1)创建目录 [admin@master ~]$ sudo mkdir -p /srv/salt/prod/nginx [admin@master ~]$ sudo mkdir -p /srv/salt/prod/nginx/files 2)下载nginx [admin@master files]$ sudo wget http://nginx.org/download/nginx-1.12.2.tar.gz 3)拷贝启动脚本和配置文件 3.1)启动脚本 ~~~ [admin@master files]$ cat nginx.init #!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse \ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /etc/nginx/nginx.conf # config: /etc/sysconfig/nginx # pidfile: /var/run/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/local/nginx/sbin/nginx" prog=$(basename $nginx) NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf" [ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx lockfile=/var/lock/subsys/nginx make_dirs() { # make required directories user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=\([^ ]*\).*/\1/g' -` if [ -z "`grep $user /etc/passwd`" ]; then useradd -M -s /bin/nologin $user fi options=`$nginx -V 2>&1 | grep 'configure arguments:'` for opt in $options; do if [ `echo $opt | grep '.*-temp-path'` ]; then value=`echo $opt | cut -d "=" -f 2` if [ ! -d "$value" ]; then # echo "creating" $value mkdir -p $value && chown -R $user $value fi fi done } start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 make_dirs echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { configtest || return $? stop sleep 1 start } reload() { configtest || return $? echo -n $"Reloading $prog: " $nginx -s reload RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac ~~~ 3.2)配置文件 ~~~ [admin@master files]$ sudo vim nginx.conf user web; worker_processes auto; error_log logs/error.log error; worker_rlimit_nofile 30000; pid logs/nginx.pid; events { use epoll; worker_connections 65535; } http { include mime.types; default_type application/octet-stream; sendfile on; tcp_nopush on; underscores_in_headers on; keepalive_timeout 10; send_timeout 60; gzip on; include /usr/local/nginx/conf/vhost/*.conf; server { listen 8080; server_name; location /nginx_status { stub_status on; access_log off; allow; deny all; } } } ~ ~~~ 最后在files目录下一定要有三个文件 [admin@master files]$ ll total 968 -rw-r--r--. 1 root root 981687 Oct 17 21:20 nginx-1.12.2.tar.gz -rw-r--r--. 1 root root 623 Jan 30 14:41 nginx.conf -rw-r--r--. 1 root root 2630 Jan 30 14:39 nginx.init 4)编写安装nginx的sls文件 ~~~ [admin@master nginx]$ cat install.sls include: - pkg.pkg-init - pcre.install - zlib.install - user.web /var/cache/nginx: file.directory: - user: web - group: web - mode: 755 - makedirs: True nginx_dependence: pkg.installed: - names: - gd - gd-devel nginx-source-install: file.managed: - name: /usr/local/src/nginx-1.12.2.tar.gz - source: salt://nginx/files/nginx-1.12.2.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && sudo tar xf nginx-1.12.2.tar.gz && cd nginx-1.12.2 && sudo ./configure --prefix=/usr/local/nginx --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --user=web --group=web --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_realip_module --with-http_secure_link_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-stream --with-stream_ssl_module --with-http_image_filter_module --with-pcre=/usr/local/src/pcre-8.41 --with-zlib=/usr/local/src/zlib-1.2.11 && sudo make && sudo make install - unless: test -d /usr/local/nginx - require: - file: nginx-source-install - pkg: pkg-init - cmd: pcre-source-install - cmd: zlib-source-install - user: web-user-group ~~~ 5)测试 [admin@master nginx]$ sudo salt 'proxy01*' state.sls nginx.install env=prod test=true 6) 编写nginx的服务模块 ~~~ [admin@master nginx]$ cat service.sls include: - nginx.install nginx-init: file.managed: - name: /etc/init.d/nginx - source: salt://nginx/files/nginx.init - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add nginx - unless: chkconfig --list|grep nginx - require: - file: nginx-init /usr/local/nginx/conf/nginx.conf: file.managed: - source: salt://nginx/files/nginx.conf - user: web - group: web - mode: 644 nginx-service: file.directory: - name: /usr/local/nginx/conf/vhost - require: - cmd: nginx-source-install service.running: - name: nginx - enable: True - reload: True - require: - cmd: nginx-init - watch: - file: /usr/local/nginx/conf/nginx.conf ~~~ 测试安装: [admin@master nginx]$ sudo salt 'proxy01*' state.sls nginx.service env=prod test=true