- 目录树
- Apache
- Mysql
- Php
- Zabbix
[root@master ~]# tree /srv/
/srv/
├── pillar
│ └── prod
│ ├── apache.sls
│ ├── mysql.sls
│ ├── php.sls
│ └── top.sls
└── salt
├── dev
└── prod
├── 1
├── modules
│ ├── application
│ │ └── php
│ │ ├── files
│ │ │ ├── install.sh.j2
│ │ │ ├── oniguruma-devel-6.8.2-2.el8.x86_64.rpm
│ │ │ ├── php-7.4.24.tar.gz
│ │ │ ├── php-fpm
│ │ │ ├── php-fpm.conf
│ │ │ ├── php-fpm.service
│ │ │ ├── php.ini
│ │ │ └── www.conf
│ │ └── install.sls
│ ├── database
│ │ └── mysql
│ │ ├── files
│ │ │ ├── install.sh.j2
│ │ │ ├── mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
│ │ │ ├── mysqld.service
│ │ │ └── mysql.server
│ │ └── install.sls
│ └── web
│ └── apache
│ ├── files
│ │ ├── apr-1.7.0.tar.gz
│ │ ├── apr-util-1.6.1.tar.gz
│ │ ├── httpd-2.4.48.tar.gz
│ │ ├── httpd.conf
│ │ ├── httpd.service
│ │ └── install.sh.j2
│ └── install.sls
└── zabbix
├── apache.sls
├── files
│ ├── index.php
│ ├── my.cnf
│ ├── mysql.conf
│ └── vhosts.conf
├── main.sls
├── mysql.sls
└── zabbix
├── install.sh
├── zabbix-5.4.4.tar.gz
└── zabbix.sls
18 directories, 36 files
Apache
[root@master apache]# cat install.sls
apache-dep-package:
pkg.installed:
- pkgs:
- openssl
- pcre-devel
- expat-devel
- gcc
- gcc-c++
- libtool
- make
apache:
user.present:
- shell: /sbin/nologin
- createhome: false
- system: true
apache-download:
file.managed:
- names:
- /usr/src/apr-1.7.0.tar.gz:
- source: salt://modules/web/apache/files/apr-1.7.0.tar.gz
- /usr/src/apr-util-1.6.1.tar.gz:
- source: salt://modules/web/apache/files/apr-util-1.6.1.tar.gz
- /usr/src/httpd-2.4.48.tar.gz:
- source: salt://modules/web/apache/files/httpd-2.4.48.tar.gz
apache-install:
cmd.script:
- name: salt://modules/web/apache/files/install.sh.j2
- template: jinja
- unless: test -d {{ pillar['install_dir'] }}
/usr/lib/systemd/system/httpd.service:
file.managed:
- source: salt://modules/web/apache/files/httpd.service
- user: root
- group: root
- mode: '0644'
- template: jinja
{{ pillar['install_dir'] }}/conf/httpd.conf:
file.managed:
- source: salt://modules/web/apache/files/httpd.conf
- user: root
- group: root
- mode: '0644'
- require:
- cmd: apache-install
[root@master files]# cat install.sh.j2
#!/bin/bash
cd /usr/src
rm -rf apr-1.7.0 apr-util-1.6.1 httpd-2.4.48
tar xf apr-1.7.0.tar.gz
tar xf apr-util-1.6.1.tar.gz
tar xf httpd-2.4.48.tar.gz
cd /usr/src/apr-1.7.0
sed -i '/$RM "$cfgfile"/d' configure
./configure --prefix=/usr/local/apr &&
make && make install
cd ../apr-util-1.6.1
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr &&
make && make install
cd ../httpd-2.4.48
./configure --prefix="{{ pillar['install_dir'] }}"
--with-apr=/usr/local/apr
--with-apr-util=/usr/local/apr-util/ &&
make && make install
Mysql
[root@master mysql]# cat install.sls
ncurses-compat-libs:
pkg.installed
create-mysql-user:
user.present:
- name: mysql
- createhome: false
- system: true
- shell: /sbin/nologin
create-datadir:
file.directory:
- name: {{ pillar['data_dir'] }}
- user: mysql
- group: mysql
- mode: '0755'
- makedirs: true
/usr/src/mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz:
file.managed:
- source: salt://modules/database/mysql/files/mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz
- user: root
- group: root
- mode: '0644'
mysql-install:
cmd.script:
- name: salt://modules/database/mysql/files/install.sh.j2
- template: jinja
- unless: test -d {{ pillar['mysql_installdir'] }}/mysql
trasfer-files:
file.managed:
- names:
- {{ pillar['mysql_installdir'] }}/mysql/support-files/mysql.server:
- source: salt://modules/database/mysql/files/mysql.server
- template: jinja
- /usr/lib/systemd/system/mysqld.service:
- source: salt://modules/database/mysql/files/mysqld.service
- template: jinja
- require:
- cmd: mysql-install
[root@master files]# cat install.sh.j2
cd /usr/src
tar xf mysql-5.7.34-linux-glibc2.12-x86_64.tar.gz -C {{ pillar['mysql_installdir'] }}
ln -s mysql-5.7.34-linux-glibc2.12-x86_64 {{ pillar['mysql_installdir'] }}/mysql
chown -R mysql.mysql {{ pillar['mysql_installdir'] }}/mysql*
{{ pillar['mysql_installdir'] }}/mysql/bin/mysqld --initialize-insecure --user=mysql --datadir="{{ pillar['data_dir'] }}"
echo "export PATH={{ pillar['mysql_installdir'] }}/mysql/bin:$PATH" > /etc/profile.d/mysqld.sh
[root@master files]# cat mysqld.service
[Unit]
Description=Mysql server daemon
After=network.target
[Service]
Type=forking
ExecStart={{ pillar['mysql_installdir'] }}/mysql/support-files/mysql.server start
ExecStop={{ pillar['mysql_installdir'] }}/mysql/support-files/mysql.server stop
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
Php
[root@master php]# cat install.sls
/usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm:
file.managed:
- source: salt://modules/application/php/files/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- user: root
- group: root
- mode: '0644'
cmd.run:
- name: yum -y install /usr/src/oniguruma-devel-6.8.2-2.el8.x86_64.rpm
- unless: rpm -q oniguruma-devel
epel-install:
cmd.run:
- name: dnf -y install epel-release
- unless: rpm -q epel-release
dep-pkckages-install:
pkg.installed:
- pkgs:
- sqlite-devel
- libzip-devel
- libxml2
- libxml2-devel
- openssl
- openssl-devel
- bzip2
- bzip2-devel
- libcurl
- libcurl-devel
- libicu-devel
- libjpeg-turbo
- libjpeg-turbo-devel
- libpng
- libpng-devel
- openldap-devel
- pcre-devel
- freetype
- freetype-devel
- gmp
- gmp-devel
- libmcrypt
- libmcrypt-devel
- readline
- readline-devel
- libxslt
- libxslt-devel
- mhash
- mhash-devel
/usr/src/php-7.4.24.tar.gz:
file.managed:
- source: salt://modules/application/php/files/php-7.4.24.tar.gz
- user: root
- group: root
- mode: '0644'
php-install:
cmd.script:
- name: salt://modules/application/php/files/install.sh.j2
- template: jinja
- unless: test -d {{ pillar['php_installdir' ] }}/php7
copy-php:
file.managed:
- names:
- /etc/init.d/php-fpm:
- source: salt://modules/application/php/files/php-fpm
- user: root
- group: root
- mode: '0755'
- {{ pillar['php_installdir' ] }}/php7/etc/php-fpm.conf:
- source: salt://modules/application/php/files/php-fpm.conf
- {{ pillar['php_installdir' ] }}/php7/etc/php-fpm.d/www.conf:
- source: salt://modules/application/php/files/www.conf
- /usr/lib/systemd/system/php-fpm.service:
- source: salt://modules/application/php/files/php-fpm.service
- /etc/php.ini:
- source: salt://modules/application/php/files/php.ini
- require:
- cmd: php-install
php-fpm.service:
service.running:
- enable: true
- reload: true
- require:
- cmd: php-install
- file: copy-php
- watch:
- file: copy-php
[root@master files]# cat install.sh.j2
#!/bin/bash
cd /usr/src
rm -rf php-7.4.24
tar xf php-7.4.24.tar.gz -C {{ pillar['php_installdir' ] }}
cd /usr/local/php-7.4.24
./configure --prefix="{{ pillar['php_installdir'] }}"/php7
--with-config-file-path=/etc
--enable-fpm
--disable-debug
--disable-rpath
--enable-shared
--enable-soap
--with-openssl
--enable-bcmath
--with-iconv
--with-bz2
--enable-calendar
--with-curl
--enable-exif
--enable-ftp
--enable-gd
--with-jpeg
--with-zlib-dir
--with-freetype
--with-gettext
--enable-mbstring
--enable-pdo
--with-mysqli=mysqlnd
--with-pdo-mysql=mysqlnd
--with-readline
--enable-shmop
--enable-simplexml
--enable-sockets
--with-zip
--enable-mysqlnd-compression-support
--with-pear
--enable-pcntl
--enable-posix && make && make install
[root@master files]# cat php-fpm.service [Unit] Description=php-fpm server daemon After=network.target [Service] Type=forking ExecStart=/etc/init.d/php-fpm start ExecStop=/etc/init.d/php-fpm stop ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target
[root@master prod]# cat apache.sls install_dir: /usr/local/httpd [root@master prod]# cat mysql.sls mysql_installdir: /usr/local data_dir: /opt/data mysql_password: 123 [root@master prod]# cat php.sls php_installdir: /usr/localZabbix
[root@master zabbix]# cat apache.sls
"Development Tools":
pkg.group_installed
include:
- modules.web.apache.install
/usr/include/httpd:
file.symlink:
- target: {{ pillar['install_dir'] }}/include
- require:
- cmd: apache-install
{{ pillar['install_dir'] }}/htdocs:
file.directory:
- user: apache
- group: apache
- mode: '0755'
- makedirs: true
- require:
- cmd: apache-install
{{ pillar['install_dir'] }}/conf/extra/vhosts.conf:
file.managed:
- source: salt://zabbix/files/vhosts.conf
- user: root
- group: root
- mode: '0644'
- template: jinja
- require:
- cmd: apache-install
{{ pillar['install_dir'] }}/htdocs/zabbix:
file.directory:
- user: root
- group: root
- mode: '0755'
- makedirs: true
- require:
- cmd: apache-install
{{ pillar['install_dir'] }}/htdocs/zabbix/index.php:
file.managed:
- source: salt://zabbix/files/index.php
- user: apache
- group: apache
- mode: '0644'
- require:
- cmd: apache-install
zabbix-apache-service:
service.running:
- name: httpd
- enable: true
- reload: true
- require:
- file: {{ pillar['install_dir'] }}/conf/extra/vhosts.conf
- watch:
- file: {{ pillar['install_dir'] }}/conf/extra/vhosts.conf
[root@master zabbix]# cat mysql.sls
lamp-dep-package:
pkg.installed:
- pkgs:
- ncurses-devel
- openssl-devel
- openssl
- cmake
- mariadb-devel
- ncurses-compat-libs
include:
- modules.database.mysql.install
provides-mysql-file:
file.managed:
- user: root
- group: root
- mode: '0644'
- names:
- /etc/my.cnf:
- source: salt://zabbix/files/my.cnf
- template: jinja
- /etc/ld.so.conf.d/mysql.conf:
- source: salt://zabbix/files/mysql.conf
- template: jinja
/usr/local/include/mysql:
file.symlink:
- target: {{ pillar['mysql_installdir'] }}/mysql/include
mysqld-start:
service.running:
- name: mysqld
- enable: true
- relaod: true
- require:
- cmd: mysql-install
- file: trasfer-files
- watch:
- file: provides-mysql-file
set-password:
cmd.run:
- name: {{ pillar['mysql_installdir'] }}/mysql/bin/mysql -e "set password = password('{{ pillar['mysql_password'] }}');"
- require:
- service: mysqld-start
- unless: {{ pillar['mysql_installdir'] }}/mysql/bin/mysql -uroot -p{{ pillar['mysql_password'] }} -e "exit"
[root@master zabbix]# cat main.sls include: - zabbix.apache - zabbix.mysql - modules.application.php.install - zabbix.zabbix.zabbix [root@master files]# cat vhosts.confdocumentRoot "{{ pillar['install_dir'] }}/htdocs/zabbix" ServerName zabbix.example.com ProxyRequests Off ProxyPassMatch ^/(.*.php)$ fcgi://0.0.0.0:9000{{ pillar['install_dir'] }}/htdocs/zabbix/$1 [root@master files]# cat mysql.conf {{ pillar['mysql_installdir'] }}/mysql/lib [root@master files]# cat my.cnf [mysqld] port = 3306 datadir = {{ pillar['data_dir'] }} basedir = {{ pillar['mysql_installdir'] }}/mysql socket = /tmp/mysql.sock pid-file = {{ pillar['data_dir'] }}/mysql.pid log-error = {{ pillar['data_dir'] }}/mysql.err skip-name-resolve [root@master files]# cat index.phpOptions none AllowOverride none Require all granted
[root@master zabbix]# cat zabbix.sls
zabbix-dep-package:
pkg.installed:
- pkgs:
- net-snmp-devel
- libevent-devel
- make
- gcc
- gcc-c++
zabbix:
user.present:
- shell: /sbin/nologin
- createhome: false
- system: true
/usr/src/zabbix-5.4.4.tar.gz:
file.managed:
- source: salt://zabbix/zabbix/zabbix-5.4.4.tar.gz
- user: root
- group: root
- mode: '0644'
zabbix-install:
cmd.script:
- name: salt://zabbix/zabbix/install.sh
/var/lib/mysql:
file.directory:
- user: root
- group: root
- mode: '0755'
- makedirs: true
create-link:
cmd.run:
- name: ln -s /tmp/mysql.sock /var/lib/mysql/
- unless: test -L /var/lib/mysql/mysql.sock
zabbix_server:
cmd.run
zabbix_agentd:
cmd.run
service php-fpm restart:
cmd.run
copy-file-ui:
cmd.run:
- name: cp -r /usr/local/zabbix-5.4.4/ui/* /usr/local/httpd/htdocs/zabbix/
/usr/local/httpd/htdocs/zabbix/conf:
file.directory:
- user: apache
- group: apache
- mode: '0777'
systemctl restart httpd:
cmd.run
[root@master zabbix]# cat install.sh #!/bin/bash rm -rf zabbix-5.4.4 cd /usr/src/ tar xf zabbix-5.4.4.tar.gz -C /usr/local /usr/local/mysql/bin/mysql -uroot -p123 -e "create database zabbix character set utf8 collate utf8_bin;" && /usr/local/mysql/bin/mysql -uroot -p123 -e "create user 'zabbix'@'localhost' identified by 'zabbix';" && /usr/local/mysql/bin/mysql -uroot -p123 -e "grant all privileges on zabbix.* to 'zabbix'@'localhost';" && /usr/local/mysql/bin/mysql -uroot -p123 -e "flush privileges;" cd /usr/local/zabbix-5.4.4/database/mysql /usr/local/mysql/bin/mysql -uroot -p123 zabbix < schema.sql && /usr/local/mysql/bin/mysql -uroot -p123 zabbix < images.sql && /usr/local/mysql/bin/mysql -uroot -p123 zabbix < data.sql cd /usr/local/zabbix-5.4.4/ ./configure --enable-server --enable-agent --with-mysql --with-net-snmp --with-libcurl --with-libxml2 && make install sed -i 's/# DBPassword=/DBPassword=zabbix/' /usr/local/etc/zabbix_server.conf
[root@node1 ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 128 0.0.0.0:10050 0.0.0.0:* LISTEN 0 128 0.0.0.0:10051 0.0.0.0:* LISTEN 0 128 127.0.0.1:9000 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 80 *:3306 *:* LISTEN 0 128 *:80 *:* LISTEN 0 128 [::]:22 [::]:*
