标签:div ora python2 卸载 关系 通用 extra oca php5
简称SPM,使用man查看spm命令的使用方法,这一部分内容比较多,初浅的看了下文档,暂时先总结个大概,后续慢慢在探究一下细节,再进行补充。
salt 的包管理主要包含以下3个部分,
关系如图示:
包组织系统:主要内容包含如何建立一个SPM Packages。
解析formula格式的目录结构:
建立repo包仓库和相关信息
如何安装.spm的包,安装之后的部分目录结构如下:
下面根据实例来初浅的讲解一下SPM的配置和安装逻辑,至于运用后续再进行探究。
首先确认一下salt-master的版本,SPM功能在2015.10以后的版本才有,目前使用的环境是2016.11的版本
(一)找到制作SPM的=包的原材料,官网推荐的一个站点https://github.com/saltstack-formulas,使用git下载几个formula格式的源码包
git clone https://github.com/saltstack-formulas/nginx-formula.git
git clone https://github.com/saltstack-formulas/redis-formula.git
将软件包放置在/srv/spm,注意下载的源码包必须符合formula格式,formula包的格式要求参见http://docs.saltstack.cn/topics/spm/spm_formula.html#spm-formula
下载下来的软件包是一个目录,结构参见图package system
(二)制作spm包
spm build /path/to/salt-packages-source/myapp-formula
制作的spm包被存放在/srv/spm_build目录里面,例如包名为apache-201507-1.spm。
同时在源码目录下面会产生几个目录pillar,reactor这几个目录。
(三)生成SPM-METADATA信息
spm create_repo /srv/spm_build
生成的metedata文件就存放在spm包目录下
(四)配置安装环境和安装spm包
配置安装repo源:
/etc/salt/spm.repos.d/spm.repo
网络源:
my_repo:
url: https://spm.example.com/
本地源:
my_repo:
url: file:///srv/spm_build
更新源:
spm update_repo
安装spm包:
spm install apache
spm local install /srv/spm/apache-201506-1.spm #直接安装本地spm包
安装的包路径在/srv/spm/salt下,目录结构如下:
1 salt/ 2 └── apache 3 ├── certificates.sls 4 ├── config.sls 5 ├── debian_full.sls 6 ├── files 7 │ ├── Debian 8 │ ├── FreeBSD 9 │ ├── RedHat 10 │ └── Suse 11 ├── init.sls 12 ├── logrotate.sls 13 ├── manage_security.sls 14 ├── map.jinja 15 ├── mod_actions.sls 16 ├── mod_cgi.sls 17 ├── mod_dav_svn.sls 18 ├── mod_fastcgi.sls 19 ├── mod_fcgid.sls 20 ├── mod_geoip.sls 21 ├── mod_headers.sls 22 ├── mod_mpm.sls 23 ├── mod_pagespeed.sls 24 ├── mod_perl2.sls 25 ├── mod_php5.sls 26 ├── mod_proxy_fcgi.sls 27 ├── mod_proxy_http.sls 28 ├── mod_proxy.sls 29 ├── mod_remoteip.sls 30 ├── mod_rewrite.sls 31 ├── mod_security 32 │ ├── init.sls 33 │ └── rules.sls 34 ├── modsecurity.yaml 35 ├── mod_socache_shmcb.sls 36 ├── mod_ssl.sls 37 ├── mod_suexec.sls 38 ├── modules.sls 39 ├── mod_vhost_alias.sls 40 ├── mod_wsgi.sls 41 ├── mod_xsendfile.sls 42 ├── no_default_vhost.sls 43 ├── osfingermap.yaml 44 ├── own_default_vhost.sls 45 ├── register_site.sls 46 ├── uninstall.sls 47 └── vhosts 48 ├── minimal.tmpl 49 ├── proxy.tmpl 50 ├── redirect.tmpl 51 ├── standard.sls 52 └── standard.tmpl
卸载spm包:
spm remove apache
(五)在file_roots中配置spm源,即可配置本地spm源,也可以配置网络spm源
1 file_roots: 2 base: 3 1. /srv/salt 4 2. /srv/spm/salt
1 gitfs_remotes: 2 - https://github.com/saltstack-formulas/apache-formula 3 - https://github.com/saltstack-formulas/memcached-formula
配置好spm包源之后便于include到state文件中,部署到minion端,以下是几种常见的用法:
a)include导入spm包
1 include: 2 - epel 3 4 python26: 5 pkg.installed: 6 - require: 7 - pkg: epel
b)在top文件中引用
1 base: 2 ‘controller‘: 3 - openstack.horizon 4 - openstack.keystone 5 ‘hyper-*‘: 6 - openstack.nova 7 - openstack.glance 8 ‘storage-*‘: 9 - openstack.swift
详细的说明参见:https://docs.saltstack.com/en/2016.11/topics/development/conventions/formulas.html
关于Formulas格式的SPM包的一些初步理解:
制作一个Formulas格式的spm包,可以在salt环境为我们提供一整套通用管理业务软件的方法,这些方法包括软件包安装,服务管理,配置管理等,当我们include一个spm包之后, 里面可配置的地方全部已经帮我们以模板,变量的方式设置好了,屏蔽了底层因操作系统环境差异而产生的配置差异给我们带来额外的麻烦,减少了冗余。
示例:
一个Formulas包的init.sls,这是类似python里面的__init__一个初始化的结构函数。
1 {% from "apache/map.jinja" import apache with context %} 2 3 apache: 4 pkg.installed: 5 - name: {{ apache.server }} 6 group.present: 7 - name: {{ apache.group }} 8 - system: True 9 user.present: 10 - name: {{ apache.user }} 11 - gid: {{ apache.group }} 12 - system: True 13 service.running: 14 - name: {{ apache.service }} 15 - enable: True 16 17 # The following states are inert by default and can be used by other states to 18 # trigger a restart or reload as needed. 19 apache-reload: 20 module.wait: 21 - name: service.reload 22 - m_name: {{ apache.service }} 23 24 apache-restart: 25 module.wait: 26 - name: service.restart 27 - m_name: {{ apache.service }}
其中第一行中的{% from "apache/map.jinja" import apache with context %}模板中引入了apache/map.jinja
再看apache/map.jinja中的内容:
1 {% import_yaml "apache/osfingermap.yaml" as osfingermap %} 2 {% import_yaml "apache/modsecurity.yaml" as modsec %} 3 4 {% set apache = salt[‘grains.filter_by‘]({ 5 ‘Gentoo‘: { 6 ‘server‘: ‘www-servers/apache‘, 7 ‘service‘: ‘apache2‘, 8 ‘user‘: ‘apache‘, 9 ‘group‘: ‘apache‘, 10 ‘configfile‘: ‘/etc/apache2/httpd.conf‘, 11 12 ‘mod_wsgi‘: ‘www-apache/mod_wsgi‘, 13 ‘mod_fcgid‘: ‘www-apache/mod_fcgid‘, 14 15 ‘vhostdir‘: ‘/etc/apache2/vhosts.d‘, 16 ‘confdir‘: ‘/etc/conf.d/apache2‘, 17 ‘confext‘: ‘.conf‘, 18 ‘default_site‘: ‘default‘, 19 ‘default_site_ssl‘: ‘default-ssl‘, 20 ‘logdir‘: ‘/var/log/apache2‘, 21 ‘logrotatedir‘: ‘/etc/logrotate.d/apache2‘, 22 ‘wwwdir‘: ‘/var/www‘, 23 }, 24 ‘Debian‘: { 25 ‘server‘: ‘apache2‘, 26 ‘service‘: ‘apache2‘, 27 ‘user‘: ‘www-data‘, 28 ‘group‘: ‘www-data‘, 29 ‘configfile‘: ‘/etc/apache2/apache2.conf‘, 30 ‘portsfile‘: ‘/etc/apache2/ports.conf‘, 31 32 ‘mod_wsgi‘: ‘libapache2-mod-wsgi‘, 33 ‘mod_php5‘: ‘libapache2-mod-php5‘, 34 ‘mod_perl2‘: ‘libapache2-mod-perl2‘, 35 ‘mod_fcgid‘: ‘libapache2-mod-fcgid‘, 36 ‘mod_pagespeed_source‘: ‘https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb‘, 37 ‘mod_xsendfile‘: ‘libapache2-mod-xsendfile‘, 38 ‘mod_fastcgi‘: ‘libapache2-mod-fastcgi‘, 39 40 ‘vhostdir‘: ‘/etc/apache2/sites-available‘, 41 ‘confdir‘: ‘/etc/apache2/conf.d‘, 42 ‘confext‘: ‘.conf‘, 43 ‘default_site‘: ‘default‘, 44 ‘default_site_ssl‘: ‘default-ssl‘, 45 ‘logdir‘: ‘/var/log/apache2‘, 46 ‘logrotatedir‘: ‘/etc/logrotate.d/apache2‘, 47 ‘wwwdir‘: ‘/srv‘, 48 }, 49 ‘RedHat‘: { 50 ‘server‘: ‘httpd‘, 51 ‘service‘: ‘httpd‘, 52 ‘user‘: ‘apache‘, 53 ‘group‘: ‘apache‘, 54 ‘configfile‘: ‘/etc/httpd/conf/httpd.conf‘, 55 56 ‘mod_wsgi‘: ‘mod_wsgi‘, 57 ‘conf_mod_wsgi‘: ‘/etc/httpd/conf.d/wsgi.conf‘, 58 ‘mod_php5‘: ‘php‘, 59 ‘mod_pagespeed_source‘: ‘https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm‘, 60 61 ‘vhostdir‘: ‘/etc/httpd/vhosts.d‘, 62 ‘confdir‘: ‘/etc/httpd/conf.d‘, 63 ‘confext‘: ‘.conf‘, 64 ‘default_site‘: ‘default‘, 65 ‘default_site_ssl‘: ‘default-ssl‘, 66 ‘logdir‘: ‘/var/log/httpd‘, 67 ‘logrotatedir‘: ‘/etc/logrotate.d/httpd‘, 68 ‘wwwdir‘: ‘/var/www‘, 69 ‘default_charset‘: ‘UTF-8‘, 70 }, 71 ‘Suse‘: { 72 ‘server‘: ‘apache2‘, 73 ‘service‘: ‘apache2‘, 74 ‘user‘: ‘wwwrun‘, 75 ‘group‘: ‘www‘, 76 ‘configfile‘: ‘/etc/apache2/httpd.conf‘, 77 78 ‘mod_wsgi‘: ‘apache2-mod_wsgi‘, 79 ‘mod_php5‘: ‘apache2-mod_php5‘, 80 ‘mod_fcgid‘: ‘apache2-mod_fcgid‘, 81 82 ‘vhostdir‘: ‘/etc/apache2/vhosts.d‘, 83 ‘confdir‘: ‘/etc/apache2/conf.d‘, 84 ‘confext‘: ‘.conf‘, 85 ‘default_site‘: ‘vhost.template‘, 86 ‘default_site_ssl‘: ‘vhost-ssl.template‘, 87 ‘logdir‘: ‘/var/log/apache2‘, 88 ‘wwwdir‘: ‘/srv/www‘, 89 }, 90 ‘FreeBSD‘: { 91 ‘server‘: ‘apache22‘, 92 ‘service‘: ‘apache22‘, 93 ‘user‘: ‘www‘, 94 ‘group‘: ‘www‘, 95 ‘configfile‘: ‘/usr/local/etc/apache22/httpd.conf‘, 96 ‘portsfile‘: ‘/usr/local/etc/apache22/ports.conf‘, 97 98 ‘mod_php5‘: ‘mod_php56‘, 99 ‘mod_perl2‘: ‘ap22-mod_perl2‘, 100 ‘mod_wsgi‘: ‘ap22-mod_wsgi3‘, 101 102 ‘vhostdir‘: ‘/usr/local/etc/apache22/Includes‘, 103 ‘confdir‘: ‘/usr/local/etc/apache22/extra‘, 104 ‘modulesdir‘: ‘/usr/local/etc/apache22/modules.d‘, 105 ‘global_document_root‘: ‘/usr/local/www/apache22/data‘, 106 107 ‘confext‘: ‘‘, 108 ‘default_site‘: ‘default‘, 109 ‘default_site_ssl‘: ‘default-ssl‘, 110 ‘logdir‘: ‘/var/log/‘, 111 ‘wwwdir‘: ‘/usr/local/www/apache22/‘, 112 }, 113 }, merge=salt[‘grains.filter_by‘]({ 114 ‘precise‘: { 115 ‘confext‘: ‘‘, 116 ‘default_site‘: ‘default‘, 117 ‘default_site_ssl‘: ‘default-ssl‘, 118 }, 119 ‘trusty‘: { 120 ‘confext‘: ‘.conf‘, 121 ‘default_site‘: ‘000-default.conf‘, 122 ‘default_site_ssl‘: ‘default-ssl.conf‘, 123 }, 124 ‘utopic‘: { 125 ‘confext‘: ‘.conf‘, 126 ‘default_site‘: ‘000-default.conf‘, 127 ‘default_site_ssl‘: ‘default-ssl.conf‘, 128 }, 129 ‘vivid‘: { 130 ‘confext‘: ‘.conf‘, 131 ‘default_site‘: ‘000-default.conf‘, 132 ‘default_site_ssl‘: ‘default-ssl.conf‘, 133 }, 134 ‘wily‘: { 135 ‘confext‘: ‘.conf‘, 136 ‘default_site‘: ‘000-default.conf‘, 137 ‘default_site_ssl‘: ‘default-ssl.conf‘, 138 }, 139 ‘xenial‘: { 140 ‘confext‘: ‘.conf‘, 141 ‘default_site‘: ‘000-default.conf‘, 142 ‘default_site_ssl‘: ‘default-ssl.conf‘, 143 }, 144 ‘yakkety‘: { 145 ‘confext‘: ‘.conf‘, 146 ‘default_site‘: ‘000-default.conf‘, 147 ‘default_site_ssl‘: ‘default-ssl.conf‘, 148 }, 149 ‘zesty‘: { 150 ‘confext‘: ‘.conf‘, 151 ‘default_site‘: ‘000-default.conf‘, 152 ‘default_site_ssl‘: ‘default-ssl.conf‘, 153 }, 154 ‘artful‘: { 155 ‘confext‘: ‘.conf‘, 156 ‘default_site‘: ‘000-default.conf‘, 157 ‘default_site_ssl‘: ‘default-ssl.conf‘, 158 }, 159 ‘jessie‘: { 160 ‘wwwdir‘: ‘/var/www‘, 161 ‘confext‘: ‘.conf‘, 162 ‘default_site‘: ‘000-default.conf‘, 163 ‘default_site_ssl‘: ‘default-ssl.conf‘, 164 }, 165 ‘stretch‘: { 166 ‘wwwdir‘: ‘/var/www‘, 167 ‘confext‘: ‘.conf‘, 168 ‘default_site‘: ‘000-default.conf‘, 169 ‘default_site_ssl‘: ‘default-ssl.conf‘, 170 }, 171 ‘buster‘: { 172 ‘wwwdir‘: ‘/var/www‘, 173 ‘confext‘: ‘.conf‘, 174 ‘default_site‘: ‘000-default.conf‘, 175 ‘default_site_ssl‘: ‘default-ssl.conf‘, 176 }, 177 }, grain=‘oscodename‘, merge=salt[‘grains.filter_by‘]( 178 osfingermap 179 , grain=‘osfinger‘, merge=salt[‘pillar.get‘](‘apache:lookup‘)))) %} 180 181 {% set modsecurity = salt[‘grains.filter_by‘]( 182 modsec 183 , grain=‘os_family‘, merge=salt[‘pillar.get‘](‘apache:mod_security‘)) or {} %} 184 185 {# merge the os family/codename mod_sec‘s specific data over the defaults #} 186 {% do apache.update({ ‘mod_security‘: modsecurity }) %}
又导入了两个yaml的配置内容
1 default: 2 version: ‘2.4‘ 3 Ubuntu-12.04: 4 version: ‘2.2‘ 5 Red Hat Enterprise Linux Server-6: 6 version: ‘2.2‘ 7 Red Hat Enterprise Linux Server-7: 8 version: ‘2.4‘ 9 CentOS-6: 10 version: ‘2.2‘ 11 CentOS Linux-7: 12 version: ‘2.4‘ 13 conf_mod_wsgi: ‘/etc/httpd/conf.modules.d/10-wsgi.conf‘ 14 Oracle Linux Server-6: 15 version: ‘2.2‘ 16 Oracle Linux Server-7: 17 version: ‘2.4‘ 18 Amazon Linux AMI-2014: 19 version: ‘2.2‘ 20 Amazon Linux AMI-2015: 21 version: ‘2.2‘ 22 Amazon Linux AMI-2016: 23 version: ‘2.2‘
1 default: 2 crs_install: False 3 manage_config: False 4 Debian: 5 crs_install: False 6 manage_config: False 7 package: libapache2-mod-security2 8 crs_package: modsecurity-crs 9 config_file: /etc/modsecurity/modsecurity.conf-recommended 10 RedHat: 11 crs_install: False 12 manage_config: False 13 package: mod_security 14 crs_package: mod_security_crs 15 config_file: /etc/httpd/conf.d/mod_security.conf
里面的配置的grains变量根据minion端的实际配置读取,达到消除部署的差异化,提高配置性的灵活性和便利性。
先写一点吧,后面再续.........
标签:div ora python2 卸载 关系 通用 extra oca php5
原文地址:http://www.cnblogs.com/solitarywares/p/7442225.html