saltstack实现中小型架构的搭建_salt saltstack 自动


  1.  安装以下依赖包:

    yum install -y gcc gcc-c++ glibc make autoconf openssl openssl-devel lrzsz memcache
    (可以先安装,操作时就只是检查)

  2. 下载以下软件包:

    wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.37.tar.gz##可用yum
    wget http://nginx.org/download/nginx-1.9.6.tar.gz
    wget http://keepalived.org/software/keepalived-1.2.19.tar.gz
    wget http://cn2.php.net/get/php-5.6.15.tar.gz/from/this/mirror


部署Haproxy

[root@linux-node1haproxy]# vim /etc/salt/master
file_roots:
  base:
    - /srv/salt/base
  prod:
    - /srv/salt/prod
  test:
    - /srv/salt/test
[root@linux-node1haproxy]# /etc/init.d/salt-master restart

###修改完配置文件要重启才能生效

[root@linux-node1~]# mkdir /srv/salt/prod/pkg –p   ##生产上一些包放在这
[root@linux-node1~]# mkdir /srv/salt/prod/haproxy
[root@linux-node1~]# mkdir /srv/salt/prod/haproxy/files
[root@linux-node1pkg]# vim pkg-init.sls    ##安装包的初始化
pkg-init:              ##ID
  pkg.installed:
    - names:
      - gcc
      - gcc-c++
      - glibc
      - make
      - autoconf
      - openssl
      - openssl-devel
      - pcre-devel  ###nginx需要
[root@linux-node1prod]# cp /home/reid/tools/haproxy-1.6.2.tar.gz  haproxy/files/


操作方法:第一次先用手动安装一次,然后再用salt来写一次

[root@linux-node1prod]# cp /home/reid/tools/haproxy-1.6.2.tar.gz haproxy/files/
[root@linux-node1prod]# cd haproxy/files/
[root@linux-node1files]# ls
haproxy-1.6.2.tar.gz
[root@linux-node1files]# cp haproxy-1.6.2.tar.gz /usr/local/src/
[root@linux-node1files]# tar zxf haproxy-1.6.2.tar.gz
[root@linux-node1files]# cd haproxy-1.6.2
[root@linux-node1haproxy-1.6.2]# make TARGET=linux26 PREFIX=/usr/local/haproxy && makeinstall PREFIX=/usr/local/haproxy
[root@linux-node1haproxy-1.6.2]# cd examples/
[root@linux-node1examples]# vim haproxy.init
BIN=/usr/local/haproxy/sbin/$BASENAME   ##修改脚本路径


编写sls安装haproxy

[root@linux-node1examples]# cp haproxy.init /srv/salt/prod/haproxy/files/
[root@linux-node1examples]# cd /srv/salt/prod/haproxy/
[root@linux-node1haproxy]# vim install.sls
include:           ##先把包include
  - pkg.pkg-init
 
haproxy-install:
  file.managed:
    - name: /usr/local/src/haproxy-1.6.2.tar.gz
    - source: salt://haproxy/files/haproxy-1.6.2.tar.gz  ##放包根据file_roots来设
    - user: root
    - group: root
    - mode: 755
  cmd.run:   ##安装
   - name: cd/usr/local/src && tar zxf haproxy-1.6.2.tar.gz &&cdhaproxy-1.6.2 && make TARGET=linux26 PREFIX=/usr/local/haproxy&&make install PREFIX=/usr/local/haproxy
    - unless: test -d /usr/local/haproxy    ###如果不存在返回false时就执行
    - require:
      - pkg: pkg-init      ##依赖于这些包
      - file: haproxy-install    
##haproxy-install下有一个文件模块,依赖于这个,一个ID下一个模块只能使用一次
 
haproxy-init:   ##加入开机启动服务
  file.managed: 
    -name: /etc/init.d/haproxy   
    - source: salt://haproxy/files/haproxy.init
    - user: root
    - group: root
    - mode: 755
    - require:
      - cmd: haproxy-install   ####haproxy-install下面一个cmd的模块,依赖于这个
  cmd.run:
    -name: chkconfig --add haproxy
    - unless: chkconfig --list |grep haproxy
    - require:
      - file: /etc/init.d/haproxy
 
net.ipv4.ip_nonlocal_bind:   #监听非本地IP ,负载均衡的机器上只有一个IP,所以要修改一个内核参数
  sysctl.present:
    - value: 1
 
haproxy-config-dir:  ###创建一个目录,放文件到里面
  file.directory:
    - name: /etc/haproxy
    - user: root
    - group: root
    - mode: 755


Note:监听非本地IP ,负载均衡的机器上只有一个IP,所以要修改一个内核参数

[root@linux-node1~]# cat /proc/sys/net/ipv4/ip_nonlocal_bind 
0


状态间关系:

unless:用于检查的命令仅当“unless”选项指向的命令返回false时才执行name指向的命令

require:我依赖某个状态,它执行了我才执行


[root@linux-node1haproxy]# salt 'linux-node1.*' state.sls haproxy.install env=prod

 统一管理haproxy配置文件

[root@linux-node1~]# mkdir /srv/salt/prod/cluster  
[root@linux-node1~]# mkdir /srv/salt/prod/cluster/files ##把配置放里面
[root@linux-node1~]# cd /srv/salt/prod/cluster/files/
[root@linux-node1files]# vim haproxy-outside.cfg  ##外网负载均衡
global
maxconn 100000
chroot /usr/local/haproxy
uid 99 
gid 99 
daemon
nbproc 1 
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info
 
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client  50000ms
timeout server 50000ms
 
listen stats
mode http
stats uri     /haproxy-status 
stats auth    haproxy:saltstack
 
frontend frontend_www_example_com
bind10.0.0.11:80
mode http
option httplog
log global
   default_backend backend_www_example_com
 
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balanceroundrobin
server web-node1  10.0.0.7:8080 check inter 2000 rise 30 fall 15   
server web-node2  10.0.0.8:8080 check inter 2000 rise 30 fall 15
###生产建议除了负载均衡都监听80,可以用普通用户来起
cluster目录下写haproxy相关的配置,配置文件的管理和服务的管理—》思路先安装---配置---再起
[root@linux-node1cluster]# vim haproxy-outside.sls
include:
  - haproxy.install
 
haproxy-service:
  file.managed:
    - name: /etc/haproxy/haproxy.cfg
    - source:salt://cluster/files/haproxy-outside.cfg
    - user: root
    - group: root
    - mode: 644
  service.running:     ##启动服务
    - name: haproxy
    - enable: True            ###开机自启动
    - reload: True     ###不加,配置文件变化了会restart
    - require:
      - cmd: haproxy-init
    - watch:           ##监控配置文件的变化
      - file: haproxy-service
[root@linux-node1cluster]# vim /srv/salt/base/top.sls
base:
  '*':
    - init.env_init
 
prod:
  'linux-node1.example.com':
    - cluster.haproxy-outside
  'linux-node2.example.com':
    - cluster.haproxy-outside
[root@linux-node1~]# salt '*' state.highstate

 

添加首页测试:

Apache的监听端口要修改

Listen:8080

/etc/init.d/httpd restart    ###linux-node2上没有安装
[root@linux-node1~]# echo "linux-node1" >>/var/www/html/index.html
[root@linux-node2~]# echo "linux-node2" >>/var/www/html/index.html
http://10.0.0.7:8888/haproxy-status
bind 0.0.0.0:8888
stats enable

saltstack实现中小型架构的搭建_salt saltstack 自动_02



部署keepalived

准备启动脚本:

[root@linux-node1etc]# mkdir /srv/salt/prod/keepalived/files -p
[root@linux-node1etc]# cp /usr/local/src/keepalived-1.2.19/keepalived/etc/init.d/keepalived.init/srv/salt/prod/keepalived/files/
[root@linux-node1etc]# cp /usr/local/src/keepalived-1.2.19/keepalived/etc/keepalived/keepalived.conf  /srv/salt/prod/keepalived/files/
[root@linux-node1etc]# cd /srv/salt/prod/keepalived/files/
[root@linux-node1files]# ls
keepalived.conf  keepalived.init
[root@linux-node1files]# vimkeepalived.init   ###启动脚本 
start(){
    echo -n $"Starting $prog: "
    daemon /usr/local/keepalived/sbin/keepalived${KEEPALIVED_OPTIONS}

编写keepalived的sls

[root@linux-node1files]# cd ..
[root@linux-node1keepalived]# vim install.sls   ##安装
include:            ##先include要安装的基础包
  - pkg.pkg-init
 
keepalived-install:      ##安装
  file.managed:
    - name:/usr/local/src/keepalived-1.2.19.tar.gz
    - source:salt://keepalived/files/keepalived-1.2.19.tar.gz   ###存放安装包
    - user: root
    - group: root
    - mode: 755
  cmd.run:            ###编译
    - name: cd/usr/local/src && tar zxf keepalived-1.2.19.tar.gz && cdkeepalived-1.2.19  && ./config
ure --prefix=/usr/local/keepalived --disable-fwmark&& make && make install
- unless: test -d /usr/local/keepalived
    - require:
      - pkg: pkg-init
      - file:keepalived-install
keepalived-init:          ###以下是管理配置文件
  file.managed:
    - name:/etc/init.d/keepalived
    - source:salt://keepalived/files/keepalived.init
    - user: root
    - group: root
    - mode: 755
  cmd.run:                 ###设置开机启动
    - name: chkconfig--add keepalived
    - unless:chkconfig --list | grep keepalived
    - require:
      - file:keepalived-init
 
/etc/sysconfig/keepalived:
  file.managed:
    - source:salt://keepalived/files/keepalived.sysconfig
    - user: root
    - group: root
    - mode: 644
 
/etc/keepalived:
  file.directory:
    - user: root
    - group: root
    - mode: 755


准备Keepalived配置文件

[root@linux-node1sysconfig]# cp /usr/local/keepalived/etc/sysconfig/keepalived/srv/salt/prod/keepalived/files/keepalived.sysconfig
[root@linux-node1sysconfig]# vim keepalived  ====》KEEPALIVED_OPTIONS="-D"
[root@linux-node1keepalived]# ll files/
总用量 12
-rw-r--r--1 root root 3562 11月 21 13:33 keepalived.conf
-rwxr-xr-x1 root root 1335 11月 21 13:39 keepalived.init
-rw-r--r--1 root root  667 11月 21 13:59 keepalived.sysconfig
-rw-r--r--1 root root 330164 11月 21 14:26 keepalived-1.2.19.tar.gz
[root@linux-node1keepalived]# salt '*' state.sls keepalived.install env=prod


keepalived的引用

[root@linux-node1~]# cd /srv/salt/prod/cluster/files/
[root@linux-node1files]# cat haproxy-outside-keepalived.conf   ###keepalived的配置文件
!Configuration File for keepalived
global_defs{
   notification_email {
     saltstack@example.com
   }
   notification_email_fromkeepalived@example.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id `ROUTEID`
}
 
vrrp_instancehaproxy_ha {
state `STATEID`
interfaceeth0
    virtual_router_id 36
priority `PRIORITYID`
    advert_int 1
authentication{
auth_typePASS
        auth_pass 1111
    }
    virtual_ipaddress {
       10.0.0.11
    }
}
 
[root@linux-node1cluster]# ls
files  haproxy-outside.sls
[root@linux-node1cluster]# vim haproxy-outside-keepalived.sls
include:
  - keepalived.install
 
keepalived-service:
  file.managed:
    - name: /etc/keepalived/keepalived.conf
    - source:salt://cluster/files/haproxy-outside-keepalived.conf
    - user: root
    - group: root
    - mode: 644
    - template: jinja
   {% if grains['fqdn'] == 'linux-node1.example.com' %}
    - ROUTEID:haproxy_ha
    - STATEID: MASTER
    - PRIORITYID: 150
    {% elifgrains['fqdn'] == 'linux-node2.example.com' %}
    - ROUTEID:haproxy_ha
    - STATEID: BACKUP
    - PRIORITYID: 100
    {% endif %}
  service.running:
    - name: keepalived
    - enable: True
    - watch:
      - file: keepalived-service
[root@linux-node1cluster]# salt '*' state.sls cluster.haproxy-outside-keepalived env=prodtest=True
[root@linux-node1cluster]# salt '*' state.sls cluster.haproxy-outside-keepalived env=prod
[root@linux-node1salt]# vim base/top.sls 
base:
  '*':
    - init.env_init
 
prod:
  'linux-node1.example.com':
    - cluster.haproxy-outside
    - cluster.haproxy-outside-keepalived
  'linux-node2.example.com':
    - cluster.haproxy-outside
    - cluster.haproxy-outside-keepalived
[root@linux-node1prod]# salt '*' state.highstate
[root@linux-node1prod]# ip add| grep 11
    inet 10.0.0.11/32 scope global eth0
[root@linux-node1prod]# /etc/init.d/keepalived stop
[root@linux-node2~]# ip add |grep 11
    inet 10.0.0.11/32 scope global eth0

saltstack实现中小型架构的搭建_salt saltstack 自动_03

saltstack实现中小型架构的搭建_salt saltstack 自动_04


统一用户记管理

[root@linux-node1~]# mkdir /srv/salt/prod/user
[root@linux-node1user]# vim www.sls  ##web的管理用户 
www-user-group:
  group.present:
    - name: www
    - gid: 1000
      
  user.present:
    - name: www
    - fullname: www
    - shell: /sbin/nologin
    - uid: 1000
- gid: 1000
[root@linux-node1user]# salt '*' state.sls user.www env=prod test=True
[root@linux-node1user]# salt '*' state.sls user.www env=prod
 
[root@linux-node1user]# vim mysql.sls  ###mysql管理用户
mysql-user-group:
  group.present:
    - name: mysql
    - gid: 501
 
  user.present:
    - name: mysql
    - fullname: mysql
    - shell: /sbin/nologin
    - uid: 501
- gid: 501
[root@linux-node1user]# salt '*' state.sls user.mysql env=prod test=True
[root@linux-node1user]# salt '*' state.sls user.mysql env=prod



部署Nginx

[root@linux-node1~]# tree /srv/salt/prod/nginx/
/srv/salt/prod/nginx/
├── files
│   ├── nginx-1.9.6.tar.gz
│   └── nginx.init    ###启动脚本
└── install.sls
[root@linux-node1~]# tree /srv/salt/prod/cluster/
/srv/salt/prod/cluster/
├── files
│   ├── haproxy-outside.cfg
│   ├──haproxy-outside-keepalived.conf
│   └── nginx-web.conf       ##配置文件
├── haproxy-outside-keepalived.sls
├── haproxy-outside.sls
└── nginx-web.sls    ###管理配置文件
[root@linux-node1~]# cat /srv/salt/prod/nginx/install.sls
include:
  - pkg.pkg-init
 
nginx-install:
  file.managed:
    - name: /usr/local/src/nginx-1.9.6.tar.gz
    - source:salt://nginx/files/nginx-1.9.6.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd/usr/local/src && tar zxf nginx-1.9.6.tar.gz && cd nginx-1.9.6&&./configure --prefix=/usr/local/nginx --user=www --group=www--with-http_ssl_module --with-http_stub_status_module && make&& make install
    - unless: test -d/usr/local/nginx
    - pkg: pkg-init
    - file:nginx-install
 
nginx-init:
  file.managed:
    - name:/etc/init.d/nginx
    - source:salt://nginx/files/nginx.init
    - user: root
    - group: root
    - mode: 755
    - require:
      - cmd:nginx-install
  cmd.run:
    - name: chkconfig--add nginx
    - unless:chkconfig --list | grep nginx
    - require:
      - file:/etc/init.d/nginx
[root@linux-node1~]# cat /srv/salt/prod/cluster/nginx-web.sls
include:
  - nginx.install
 
nginx-service:
  file.managed:
    - name:/usr/local/nginx/conf/nginx.conf
    - source:salt://cluster/files/nginx-web.conf
 
  service.running:
    - name: nginx
    - enable: True
    - reload: True
    - require:
      - cmd:nginx-init
    - watch:
      - file:nginx-service
[root@linux-node1~]# cat /srv/salt/base/top.sls 
base:
  '*':
    - init.env_init
 
prod:
  'linux-node1.example.com':
    - cluster.haproxy-outside
    - cluster.haproxy-outside-keepalived
    -cluster.nginx-web
  'linux-node2.example.com':
    - cluster.haproxy-outside
    - cluster.haproxy-outside-keepalived
    -cluster.nginx-web


saltstack实现中小型架构的搭建_salt saltstack 自动_05

saltstack实现中小型架构的搭建_salt saltstack 自动_06


部署PHP

[root@linux-node1~]# tree /srv/salt/prod/php/
/srv/salt/prod/php/
├── files
│   ├── php-5.6.15.tar.gz
│   ├── php-fpm.conf   ###修改下启动用户为www
│   └── php.init
└── install.sls
 
[root@linux-node1~]# tree /srv/salt/prod/cluster/
/srv/salt/prod/cluster/
├── files
│   ├── haproxy-outside.cfg
│   ├──haproxy-outside-keepalived.conf
│   ├── nginx-web.conf
│   └── php.ini
├── haproxy-outside-keepalived.sls
├── haproxy-outside.sls
├── nginx-web.sls
└── php-web.sls
[root@linux-node1~]# cat /srv/salt/prod/php/install.sls
include:
  - pkg.pkg-init
 
php-install:
  file.managed:
    - name:/usr/local/src/php-5.6.15.tar.gz
    - source:salt://php/files/php-5.6.15.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd/usr/local/src/ && tar xf php-5.6.15.tar.gz && cd php-5.6.15&& ./configure --prefix=/usr/local/php --with-mysql --with-jpeg-dir--with-png-dir --with-zlib --enable-xml --with-libxml-dir --with-curl--enable-bcmath --enable-shmop --enable-sysvsem --enable-inline-optimization --enable-mbregex--with-openssl --enable-mbstring --with-gd --enable-gd-native-ttf--enable-sockets --with-xmlrpc --enable-zip --enable-soap --disable-debug--enable-opcache --enable-zip --with-config-file-path=/usr/local/php/etc--enable-fpm --with-fpm-user=nginx --with-fpm-group=nginx && make&& make install
    - unless: test -d/usr/local/php
    - pkg: pkg-init
    - file:php-install
 
php-conf:
  file.managed:
    - name:/usr/local/php/etc/php-fpm.conf  
    - source:salt://php/files/php-fpm.conf   ###启动需要的文件
    - user: root
    - group: root
    - mode: 644
    - require:
      - cmd:php-install
 
php-init:
  file.managed:
    - name:/etc/init.d/php
    - source:salt://php/files/php.init    ###启动脚本
    - user: root
    - group: root
    - mode: 755
    - require:
      - cmd:php-install
 
  cmd.run:
    - name: chkconfig--add php
    - unless:chkconfig --list | grep php
    - require:
      - file:/etc/init.d/php
 
[root@linux-node1~]# cat /srv/salt/prod/cluster/php-web.sls
include:
  - php.install
 
php-service:
  file.managed:
    - name:/usr/local/php/etc/php.ini            ###配置文件
    - source:salt://cluster/files/php.ini
 
  service.running:
    - name: php
    - enable: True
    - reload: True
    - require:
      - cmd: php-init
    - watch:
      - file:php-service
 
[root@linux-node1~]# cat /srv/salt/prod/cluster/files/nginx-web.conf  ###需要修改,前期部署可以一下实现,可以根据不同的站点对业务配置管理
worker_processes  1;
events{
    worker_connections  1024;
}
http{
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
        listen       8081;
        server_name  www.reid.org;
        root   html/blog;
        index index.php index.html index.htm;
    location ~ .*\.(php|php5)?$     ###支持PHP
    {
     fastcgi_pass  127.0.0.1:9000;
     fastcgi_index index.php;
     include fastcgi.conf;
    }
 
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}
salt'*' state.sls php.install env=prod test=True
salt'*' state.sls php.install env=prod
salt'*' state.higtstate

测试:

saltstack实现中小型架构的搭建_salt saltstack 自动_07

saltstack实现中小型架构的搭建_salt saltstack 自动_08


部署Memcached

[root@linux-node1~]#tree /srv/salt/prod/memcached/
/srv/salt/prod/memcached/
├── files
│   └── memcached-1.4.13.tar.gz
├── install.sls
├── memcached.sls
└── service.sls
 
[root@linux-node1~]# mkdir /srv/salt/prod/libevent/files -p
[root@linux-node1~]# mkdir /srv/salt/prod/memcached/files –p
 
安装libevent
[root@linux-node1~]# vim /srv/salt/prod/libevent/install.sls
libevent-source-install:
  file.managed:
    - name:/usr/local/src/libevent-1.4.13-stable.tar.gz
    - source:salt://libevent/files/libevent-1.4.13-stable.tar.gz
    - user: root
    - group: root
    - mode: 644
 
  cmd.run:
    - name: cd /usr/local/src && tarzxf libevent-1.4.13-stable.tar.gz && cd libevent-1.4.13-stable&& ./config
ure--prefix=/usr/local/libevent && make && make install
    - unless: test -d /usr/local/libevent
    - require:
      - file: libevent-source-install
 
安装memcached
[root@linux-node1~]# vim /srv/salt/prod/memcached/install.sls
include:
  - libevent.install
 
memcached-source-install:
  file.managed:
    - name: /usr/local/src/memcached-1.4.13.tar.gz
    - source:salt://memcached/files/memcached-1.4.13.tar.gz
    - user: root
    - group: root
    - mode: 644
  cmd.run:
    - name: cd /usr/local/src && tarzxf memcached-1.4.13.tar.gz && cd memcached-1.4.13 &&./configure --prefix
=/usr/local/memcached--enable-64bit --with-libevent=/usr/local/libevent && make &&make install
    - unless: test -d /usr/local/memcached
    - require:
      - cmd: libevent-source-install
      - file: memcached-source-install
 
启动memcached
[root@linux-node1~]# vim /srv/salt/prod/memcached/service.sls
include:
  - memcached.install
  - user.www
 
memcached.service:
  cmd.run:
    - name: /usr/local/memcached/bin/memcached-d -m 128 -p 11211 -c 8096 -u www
    - unless: netstat -tnlp|grep 11211
    - require:
      - cmd: memcached-source-install
      - user: www-user-group
 
在top file上定义
[root@linux-node1~]# vim /srv/salt/base/top.sls 
base:
  '*':
    - init.env_init
 
prod:
  'linux-node1.example.com':
    - cluster.haproxy-outside
    - cluster.haproxy-outside-keepalived
    - cluster.nginx-web
    - cluster.php-web
    - cluster.mysql
    - memcached.service
  'linux-node2.example.com':
    - cluster.haproxy-outside
    - cluster.haproxy-outside-keepalived
    - cluster.nginx-web
    - cluster.php-web
    - cluster.mysql
    - memcached.service
 
[root@linux-node1~]# netstat -ntlp|grep 11211               
tcp        0     0 0.0.0.0:11211              0.0.0.0:*                   LISTEN      9485/memcached      
tcp        0     0 :::11211                    :::*                       LISTEN      9485/memcached
[root@linux-node2~]#  netstat -ntlp|grep 11211
tcp        0     0 0.0.0.0:11211              0.0.0.0:*                   LISTEN      5137/memcached      
tcp        0     0 :::11211                    :::*                        LISTEN      5137/memcached
 
PHP Memcache
[root@linux-node1~]# vim /srv/salt/prod/php/php-memcache.sls    
memcache-plugin:
  file.managed:
    - name: /usr/local/src/memcache-2.2.5.tgz
    - source: salt://php/files/memcache-2.2.5.tgz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tarzxf memcache-2.2.5.tgz && cd memcache-2.2.5 &&/usr/local/php/bin/phpize &
&./configure --enable-memcache --with-php-config=/usr/local/php/bin/php-config&& make && make install
    - unless: test -f/usr/local/php/lib/php/extensions/*/memcache.so
    - require:
      - file: memcache-plugin
 
/usr/local/php/etc/php.ini:
  file.append:
    - text:
      - extension=memcache.so

saltstack实现中小型架构的搭建_salt saltstack 自动_09

saltstack实现中小型架构的搭建_salt saltstack 自动_10



部署MySQL(生产上不建议主从用salt部署)

[root@linux-node1~]# tree /srv/salt/prod/mysql/
/srv/salt/prod/mysql/
├── files
│   ├── my-medium.cnf      ##配置文件
│   ├── mysql-5.1.72.tar.gz   ##安装包
│   └── mysql.server  ###启动脚本
└── install.sls   ###安装文件
 
[root@linux-node1~]# cat /srv/salt/prod/mysql/install.sls                            
include:
  - pkg.pkg-init
  - user.mysql
 
mysql-install:
  file.managed:
    - name: /usr/local/src/mysql-5.1.72.tar.gz
    - source:salt://mysql/files/mysql-5.1.72.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tar xfmysql-5.1.72.tar.gz && cd mysql-5.1.72 && ./configure--prefix=/usr/local/mysql--with-unix-socket-path=/usr/local/mysql/tmp/mysql.sock --localstatedir=/usr/local/mysql/data--enable-assembler --enable-thread-safe-client --with-mysqld-user=mysql--with-big-tables --without-debug --with-pthread --enable-assembler--with-extra-charsets=complex --with-readline --with-ssl --with-embedded-server--enable-local-infile --with-plugins=partition,innobase--with-mysqld-ldflags=-all-static --with-client-ldflags=-all-static &&make && make install
    - unless: test -d /usr/local/mysql
    - require:
      - file: mysql-install
      - pkg: pkg-init
 
 
mysql-data-dir:
  file.directory:
    - name: /usr/local/mysql/data
    - user: mysql
    - group: mysql
    - require:
      - user: mysql
  cmd.run:
    - name: cd /usr/local/mysql/bin/ &&./mysql_install_db --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data/--user=mysql
    - require:
      - cmd: mysql-install
 
mysql-config-file:
  file.managed:
    - name: /etc/my.cnf
    - source: salt://mysql/files/my-medium.cnf
    - user: root
    - group: root
    - mode: 644
 
mysql-init:
  file.managed:
    - name: /etc/init.d/mysqld
    - source: salt://mysql/files/mysql.server
    - user: root
    - group: root
    - mode: 755
    - require:
      - cmd: mysql-install
      - file: mysql-config-file
  cmd.run:
    - name: chkconfig --add mysqld
    - unless: chkconfig --list | grep mysqld
    - require:
      - file: /etc/init.d/mysqld
  service.running:
    - name: mysqld
    - enable: True
    - require:
      - file: /etc/init.d/mysqld
 
[root@linux-node1~]# salt '*' state.sls mysql.install env=prod