上一篇其实对通过saltstack部署nginx做了演示,但是可能与我目前的环境还是有点出入,然后sls的结构也不太清晰,所以就又做了改变和优化,叫做进阶可能有点噱头了,不过还是记录如下:
nginx安装目标:
1)安装必要依赖
2)准备pcre安装包
2)源码安装pcre
3)准备nginx安装包
4)源码安装nginx
nginx配置:
1)拷贝nginx.conf配置文件
2)拷贝启停脚本
3)添加系统服务并设置开机启动
4)拷贝日志切割脚本
5)添加定时任务
salt master上的目录结构如下:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
[root@salt-master base]
# tree /srv/salt/base/
/srv/salt/base/
├──
cron
│ ├── files
│ │ └── nginx_cut_log.sh
│ └── nginx.sls
├── nginx
│ ├── files
│ │ ├── nginx
│ │ ├── nginx-1.6.3.
tar
.gz
│ │ └── nginx.conf
│ ├──
install
.sls
│ └── service.sls
├── packages
│ └──
install
.sls
├── pcre
│ ├── files
│ │ └── pcre-8.37.
tar
.gz
│ └──
install
.sls
└── user
└── nginx.sls
8 directories, 11 files
|
安装必要软件包:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
[root@salt-master base]
# cat packages/install.sls
yum_pcre_packages:
pkg.installed:
- names:
- gcc
- gcc-c++
- autoconf
- automake
- zlib
- zlib-devel
-
make
- openssl
- openssl-devel
- libpng
- libpng-devel
- freetype
- freetype-devel
- libxml2
- libxml2-devel
- glibc
- glibc-devel
- glib2
- glib-devel
-
bzip2
-
bzip2
-devel
- ncurses
- ncurses-devel
- curl
- cmake
|
编译安装pcre:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
[root@salt-master base]
# cat pcre/install.sls
include:
- packages.
install
pcre-
source
-
install
:
file
.managed:
-
source
: salt:
//pcre/files/pcre-8
.37.
tar
.gz
- name:
/opt/tools/pcre-8
.37.
tar
.gz
- user: root
- group: root
- mode: 755
- makedirs: True
- dir_mode: 644
cmd.run:
- name:
cd
/opt/tools/
&&
tar
-zxf pcre-8.37.
tar
.gz &&
cd
pcre-8.37 && .
/configure
--prefix=
/usr/local/pcre
&&
make
&&
make
install
- unless:
test
-d
/usr/local/pcre
- require:
-
file
: pcre-
source
-
install
|
创建nginx用户和组:
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@salt-master base]
# cat user/nginx.sls
nginx-user-group:
group.present:
- name: nginx
- gid: 601
user.present:
- name: nginx
- fullname: nginx
- shell:
/sbin/nologin
- uid: 601
- gid: 601
|
编译安装nginx:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
[root@salt-master base]
# cat nginx/install.sls
include:
- pcre.
install
- user.nginx
nginx-
source
-
install
:
file
.managed:
-
source
: salt:
//nginx/files/nginx-1
.6.3.
tar
.gz
- name:
/opt/tools/nginx-1
.6.3.
tar
.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name:
cd
/opt/tools/
&&
tar
-zxf nginx-1.6.3.
tar
.gz &&
mkdir
-p
/usr/local/nginx/tmp/
{client,proxy,fcgi} &&
cd
nginx-1.6.3 && .
/configure
--prefix=
/usr/local/nginx
--user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --http-client-body-temp-path=
/usr/local/nginx/tmp/client/
--http-proxy-temp-path=
/usr/local/nginx/tmp/proxy/
--http-fastcgi-temp-path=
/usr/local/nginx/tmp/fcgi/
--with-poll_module --with-
file
-aio --with-http_realip_module --with-http_addition_module --with-http_addition_module --with-http_random_index_module --with-http_stub_status_module --http-uwsgi-temp-path=
/usr/local/nginx/uwsgi_temp
--http-scgi-temp-path=
/usr/local/nginx/scgi_temp
--with-pcre=
/opt/tools/pcre-8
.37 &&
make
&&
make
install
&&
chown
-R nginx:nginx
/usr/local/nginx/
- unless:
test
-e
/usr/local/nginx/sbin/nginx
- require:
-
file
: nginx-
source
-
install
- cmd: pcre-
source
-
install
|
添加定时任务:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
[root@salt-master base]
# cat cron/nginx.sls
/opt/tools/scripts/
:
file
.directory:
- user: root
- group: root
- mode: 644
- makedirs: True
nginx-crond-job:
file
.managed:
- name:
/opt/tools/scripts/nginx_cut_log
.sh
-
source
: salt:
//cron/files/nginx_cut_log
.sh
- user: root
- group: root
- mode: 755
/bin/bash
/opt/tools/scripts/nginx_cut_log
.sh >
/dev/null
2>&1:
cron
.present:
- identifier: SUPERCRON
- user: root
- minute: 0
- hour: 0
|
启动nginx并设置开机启动:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
[root@salt-master base]
# cat nginx/service.sls
include:
- nginx.
install
-
cron
.nginx
nginx-init:
file
.managed:
- name:
/etc/init
.d
/nginx
-
source
: salt:
//nginx/files/nginx
- user: root
- group: root
- mode: 755
cmd.run:
- name: chkconfig --add nginx
- unless: chkconfig --list|
grep
nginx
- require:
-
file
: nginx-init
/usr/local/nginx/conf/nginx
.conf:
file
.managed:
-
source
: salt:
//nginx/files/nginx
.conf
- user: nginx
- group: nginx
- mode: 644
nginx-service:
file
.directory:
- name:
/usr/local/nginx/conf
.d
- require:
- cmd: nginx-
source
-
install
service.running:
- name: nginx
-
enable
: True
- reload: True
- require:
- cmd: nginx-init
-
watch
:
-
file
:
/usr/local/nginx/conf/nginx
.conf
|
部署命令:[root@salt-master base]# salt 'salt-minion02.contoso.com' state.sls nginx.service
部署结果:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
[root@salt-minion02 logs]
# ll /usr/local/pcre/
total 16
drwxr-xr-x 2 root root 4096 Jun 8 10:29 bin
drwxr-xr-x 2 root root 4096 Jun 8 10:29 include
drwxr-xr-x 3 root root 4096 Jun 8 10:29 lib
drwxr-xr-x 4 root root 4096 Jun 8 10:29 share
[root@salt-minion02 logs]
# id nginx
uid=601(nginx) gid=601(nginx)
groups
=601(nginx)
[root@salt-minion02 logs]
# ll /usr/local/nginx/
total 32
drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 conf
drwxr-xr-x 2 root root 4096 Jun 8 10:30 conf.d
drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 html
drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 logs
drwxr-xr-x 2 nginx nginx 4096 Jun 8 10:30 sbin
drwx------ 2 nginx root 4096 Jun 8 10:30 scgi_temp
drwxr-xr-x 5 nginx nginx 4096 Jun 8 10:29 tmp
drwx------ 2 nginx root 4096 Jun 8 10:30 uwsgi_temp
[root@salt-minion02 logs]
# /usr/local/nginx/sbin/nginx -V
nginx version: nginx
/1
.6.3
built by gcc 4.4.7 20120313 (Red Hat 4.4.7-17) (GCC)
TLS SNI support enabled
configure arguments: --prefix=
/usr/local/nginx
--user=nginx --group=nginx --with-http_ssl_module --with-http_gzip_static_module --http-client-body-temp-path=
/usr/local/nginx/tmp/client/
--http-proxy-temp-path=
/usr/local/nginx/tmp/proxy/
--http-fastcgi-temp-path=
/usr/local/nginx/tmp/fcgi/
--with-poll_module --with-
file
-aio --with-http_realip_module --with-http_addition_module --with-http_addition_module --with-http_random_index_module --with-http_stub_status_module --http-uwsgi-temp-path=
/usr/local/nginx/uwsgi_temp
--http-scgi-temp-path=
/usr/local/nginx/scgi_temp
--with-pcre=
/opt/tools/pcre-8
.37
[root@salt-minion02 logs]
# /etc/init.d/nginx status
nginx (pid 11422 11421 11420 11419 11416) is running...
[root@salt-minion02 logs]
# chkconfig --list|grep nginx
nginx 0:off1:off2:on3:on4:on5:on6:off
[root@salt-minion02 logs]
# crontab -l
0 * * * *
/usr/sbin/ntpdate
210.72.145.44 64.147.116.229
time
.nist.gov >
/dev/null
2>&1
# Lines below here are managed by Salt, do not edit
# SALT_CRON_IDENTIFIER:SUPERCRON
0 0 * * *
/bin/bash
/opt/tools/scripts/nginx_cut_log
.sh >
/dev/null
2>&1
[root@salt-minion02 logs]
# ll /opt/tools/scripts/nginx_cut_log.sh
-rwxr-xr-x 1 root root 1100 Jun 8 10:30
/opt/tools/scripts/nginx_cut_log
.sh
|
本文转自 jerry1111111 51CTO博客,原文链接:http://blog.51cto.com/jerry12356/1933367,如需转载请自行联系原作者
