自动化运维Saltstack系列(七)之配置管理业务模块
业务模块业务模块要尽量和系统模块区分开,系统模块要做到随时能被业务模块所调用;特别是在多种业务模式共存的环境中,我们要使每个业务模块独立一个prod环境,方便统一管理而不影响其他业务。
PHP模块
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# vim install.sls
include:
- modules.pkg.make-pkg
- modules.user.www
pkg-php:
pkg.installed:
- names:
- swig
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- freetype
- freetype-devel
- libxml2
- libxml2-devel
- zlib
- zlib-devel
- libcurl
- libcurl-devel
php-source-install:
file.managed:
- name: /usr/local/src/php-5.6.9.tar.gz
- source: salt://modules/php/files/php-5.6.9.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf php-5.6.9.tar.gz && cd php-5.6.9&&./configure --prefix=/usr/local/php-fastcgi --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-mysql=mysqlnd --with-jpeg-dir --with-png-dir --with-zlib --enable-xml--with-libxml-dir --with-curl --enable-bcmath --enable-shmop --enable-sysvsem--enable-inline-optimization --enable-mbregex --with-openssl --enable-mbstring --with-gd --enable-gd-native-ttf --with-freetype-dir=/usr/lib64 --with-gettext=/usr/lib64 --enable-sockets --with-xmlrpc --enable-zip --enable-soap --disable-debug --enable-opcache --enable-zip --with-config-file-path=/usr/local/php-fastcgi/etc --enable-fpm --with-fpm-user=www --with-fpm-group=www && make && make install
- require:
- file: php-source-install
- user: www-user-group
- unless: test -d /usr/local/php-fastcgi
pdo-plugin:
cmd.run:
- name: cd /usr/local/src/php-5.6.9/ext/pdo_mysql/ && /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config &&make&& make install
- unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/pdo_mysql.so
- require:
- cmd: php-source-install
php-ini:
file.managed:
- name: /usr/local/php-fastcgi/etc/php.ini
- source: salt://modules/php/files/php.ini-production
- user: root
- group: root
- mode: 644
php-fpm:
file.managed:
- name: /usr/local/php-fastcgi/etc/php-fpm.conf
- source: salt://modules/php/files/php-fpm.conf
- user: root
- group: root
- mode: 644
php-fastcgi-service:
file.managed:
- name: /etc/init.d/php-fpm
- source: salt://modules/php/files/init.d.php-fpm
- user: root
- group: root
- mode: 755
cmd.run:
- name: chkconfig --add php-fpm
- unless: chkconfig --list | grep php-fpm
- require:
- file: php-fastcgi-service
service.running:
- name: php-fpm
- enable: True
- require:
- cmd: php-fastcgi-service
- watch:
- file: php-ini
- file: php-fpm
安装memcache模块
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# vim php-memcache.sls
memcache-plugin:
file.managed:
- name: /usr/local/src/memcache-2.2.7.tgz
- source: salt://modules/php/files/memcache-2.2.7.tgz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf memcache-2.2.7.tgz && cd memcache-2.2.7&& /usr/local/php-fastcgi/bin/phpize && ./configure --enable-memcache --with-php-config=/usr/local/php-fastcgi/bin/php-config &&make&& make install
- unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/memcache.so
require:
- file: memcache-plugin
- cmd: php-install
/usr/local/php-fastcgi/etc/php.ini:
file.append:
- text:
- extension=memcache.so
安装redis模块
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# vim php-redis.sls
redis-plugin:
file.managed:
- name: /usr/local/src/phpredis-2.2.7.tgz
- source: salt://modules/php/files/phpredis-2.2.7.tgz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf phpredis-2.2.7.tgz && cd phpredis-2.2.7&& /usr/local/php-fastcgi/bin/phpize && ./configure --with-php-config=/usr/local/php-fastcgi/bin/php-config &&make&& make install
- unless: test -f /usr/local/php-fastcgi/lib/php/extensions/*/redis.so
require:
- file: redis-plugin
- cmd: php-install
/usr/local/php-fastcgi/etc/php.ini:
file.append:
- text:
- extension=redis.so
业务模块
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# vim haproxy-outside.sls
include:
- modules.haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy-outside.cfg
- user: root
- group: root
- mode: 644
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-install
- watch:
- file: haproxy-service
对外业务keepalived
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# vim haproxy-outside-keepalived.sls
include:
- modules.keepalived.install
keepalived-server:
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://cluster/files/haproxy-outside-keepalived.conf
- mode: 644
- user: root
- group: root
- template: jinja
{% if grains['fqdn'] == 'saltstack-node1.lichengbing.com' %}
- ROUTEID: haproxy_ha
- STATEID: MASTER
- PRIORITYID: 150
{% elif grains['fqdn'] == 'saltstack-node2.lichengbing.com' %}
- ROUTEID: haproxy_ha
- STATEID: BACKUP
- PRIORITYID: 100
{% endif %}
service.running:
- name: keepalived
- enable: True
- watch:
- file: keepalived-server
web管理
1
2
3
4
5
6
7
8
9
10
11
# vim memcached.sls
include:
- modules.memcached.install
- modules.user.www
memcached-service:
cmd.run:
- name: /usr/local/memcached/bin/memcached -d -m 128 -p 11211 -c 8096 -u www
- unless: netstat -ntlp | grep 11211
- require:
- cmd: memcached-source-install
- user: www-user-group
web-bbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# vim web.sls
include:
- modules.php.install
- modules.php.php-memcache
- modules.nginx.service
web-bbs:
file.managed:
- name: /usr/local/nginx/conf/vhost_online/bbs.conf
- source: salt://bbs/files/nginx-bbs.conf
- user: root
- group: root
- mode: 644
- require:
- service: php-fastcgi-service
- watch_in:
- service: nginx-service
Pillar环境配置
1
2
3
4
5
6
7
# tree pillar/
pillar/
├── base
│ ├── top.sls
│ └── zabbix
│ └── agent.sls
└── prod
zabbix-server地址自定义
1
2
3
4
5
6
# vim agent.sls
Zabbix_Server: 172.16.2.150
# vim top.sls
base:
'*':
- zabbix.agent
最后就是我们需要编写top.sls文件了
top.sls是Saltstack的高级状态执行的入口文件参照
1
2
3
4
5
6
7
8
9
10
11
# vim top.sls
base:
'*':
- init.init
prod:
'*':
- cluster.haproxy-outside
- cluster.haproxy-outside-keepalived
- bbs.web
'saltstack-node2*':
- bbs.memcached
页:
[1]