Saltstack安装LAMP

自动化运维工具Saltstack

Saltstack是一个新的基础设施管理工具。saltstack的两大功能：远程执行和配置管理。

Saltstack使用Python开发，是一个非常简单易用和轻量级的管理工具。由Master和Minion构成，通过ZeroMQ进行通信。

Saltstack的master端监听4505与4506端口，4505为salt的消息发布系统，4506为salt客户端与服务端通信的端口；salt客户端程序不监听端口，客户端启动后，会主动连接master端注册，然后一直保持该TCP连接，master通过这条TCP连接对客户端控制，如果连接断开，master对客户端就无能为力了。

安装

官方文档 ： http://docs.saltstack.cn/topics/installation/rhel.html

测试环境

master 主机：server1 IP：172.25.21.1
minion 主机：server2 IP：172.25.21.2

master端

配置yum源

vim /etc/yum.repos.d/salt.repo [salt-latest]name=SaltStack Latest Release Channel for RHEL/Centos $releaseverbaseurl=https://repo.saltstack.com/yum/redhat/6.5/x86_64/2016.11/enabled=1gpgchec=0    

yum clean allyum repolistyum install -y salt-master   #安装master端程序

scp /etc/yum.repos.d/salt.repo server2:/etc/yum.repos.d/    #发送yum源到server2

minion端

yum clean allyum repolistyum install -y salt-minion   #安装minion端程序

安装过程中的报错

1.

Error: Package: yum-utils-1.1.30-30.el6.noarch (saltstack-repo)           Requires: yum >= 3.2.29-56           Installed: yum-3.2.29-40.el6.noarch (@anaconda-RedHatEnterpriseLinux-201311111358.x86_64/6.5)               yum = 3.2.29-40.el6 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest

提示yum版本过低，下载大于3.2.29-56版本的yum即可

yum install -y yum-3.2.29-69.el6.centos.noarch.rpm

2.

Downloading Packages:warning: rpmts_HdrFromFdno: Header V4 RSA/SHA1 Signature, key ID de57bfbe: NOKEYPublic key for python-futures-3.0.3-1.el6.noarch.rpm is not installed

安装minion时的报错
执行时加上”–nogpgcheck”参数

yum install salt-minion -y --nogpgcheck

配置

minion端更改配置文件

vim /etc/salt/minionmaster: server1    #需要解析，在/etc/hosts中添加

master端

/etc/init.d/salt-master start   #启动

minion端

/etc/init.d/salt-minion start   #启动netstat -antlp    #查看端口Active Internet connections (servers and established)Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      894/sshd            tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      970/master          tcp        0      0 172.25.21.2:22              172.25.21.250:59317         ESTABLISHED 1359/sshd           tcp        0      0 172.25.21.2:45653           172.25.21.1:4506            ESTABLISHED 2102/python2.6      tcp        0      0 :::22                       :::*                        LISTEN      894/sshd            tcp        0      0 ::1:25                      :::*                        LISTEN      970/master          

master端

[root@server1 ~]# salt-key -LAccepted Keys:Denied Keys:Unaccepted Keys:server2Rejected Keys:[root@server1 ~]# salt-key -AThe following keys are going to be accepted:Unaccepted Keys:server2Proceed? [n/Y] yKey for minion server2 accepted.[root@server1 ~]# salt-key -LAccepted Keys:server2Denied Keys:Unaccepted Keys:Rejected Keys:

minion端

netstat -antlp    #查看端口Active Internet connections (servers and established)Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      894/sshd            tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      970/master          tcp        0      0 172.25.21.2:57201           172.25.21.1:4505            ESTABLISHED 2102/python2.6      tcp        0      0 172.25.21.2:22              172.25.21.250:59317         ESTABLISHED 1359/sshd           tcp        0      0 :::22                       :::*                        LISTEN      894/sshd            tcp        0      0 ::1:25                      :::*                        LISTEN      970/master 

SaltStack自动部署LAMP

安装apache

master端

vim /etc/salt/master   更改配置文件file_roots:  base:    - /srv/salt

mkdir /srv/salt   #创建目录cd /srv/salt    mkdir apachecd apache/mkdir filescd files/wget http://mirror.bit.edu.cn/apache/httpd/httpd-2.2.34.tar.bz2    #下载apache源码包

在/srv/salt/apache下创建脚本

vim install.sls   #配置安装脚本include:  - pkg.depends  - useradd.wwwapache-install:  file.managed:    - name: /mnt/httpd-2.2.34.tar.bz2    - source: salt://apache/files/httpd-2.2.34.tar.bz2  cmd.run:    - name: cd /mnt && tar jxf httpd-2.2.34.tar.bz2 && cd httpd-2.2.34 && ./configure --prefix=/usr/local/apache --with-included-apr --enable-so --enable-deflate=shared --enable-expires=shared --enable-rewrite=shared --enable-static-support --disable-userdir && make && make install    - creates: /usr/local/apache/usr/local/apache/conf/httpd.conf:  file.managed:    - source: salt://apache/files/httpd.conf/etc/init.d/httpd:  file.managed:    - source: salt://apache/files/httpd    - mode: 755

vim start.sls   #配置启动脚本include:  - apache.installapache-start:  service.running:    - name: apachectl    - enable: true    - reload: true    - watch:      - file: /usr/local/apache/conf/httpd.conf      - file: /var/www/virthost/index.html

在/srv/salt/pkg下配置安装依赖包脚本

vim install.slsinstall:  pkg.installed:    - pkgs:      - gcc      - pcre-devel      - openssl-devel      - zlib-devel

在/srv/salt/useradd下配置添加用户脚本

www:  group.present:    - gid: 800  user.present:    - uid: 800    - gid: 800    - shell: /sbin/nologin    - home: /usr/local/apache    - createhome: false

在/srv/salt/下添加top.sls脚本

vim top.slsbase:  'server2':    - apache.start

salt 'server2' state.highstate    #安装top中的内容，当前为安装apache

files下的文件

httpd #启动脚本
httpd.conf #配置文件
httpd-2.2.34.tar.bz2 #源码包

启动脚本为源码包解压后httpd-2.2.34/build/rpm/httpd.init

其中启动脚本下面需要修改

httpd=${HTTPD-/usr/sbin/httpd}pidfile=${PIDFILE-/var/log/httpd/${prog}.pid}lockfile=${LOCKFILE-/var/lock/subsys/${prog}}

修改为

httpd=${HTTPD-/usr/local/apache/bin/httpd}pidfile=${PIDFILE-/usr/local/apache/logs/${prog}.pid}lockfile=${LOCKFILE-/var/lock/subsys/${prog}}

mysql安装

在/srv/salt/useradd下添加创建用户脚本

vim mysql.slsmysql:  group.present:    - gid: 900  user.present:    - uid: 900    - gid: 900    - shell: /sbin/nologin    - home: /usr/local/mysql    - createhome: false

在/srv/salt/pkg下添加安装mysql依赖包脚本

vim mysql.sls   #安装mysql依赖包depends-mysql:  pkg.installe:    - pkgs:      - gcc-c++      - pcre-devel      - openssl-devel      - zlib-devel      - ncurses      - ncurses-devel      - bison

在/srv/salt/mysql下创建脚本

mkdir /srv/salt/mysqlcd /srv/salt/mysql

vim install.sls    #安装mysql脚本include:  - pkg.mysql  - useradd.mysqlcmake-install:  file.managed:    - name: /mnt/cmake-2.8.12.2-4.el6.x86_64.rpm    - source: salt://mysql/files/cmake-2.8.12.2-4.el6.x86_64.rpm  cmd.run:    - name: cd /mnt && yum install -y cmake-2.8.12.2-4.el6.x86_64.rpmmysql-install:  file.managed:    - name: /mnt/mysql-boost-5.7.17.tar.gz    - source: salt://mysql/files/mysql-boost-5.7.17.tar.gz  cmd.run:    - name: cd /mnt && tar -zxf mysql-boost-5.7.17.tar.gz && cd mysql-5.7.17 && cp -r boost/boost_1_59_0 /usr/local && rm -rf CMakeCache.txt && cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DMYSQL_DATADIR=/usr/local/mysql/data -DWITH_BOOST=/usr/local/boost_1_59_0/ -DSYSCONFDIR=/etc -DEFAULT_CHARSET=utf8mb4 -DDEFAULT_COLLATION=utf8mb4_general_ci -DENABLED_LOCAL_INFILE=1 -DEXTRA_CHARSETS=all && make  && make install    - creates: /usr/local/mysql

创建初始化脚本

vim initialize.slsinclude:  - mysql.installmysql-initialize:  cmd.run:    - name: chown -R mysql:mysql /usr/local/mysql && sed -i.bak '\/datadir=\/var\/lib\/mysql/i\character_set_server=gbk' /etc/my.cnf && sed -i.bak 'N;2idefault-character-set=gbk' /etc/my.cnf && sed -i.bak 'N;2i[client]' /etc/my.cnf && cd /usr/local/mysql/&& sed -i.bak 's/socket=\/var\/lib\/mysql\/mysql.sock/socket=\/tmp\/mysql.sock/g' /etc/my.cnf && ./bin/mysqld --initialize --user=mysql --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data && cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld && ln -s /usr/local/mysql/bin/mysql /usr/local/bin/mysql && chkconfig --add mysqld    - creates: /usr/local/mysql/data/mysql

创建启动脚本

vim start.sls include:  - mysql.initializemysql-start:  service.running:    - name: mysqld    - enable: True    - reload: true    - require:      - file: /etc/init.d/mysqld    - watch:      - file: /etc/my.cnf

files下的文件

下载mysql-boost-5.7.17.tar.gz 和 cmake-2.8.12.2-4.el6.x86_64.rpm到/srv/saltmysql/files/目录下

更改top.sls

vim top.slsbase:  'server2':    - apache.start    - mysql.start

安装php

创建php安装依赖包脚本

vim pkg/php.slsdepends-php:  pkg.installed:    - pkgs:      - gcc      - pcre-devel      - openssl-devel      - zlib-devel      - libxml2-devel.x86_64      - openssl-devel.x86_64      - bzip2-devel.x86_64      - t1lib.x86_64      - libjpeg-turbo-devel.x86_64      - libpng-devel.x86_64      - freetype-devel.x86_64

在/srv/salt/php下创建脚本

mkdir /srv/salt/phpcd /srv/salt/php

vim install.sls    #安装脚本libmcrypt_pkg:  file.managed:    - name: /mnt/libmcrypt-2.5.7-5.el6.art.x86_64.rpm    - source: salt://php/files/libmcrypt-2.5.7-5.el6.art.x86_64.rpmlibmcrypt-devel_pkg:  file.managed:    - name: /mnt/libmcrypt-devel-2.5.7-5.el6.art.x86_64.rpm    - source: salt://php/files/libmcrypt-devel-2.5.7-5.el6.art.x86_64.rpminclude:  - pkg.phpphp-install:  file.managed:    - name: /mnt/php-5.6.31.tar.bz2    - source: salt://php/files/php-5.6.31.tar.bz2  cmd.run:    - name: cd /mnt && yum install -y libmcrypt-* && tar xjf php-5.6.31.tar.bz2 && cd php-5.6.31 && ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs --with-config-file-path=/usr/local/php/etc --with-mysql=/usr/local/mysql --with-libxml-dir --with-gd --with-jpeg-dir --with-png-dir --with-freetype-dir --with-iconv-dir --with-zlib-dir --with-bz2 --with-openssl --with-mcrypt --enable-soap --enable-gd-native-ttf --enable-ftp --enable-mbstring --enable-sockets --enable-exif --disable-ipv6 && make -j2 && make install    - creates: /usr/local/php/usr/local/php/etc:  file.directory:    - mode: 755/usr/local/php/etc/php.ini:  file.managed:    - source: salt://php/files/php.ini

files下的文件

php-5.6.31.tar.bz2libmcrypt-2.5.7-5.el6.art.x86_64.rpmlibmcrypt-devel-2.5.7-5.el6.art.x86_64.rpmphp.ini    #配置文件  

更改top.sls

vim top.slsbase:  'server2':    - apache.start    - mysql.start    - php.install

salt 'server2' state.highstate   #自动化安装

可以完整地推送到一台minion机器上