saltstack部署nginx+php
发表于:2024-11-18 作者:千家信息网编辑
千家信息网最后更新 2024年11月18日,因为基本上生产环境中都是nginx+php的环境,所以就不单独列出salt部署php的过程了,这里就结合我在生产环境中的脚本进行nginx+php环境的部署。部署规划:1)编译安装libiconv、l
千家信息网最后更新 2024年11月18日saltstack部署nginx+php
因为基本上生产环境中都是nginx+php的环境,所以就不单独列出salt部署php的过程了,这里就结合我在生产环境中的脚本进行nginx+php环境的部署。
部署规划:
1)编译安装libiconv、libmcrypt、mhash以及mcrypt
2)编译安装php
3)添加启动停止脚本
4)添加到系统服务并设置开机启动
5)拷贝日志切割脚本
6)添加日志切割定时任务
7)安装memcached/redis/protobuf扩展
8)修改php.ini加载php扩展
salt部署目录架构:
[root@salt-master ~]# tree /srv/salt/base//srv/salt/base/├── cron│ ├── files│ │ ├── nginx_cut_log.sh│ │ └── php_cut_log.sh│ ├── nginx.sls│ └── php.sls├── nginx│ ├── files│ │ ├── nginx│ │ ├── nginx-1.6.3.tar.gz│ │ └── nginx.conf│ ├── install.sls│ └── service.sls├── packages│ └── install.sls├── pcre│ ├── files│ │ └── pcre-8.37.tar.gz│ └── install.sls├── php│ ├── extension.sls│ ├── files│ │ ├── libmemcached-1.0.18.tar.gz│ │ ├── memcached-2.2.0.tgz│ │ ├── php-5.6.16.tar.gz│ │ ├── php-fpm│ │ ├── php-fpm.conf│ │ ├── php.ini│ │ ├── phpredis-2.2.4.tar.gz│ │ └── protobuf.so│ ├── install.sls│ ├── libiconv│ │ └── files│ │ └── libiconv-1.14.tar.gz│ ├── libiconv.sls│ ├── libmcrypt│ │ └── files│ │ └── libmcrypt-2.5.8.tar.gz│ ├── libmcrypt.sls│ ├── mcrypt│ │ └── files│ │ └── mcrypt-2.6.8.tar.gz│ ├── mcrypt.sls│ ├── mhash│ │ └── files│ │ └── mhash-0.9.9.9.tar.gz│ ├── mhash.sls│ └── service.sls├── top.sls└── user ├── nginx.sls └── php.sls18 directories, 34 files
安装libiconv:
[root@salt-master base]# cat php/libiconv.sls libiconv-source-install: file.managed: - name: /opt/tools/libiconv-1.14.tar.gz - source: salt://php/libiconv/files/libiconv-1.14.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools/ && tar -zxf libiconv-1.14.tar.gz && cd libiconv-1.14 && ./configure --prefix=/usr/local && make && make install && /sbin/ldconfig - unless: test -e /usr/local/lib/libiconv.so.2.5.1 - require: - file: libiconv-source-install
安装limcrypt:
[root@salt-master base]# cat php/libmcrypt.sls libmcrypt-source-install: file.managed: - name: /opt/tools/libmcrypt-2.5.8.tar.gz - source: salt://php/libmcrypt/files/libmcrypt-2.5.8.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools && tar -zxf libmcrypt-2.5.8.tar.gz && cd libmcrypt-2.5.8 && ./configure && make && make install && ldconfig && cd libltdl && ./configure --enable-ltdl-install && make && make install && /sbin/ldconfig - unless: test -e /usr/local/lib/libmcrypt.so.4.4.8 - require: - file: libmcrypt-source-install
安装mhash:
[root@salt-master base]# cat php/mhash.sls mhash-source-install: file.managed: - name: /opt/tools/mhash-0.9.9.9.tar.gz - source: salt://php/mhash/files/mhash-0.9.9.9.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools/ && tar -zxf mhash-0.9.9.9.tar.gz && cd mhash-0.9.9.9 && ./configure && make && make install && ln -s /usr/local/lib/libmcrypt.la /usr/lib/libmcrypt.la && ln -s /usr/local/lib/libmcrypt.so /usr/lib/libmcrypt.so && ln -s /usr/local/lib/libmcrypt.so.4 /usr/lib/libmcrypt.so.4 && ln -s /usr/local/lib/libmcrypt.so.4.4.8 /usr/lib/libmcrypt.so.4.4.8 && ln -s /usr/local/lib/libmhash.a /usr/lib/libmhash.a && ln -s /usr/local/lib/libmhash.la /usr/lib/libmhash.la && ln -s /usr/local/lib/libmhash.so /usr/lib/libmhash.so && ln -s /usr/local/lib/libmhash.so.2 /usr/lib/libmhash.so.2 && ln -s /usr/local/lib/libmhash.so.2.0.1 /usr/lib/libmhash.so.2.0.1 && ln -s /usr/local/bin/libmcrypt-config /usr/bin/libmcrypt-config - unless: test -e /usr/local/lib/libmhash.a - require: - file: mhash-source-install
安装mcrypt:
[root@salt-master base]# cat php/mcrypt.sls mcrypt-source-install: file.managed: - name: /opt/tools/mcrypt-2.6.8.tar.gz - source: salt://php/mcrypt/files/mcrypt-2.6.8.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /opt/tools/ && tar -zxf mcrypt-2.6.8.tar.gz && cd mcrypt-2.6.8 && /sbin/ldconfig && ./configure && make && make install - unless: test -e /usr/local/bin/mcrypt - require: - file: mcrypt-source-install
安装php:
[root@salt-master base]# cat php/install.sls include: - packages.install - user.php - php.libiconv - php.libmcrypt - php.mhash - php.mcryptphp-source-install: file.managed: - name: /opt/tools/php-5.6.16.tar.gz - source: salt://php/files/php-5.6.16.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /opt/tools/ && tar -zxf php-5.6.16.tar.gz && cd php-5.6.16 && ./configure --prefix=/usr/local/php --with-config-file-path=/usr/local/php/etc --with-libxml-dir --enable-xml --enable-fpm --with-fpm-user=www --with-fpm-group=www --enable-bcmath --enable-mbstring --enable-gd-native-ttf --enable-sockets --enable-mysqlnd --with-mysql=mysqlnd --with-mysqli=mysqlnd --with-pdo-mysql=mysqlnd --enable-zip --enable-inline-optimization --with-gd --with-bz2 --with-zlib --with-mcrypt --with-mhash --with-openssl --with-xmlrpc --with-iconv-dir --with-freetype-dir --with-jpeg-dir --with-png-dir --without-pear --disable-ipv6 --disable-pdo --with-gettext --disable-debug --without-pdo-sqlite --disable-rpath --enable-shmop --enable-sysvsem --with-curl --with-curlwrappers --enable-mbregex --enable-pcntl --enable-soap --enable-sigchild --enable-pdo && make ZEND_EXTRA_LIBS='-liconv' && make install - unless: test -d /usr/local/php - require: - file: php-source-install - user: php-user-group - cmd: libiconv-source-install - cmd: libmcrypt-source-install - cmd: mcrypt-source-install - cmd: mhash-source-install
配置php服务:
[root@salt-master base]# cat php/service.sls include: - php.install - cron.php/usr/local/php/etc: file.directory: - user: www - group: www - mode: 644 - makedirs: True/usr/local/php/etc/php-fpm.conf: file.managed: - source: salt://php/files/php-fpm.conf - user: www - group: www - mode: 644/etc/php.ini: file.managed: - source: salt://php/files/php.ini - user: www - group: www - mode: 644/etc/profile: file.append: - text: - export PATH=$PATH:/usr/local/php/bin:/usr/local/php/sbinphp-init: file.managed: - name: /etc/init.d/php-fpm - source: salt://php/files/php-fpm - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add php-fpm && source /etc/profile - unless: chkconfig --list|grep php-fpm - require: - file: php-initphp-service: service.running: - name: php-fpm - enable: True - restart: True - require: - cmd: php-init - watch: - file: /etc/php.ini - file: /usr/local/php/etc/php-fpm.conf
部署定时任务:
[root@salt-master base]# cat cron/php.sls php-crond-job: file.managed: - name: /opt/tools/scripts/php_cut_log.sh - source: salt://cron/files/php_cut_log.sh - user: root - group: root - mode: 755/bin/bash /opt/tools/scripts/php_cut_log.sh >/dev/null 2>&1: cron.present: - identifier: cut php daily logs job - user: root - minute: '0' - hour: '0' - require: - file: php-crond-job
安装php扩展:
[root@salt-master base]# cat php/extension.sls include: - php.servicelibmemcached-source-install: file.managed: - name: /opt/tools/libmemcached-1.0.18.tar.gz - source: salt://php/files/libmemcached-1.0.18.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /opt/tools && tar -zxf libmemcached-1.0.18.tar.gz && cd libmemcached-1.0.18 && ./configure --prefix=/usr/local/libmemcached --with-memcached && make && make install - unless: test -d /usr/local/libmemcached - require: - file: libmemcached-source-installmemcached-source-install: file.managed: - name: /opt/tools/memcached-2.2.0.tgz - source: salt://php/files/memcached-2.2.0.tgz - user: root - group: root - mode: 644 cmd.run: - name: cd /opt/tools/ && tar -zxf memcached-2.2.0.tgz && cd memcached-2.2.0 && /usr/local/php/bin/phpize && ./configure --enable-memcached --with-php-config=/usr/local/php/bin/php-config --with-libmemcached-dir=/usr/local/libmemcached && make && make install - unless: test -x /usr/bin/memcached - require: - file: memcached-source-installphpredis-source-install: file.managed: - name: /opt/tools/phpredis-2.2.4.tar.gz - source: salt://php/files/phpredis-2.2.4.tar.gz - user: root - group: root - mode: 644 cmd.run: - name: cd /opt/tools && tar -zxf phpredis-2.2.4.tar.gz && cd phpredis-2.2.4 && /usr/local/php/bin/phpize && ./configure --with-php-config=/usr/local/php/bin/php-config && make && make install - unless: test -e /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/redis.so - require: - file: phpredis-source-installprotobuf-extension: file.managed: - name: /usr/local/php/lib/php/extensions/no-debug-non-zts-20131226/protobuf.so - source: salt://php/files/protobuf.so - user: www - group: www - mode: 755extension-init: file.managed: - name: /usr/local/php/etc/php.ini - source: salt://php/files/php.ini - user: www - group: www - replace: True - mode: 644 cmd.run: - name: chown -R www:www /usr/local/php && source /etc/profile - require: - file: protobuf-extension - file: extension-init - watch: - file: /usr/local/php/etc/php.ini
top.sls文件:
[root@salt-master base]# cat top.sls base: 'salt-minion02.contoso.com': - nginx.service - php.service - php.extension
环境
脚本
任务
日志
服务
生产
编译
拷贝
文件
架构
目录
系统
过程
规划
配置
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
贵阳华为网络技术
网络安全职业培训奇安信
家庭游戏服务器推荐
服务器数据安全协议
怎么根据数据库查询数据
2003主要服务器
区块链对网络安全建设的要求
dhcp和dns服务器ip
电脑服务器有多少瓦
BMS软件开发工程师岗位
远东互联网科技有限公司
山大鸥玛软件开发岗待遇
软件开发时尽量用什么语言
服务器s9
缓存服务器怎么优化
远程会话管理服务器
数据库oracle初始密码
网络技术职业学院就业前景
特殊符号怎么存数据库
pubwin数据库进入
文章怎么储存数据库
服务器连接网络重启
网络安全宣传周的总结报告
俄乌冲突网络安全的应对措施
南京趣购网络技术
网络安全法自 ()时间起施行
乐业乐活网络技术服务公司
软件开发服务转包怎么做账
软件开发专业属于理科还是文科
奉贤区无线网络技术创新服务
