目录结构
|-- pillar
| |-- nginx
| | `-- nginx.sls #nginx变量(key:value)
| `-- top.sls
`-- salt|-- init #初始化目录
| `-- repos.sls #安装yum源
|-- roles #角色(nginx和php)
| |-- nginx #Nginx
| | |-- config.sls #copy和利用pillar渲染配置文件
| | |-- files #存放需要copy和渲染到客户端的文件
| | | |-- fastcgi_params
| | | |-- jim_fix_params
| | | |-- nginx-1.8.1.tar.gz
| | | |-- nginx.conf
| | | |-- test.php
| | | `-- vhosts.conf
| | |-- install.sls #安装Nginx
| | `-- service.sls #启动Nginx
| |-- php #PHP
| | |-- config.sls #COPY配置文件从master端到minion端
| | |-- files #存放需要copy到客户端的文件
| | | |-- php-fpm.conf
| | | |-- php.ini
| | | `-- timecash.conf
| | |-- install.sls #安装PHP
| | `-- service.sls #启动PHP
| `-- user #创建启动php和nginx的用户
| `-- www.sls #创建www用户
`-- top.sls #引用角色的
准备阶段
指定master端pillar和salt文件的目录
vim /etc/salt/master
pillar_roots:
base:
- /srv/pillar file_roots:
base:
- /srv/salt
编写配置文件
pillar
/srv/salt/pillar/nginx/nginx.sls
vim srv/pillar/nginx/nginx.sls
vhost:
server_name: zhai.timecash.cn #渲染nginx的vhost的server_name
target: /alidata1/nginx/conf/vhosts/zhai.conf #指定从master端把配置文件copy到minion叫的名字
web_dir: /alidata1/www/timecash22/zhai.timecash.cn #指定web程序路径
init
/srv/salt/init/repos.sls
vim /srv/salt/init/repos.sls
yum_epel_repo_release:
pkg.installed:
- sources:
- epel-release: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
- unless: rpm -qa|grep epel-release-7-10
yum_webtatic_repo_release:
pkg.installed:
- sources:
- webtatic-replase: https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
- unless: rpm -qa |grep webtatic-release-7-3.noarch
roles
nginx
/srv/salt/roles/nginx/install.sls(安装Nginx)
vim /srv/salt/roles/nginx/install.sls
nginx_source:
file.managed:
- name: /tmp/nginx-1.8.1.tar.gz
- unless: test -d /tmp/nginx-1.8.1.tar.gz
- user: root
- group: root
- makedirs: True
- source: salt://roles/nginx/files/nginx-1.8.1.tar.gz
nginx_extract:
cmd.run:
- cwd: /tmp
- names:
- tar -zxf nginx-1.8.1.tar.gz
- unless: test -d /tmp/nginx-1.8.1.tar.gz
- require:
- file: nginx_source
nginx_pkg:
pkg.installed:
- pkgs:
- gcc
- gcc-c++
- openssl-devel
- pcre-devel
- zlib-devel
nginx_compile:
cmd.run:
- cwd: /tmp/nginx-1.8.1
- names:
- ./configure --user=www --prefix=/alidata1/nginx --with-http_ssl_module --with-http_gzip_static_module --with-http_stub_status_module --with-http_realip_module
- make
- make install
- require:
- cmd: nginx_extract
- pkg: nginx_pkg
- unless: test -d /usr/local/nginx
/srv/salt/roles/nginx/config.sls(渲染Nginx配置文件并copy到minion端)
vim /srv/salt/roles/nginx/config.sls
nginx-conf:
file.managed:
- name: /alidata1/nginx/conf/nginx.conf
- source: salt://roles/nginx/files/nginx.conf
- user: root
- group: root
- template: jinja
- defaults:
num_cpus: {{ grains['num_cpus'] }} #master端的nginx.conf中num_cpus变量用grains['num_cpus']渲染之后发送到minion端
vhost-conf:
file.managed:
- name: {{ pillar['vhost']['target'] }} #从master端copy到minion端叫的名字,在pillar里定义的
- source: salt://roles/nginx/files/vhosts.conf
- template: jinja
- defaults:
server_name: {{ pillar['vhost']['server_name'] }} #master端vhosts.conf中server_name变量,用pillar里的渲染,并发送到minion端 fastcgi-params:
file.managed:
- name: /alidata1/nginx/conf/fastcgi_params
- source: salt://roles/nginx/files/fastcgi_params
- user: root
- group: root
jim-fix-params:
file.managed:
- name: /alidata1/nginx/conf/jim_fix_params
- source: salt://roles/nginx/files/jim_fix_params
- user: root
- group: root
create_dir:
cmd.run:
- names:
- mkdir -p /alidata1/nginx/conf/vhosts/
- mkdir -p {{ pillar['vhost']['web_dir'] }}
php
/srv/salt/roles/php/install.sls(安装PHP)
vim /srv/salt/roles/php/install.sls
php_pkg:
pkg.installed:
- pkgs:
- gcc
- gcc-c++
- autoconf
- automake
- zlib
- zlib-devel
- openssl
- openssl-devel
- pcre
- pcre-devel
php_install:
pkg.installed:
- pkgs:
- php56w.x86_64
- php56w-bcmath.x86_64
- php56w-cli.x86_64
- php56w-common.x86_64
- php56w-devel.x86_64
- php56w-fpm.x86_64
- php56w-gd.x86_64
- php56w-mbstring.x86_64
- php56w-mcrypt.x86_64
- php56w-mysql.x86_64
- php56w-opcache.x86_64
- php56w-pdo.x86_64
- php56w-soap.x86_64
- php56w-xml.x86_64
- php56w-xmlrpc.x86_64
/srv/salt/roles/php/config.sls(copy配置文件到minion端)
vim /srv/salt/roles/php/config.sls
php_log_dir:
file.directory:
- name: /alidata1/php/logs/
- user: root
- group: root
- makedirs: True
rm_default_config:
cmd.run:
- name: rm -rf /etc/php-fpm.d/www.conf
php-ini:
file.managed:
- name: /etc/php.ini
- source: salt://roles/php/files/php.ini
- user: root
- group: root
php-fpm-conf:
file.managed:
- name: /etc/php-fpm.conf
- source: salt://roles/php/files/php-fpm.conf
- user: root
- group: root
timecash-conf:
file.managed:
- name: /etc/php-fpm.d/timecash.conf
- source: salt://roles/php/files/timecash.conf
- user: root
- group: root
top
/srv/salt/top.sls
vim /srv/salt/top.sls
base:
'*':
- roles.nginx.install
- roles.nginx.config
- roles.php.install
- roles.php.config