- Saltstack 部署Zabbix监控服务
- 一、Zabbix项目框架
- 二、编写部署httpd状态文件
- 三、Mysql服务安装状态文件
- 四、php服务的状态文件
- 五、编写项目配置
下面为完整框架
[root@master ~]# tree /srv/
/srv/
├── pillar
│ └── base
│ ├── apache.sls
│ └── top.sls
└── salt
├── base
│ └── lamp
│ ├── files
│ │ ├── httpd.conf
│ │ └── index.php
│ └── install.sls
├── dev
├── prod
│ ├── modules
│ │ ├── application
│ │ │ └── php
│ │ │ ├── files
│ │ │ │ ├── init.d.php-fpm
│ │ │ │ ├── install.sh
│ │ │ │ ├── oniguruma-devel-6.8.2-2.el8.x86_64.rpm
│ │ │ │ ├── php-7.4.24.tar.xz
│ │ │ │ ├── php-fpm.conf.default
│ │ │ │ ├── php-fpm.service
│ │ │ │ └── www.conf.default
│ │ │ └── install.sls
│ │ ├── database
│ │ │ └── mysql
│ │ │ ├── files
│ │ │ │ ├── my.cnf
│ │ │ │ ├── mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
│ │ │ │ ├── mysqld.service
│ │ │ │ ├── mysqld.sh
│ │ │ │ └── mysql.server
│ │ │ └── install.sls
│ │ └── web
│ │ └── apache
│ │ ├── files
│ │ │ ├── apr-1.7.0.tar.gz
│ │ │ ├── apr-util-1.6.1.tar.gz
│ │ │ ├── httpd-2.4.48.tar.gz
│ │ │ ├── httpd.conf
│ │ │ ├── httpd.service
│ │ │ └── install.sh
│ │ └── install.sls
│ └── zabbix
│ ├── apache.sls
│ ├── files
│ │ ├── index.php
│ │ ├── my.cnf
│ │ ├── mysql.conf
│ │ ├── php.ini
│ │ ├── vhosts.conf
│ │ ├── zabbix-5.4.4.tar.gz
│ │ ├── zabbix_server.conf
│ │ └── zabbix.sh
│ ├── main.sls
│ ├── mysql.sls
│ └── zabbix.sls
└── test
21 directories, 38 files
二、编写部署httpd状态文件
编写apache服务安装的状态文件
[root@master apache]# pwd
/srv/salt/prod/modules/web/apache
[root@master apache]# cat install.sls
"Development Tools":
pkg.group_installed
httpd-dep-pakcgae:
pkg.installed:
- pkgs:
- openssl-devel
- pcre-devel
- expat-devel
- libtool
- gcc
- gcc-c++
- make
create-user-apache:
user.present:
- name: apache
- createhome: false
- system: true
- shell: /sbin/nologin
copy-software-apache-pkg:
file.managed:
- names:
- /usr/src/apr-1.7.0.tar.gz:
- source: salt://modules/web/apache/files/apr-1.7.0.tar.gz
- /usr/src/apr-util-1.6.1.tar.gz:
- source: salt://modules/web/apache/files/apr-util-1.6.1.tar.gz
- /usr/src/httpd-2.4.48.tar.gz:
- source: salt://modules/web/apache/files/httpd-2.4.48.tar.gz
salt://modules/web/apache/files/install.sh:
cmd.script
/usr/local/apache/conf/httpd.conf:
file.managed:
- source: salt://modules/web/apache/files/httpd.conf
- user: root
- group: root
- mode: '0644'
/usr/lib/systemd/system/httpd.service:
file.managed:
- source: salt://modules/web/apache/files/httpd.service
- user: root
- group: root
- mode: '0644'
准备状态文件所需的文件
安装脚本
[root@master files]# pwd
/srv/salt/prod/modules/web/apache/files
[root@master files]# cat install.sh
#!/bin/bash
cd /usr/src
rm -rf apr-1.7.0 apr-util-1.6.1 httpd-2.4.48
tar xf apr-1.7.0.tar.gz
tar xf apr-util-1.6.1.tar.gz
tar xf httpd-2.4.48.tar.gz
cd apr-1.7.0
sed -i '/$RM "$cfgfile"/d' configure
./configure --prefix=/usr/local/apr &&
make && make install &&
cd ../apr-util-1.6.1
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr &&
make && make install &&
cd ../httpd-2.4.48
./configure --prefix=/usr/local/apache
--enable-so
--enable-ssl
--enable-cgi
--enable-rewrite
--with-zlib
--with-pcre
--with-apr=/usr/local/apr
--with-apr-util=/usr/local/apr-util/
--enable-modules=most
--enable-mpms-shared=all
--with-mpm=prefork &&
make && make install
httpd配置文件
[root@master files]# pwd
/srv/salt/prod/modules/web/apache/files
[root@master files]# cat httpd.conf
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php .php #添加此行
AddType application/x-httpd-php-source .phps #添加此行
#取消下列两行的注释
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
#搜索index.html这一行添加index.php
DirectoryIndex index.php index.html
#取消下列一行的注释,并修改为自己定义的虚拟机主机配置文件
# Virtual hosts
Include conf/extra/vhosts.conf
# Local access to the Apache HTTP Server Manual
service启动文件
[root@master files]# pwd /srv/salt/prod/modules/web/apache/files [root@master files]# cat httpd.service [Unit] Description=httpd server daemon After=network.target [Service] Type=forking ExecStart=/usr/local/apache/bin/apachectl start ExecStop=/usr/local/apache/bin/apachectl stop ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target三、Mysql服务安装状态文件
[root@master mysql]# pwd
/srv/salt/prod/modules/database/mysql
[root@master mysql]# cat install.sls
ncurses-compat-libs:
pkg.installed
mysql:
user.present:
- system: true
- createhome: false
- shell: /sbin/nologin
/usr/local:
archive.extracted:
- source: salt://modules/database/mysql/files/mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz
file.symlink:
- name: /usr/local/mysql
- target: /usr/local/mysql-5.7.35-linux-glibc2.12-x86_64
/usr/local/mysql:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- recurse:
- user
- group
/opt/data:
file.directory:
- user: mysql
- group: mysql
- mode: '0755'
- makedirs: true
- recurse:
- user
- group
/etc/profile.d/mysqld.sh:
file.managed:
- source: salt://modules/database/mysql/files/mysqld.sh
- user: root
- group: root
- mode: '0644'
/usr/local/mysql/support-files/mysql.server:
file.managed:
- source: salt://modules/database/mysql/files/mysql.server
- user: mysql
- group: mysql
- mode: '0755'
/usr/lib/systemd/system/mysqld.service:
file.managed:
- source: salt://modules/database/mysql/files/mysqld.service
- user: root
- group: root
- mode: '0644'
mysql-initialize:
cmd.run:
- name: '/usr/local/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir=/opt/data/'
mysqld service启动文件
[root@master files]# pwd /srv/salt/prod/modules/database/mysql/files [root@master files]# cat mysqld.service [Unit] Description=mysql server daemon After=network.target [Service] Type=forking ExecStart=/usr/local/mysql/support-files/mysql.server start ExecStop=/usr/local/mysql/support-files/mysql.server stop ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target
[root@master files]# cat mysqld.sh export PATH=/usr/local/mysql/bin:$PATH
[root@master files]# pwd /srv/salt/prod/modules/database/mysql/files [root@master files]# cat mysql.server #这个文件安装完成后copy到这里来就可以了 #!/bin/sh # Copyright Abandoned 1996 TCX DataKonsult AB & Monty Program KB & Detron HB # This file is public domain and comes with NO WARRANTY of any kind # MySQL daemon start/stop script. ..........四、php服务的状态文件
[root@master php]# pwd
/srv/salt/prod/modules/application/php
[root@master php]# cat install.sls
/tmp/oniguruma-devel-6.8.2-2.el8.x86_64.rpm:
file.managed:
- source: salt://modules/application/php/files/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- user: root
- group: root
- mode: '0644'
cmd.run:
- name: yum -y install /tmp/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
php-dep-package:
pkg.installed:
- pkgs:
- libxml2
- libxml2-devel
- libsqlite3x-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- libmcrypt
- libmcrypt-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- libzip
- libzip-devel
- mhash
- mhash-devel
- php-mysqlnd
unzip-php:
archive.extracted:
- name: /usr/src/
- source: salt://modules/application/php/files/php-7.4.24.tar.xz
salt://modules/application/php/files/install.sh:
cmd.script
copy-file-php:
file.managed:
- names:
- /usr/local/php7/etc/php-fpm.conf:
- source: salt://modules/application/php/files/php-fpm.conf.default
- /usr/local/php7/etc/php-fpm.d/www.conf:
- source: salt://modules/application/php/files/www.conf.default
- /etc/init.d/php-fpm:
- source: salt://modules/application/php/files/init.d.php-fpm
- user: root
- group: root
- mode: '0755'
- /usr/lib/systemd/system/php-fpm.service:
- source: salt://modules/application/php/files/php-fpm.service
php-fpm.service:
service.running:
- enable: true
安装脚本
[root@master files]# cat install.sh
#!/bin/bash
cd /usr/src/php-7.4.24
./configure --prefix=/usr/local/php7
--with-config-file-path=/etc
--enable-fpm
--disable-debug
--disable-rpath
--enable-shared
--enable-soap
--with-openssl
--enable-bcmath
--with-iconv
--with-bz2
--enable-calendar
--with-curl
--enable-exif
--enable-ftp
--enable-gd
--with-jpeg
--with-zlib-dir
--with-freetype
--with-gettext
--enable-mbstring
--enable-pdo
--with-mysqli=mysqlnd
--with-pdo-mysql=mysqlnd
--with-readline
--enable-shmop
--enable-simplexml
--enable-sockets
--with-zip
--enable-mysqlnd-compression-support
--with-pear
--enable-pcntl
--enable-posix &&
make && make install
修改配置文件
[root@master files]# pwd /srv/salt/prod/modules/application/php/files [root@master files]# cat www.conf.default listen = 0.0.0.0:9000 #查找listen这一行并改为此行显示的内容
service文件
[root@master files]# pwd /srv/salt/prod/modules/application/php/files [root@master files]# cat php-fpm.service [Unit] Description=php server daemon After=network.target [Service] Type=forking ExecStart=/etc/init.d/php-fpm start ExecStop=/etc/init.d/php-fpm stop ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target五、编写项目配置
apache配置的状态文件
[root@master zabbix]# pwd
/srv/salt/prod/zabbix
[root@master zabbix]# cat apache.sls
include:
- modules.web.apache.install
/usr/include/httpd:
file.symlink:
- target: /usr/local/apache/include
/usr/local/apache/htdocs/zabbix:
file.directory:
- user: root
- group: root
- mode: '0755'
- makedirs: true
/usr/local/apache/conf/extra/vhosts.conf:
file.managed:
- source: salt://zabbix/files/vhosts.conf
- user: root
- group: root
- mode: '0644'
/usr/local/apache/htdocs/zabbix/index.php:
file.managed:
- source: salt://zabbix/files/index.php
- user: root
- group: root
- mode: '0644'
httpd.service:
service.running:
- enable: true
mysql的状态文件
[root@master zabbix]# pwd
/srv/salt/prod/zabbix
[root@master zabbix]# cat mysql.sls
include:
- modules.database.mysql.install
lamp-dep-package:
pkg.installed:
- pkgs:
- ncurses-devel
- openssl-devel
- openssl
- cmake
- mariadb-devel
/usr/local/include/mysql:
file.symlink:
- target: /usr/local/mysql/include
/etc/ld.so.conf.d/mysql.conf:
file.managed:
- source: salt://zabbix/files/mysql.conf
- user: root
- group: root
- mode: '0644'
/etc/my.cnf:
file.managed:
- source: salt://zabbix/files/my.cnf
- user: root
- group: root
- mode: '0644'
mysqld.service:
service.running:
- enable: true
set-password-mysql:
cmd.run:
- name: /usr/loca/mysql/bin/mysql -e "set password = password('123456');"
zabbix安装的状态文件
[root@master zabbix]# cat zabbix.sls
zabbix-dep-pkages:
pkg.installed:
- names:
- net-snmp-devel
- libevent-devel
unzip-zabbix:
archive.extracted:
- name: /usr/src
- source: salt://zabbix/files/zabbix-5.4.4.tar.gz
create-user-zabbix:
user.present:
- name: zabbix
- createhome: false
- system: true
- shell: /sbin/nologin
salt://zabbix/files/zabbix.sh:
cmd.script
/usr/local/etc/zabbix_server.conf:
file.managed:
- source: salt://zabbix/files/zabbix_server.conf
create-dir:
file.directory:
- name: /var/lib/mysql
- user: root
- group: root
- mode: '0644'
link:
cmd.run:
- name: ln -s /tmp/mysql.sock /var/lib/mysql/
/etc/php.ini:
file.managed:
- source: salt://zabbix/files/php.ini
copy-ui:
cmd.run:
- name: cp -a /usr/src/zabbix-5.4.4/ui/* /usr/local/apache/htdocs/zabbix/
start-service:
cmd.run:
- names:
- zabbix_server
- zabbix_agentd
[root@master zabbix]# pwd
/srv/salt/prod/zabbix
zabbix安装脚本
[root@master files]# pwd /srv/salt/prod/zabbix/files [root@master files]# cat zabbix.sh #!/bin/bash /usr/local/mysql/bin/mysql -uroot -p1 -e "create database zabbix character set utf8 collate utf8_bin;" /usr/local/mysql/bin/mysql -uroot -p1 -e "grant all privileges on zabbix.* to 'zabbix'@'localhost' identified by 'zabbix123';" /usr/local/mysql/bin/mysql -uroot -p1 -e "flush privileges;" cd /usr/src/zabbix-5.4.4/database/mysql /usr/local/mysql/bin/mysql -uroot -p1 zabbix < schema.sql /usr/local/mysql/bin/mysql -uroot -p1 zabbix < images.sql /usr/local/mysql/bin/mysql -uroot -p1 zabbix < data.sql cd /usr/src/zabbix-5.4.4/ ./configure --enable-server --enable-agent --with-mysql --with-net-snmp --with-libcurl --with-libxml2 && make install
虚拟主机配置文件
[root@master files]# cat vhosts.confdocumentRoot "/usr/local/apache/htdocs/zabbix" ServerName zabbix.example.com ProxyRequests Off ProxyPassMatch ^/(.*.php)$ fcgi://127.0.0.1:9000/usr/local/apache/htdocs/zabbix/$1 [root@master files]# pwd /srv/salt/prod/zabbix/filesOptions none AllowOverride none Require all granted
mysql.conf文件
[root@master files]# pwd /srv/salt/prod/zabbix/files [root@master files]# cat my my.cnf mysql.conf [root@master files]# cat mysql.conf /usr/local/mysql/lib
mysql配置文件
[root@master files]# pwd /srv/salt/prod/zabbix/files [root@master files]# cat my.cnf [mysqld] basedir = /usr/local/mysql datadir = /opt/data socket = /tmp/mysql.sock port = 3306 pid-file = /opt/data/mysql.pid user = mysql skip-name-resolve
ini文件
[root@master files]# cat php.ini [PHP] ;;;;;;;;;;;;;;;;;;; ; about php.ini ; ;;;;;;;;;;;;;;;;;;; ; PHP's initialization file, generally called php.ini, is responsible for ; configuring many of the aspects of PHP's behavior. ..........
zabbix配置文件
[root@master src]# vim /srv/salt/prod/zabbix/files/zabbix_server.conf # Default: DBPassword=zabbix #取消注释,设置密码 ### Option: DBSocket
一键部署zabbix服务的状态文件
[root@master zabbix]# cat main.sls include: - zabbix.apache - zabbix.mysql - modules.application.php.install - zabbix.zabbix
