上一篇其實對通過saltstack部署nginx做了演示,但是可能與我目前的環(huán)境還是有點出入,然后sls的結構也不太清晰,所以就又做了改變和優(yōu)化,叫做進階可能有點噱頭了,不過還是記錄如下:
創(chuàng)新互聯(lián)公司堅持“要么做到,要么別承諾”的工作理念,服務領域包括:成都做網站、網站建設、企業(yè)官網、英文網站、手機端網站、網站推廣等服務,滿足客戶于互聯(lián)網時代的懷遠網站設計、移動媒體設計的需求,幫助企業(yè)找到有效的互聯(lián)網解決方案。努力成為您成熟可靠的網絡建設合作伙伴!
nginx安裝目標:
1)安裝必要依賴
2)準備pcre安裝包
2)源碼安裝pcre
3)準備nginx安裝包
4)源碼安裝nginx
nginx配置:
1)拷貝nginx.conf配置文件
2)拷貝啟停腳本
3)添加系統(tǒng)服務并設置開機啟動
4)拷貝日志切割腳本
5)添加定時任務
salt master上的目錄結構如下:
[root@salt-master base]# tree /srv/salt/base/ /srv/salt/base/ ├── cron │ ├── files │ │ └── nginx_cut_log.sh │ └── nginx.sls ├── nginx │ ├── files │ │ ├── nginx │ │ ├── nginx-1.6.3.tar.gz │ │ └── nginx.conf │ ├── install.sls │ └── service.sls ├── packages │ └── install.sls ├── pcre │ ├── files │ │ └── pcre-8.37.tar.gz │ └── install.sls └── user └── nginx.sls 8 directories, 11 files
安裝必要軟件包:
[root@salt-master base]# cat packages/install.sls yum_pcre_packages: pkg.installed: - names: - gcc - gcc-c++ - autoconf - automake - zlib - zlib-devel - make - openssl - openssl-devel - libpng - libpng-devel - freetype - freetype-devel - libxml2 - libxml2-devel - glibc - glibc-devel - glib2 - glib-devel - bzip2 - bzip2-devel - ncurses - ncurses-devel - curl - cmake
編譯安裝pcre:
[root@salt-master base]# cat pcre/install.sls include: - packages.install pcre-source-install: file.managed: - source: salt://pcre/files/pcre-8.37.tar.gz - name: /opt/tools/pcre-8.37.tar.gz - user: root - group: root - mode: 755 - makedirs: True - dir_mode: 644 cmd.run: - name: cd /opt/tools/ && tar -zxf pcre-8.37.tar.gz && cd pcre-8.37 && ./configure --prefix=/usr/local/pcre && make && make install - unless: test -d /usr/local/pcre - require: - file: pcre-source-install
創(chuàng)建nginx用戶和組:
[root@salt-master base]# cat user/nginx.sls nginx-user-group: group.present: - name: nginx - gid: 601 user.present: - name: nginx - fullname: nginx - shell: /sbin/nologin - uid: 601 - gid: 601
編譯安裝nginx:
[root@salt-master base]# cat nginx/install.sls include: - pcre.install - user.nginx nginx-source-install: file.managed: - source: salt://nginx/files/nginx-1.6.3.tar.gz - name: /opt/tools/nginx-1.6.3.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools/ && tar -zxf nginx-1.6.3.tar.gz && mkdir -p /usr/local/nginx/tmp/{client,proxy,fcgi} && cd nginx-1.6.3 && ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/nginx/tmp/client/ --http-proxy-temp-path=/usr/local/nginx/tmp/proxy/ --http-fastcgi-temp-path=/usr/local/nginx/tmp/fcgi/ --with-poll_module --with-file-aio --with-http_realip_module --with-http_addition_module --with-http_addition_module --with-http_random_index_module --with-http_stub_status_module --http-uwsgi-temp-path=/usr/local/nginx/uwsgi_temp --http-scgi-temp-path=/usr/local/nginx/scgi_temp --with-pcre=/opt/tools/pcre-8.37 && make && make install && chown -R nginx:nginx /usr/local/nginx/ - unless: test -e /usr/local/nginx/sbin/nginx - require: - file: nginx-source-install - cmd: pcre-source-install
添加定時任務:
[root@salt-master base]# cat cron/nginx.sls /opt/tools/scripts/: file.directory: - user: root - group: root - mode: 644 - makedirs: True nginx-crond-job: file.managed: - name: /opt/tools/scripts/nginx_cut_log.sh - source: salt://cron/files/nginx_cut_log.sh - user: root - group: root - mode: 755 /bin/bash /opt/tools/scripts/nginx_cut_log.sh >/dev/null 2>&1: cron.present: - identifier: SUPERCRON - user: root - minute: 0 - hour: 0
啟動nginx并設置開機啟動:
[root@salt-master base]# cat nginx/service.sls include: - nginx.install - cron.nginx nginx-init: file.managed: - name: /etc/init.d/nginx - source: salt://nginx/files/nginx - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add nginx - unless: chkconfig --list|grep nginx - require: - file: nginx-init /usr/local/nginx/conf/nginx.conf: file.managed: - source: salt://nginx/files/nginx.conf - user: nginx - group: nginx - mode: 644 nginx-service: file.directory: - name: /usr/local/nginx/conf.d - require: - cmd: nginx-source-install service.running: - name: nginx - enable: True - reload: True - require: - cmd: nginx-init - watch: - file: /usr/local/nginx/conf/nginx.conf
部署命令:[root@salt-master base]# salt 'salt-minion02.contoso.com' state.sls nginx.service
部署結果:
[root@salt-minion02 logs]# ll /usr/local/pcre/ total 16 drwxr-xr-x 2 root root 4096 Jun 8 10:29 bin drwxr-xr-x 2 root root 4096 Jun 8 10:29 include drwxr-xr-x 3 root root 4096 Jun 8 10:29 lib drwxr-xr-x 4 root root 4096 Jun 8 10:29 share [root@salt-minion02 logs]# id nginx uid=601(nginx) gid=601(nginx) groups=601(nginx) [root@salt-minion02 logs]# ll /usr/local/nginx/ total 32 drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 conf drwxr-xr-x 2 root root 4096 Jun 8 10:30 conf.d drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 html drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 logs drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 sbin drwx------ 2 nginx root 4096 Jun 8 10:30 scgi_temp drwxr-xr-x 5 nginx nginx 4096 Jun 8 10:29 tmp drwx------ 2 nginx root 4096 Jun 8 10:30 uwsgi_temp [root@salt-minion02 logs]# /usr/local/nginx/sbin/nginx -V nginx version: nginx/1.6.3 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-17) (GCC) TLS SNI support enabled configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/nginx/tmp/client/ --http-proxy-temp-path=/usr/local/nginx/tmp/proxy/ --http-fastcgi-temp-path=/usr/local/nginx/tmp/fcgi/ --with-poll_module --with-file-aio --with-http_realip_module --with-http_addition_module --with-http_addition_module --with-http_random_index_module --with-http_stub_status_module --http-uwsgi-temp-path=/usr/local/nginx/uwsgi_temp --http-scgi-temp-path=/usr/local/nginx/scgi_temp --with-pcre=/opt/tools/pcre-8.37 [root@salt-minion02 logs]# /etc/init.d/nginx status nginx (pid 11422 11421 11420 11419 11416) is running... [root@salt-minion02 logs]# chkconfig --list|grep nginx nginx 0:off1:off2:on3:on4:on5:on6:off [root@salt-minion02 logs]# crontab -l 0 * * * * /usr/sbin/ntpdate 210.72.145.44 64.147.116.229 time.nist.gov >/dev/null 2>&1 # Lines below here are managed by Salt, do not edit # SALT_CRON_IDENTIFIER:SUPERCRON 0 0 * * * /bin/bash /opt/tools/scripts/nginx_cut_log.sh >/dev/null 2>&1 [root@salt-minion02 logs]# ll /opt/tools/scripts/nginx_cut_log.sh -rwxr-xr-x 1 root root 1100 Jun 8 10:30 /opt/tools/scripts/nginx_cut_log.sh