux-node1 /srv/salt/prod/modules/memcached]# tree . ├── files │ └── memcached-1.4.29.tar.gz └── install.sls [root@linux-node1 /srv/salt/prod/modules/memcached]# cat install.sls include: - modules.libevent.install #安装Memcached需要的包 memcached-source-install: file.managed: - name: /usr/local/src/memcached-1.4.29.tar.gz - source: salt://modules/memcached/files/memcached-1.4.29.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /usr/local/src && tar zxf memcached-1.4.29.tar.gz && cd memcached-1.4.29 && ./configure --prefix=/usr/local/memcached --enable-64bit --with-libevent=/usr/local/libevent && make && make install - unless: test -d /usr/local/memcached - require: - cmd: libevent-source-install - file: memcached-source-install [root@linux-node1 /srv/salt/prod/modules/libevent]# tree #安装依赖包 . ├── files │ └── libevent-2.0.22-stable.tar.gz └── install.sls [root@linux-node1 /srv/salt/prod/modules/libevent]# cat install.sls libevent-source-install: file.managed: - name: /usr/local/src/libevent-2.0.22-stable.tar.gz - source: salt://modules/libevent/files/libevent-2.0.22-stable.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /usr/local/src && tar zxf libevent-2.0.22-stable.tar.gz && cd libevent-2.0.22-stable && ./configure --prefix=/usr/local/libevent && make && make install - unless: test -d /usr/local/libevent - require: - file: libevent-source-install [root@linux-node1 /srv/salt/prod/modules/pcre]# salt '*' state.sls modules.libevent.install saltenv=prod [root@linux-node1 /srv/salt/prod/modules]# mkdir user && cd user #统一用户管理,全网使用统一的普通用户uid,防止权限问题 [root@linux-node1 /srv/salt/prod/modules/user]# cat www.sls www-user-group: group.present: - name: www - gid: 1000 user.present: - name: www - fullname: www - shell: /sbin/nologin - uid: 1000 - gid: 1000 [root@linux-node1 /srv/salt/prod]# mkdir bbs [root@linux-node1 /srv/salt/prod/bbs]# tree #业务与安装配置分离 . ├── files ├── memcached.sls └── web.sls [root@linux-node1 /srv/salt/prod/bbs]# cat memcached.sls include: - modules.memcached.install - modules.user.www memcached-service: cmd.run: - name: /usr/local/memcached/bin/memcached -d -m 128 -p 11211 -c 8096 -u www - unless: netstat -ntlp | grep 11211 - require: - cmd: memcached-source-install - user: www-user-group #修改top file文件,把memcached装在node2上 [root@linux-node1 /srv/salt/prod/bbs]# cat /srv/salt/base/top.sls base: '*': - init.init prod: 'linux-node*': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived 'linux-node2*': - bbs.memcached [root@linux-node1 /srv/salt/prod/bbs]# salt '*' state.highstate #执行安装 Summary for linux-node2.example.com ------------- Succeeded: 36 (changed=7) Failed: 0 ------------- Total states run: 36 [root@linux-node2 ~]# telnet 192.168.56.12 11211 #memcached安装成功 Trying 192.168.56.12... Connected to 192.168.56.12. Escape character is '^]'.
2. 部署Php
[root@linux-node1 /srv/salt/prod/modules/php]# tree #配置Php . ├── files │ ├── init.d.php-fpm │ ├── memcache-2.2.7.tgz │ ├── php-5.6.9.tar.gz │ ├── php-fpm.conf.default │ ├── php.ini-production │ └── redis-2.2.7.tgz ├── install.sls ├── php-memcache.sls └── php-redis.sls [root@linux-node1 /srv/salt/prod/modules/php]# cat install.sls include: - modules.pkg.make - modules.user.www pkg-php: pkg.installed: - names: - swig - libjpeg-turbo - libjpeg-turbo-devel - libpng - libpng-devel - freetype - freetype-devel - libxml2 - libxml2-devel - zlib - zlib-devel - libcurl - libcurl-devel php-source-install: file.managed: - name: /usr/local/src/php-5.6.9.tar.gz - source: salt://modules/php/files/php-5.6.9.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf php-5.6.9.tar.gz && cd php-5.6.9&& ./configure --prefix=/usr/local/php-fastcgi --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-mysql=mysqlnd --with-jpeg-dir --with-png-dir --with-zlib --enable-xml --with-libxml-dir --with-curl --enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex --with-openssl --enable-mbstring --with-gd --enable-gd-native-ttf --with-freetype-dir=/usr/lib64 --with-gettext=/usr/lib64 --enable-sockets --with-xmlrpc --enable-zip --enable-soap --disable-debug --enable-opcache --enable-zip --with-config-file-path=/usr/local/php-fastcgi/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www && make && make install - require: - file: php-source-install - user: www-user-group - unless: test -d /usr/local/php-fastcgi pdo-plugin: cmd.run: - name: cd /usr/local/src/php-5.6.9/ext/pdo_mysql/ && /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install - unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/pdo_mysql.so - require: - cmd: php-source-install php-fpm: file.managed: - name: /usr/local/php-fastcgi/etc/php-fpm.conf - source: salt://modules/php/files/php-fpm.conf.default - user: root - group: root - mode: 644 php-fastcgi-service: file.managed: - name: /etc/init.d/php-fpm - source: salt://modules/php/files/init.d.php-fpm - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add php-fpm - unless: chkconfig --list | grep php-fpm - require: - file: php-fastcgi-service [root@linux-node1 /srv/salt/prod/modules/php]#cat php-memcache.sls #配置php-memcached模块 memcache-plugin: file.managed: - name: /usr/local/src/memcache-2.2.7.tgz - source: salt://modules/php/files/memcache-2.2.7.tgz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf memcache-2.2.7.tgz && cd memcache-2.2.7&& /usr/local/php-fastcgi/bin/phpize && ./configure --enable-memcache --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install - unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/memcache.so require: - file: memcache-plugin - cmd: php-install [root@linux-node1 /srv/salt/prod/modules/php]# cat php-redis.sls #配置php-redis模块 redis-plugin: file.managed: - name: /usr/local/src/redis-2.2.7.tgz - source: salt://modules/php/files/redis-2.2.7.tgz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf redis-2.2.7.tgz && cd redis-2.2.7&& /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config && make&& make install - unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/redis.so require: - file: redis-plugin - cmd: php-install [root@linux-node1 /srv/salt/prod/modules/php/files]# salt '*' state.sls modules.php.install saltenv=prod #安装php
测试:如下图
3. 部署Nginx
[root@linux-node1 /srv/salt/prod/modules/pcre]# tree #安装依赖包
.
├── files
│ └── pcre-8.37.tar.gz
└── install.sls
[root@linux-node1 /srv/salt/prod/modules/pcre]# cat install.sls
pcre-source-install:
file.managed:
- name: /usr/local/src/pcre-8.37.tar.gz
- source: salt://modules/pcre/files/pcre-8.37.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf pcre-8.37.tar.gz && cd pcre-8.37 && ./configure --prefix=/usr/local/pcre && make && make install
- unless: test -d /usr/local/pcre
- require:
- file: pcre-source-install
[root@linux-node1 /srv/salt/prod/modules/pcre]# salt '*' state.sls modules.pcre.install saltenv=prod
[root@linux-node1 /srv/salt/prod/modules/nginx]# tree #安装配置nginx
.
├── files
│ ├── nginx-1.10.1.tar.gz
│ ├── nginx.conf
│ └── nginx-init
├── install.sls
└── service.sls
[root@linux-node1 /srv/salt/prod/modules/nginx]# cat install.sls
include:
- modules.pkg.make
- modules.user.www
nginx-source-install:
file.managed:
- name: /usr/local/src/nginx-1.10.1.tar.gz
- source: salt://modules/nginx/files/nginx-1.10.1.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf nginx-1.10.1.tar.gz && cd nginx-1.10.1 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module && make && make install && chown -R www:www /usr/local/nginx
- unless: test -d /usr/local/nginx
- require:
- user: www-user-group
- file: nginx-source-install
- pkg: make-pkg
[root@linux-node1 /srv/salt/prod/modules/nginx]# cat service.sls #nginx服务配置
include:
- modules.nginx.install
nginx-init:
file.managed:
- name: /etc/init.d/nginx
- source: salt://modules/nginx/files/nginx-init
- mode: 755
- user: root
- group: root
cmd.run:
- name: chkconfig --add nginx
- unless: chkconfig --list | grep nginx
- require:
- file: nginx-init
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://modules/nginx/files/nginx.conf
- user: www
- group: www
- mode: 644
nginx-service:
service.running:
- name: nginx
- enable: True
- reload: True
- require:
- cmd: nginx-init
- watch:
- file: /usr/local/nginx/conf/nginx.conf
- file: nginx-online
nginx-online:
file.directory:
- name: /usr/local/nginx/conf/vhost_online
nginx-offline:
file.directory:
- name: /usr/local/nginx/conf/vhost_offline
[root@linux-node1 /srv/salt/prod/modules/nginx/files]# cat nginx.conf
user www;
worker_processes 16;
error_log logs/error.log error;
worker_rlimit_nofile 30000;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
underscores_in_headers on;
keepalive_timeout 10;
send_timeout 60;
include /usr/local/nginx/conf/vhost_online/*.conf;
server {
listen 8080;
server_name 127.0.0.1;
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
}
#配置业务模块
[root@linux-node1 /srv/salt/prod/bbs]# tree
.
├── files
│ ├── nginx-bbs.conf
│ └── php.ini-production
├── memcached.sls
└── web.sls
[root@linux-node1 /srv/salt/prod/bbs]# cat web.sls
include:
- modules.php.install
- modules.php.php-memcache
- modules.php.php-redis
- modules.nginx.service
bbs-php:
file.managed:
- name: /usr/local/php-fastcgi/etc/php.ini
- source: salt://bbs/files/php.ini-production
- user: root
- group: root
- mode: 644
service.running:
- name: php-fpm
- enable: True
- require:
- cmd: php-fastcgi-service
- watch:
- file: bbs-php
web-bbs:
file.managed:
- name: /usr/local/nginx/conf/vhost_online/bbs.conf
- source: salt://bbs/files/nginx-bbs.conf
- user: root
- group: root
- mode: 644
- require:
- service: bbs-php
- watch_in:
- service: nginx-service
[root@linux-node1 /srv/salt/prod/bbs/files]# cat nginx-bbs.conf
server {
listen 8080;
root /usr/local/nginx/html;
index index.htm index.html index.php;
location ~ \.php$
{
fastcgi_pass unix:/usr/local/php-fastcgi/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
}
[root@linux-node1 /srv/salt/prod/bbs/files]# tail -n 5 php.ini-production
; End:
;zend_extension=opcache.so
extension=pdo_mysql.so
extension=memcache.so
extension=redis.so
#修改top file文件
[root@linux-node1 /srv/salt/prod/bbs/files]# cat /srv/salt/base/top.sls
base:
'*':
- init.init
prod:
'linux-node*':
- cluster.haproxy-outside
- cluster.haproxy-outside-keepalived
- bbs.web
'linux-node2*':
- bbs.memcached
[root@linux-node1 ~]# salt '*' state.highstate #全部节点安装配置nginx
[root@linux-node2 ~]# netstat -tnpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:11211 0.0.0.0:* LISTEN 11528/memcached
tcp 0 0 0.0.0.0:9999 0.0.0.0:* LISTEN 1836/haproxy
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 21502/nginx: master
tcp 0 0 192.168.56.21:80 0.0.0.0:* LISTEN 1836/haproxy
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1513/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2653/master
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 2222/zabbix_agentd
tcp6 0 0 :::11211 :::* LISTEN 11528/memcached
tcp6 0 0 :::22 :::* LISTEN 1513/sshd
tcp6 0 0 ::1:25 :::* LISTEN 2653/master
tcp6 0 0 :::10050 :::* LISTEN 2222/zabbix_agentd架构测试结果如下图:访问vip
刷新会不断轮询分配访问地址:
4. 整个lnmp架构部署目录结构
[root@linux-node1 /srv]# tree /srv /srv ├── pillar │ ├── base │ │ ├── top.sls │ │ └── zabbix │ │ └── agent.sls │ └── prod └── salt ├── base │ ├── init │ │ ├── audit.sls │ │ ├── dns.sls │ │ ├── epel.sls │ │ ├── files │ │ │ ├── resolv.conf │ │ │ └── zabbix_agentd.conf │ │ ├── history.sls │ │ ├── init.sls │ │ ├── sysctl.sls │ │ └── zabbix-agent.sls │ └── top.sls └── prod ├── bbs │ ├── files │ │ ├── nginx-bbs.conf │ │ └── php.ini-production │ ├── memcached.sls │ └── web.sls ├── cluster │ ├── files │ │ ├── haproxy-outside.cfg │ │ └── haproxy-outside-keepalived.conf │ ├── haproxy-outside-keepalived.sls │ └── haproxy-outside.sls └── modules ├── haproxy │ ├── files │ │ ├── haproxy-1.6.3.tar.gz │ │ └── haproxy.init │ └── install.sls ├── keepalived │ ├── files │ │ ├── keepalived-1.2.23.tar.gz │ │ ├── keepalived.init │ │ └── keepalived.sysconfig │ └── install.sls ├── libevent │ ├── files │ │ └── libevent-2.0.22-stable.tar.gz │ └── install.sls ├── memcached │ ├── files │ │ └── memcached-1.4.29.tar.gz │ └── install.sls ├── nginx │ ├── files │ │ ├── nginx-1.10.1.tar.gz │ │ ├── nginx.conf │ │ └── nginx-init │ ├── install.sls │ └── service.sls ├── pcre │ ├── files │ │ └── pcre-8.37.tar.gz │ └── install.sls ├── php │ ├── files │ │ ├── init.d.php-fpm │ │ ├── memcache-2.2.7.tgz │ │ ├── php-5.6.9.tar.gz │ │ ├── php-fpm.conf.default │ │ ├── php.ini-production │ │ └── redis-2.2.7.tgz │ ├── install.sls │ ├── php-memcache.sls │ └── php-redis.sls ├── pkg │ └── make.sls └── user └── www.sls
安装mysql(生产中系统初始化可以用salt来安装mysql,主从配置不建议用salt部署)
