设为首页收藏本站

追梦Linux

 找回密码
 立即注册

QQ登录

只需一步,快速开始

查看: 219|回复: 0

【Saltstack系列】14、Saltstack实践--Nginx+PHP(FastCGI)配置

[复制链接]

482

主题

485

帖子

16万

积分

CEO

Rank: 9Rank: 9Rank: 9

积分
167914

最佳新人活跃会员热心会员推广达人宣传达人灌水之王突出贡献优秀版主荣誉管理论坛元老

QQ
发表于 2016-6-7 16:09:20 | 显示全部楼层 |阅读模式
官方文档https://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html



[AppleScript] 纯文本查看 复制代码
在生产环境安装nginx+php,创建以下目录
mkdir -p /srv/salt/prod/pcre/files
mkdir -p /srv/salt/prod/nginx/files
mkdir -p /srv/salt/prod/php/files
下载源文件
cd  /srv/salt/prod/pcre/files &&wget  [url=ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.38.tar.gz]ftp://ftp.csx.cam.ac.uk/pub/soft ... re/pcre-8.38.tar.gz[/url]
cd  /srv/salt/prod/nginx/files   &&wget   [url=http://nginx.org/download/nginx-1.9.9.tar.gz]http://nginx.org/download/nginx-1.9.9.tar.gz[/url]
cd  /srv/salt/prod/php/files  &&wget [url=http://au1.php.net/get/php-5.6.16.tar.gz/from/this/mirror]http://au1.php.net/get/php-5.6.16.tar.gz/from/this/mirror[/url]

cd  /srv/salt/prod/pcre编写install.sls
include:
  - init.install

pcre-source-install:
  file.managed:
    - name: /usr/local/src/pcre-8.38.tar.gz
    - source: salt://pcre/files/pcre-8.38.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tar zxf pcre-8.38.tar.gz && cd pcre-8.38 && ./configure --prefix=/usr/local/pcre && make && make install
    - unless: test -d /usr/local/pcre
    - require:
      - file: pcre-source-install
     - pkg: pkg-init

创建源码安装依赖包
mkdir -p /srv/salt/prod/init
cd /srv/salt/prod/init 创建依赖包安装文件install.sls
pkg-init:
  pkg.installed:
    - names:
      - gcc
      - gcc-c++
      - glibc
      - make
      - autoconf
      - libjpeg-turbo
      - libjpeg-turbo-devel
      - libpng
      - libpng-devel
      - freetype
      - freetype-devel
      - libxml2
      - libxml2-devel
      - zlib
      - zlib-devel
      - libcurl
      - libcurl-devel
      - openssl
      - openssl-devel
      - swig
      - mysql
      - mysql-server
再修改pcre下的install文件,添加上面3行红色
先执行一台机器salt 'p2' state.sls pcre.install env=prod 安装pcre

cd /srv/salt/prod/nginx编写nginx的安装文件install.sls
include:
  - init.install
  - pcre.install

nginx-source-install:
  file.managed:
    - name: /usr/local/src/nginx-1.9.7.tar.gz
    - source: salt://nginx/files/nginx-1.9.7.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tar zxf nginx-1.9.7.tar.gz && cd nginx-1.9.7 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.38 && make && make install
    - unless: test -d /usr/local/nginx
    - require:
      - file: nginx-source-install
      - pkg: pkg-init
      - cmd: pcre-source-install

执行salt 'p2' state.sls nginx.install env=prod查看发现在p2机器上nginx已经安装

配置nginx,将nginx服务加入service服务中,编写nginx-init文件放在/srv/salt/prod/nginx/files中

#!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig:   - 85 15
# description:  Nginx is an HTTP(S) server, HTTP(S) reverse \
#               proxy and IMAP/POP3 proxy server
# processname: nginx
# config:      /etc/nginx/nginx.conf
# config:      /etc/sysconfig/nginx
# pidfile:     /var/run/nginx.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0

nginx="/usr/local/nginx/sbin/nginx"
prog=$(basename $nginx)

NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"

[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx

lockfile=/var/lock/subsys/nginx

make_dirs() {
   # make required directories
   user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -`
   if [ -z "`grep $user /etc/passwd`" ]; then
       useradd -M -s /bin/nologin $user
   fi
   options=`$nginx -V 2>&1 | grep 'configure arguments:'`
   for opt in $options; do
       if [ `echo $opt | grep '.*-temp-path'` ]; then
           value=`echo $opt | cut -d "=" -f 2`
           if [ ! -d "$value" ]; then
               # echo "creating" $value
               mkdir -p $value && chown -R $user $value
           fi
       fi
   done
}

start() {
    [ -x $nginx ] || exit 5
    [ -f $NGINX_CONF_FILE ] || exit 6
    make_dirs
    echo -n $"Starting $prog: "
    daemon $nginx -c $NGINX_CONF_FILE
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}

stop() {
    echo -n $"Stopping $prog: "
    killproc $prog -QUIT
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}

restart() {
    configtest || return $?
    stop
    sleep 1
    start
}

reload() {
    configtest || return $?
    echo -n $"Reloading $prog: "
    $nginx -s reload
    RETVAL=$?
    echo
}

force_reload() {
    restart
}

configtest() {
  $nginx -t -c $NGINX_CONF_FILE
}

rh_status() {
    status $prog
}

rh_status_q() {
    rh_status >/dev/null 2>&1
}

case "$1" in
    start)
        rh_status_q && exit 0
        $1
        ;;
    stop)
        rh_status_q || exit 0
        $1
        ;;
    restart|configtest)
        $1
        ;;
    reload)
        rh_status_q || exit 7
        $1
        ;;
    force-reload)
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
            ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
        exit 2
esac

在编写一个nginx.conf模版放在 /srv/salt/prod/nginx/files目录下
user  www;
worker_processes  16;
error_log  logs/error.log  error;
worker_rlimit_nofile 30000;
pid        logs/nginx.pid;

events {
        use epoll;
    worker_connections  65535;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile    on;
    tcp_nopush  on;
    underscores_in_headers on;
    keepalive_timeout  10;
        send_timeout 60;
        include /usr/local/nginx/vhost/*.conf;
        server {
                server_name 127.0.0.1;
                location /nginx_status {
                        stub_status on;
                        access_log off;
                        allow 127.0.0.1;
                        deny all;
                }
        }
}

cd /srv/salt/prod/nginx
重新编写nginx的安装文件install.sls添加成如下:
include:
  - init.install
  - pcre.install

nginx-source-install:
  file.managed:
    - name: /usr/local/src/nginx-1.9.7.tar.gz
    - source: salt://nginx/files/nginx-1.9.7.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tar xf nginx-1.9.7.tar.gz && cd nginx-1.9.7 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/usr/local/src/pcre-8.38  && make && make install
    - unless: test -d /usr/local/nginx
    - require:
      - file: nginx-source-install
      - pkg: pkg-init
      - cmd: pcre-source-install

nginx-init:
  file.managed:
    - name: /etc/init.d/nginx
    - source: salt://nginx/files/nginx-init
    - mode: 755
    - user: root
    - group: root
  cmd.run:
    - name: chkconfig --add nginx
    - unless: chkconfig --list|grep nginx
    - require:
      - file: nginx-init

/usr/local/nginx/conf/nginx.conf:
  file.managed:
    - source: salt://nginx/files/nginx.conf
    - user: root
    - group: root
    - mode: 644

nginx-sevice:
  file.directory:
    - name: /usr/local/nginx/conf/vhost
    - require:
      - cmd: nginx-source-install
  service.running:
    - name: nginx
    - enable: True
    - reload: True
    - require:
      - cmd: nginx-init
    - watch:
      - file: /usr/local/nginx/conf/nginx.conf

再执行salt 'p2' state.sls nginx.install env=prod
发现nginx已经加入系统服务并且已经启动
使用salt '*' saltutil.running管理job

安装PHP,编辑php安装文件/srv/salt/prod/php/install.sls
php-source-install:
  file.managed:
    - name: /usr/local/src/php-5.6.16.tar.gz
    - source: salt://php/files/php-5.6.16.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tar zxf php-5.6.16.tar.gz && cd php-5.6.16 &&  ./configure --prefix=/usr/local/php-fastcgi --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-mysql=mysqlnd --with-jpeg-dir --with-png-dir --with-zlib --enable-xml --with-libxml-dir --with-curl --enable-bcmath --enable-shmop --enable-sysvsem  --enable-inline-optimization --enable-mbregex --with-openssl --enable-mbstring --with-gd --enable-gd-native-ttf --with-freetype-dir=/usr/lib64 --with-gettext=/usr/lib64 --enable-sockets --with-xmlrpc --enable-zip --enable-soap --disable-debug --enable-opcache --enable-zip --with-config-file-path=/usr/local/php-fastcgi/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www && make && make install
    - require:
      - file: php-source-install
    - unless: test -d /usr/local/php-fastcgi

pdo-plugin:
  cmd.run:
    - name: cd /usr/local/src/php-5.6.16/ext/pdo_mysql/ && /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config &&  make && make install
    - unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/pdo_mysql.so
    - require:
      - cmd: php-source-install

执行salt 'p2' state.sls php.install env=prod  查看php已经安装

继续编写PHP配置文件,去源码包找配置文件,复制配置文件
cp /usr/local/src/php-5.6.16/php.ini-production  /srv/salt/prod/php/files/
cp /usr/local/src/php-5.6.16/sapi/fpm/init.d.php-fpm  /srv/salt/prod/php/files/
cp  /usr/local/php-fastcgi/etc/php-fpm.conf.default  /srv/salt/prod/php/files/

继续编写配置文件/srv/salt/prod/php/install.sls,编写php-fpm、php-ini相关

php-source-install:
  file.managed:
    - name: /usr/local/src/php-5.6.16.tar.gz
    - source: salt://php/files/php-5.6.16.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tar zxf php-5.6.16.tar.gz && cd php-5.6.16 &&  ./configure --prefix=/usr/local/php-fastcgi --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-mysql=mysqlnd --with-jpeg-dir --with-png-dir --with-zlib --enable-xml --with-libxml-dir --with-curl --enable-bcmath --enable-shmop --enable-sysvsem  --enable-inline-optimization --enable-mbregex --with-openssl --enable-mbstring --with-gd --enable-gd-native-ttf --with-freetype-dir=/usr/lib64 --with-gettext=/usr/lib64 --enable-sockets --with-xmlrpc --enable-zip --enable-soap --disable-debug --enable-opcache --enable-zip --with-config-file-path=/usr/local/php-fastcgi/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www && make && make install
    - require:
      - file: php-source-install
    - unless: test -d /usr/local/php-fastcgi

pdo-plugin:
  cmd.run:
    - name: cd /usr/local/src/php-5.6.16/ext/pdo_mysql/ && /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config &&  make && make install
    - unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/pdo_mysql.so
    - require:
      - cmd: php-source-install

php-ini:
  file.managed:
    - name: /usr/local/php-fastcgi/etc/php.ini
    - source: salt://php/files/php.ini-production
    - user: root
    - group: root
    - mode: 644

php-fpm:
  file.managed:
    - name: /usr/local/php-fastcgi/etc/php-fpm.conf
    - source: salt://php/files/php-fpm.conf.default
    - user: root
    - group: root
    - mode: 644

php-fastcgi-service:
  file.managed:
    - name: /etc/init.d/php-fpm
    - source: salt://php/files/init.d.php-fpm
    - user: root
    - group: root
    - mode: 755
  cmd.run:
   - name: chkconfig --add php-fpm
    - unless: chkconfig --list | grep php-fpm
    - require:
      - file: php-fastcgi-service
  service.running:
    - name: php-fpm
    - enable: True
    - require:
      - cmd: php-fastcgi-service
    - watch:
      - file: php-ini
      - file: php-fpm

执行salt 'p2' state.sls php.install env=prod  查看php-fpm已经启动

[AppleScript] 纯文本查看 复制代码
创建一个bbs论坛业务
mkdir -p /srv/salt/prod/bbs/files
调整php相关参数,修改/srv/salt/prod/php/files/php-fpm.conf.default
修改 listen = 127.0.0.1:9000 使用socket方式 listen = /usr/local/php-fastcgi/php-fpm.sock
打开监听用户、组
listen.owner = www
listen.group = www
listen.mode = 0660

创建一个nginx虚拟主机模版/srv/salt/prod/bbs/files/test.conf
server
{
    listen         80;
    server_name    [url=http://www.example.com]www.example.com[/url];
    root /usr/local/nginx/html;
    index index.htm index.html index.php;
    location ~ \.php$
    {
                fastcgi_pass unix:/usr/local/php-fastcgi/php-fpm.sock;
                fastcgi_index index.php;
                include fastcgi.conf;
    } 
}

编写bbs安装文件/srv/salt/prod/bbs/web.sls

include:
  - nginx.install
  - php.install

web-bbs:
  file.managed:
    - name: /usr/local/nginx/conf/vhost/test.conf
    - source: salt://bbs/files/test.conf
    - user: root
    - group: root
    - mode: 644
    - require:
      - service: php-fastcgi-service
      - service: nginx-service
    - watch_in:
      - service: nginx-service

再将其加入到topfile中,在 /srv/salt/top.sls添加
prod:
  'p2':
    - bbs.web

执行salt 'p2' state.highstate,加入本机hosts访问[url=http://www.example.com]www.example.com[/url]






本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?立即注册

x

QQ|小黑屋|手机版|Archiver|追梦Linux ( 粤ICP备14096197号  点击这里给我发消息

GMT+8, 2018-12-16 23:58 , Processed in 0.352038 second(s), 33 queries .

Powered by 追梦Linux! X3.3 Licensed

© 2015-2017 追梦Linux!.

快速回复 返回顶部 返回列表