SaltStack学习系列之State安装Nginx+PHP环境

目录结构

|-- pillar
|   |-- nginx
|   |   `-- nginx.sls   #nginx变量(key:value)
|   `-- top.sls
`-- salt|-- init    #初始化目录
    |   `-- repos.sls  #安装yum源
    |-- roles   #角色(nginx和php)
    |   |-- nginx   #Nginx
    |   |   |-- config.sls    #copy和利用pillar渲染配置文件
    |   |   |-- files         #存放需要copy和渲染到客户端的文件
    |   |   |   |-- fastcgi_params
    |   |   |   |-- jim_fix_params
    |   |   |   |-- nginx-1.8.1.tar.gz
    |   |   |   |-- nginx.conf
    |   |   |   |-- test.php
    |   |   |   `-- vhosts.conf
    |   |   |-- install.sls    #安装Nginx
    |   |   `-- service.sls    #启动Nginx
    |   |-- php      #PHP                       
    |   |   |-- config.sls     #COPY配置文件从master端到minion端
    |   |   |-- files          #存放需要copy到客户端的文件
    |   |   |   |-- php-fpm.conf
    |   |   |   |-- php.ini
    |   |   |   `-- timecash.conf
    |   |   |-- install.sls     #安装PHP
    |   |   `-- service.sls     #启动PHP
    |   `-- user     #创建启动php和nginx的用户
    |       `-- www.sls         #创建www用户
    `-- top.sls       #引用角色的

准备阶段

指定master端pillar和salt文件的目录

vim /etc/salt/master
pillar_roots:
  base:
    - /srv/pillar

file_roots:
  base:
    - /srv/salt

编写配置文件

pillar

/srv/salt/pillar/nginx/nginx.sls

vim  srv/pillar/nginx/nginx.sls
vhost:
    server_name: zhai.timecash.cn                       #渲染nginx的vhost的server_name
    target: /alidata1/nginx/conf/vhosts/zhai.conf       #指定从master端把配置文件copy到minion叫的名字
    web_dir: /alidata1/www/timecash22/zhai.timecash.cn  #指定web程序路径

init

/srv/salt/init/repos.sls

vim /srv/salt/init/repos.sls
yum_epel_repo_release:
    pkg.installed:
        - sources:
            - epel-release:  https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
        - unless: rpm -qa|grep epel-release-7-10
yum_webtatic_repo_release:
    pkg.installed:
        - sources:
            - webtatic-replase: https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
        - unless: rpm -qa |grep webtatic-release-7-3.noarch

roles

nginx

/srv/salt/roles/nginx/install.sls(安装Nginx)

 vim /srv/salt/roles/nginx/install.sls
nginx_source:
  file.managed:
    - name: /tmp/nginx-1.8.1.tar.gz
    - unless: test -d /tmp/nginx-1.8.1.tar.gz
    - user: root
    - group: root
    - makedirs: True
    - source: salt://roles/nginx/files/nginx-1.8.1.tar.gz
nginx_extract:
  cmd.run:
    - cwd: /tmp
    - names:
      - tar -zxf nginx-1.8.1.tar.gz
    - unless: test -d /tmp/nginx-1.8.1.tar.gz
    - require:
      - file: nginx_source
nginx_pkg:
  pkg.installed:
    - pkgs:
      - gcc
      - gcc-c++
      - openssl-devel
      - pcre-devel
      - zlib-devel
nginx_compile:
  cmd.run:
    - cwd: /tmp/nginx-1.8.1
    - names:
      - ./configure --user=www --prefix=/alidata1/nginx --with-http_ssl_module --with-http_gzip_static_module --with-http_stub_status_module --with-http_realip_module
      - make
      - make install
    - require:
      - cmd: nginx_extract
      - pkg: nginx_pkg
    - unless: test -d /usr/local/nginx

/srv/salt/roles/nginx/config.sls(渲染Nginx配置文件并copy到minion端)

vim /srv/salt/roles/nginx/config.sls
nginx-conf:
  file.managed:
    - name: /alidata1/nginx/conf/nginx.conf
    - source: salt://roles/nginx/files/nginx.conf
    - user: root
    - group: root
    - template: jinja
    - defaults:
      num_cpus: {{ grains['num_cpus'] }}         #master端的nginx.conf中num_cpus变量用grains['num_cpus']渲染之后发送到minion端
vhost-conf:
  file.managed:
    - name: {{ pillar['vhost']['target']  }}     #从master端copy到minion端叫的名字,在pillar里定义的
    - source: salt://roles/nginx/files/vhosts.conf
    - template: jinja
    - defaults:
      server_name: {{ pillar['vhost']['server_name']  }}   #master端vhosts.conf中server_name变量,用pillar里的渲染,并发送到minion端
      
fastcgi-params:
  file.managed:
    - name: /alidata1/nginx/conf/fastcgi_params
    - source: salt://roles/nginx/files/fastcgi_params
    - user: root
    - group: root
jim-fix-params:
  file.managed:
    - name: /alidata1/nginx/conf/jim_fix_params
    - source: salt://roles/nginx/files/jim_fix_params
    - user: root
    - group: root
create_dir:
  cmd.run:
    - names:
      - mkdir -p /alidata1/nginx/conf/vhosts/
      - mkdir -p {{ pillar['vhost']['web_dir']  }}

php

/srv/salt/roles/php/install.sls(安装PHP)

vim /srv/salt/roles/php/install.sls
php_pkg:
  pkg.installed:
    - pkgs:
      - gcc
      - gcc-c++
      - autoconf
      - automake
      - zlib
      - zlib-devel
      - openssl
      - openssl-devel
      - pcre
      - pcre-devel
php_install:
  pkg.installed:
    - pkgs:
      - php56w.x86_64
      - php56w-bcmath.x86_64
      - php56w-cli.x86_64
      - php56w-common.x86_64
      - php56w-devel.x86_64
      - php56w-fpm.x86_64
      - php56w-gd.x86_64
      - php56w-mbstring.x86_64
      - php56w-mcrypt.x86_64
      - php56w-mysql.x86_64
      - php56w-opcache.x86_64
      - php56w-pdo.x86_64
      - php56w-soap.x86_64
      - php56w-xml.x86_64
      - php56w-xmlrpc.x86_64

/srv/salt/roles/php/config.sls(copy配置文件到minion端)

vim /srv/salt/roles/php/config.sls
php_log_dir:
  file.directory:
    - name: /alidata1/php/logs/
    - user: root
    - group: root
    - makedirs: True
rm_default_config:
  cmd.run:
    - name: rm -rf /etc/php-fpm.d/www.conf
php-ini:
  file.managed:
    - name: /etc/php.ini
    - source: salt://roles/php/files/php.ini
    - user: root
    - group: root
php-fpm-conf:
  file.managed:
    - name: /etc/php-fpm.conf
    - source: salt://roles/php/files/php-fpm.conf
    - user: root
    - group: root
timecash-conf:
  file.managed:
    - name: /etc/php-fpm.d/timecash.conf
    - source: salt://roles/php/files/timecash.conf
    - user: root
    - group: root

top

/srv/salt/top.sls

vim /srv/salt/top.sls
base:
  '*':
    - roles.nginx.install
    - roles.nginx.config
    - roles.php.install
    - roles.php.config