目录结构
|-- pillar | |-- nginx | | `-- nginx.sls #nginx变量(key:value) | `-- top.sls `-- salt|-- init #初始化目录 | `-- repos.sls #安装yum源 |-- roles #角色(nginx和php) | |-- nginx #Nginx | | |-- config.sls #copy和利用pillar渲染配置文件 | | |-- files #存放需要copy和渲染到客户端的文件 | | | |-- fastcgi_params | | | |-- jim_fix_params | | | |-- nginx-1.8.1.tar.gz | | | |-- nginx.conf | | | |-- test.php | | | `-- vhosts.conf | | |-- install.sls #安装Nginx | | `-- service.sls #启动Nginx | |-- php #PHP | | |-- config.sls #COPY配置文件从master端到minion端 | | |-- files #存放需要copy到客户端的文件 | | | |-- php-fpm.conf | | | |-- php.ini | | | `-- timecash.conf | | |-- install.sls #安装PHP | | `-- service.sls #启动PHP | `-- user #创建启动php和nginx的用户 | `-- www.sls #创建www用户 `-- top.sls #引用角色的
准备阶段
指定master端pillar和salt文件的目录
vim /etc/salt/master pillar_roots: base: - /srv/pillar file_roots: base: - /srv/salt
编写配置文件
pillar
/srv/salt/pillar/nginx/nginx.sls
vim srv/pillar/nginx/nginx.sls vhost: server_name: zhai.timecash.cn #渲染nginx的vhost的server_name target: /alidata1/nginx/conf/vhosts/zhai.conf #指定从master端把配置文件copy到minion叫的名字 web_dir: /alidata1/www/timecash22/zhai.timecash.cn #指定web程序路径
init
/srv/salt/init/repos.sls
vim /srv/salt/init/repos.sls yum_epel_repo_release: pkg.installed: - sources: - epel-release: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm - unless: rpm -qa|grep epel-release-7-10 yum_webtatic_repo_release: pkg.installed: - sources: - webtatic-replase: https://mirror.webtatic.com/yum/el7/webtatic-release.rpm - unless: rpm -qa |grep webtatic-release-7-3.noarch
roles
nginx
/srv/salt/roles/nginx/install.sls(安装Nginx)
vim /srv/salt/roles/nginx/install.sls nginx_source: file.managed: - name: /tmp/nginx-1.8.1.tar.gz - unless: test -d /tmp/nginx-1.8.1.tar.gz - user: root - group: root - makedirs: True - source: salt://roles/nginx/files/nginx-1.8.1.tar.gz nginx_extract: cmd.run: - cwd: /tmp - names: - tar -zxf nginx-1.8.1.tar.gz - unless: test -d /tmp/nginx-1.8.1.tar.gz - require: - file: nginx_source nginx_pkg: pkg.installed: - pkgs: - gcc - gcc-c++ - openssl-devel - pcre-devel - zlib-devel nginx_compile: cmd.run: - cwd: /tmp/nginx-1.8.1 - names: - ./configure --user=www --prefix=/alidata1/nginx --with-http_ssl_module --with-http_gzip_static_module --with-http_stub_status_module --with-http_realip_module - make - make install - require: - cmd: nginx_extract - pkg: nginx_pkg - unless: test -d /usr/local/nginx
/srv/salt/roles/nginx/config.sls(渲染Nginx配置文件并copy到minion端)
vim /srv/salt/roles/nginx/config.sls nginx-conf: file.managed: - name: /alidata1/nginx/conf/nginx.conf - source: salt://roles/nginx/files/nginx.conf - user: root - group: root - template: jinja - defaults: num_cpus: {{ grains['num_cpus'] }} #master端的nginx.conf中num_cpus变量用grains['num_cpus']渲染之后发送到minion端 vhost-conf: file.managed: - name: {{ pillar['vhost']['target'] }} #从master端copy到minion端叫的名字,在pillar里定义的 - source: salt://roles/nginx/files/vhosts.conf - template: jinja - defaults: server_name: {{ pillar['vhost']['server_name'] }} #master端vhosts.conf中server_name变量,用pillar里的渲染,并发送到minion端 fastcgi-params: file.managed: - name: /alidata1/nginx/conf/fastcgi_params - source: salt://roles/nginx/files/fastcgi_params - user: root - group: root jim-fix-params: file.managed: - name: /alidata1/nginx/conf/jim_fix_params - source: salt://roles/nginx/files/jim_fix_params - user: root - group: root create_dir: cmd.run: - names: - mkdir -p /alidata1/nginx/conf/vhosts/ - mkdir -p {{ pillar['vhost']['web_dir'] }}
php
/srv/salt/roles/php/install.sls(安装PHP)
vim /srv/salt/roles/php/install.sls php_pkg: pkg.installed: - pkgs: - gcc - gcc-c++ - autoconf - automake - zlib - zlib-devel - openssl - openssl-devel - pcre - pcre-devel php_install: pkg.installed: - pkgs: - php56w.x86_64 - php56w-bcmath.x86_64 - php56w-cli.x86_64 - php56w-common.x86_64 - php56w-devel.x86_64 - php56w-fpm.x86_64 - php56w-gd.x86_64 - php56w-mbstring.x86_64 - php56w-mcrypt.x86_64 - php56w-mysql.x86_64 - php56w-opcache.x86_64 - php56w-pdo.x86_64 - php56w-soap.x86_64 - php56w-xml.x86_64 - php56w-xmlrpc.x86_64
/srv/salt/roles/php/config.sls(copy配置文件到minion端)
vim /srv/salt/roles/php/config.sls php_log_dir: file.directory: - name: /alidata1/php/logs/ - user: root - group: root - makedirs: True rm_default_config: cmd.run: - name: rm -rf /etc/php-fpm.d/www.conf php-ini: file.managed: - name: /etc/php.ini - source: salt://roles/php/files/php.ini - user: root - group: root php-fpm-conf: file.managed: - name: /etc/php-fpm.conf - source: salt://roles/php/files/php-fpm.conf - user: root - group: root timecash-conf: file.managed: - name: /etc/php-fpm.d/timecash.conf - source: salt://roles/php/files/timecash.conf - user: root - group: root
top
/srv/salt/top.sls
vim /srv/salt/top.sls base: '*': - roles.nginx.install - roles.nginx.config - roles.php.install - roles.php.config