本文以web服务器为例介绍salt服务的部署。把不同的服务组织成不同的角色,然后将角色应用到不同的节点上。通过角色的划分能够清晰的对不同的服务模块进行组织,所有角色的配置放到/srv/salt/roles下,角色用到的相关变量放到/srv/pillar/roles和/srv/pillar/nodes下,其中/srv/pillar/nodes下放置与具体节点相关的变量。
角色与配置文件
/srv/salt/roles/web.sls配置如下,包括nginx模块、rsync模块、limits模块和nfs.client:
1
2
3
4
5
| include:
- nginx
- rsync
- limits
- nfs.client
|
变量/srv/pillar/roles/web.sls如下,没有单独应用到节点的变量:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| hostgroup: web
vhostsdir: /data1/vhosts
vhostscachedir: /data1/cache
logdir: /data1/logs
vhosts:
- www.mall.com
- static.mall.com
limit_users:
nginx:
limit_hard: 65535
limit_soft: 65535
limit_type: nofile
mounts:
/data1/vhosts/static.mall.com/htdocs:
device: 172.16.100.71:/data1/share
fstype: nfs
mkmnt: True
opts: async,noatime,noexec,nosuid,soft,timeo=3,retrans=3,intr,retry=3,rsize=16384,wsize=16384
|
Nginx+PHP配置
管理模块:/srv/salt/nginx/
nginx配置文件:/srv/salt/nginx/files/etc/nginx/,其中包括主配置文件、虚拟主机配置文件、和环境变量配置文件。
php配置文件:主配置文件:/srv/salt/nginx/files/etc/php.ini 模块配置文件:/srv/salt/nginx/files/etc/php.d/
php-fpm配置文件:主配置文件:/srv/salt/nginx/files/etc/php-fpm.conf 其他配置文件:/srv/salt/nginx/files/etc/php-fpm.d/
角色配置:/srv/pillar/roles/web.sls
详细说明
/srv/salt/nginx/init.sls用于组织整个nginx模块:
1
2
3
4
| include:
- nginx.server
- nginx.php
- nginx.monitor
|
/srv/salt/nginx/server.sls用于配置nginx服务:
定义nginx相关配置,主要包括安装nginx软件包配置相关配置文件,并启动nginx服务。
创建日志目录、代码发布目录、代码缓存目录。并配置服务角色,角色也用于对服务的监控,详见后文自动化监控。
/srv/salt/nginx/php.sls用于配置php服务:
定义php相关配置,主要包括安装php软件包配置相关配置文件,启动php-fpm服务,并配置服务角色。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
| php-fpm:
pkg:
- name: php-fpm
- pkgs:
- php-fpm
- php-common
- php-cli
- php-devel
- php-pecl-memcache
- php-pecl-memcached
- php-gd
- php-pear
- php-mbstring
- php-mysql
- php-xml
- php-bcmath
- php-pdo
- installed
service:
- running
- require:
- pkg: php-fpm
- watch:
- pkg: php-fpm
- file: /etc/php.ini
- file: /etc/php.d/
- file: /etc/php-fpm.conf
- file: /etc/php-fpm.d/
/etc/php.ini:
file.managed:
- source: salt://nginx/files/etc/php.ini
- user: root
- group: root
- mode: 644
/etc/php.d/:
file.recurse:
- source: salt://nginx/files/etc/php.d/
- user: root
- group: root
- dir_mode: 755
- file_mode: 644
/etc/php-fpm.conf:
file.managed:
- source: salt://nginx/files/etc/php-fpm.conf
- user: root
- group: root
- mode: 644
/etc/php-fpm.d/:
file.recurse:
- source: salt://nginx/files/etc/php-fpm.d/
- user: root
- group: root
- dir_mode: 755
- file_mode: 644
php-fpm-role:
file.append:
- name: /etc/salt/roles
- text:
- 'php-fpm'
- require:
- file: roles
- service: php-fpm
- service: salt-minion
- watch_in:
- module: sync_grains
|
/srv/salt/nginx/monitor.sls用于配置对服务的监控:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
| include:
- zabbix.agent
- nginx
nginx-monitor:
pkg.installed:
- name: perl-libwww-perl
php-fpm-monitor-script:
file.managed:
- name: /etc/zabbix/ExternalScripts/php-fpm_status.pl
- source: salt://nginx/files/etc/zabbix/ExternalScripts/php-fpm_status.pl
- user: root
- group: root
- mode: 755
- require:
- service: php-fpm
- pkg: nginx-monitor
- cmd: php-fpm-monitor-script
cmd.run:
- name: mkdir -p /etc/zabbix/ExternalScripts
- unless: test -d /etc/zabbix/ExternalScripts
php-fpm-monitor-config:
file.managed:
- name: /etc/zabbix/zabbix_agentd.conf.d/php_fpm.conf
- source: salt://nginx/files/etc/zabbix/zabbix_agentd.conf.d/php_fpm.conf
- require:
- file: php-fpm-monitor-script
- service: php-fpm
- watch_in:
- service: zabbix-agent
nginx-monitor-config:
file.managed:
- name: /etc/zabbix/zabbix_agentd.conf.d/nginx.conf
- source: salt://nginx/files/etc/zabbix/zabbix_agentd.conf.d/nginx.conf
- template: jinja
- require:
- service: nginx
- watch_in:
- service: zabbix-agent
|
其他角色的部署跟web相似,不一一列出。