“Saltstack state安装nignx”的版本间的差异
跳到导航
跳到搜索
(→ins) |
|||
| (未显示同一用户的9个中间版本) | |||
| 第1行: | 第1行: | ||
| − | == | + | =ins= |
| − | + | [[Saltstack的配置管理salt.states]] | |
| + | 注意 这个版本只是一个例子 还要优化才行 | ||
ip 192.168.88.60 ubuntu18.04 | ip 192.168.88.60 ubuntu18.04 | ||
| 第6行: | 第7行: | ||
<pre> | <pre> | ||
| + | 创建目录 | ||
| + | |||
mkdir -p /srv/salt/prod/pcre/files/ | mkdir -p /srv/salt/prod/pcre/files/ | ||
mkdir -p /srv/salt/prod/nginx/files/ | mkdir -p /srv/salt/prod/nginx/files/ | ||
| + | |||
| + | 下载pcre和nginx源码包保存到各自的files目录下 | ||
| + | root@myxps:/srv/salt/prod# ls nginx/files/ | ||
| + | nginx-1.20.1.tar.gz openssl-1.1.1k.tar.gz | ||
| + | |||
| + | wget https://ftp.pcre.org/pub/pcre/pcre-8.42.tar.bz2 | ||
| + | |||
| + | root@myxps:/srv/salt/prod# ls pcre/files/ | ||
| + | pcre-8.42.tar.bz2 | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | </pre> | ||
| + | |||
| + | == 编写pcre安装文件== | ||
| + | |||
| + | <pre> | ||
| + | vi /srv/salt/prod/pcre/install.sls | ||
| + | pcre-source-install: | ||
| + | file.managed: | ||
| + | - name: /usr/local/src/pcre-8.42.tar.bz2 | ||
| + | - source: salt://pcre/files/pcre-8.42.tar.bz2 | ||
| + | - user: root | ||
| + | - group: root | ||
| + | - mode: 755 | ||
| + | cmd.run: | ||
| + | - name: cd /usr/local/src && tar xvf pcre-8.42.tar.bz2 && cd pcre-8.42 && ./configure --prefix=/usr/local/pcre && make && make install | ||
| + | - unless: test -d /usr/local/pcre | ||
| + | - require: | ||
| + | - file: pcre-source-install | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | |||
| + | == 编写nginx安装文件== | ||
| + | |||
| + | <pre> | ||
| + | vi /srv/salt/prod/pcre/install.sls | ||
| + | |||
| + | pcre-source-install: | ||
| + | file.managed: | ||
| + | - name: /usr/local/src/pcre-8.42.tar.bz2 | ||
| + | - source: salt://pcre/files/pcre-8.42.tar.bz2 | ||
| + | - user: root | ||
| + | - group: root | ||
| + | - mode: 755 | ||
| + | cmd.run: | ||
| + | - name: cd /usr/local/src && tar xvf pcre-8.42.tar.bz2 && cd pcre-8.42 && ./configure --prefix=/usr/local/pcre && make && make install | ||
| + | - unless: test -d /usr/local/pcre | ||
| + | - require: | ||
| + | - file: pcre-source-install | ||
| + | root@myxps:/srv/salt/prod# cat /srv/salt/prod/nginx/install.sls | ||
| + | include: | ||
| + | - pcre.install | ||
| + | - user.www | ||
| + | |||
| + | nginx-source-install: | ||
| + | file.managed: | ||
| + | - name: /usr/local/src/nginx-1.20.1.tar.gz | ||
| + | - source: salt://nginx/files/nginx-1.20.1.tar.gz | ||
| + | - user: root | ||
| + | - group: root | ||
| + | - mode: 755 | ||
| + | cmd.run: | ||
| + | - name: cd /usr/local/src && tar xvf nginx-1.20.1.tar.gz && cd nginx-1.20.1 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.42 --without-http_gzip_module && make && make install && chown -R www:www /usr/local/nginx | ||
| + | - unless: test -d /usr/local/nginx | ||
| + | - require: | ||
| + | - user: www-user-group | ||
| + | - file: nginx-source-install | ||
| + | - cmd: pcre-source-install | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | |||
| + | ==编写nginx.conf == | ||
| + | <pre> | ||
| + | |||
| + | cat /srv/salt/prod/nginx/files/nginx.conf | ||
| + | user www; | ||
| + | worker_processes 16; | ||
| + | error_log logs/error.log error; | ||
| + | worker_rlimit_nofile 30000; | ||
| + | pid logs/nginx.pid; | ||
| + | events { | ||
| + | use epoll; | ||
| + | worker_connections 65535; | ||
| + | } | ||
| + | |||
| + | http { | ||
| + | include mime.types; | ||
| + | default_type application/octet-stream; | ||
| + | sendfile on; | ||
| + | tcp_nopush on; | ||
| + | underscores_in_headers on; | ||
| + | keepalive_timeout 10; | ||
| + | send_timeout 60; | ||
| + | include /usr/local/nginx/conf/vhost/*.conf; | ||
| + | server { | ||
| + | listen 80; | ||
| + | server_name 127.0.0.1; | ||
| + | location /nginx_status { | ||
| + | stub_status on; | ||
| + | access_log off; | ||
| + | allow 127.0.0.1; | ||
| + | deny all; | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | |||
| + | |||
| + | |||
| + | |||
| + | </pre> | ||
| + | |||
| + | ==编写Nginx的service.sls启动服务 == | ||
| + | <pre> | ||
| + | cat /srv/salt/prod/nginx/service.sls | ||
| + | include: | ||
| + | - nginx.install | ||
| + | |||
| + | nginx-init: | ||
| + | file.managed: | ||
| + | - name: /etc/init.d/nginx | ||
| + | - source: salt://nginx/files/nginx-init | ||
| + | - mode: 755 | ||
| + | - user: root | ||
| + | - group: root | ||
| + | cmd.run: | ||
| + | - name: systemctl enable nginx | ||
| + | - unless: systemctl list-unit-files | grep nginx | ||
| + | - require: | ||
| + | - file: nginx-init | ||
| + | |||
| + | /usr/local/nginx/conf/nginx.conf: | ||
| + | file.managed: | ||
| + | - source: salt://nginx/files/nginx.conf | ||
| + | - user: www | ||
| + | - group: www | ||
| + | - mode: 644 | ||
| + | |||
| + | nginx-service: | ||
| + | file.directory: | ||
| + | - name: /usr/local/nginx/conf/vhost | ||
| + | - require: | ||
| + | - cmd: nginx-source-install | ||
| + | service.running: | ||
| + | - name: nginx | ||
| + | - enable: True | ||
| + | - reload: True | ||
| + | - require: | ||
| + | - cmd: nginx-init | ||
| + | - watch: | ||
| + | - file: /usr/local/nginx/conf/nginx.conf | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | |||
| + | == 创建www用户== | ||
| + | <pre> | ||
| + | # 其实debian派的 有个 www-data用户的 | ||
| + | |||
| + | 这里我手工操作了一下 | ||
| + | |||
| + | adduser www | ||
| + | |||
| + | |||
| + | /sbin/nologin | ||
| + | |||
| + | cat /srv/salt/prod/user/www.sls | ||
| + | www-user-group: | ||
| + | group.present: | ||
| + | - name: www | ||
| + | - gid: 1001 | ||
| + | |||
| + | user.present: | ||
| + | - name: www | ||
| + | - fullname: www | ||
| + | - shell: /sbin/nologin | ||
| + | - uid: 1001 | ||
| + | - gid: 1001 | ||
| + | |||
| + | </pre> | ||
| + | |||
| + | |||
| + | == 修改top.sls== | ||
| + | <pre> | ||
| + | cat /srv/salt/base/top.sls | ||
| + | prod: | ||
| + | 'ubuntu18': | ||
| + | - nginx.install | ||
| + | |||
| + | |||
| + | 如果是ubuntu ,centos的话 得改一下 | ||
| + | cat /srv/salt/prod/pkg/pkg-init.sls | ||
| + | pkg-init: | ||
| + | pkg.installed: | ||
| + | - names: | ||
| + | - build-essential | ||
| + | - libtool | ||
| + | - libpcre3 | ||
| + | - libpcre3-dev | ||
| + | - openssl | ||
| + | - libssl-dev | ||
| + | |||
</pre> | </pre> | ||
| + | |||
| + | ==测试并运行 == | ||
| + | <pre> | ||
| + | |||
| + | |||
| + | [root@localhost salt]# salt '*' state.highstate test=True | ||
| + | [root@localhost salt]# salt '*' state.highstate | ||
| + | </pre> | ||
=see also= | =see also= | ||
| + | |||
| + | |||
| + | ==优化== | ||
| + | [https://www.cnblogs.com/yanjieli/p/10904223.html SaltStack--项目实战 ] | ||
[https://www.jianshu.com/p/9cacd70ff53a 用saltstack安装nignx服务器] | [https://www.jianshu.com/p/9cacd70ff53a 用saltstack安装nignx服务器] | ||
2021年8月12日 (四) 12:37的最新版本
目录
ins
注意 这个版本只是一个例子 还要优化才行 ip 192.168.88.60 ubuntu18.04
前提 已安装好 master minion
创建目录 mkdir -p /srv/salt/prod/pcre/files/ mkdir -p /srv/salt/prod/nginx/files/ 下载pcre和nginx源码包保存到各自的files目录下 root@myxps:/srv/salt/prod# ls nginx/files/ nginx-1.20.1.tar.gz openssl-1.1.1k.tar.gz wget https://ftp.pcre.org/pub/pcre/pcre-8.42.tar.bz2 root@myxps:/srv/salt/prod# ls pcre/files/ pcre-8.42.tar.bz2
编写pcre安装文件
vi /srv/salt/prod/pcre/install.sls
pcre-source-install:
file.managed:
- name: /usr/local/src/pcre-8.42.tar.bz2
- source: salt://pcre/files/pcre-8.42.tar.bz2
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar xvf pcre-8.42.tar.bz2 && cd pcre-8.42 && ./configure --prefix=/usr/local/pcre && make && make install
- unless: test -d /usr/local/pcre
- require:
- file: pcre-source-install
编写nginx安装文件
vi /srv/salt/prod/pcre/install.sls
pcre-source-install:
file.managed:
- name: /usr/local/src/pcre-8.42.tar.bz2
- source: salt://pcre/files/pcre-8.42.tar.bz2
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar xvf pcre-8.42.tar.bz2 && cd pcre-8.42 && ./configure --prefix=/usr/local/pcre && make && make install
- unless: test -d /usr/local/pcre
- require:
- file: pcre-source-install
root@myxps:/srv/salt/prod# cat /srv/salt/prod/nginx/install.sls
include:
- pcre.install
- user.www
nginx-source-install:
file.managed:
- name: /usr/local/src/nginx-1.20.1.tar.gz
- source: salt://nginx/files/nginx-1.20.1.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar xvf nginx-1.20.1.tar.gz && cd nginx-1.20.1 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.42 --without-http_gzip_module && make && make install && chown -R www:www /usr/local/nginx
- unless: test -d /usr/local/nginx
- require:
- user: www-user-group
- file: nginx-source-install
- cmd: pcre-source-install
编写nginx.conf
cat /srv/salt/prod/nginx/files/nginx.conf
user www;
worker_processes 16;
error_log logs/error.log error;
worker_rlimit_nofile 30000;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
underscores_in_headers on;
keepalive_timeout 10;
send_timeout 60;
include /usr/local/nginx/conf/vhost/*.conf;
server {
listen 80;
server_name 127.0.0.1;
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
}
编写Nginx的service.sls启动服务
cat /srv/salt/prod/nginx/service.sls
include:
- nginx.install
nginx-init:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx-init
- mode: 755
- user: root
- group: root
cmd.run:
- name: systemctl enable nginx
- unless: systemctl list-unit-files | grep nginx
- require:
- file: nginx-init
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
- user: www
- group: www
- mode: 644
nginx-service:
file.directory:
- name: /usr/local/nginx/conf/vhost
- require:
- cmd: nginx-source-install
service.running:
- name: nginx
- enable: True
- reload: True
- require:
- cmd: nginx-init
- watch:
- file: /usr/local/nginx/conf/nginx.conf
创建www用户
# 其实debian派的 有个 www-data用户的
这里我手工操作了一下
adduser www
/sbin/nologin
cat /srv/salt/prod/user/www.sls
www-user-group:
group.present:
- name: www
- gid: 1001
user.present:
- name: www
- fullname: www
- shell: /sbin/nologin
- uid: 1001
- gid: 1001
修改top.sls
cat /srv/salt/base/top.sls
prod:
'ubuntu18':
- nginx.install
如果是ubuntu ,centos的话 得改一下
cat /srv/salt/prod/pkg/pkg-init.sls
pkg-init:
pkg.installed:
- names:
- build-essential
- libtool
- libpcre3
- libpcre3-dev
- openssl
- libssl-dev
测试并运行
[root@localhost salt]# salt '*' state.highstate test=True [root@localhost salt]# salt '*' state.highstate
see also
优化
https://github.com/tjkt/saltstack-nginx/tree/master/salt
