上一篇其实对通过saltstack部署nginx做了演示,但是可能与我目前的环境还是有点出入,然后sls的结构也不太清晰,所以就又做了改变和优化,叫做进阶可能有点噱头了,不过还是记录如下:
nginx安装目标:
1)安装必要依赖
2)准备pcre安装包
2)源码安装pcre
3)准备nginx安装包
4)源码安装nginx
nginx配置:
1)拷贝nginx.conf配置文件
2)拷贝启停脚本
3)添加系统服务并设置开机启动
4)拷贝日志切割脚本
5)添加定时任务
salt master上的目录结构如下:
计算
安全
数据库
网络和加速
企业服务
[root@salt-master base]# tree /srv/salt/base/
/srv/salt/base/
├── cron
│ ├── files
│ │ └── nginx_cut_log.sh
│ └── nginx.sls
├── nginx
│ ├── files
│ │ ├── nginx
│ │ ├── nginx-1.6.3.tar.gz
│ │ └── nginx.conf
│ ├── install.sls
│ └── service.sls
├── packages
│ └── install.sls
├── pcre
│ ├── files
│ │ └── pcre-8.37.tar.gz
│ └── install.sls
└── user
└── nginx.sls
8 directories, 11 files安装必要软件包:
[root@salt-master base]# cat packages/install.sls
yum_pcre_packages:
pkg.installed:
- names:
- gcc
- gcc-c++
- autoconf
- automake
- zlib
- zlib-devel
- make
- openssl
- openssl-devel
- libpng
- libpng-devel
- freetype
- freetype-devel
- libxml2
- libxml2-devel
- glibc
- glibc-devel
- glib2
- glib-devel
- bzip2
- bzip2-devel
- ncurses
- ncurses-devel
- curl
- cmake编译安装pcre:
[root@salt-master base]# cat pcre/install.sls
include:
- packages.install
pcre-source-install:
file.managed:
- source: salt://pcre/files/pcre-8.37.tar.gz
- name: /opt/tools/pcre-8.37.tar.gz
- user: root
- group: root
- mode: 755
- makedirs: True
- dir_mode: 644
cmd.run:
- name: cd /opt/tools/ && tar -zxf pcre-8.37.tar.gz && cd pcre-8.37 && ./configure --prefix=/usr/local/pcre && make && make install
- unless: test -d /usr/local/pcre
- require:
- file: pcre-source-install创建nginx用户和组:
[root@salt-master base]# cat user/nginx.sls
nginx-user-group:
group.present:
- name: nginx
- gid: 601
user.present:
- name: nginx
- fullname: nginx
- shell: /sbin/nologin
- uid: 601
- gid: 601编译安装nginx:
[root@salt-master base]# cat nginx/install.sls
include:
- pcre.install
- user.nginx
nginx-source-install:
file.managed:
- source: salt://nginx/files/nginx-1.6.3.tar.gz
- name: /opt/tools/nginx-1.6.3.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /opt/tools/ && tar -zxf nginx-1.6.3.tar.gz && mkdir -p /usr/local/nginx/tmp/{client,proxy,fcgi} && cd nginx-1.6.3 && ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/nginx/tmp/client/ --http-proxy-temp-path=/usr/local/nginx/tmp/proxy/ --http-fastcgi-temp-path=/usr/local/nginx/tmp/fcgi/ --with-poll_module --with-file-aio --with-http_realip_module --with-http_addition_module --with-http_addition_module --with-http_random_index_module --with-http_stub_status_module --http-uwsgi-temp-path=/usr/local/nginx/uwsgi_temp --http-scgi-temp-path=/usr/local/nginx/scgi_temp --with-pcre=/opt/tools/pcre-8.37 && make && make install && chown -R nginx:nginx /usr/local/nginx/
- unless: test -e /usr/local/nginx/sbin/nginx
- require:
- file: nginx-source-install
- cmd: pcre-source-install添加定时任务:
[root@salt-master base]# cat cron/nginx.sls
/opt/tools/scripts/:
file.directory:
- user: root
- group: root
- mode: 644
- makedirs: True
nginx-crond-job:
file.managed:
- name: /opt/tools/scripts/nginx_cut_log.sh
- source: salt://cron/files/nginx_cut_log.sh
- user: root
- group: root
- mode: 755
/bin/bash /opt/tools/scripts/nginx_cut_log.sh >/dev/null 2>&1:
cron.present:
- identifier: SUPERCRON
- user: root
- minute: 0
- hour: 0启动nginx并设置开机启动:
[root@salt-master base]# cat nginx/service.sls
include:
- nginx.install
- cron.nginx
nginx-init:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx
- user: root
- group: root
- mode: 755
cmd.run:
- name: chkconfig --add nginx
- unless: chkconfig --list|grep nginx
- require:
- file: nginx-init
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
- user: nginx
- group: nginx
- mode: 644
nginx-service:
file.directory:
- name: /usr/local/nginx/conf.d
- require:
- cmd: nginx-source-install
service.running:
- name: nginx
- enable: True
- reload: True
- require:
- cmd: nginx-init
- watch:
- file: /usr/local/nginx/conf/nginx.conf部署命令:[root@salt-master base]# salt 'salt-minion02.contoso.com' state.sls nginx.service
部署结果:
[root@salt-minion02 logs]# ll /usr/local/pcre/
total 16
drwxr-xr-x 2 root root 4096 Jun 8 10:29 bin
drwxr-xr-x 2 root root 4096 Jun 8 10:29 include
drwxr-xr-x 3 root root 4096 Jun 8 10:29 lib
drwxr-xr-x 4 root root 4096 Jun 8 10:29 share
[root@salt-minion02 logs]# id nginx
uid=601(nginx) gid=601(nginx) groups=601(nginx)
[root@salt-minion02 logs]# ll /usr/local/nginx/
total 32
drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 conf
drwxr-xr-x 2 root root 4096 Jun 8 10:30 conf.d
drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 html
drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 logs
drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 sbin
drwx------ 2 nginx root 4096 Jun 8 10:30 scgi_temp
drwxr-xr-x 5 nginx nginx 4096 Jun 8 10:29 tmp
drwx------ 2 nginx root 4096 Jun 8 10:30 uwsgi_temp
[root@salt-minion02 logs]# /usr/local/nginx/sbin/nginx -V
nginx version: nginx/1.6.3
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-17) (GCC)
TLS SNI support enabled
configure arguments: --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --http-client-body-temp-path=/usr/local/nginx/tmp/client/ --http-proxy-temp-path=/usr/local/nginx/tmp/proxy/ --http-fastcgi-temp-path=/usr/local/nginx/tmp/fcgi/ --with-poll_module --with-file-aio --with-http_realip_module --with-http_addition_module --with-http_addition_module --with-http_random_index_module --with-http_stub_status_module --http-uwsgi-temp-path=/usr/local/nginx/uwsgi_temp --http-scgi-temp-path=/usr/local/nginx/scgi_temp --with-pcre=/opt/tools/pcre-8.37
[root@salt-minion02 logs]# /etc/init.d/nginx status
nginx (pid 11422 11421 11420 11419 11416) is running...
[root@salt-minion02 logs]# chkconfig --list|grep nginx
nginx 0:off1:off2:on3:on4:on5:on6:off
[root@salt-minion02 logs]# crontab -l
0 * * * * /usr/sbin/ntpdate 210.72.145.44 64.147.116.229 time.nist.gov >/dev/null 2>&1
# Lines below here are managed by Salt, do not edit
# SALT_CRON_IDENTIFIER:SUPERCRON
0 0 * * * /bin/bash /opt/tools/scripts/nginx_cut_log.sh >/dev/null 2>&1
[root@salt-minion02 logs]# ll /opt/tools/scripts/nginx_cut_log.sh
-rwxr-xr-x 1 root root 1100 Jun 8 10:30 /opt/tools/scripts/nginx_cut_log.sh亿速云「云服务器」,即开即用、新一代英特尔至强铂金CPU、三副本存储NVMe SSD云盘,价格低至29元/月。点击查看>>
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
