运维管理平台搭建

一、简述
最近学了django框架,恰好又学了saltstack,感觉saltstack是个非常不错的管理工具。但是命令行的操作多少没有图形界面直观,所以考虑搭建一个可以管理多个运维工具的在线管理平台。参考了众多开源资料,目前算是搭起来一个框架,欢迎感兴趣的同学们可以一起交流。

二、部署开始
1.架构

了解架构才能更好的部署与运用,简单画了个拓扑图 

2.实验环境
操作系统:redhat7.2

需要的环境:

  • Django 1.11.6
  • Python 2.7.5
  • Saltstack
  • Salt API
  • MariaDB
  • MySQL-python
  • Nginx
  • uwsgi

3.pip 安装
后面用到pip会方便不少,我们就先安装pip

pip官网:https://pypi.python.org/pypi/pip
pip下载:https://pypi.python.org/packages/11/b6/abcb525026a4be042b486df43905d6893fb04f05aac21c32c638e939e447/pip-9.0.1.tar.gz#md5=35f01da33009719497f01a4ba69d63c9

安装pip需要setuptools
setuptools下载:https://pypi.python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz
下载pip和setuptools放到家目录 redhat7.2自带python,如无python需要下载安装

[root@server1 ~]# which python
/usr/bin/python
[root@server1 ~]# python
Python 2.7.5 (default, Oct 11 2015, 17:47:16)

[root@server1 ~]# ls
pip-9.0.1.tar.gz setuptools-7.0.tar.gz
[root@server1 setuptools-7.0]# python setup.py install

[root@server1 ~]# tar -zxf pip-9.0.1.tar.gz 
[root@server1 ~]# cd pip-9.0.1/
[root@server1 pip-9.0.1]# python setup.py install

pip 安装完成

4.Saltstack安装

请参阅: 
自动化运维工具SaltStack详细部署及用SaltStack实现自动部署lamp架构

这里简单示范 
server1为master端,server2为minion端

[root@server1 ~]# vim /etc/yum.repos.d/saltstack.repo

[saltstack-repo]
name=SaltStack repo for RHEL/CentOS $releasever
baseurl=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest
enabled=1
gpgcheck=1
gpgkey=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest/SALTSTACK-GPG-KEY.pub

[root@server1 ~]# yum clean all
[root@server1 ~]# yum repolist
[root@server1 ~]# yum install -y salt-master
##server2一样配置,只不过安装的包不一样
[root@server2 ~]# yum install -y salt-minion

接下来进行配置

[root@server2 ~]# sed -i.bak 's/#master: salt/master: server1/g' /etc/salt/minion
[root@server1 ~]# systemctl start salt-master
[root@server2 ~]# systemctl start salt-minion
[root@server1 ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
server2
Rejected Keys:

配置成功

5.MariaDB安装

[root@server1 ~]# yum install -y mariadb-server
[root@server1 ~]# systemctl start mariadb
[root@server1 ~]# mysql        ##刚装上是无密码的,为安全,我们设个密码吧
[root@server1 ~]# mysql_secure_installation        ##出来提示除了输密码,其他均可直接回车
[root@server1 ~]# mysql -uroot -p
Enter password:

安装MySQL-python模块

[root@server1 ~]# yum install -y MySQL-python

 

MariaDB安装完成

6.nginx环境

请参阅: 
nginx安装与基本配置 
简单示范 
下载好nginx放到根目录

[root@server1 ~]# tar -zxf nginx-1.12.1.tar.gz
[root@server1 ~]# cd nginx-1.12.1/
[root@server1 nginx-1.12.1]# sed -i.bak 's/#define NGINX_VER          "nginx\/" NGINX_VERSION/#define NGINX_VER          "nginx"/g' src/core/nginx.h
[root@server1 nginx-1.12.1]# sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc 
[root@server1 nginx-1.12.1]# yum install -y gcc-c++ pcre-devel openssl-devel
[root@server1 nginx-1.12.1]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-file-aio --with-threads --with-http_stub_status_module
[root@server1 nginx-1.12.1]# make && make install
[root@server1 nginx-1.12.1]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@server1 nginx-1.12.1]# nginx -t
[root@server1 nginx-1.12.1]# nginx

网页访问测试

安装成功,后续再配置

7.Salt API安装配置

[root@server1 ~]# yum install -y salt-api
[root@server1 ~]# salt-api --version 
salt-api 2017.7.2 (Nitrogen)
[root@server1 ~]# cd /etc/pki/tls/private
[root@server1 private]# openssl genrsa 2048 > localhost.key
Generating RSA private key, 2048 bit long modulus
.+++
...........+++
e is 65537 (0x10001)
[root@server1 private]# cd /etc/pki/tls/certs 
[root@server1 certs]# make testcert
[root@server1 certs]# vim /etc/salt/master
default_include: master.d/*.conf        ##注释去掉
[root@server1 ~]# useradd saltapi 
[root@server1 ~]# passwd saltapi
[root@server1 ~]# vim /etc/salt/master.d/api.conf
rest_cherrypy:
  port: 8000
  ssl_crt: /etc/pki/tls/certs/localhost.crt
  ssl_key: /etc/pki/tls/private/localhost.key

[root@server1 ~]# vim /etc/salt/master.d/eauth.conf
external_auth:
  pam:
    saltapi:
      - .*
      - '@wheel'
      - '@runner'
      - '@jobs'

[root@server1 ~]# systemctl restart salt-master
[root@server1 ~]# systemctl start salt-api

7.Django开发环境搭建

  • 用pip安装
[root@server1 ~]# pip install django==1.11.6

测试Django是否安装成功

[root@server1 ~]# python
>>> import django
>>> django.get_version()
'1.11.6'

Django 创建第一个项目HelloDjango

[root@server1 ~]# django-admin.py startproject HelloDjango
[root@server1 ~]# tree HelloDjango/
HelloDjango/
├── HelloDjango
│   ├── __init__.py
│   ├── settings.py
│   ├── urls.py
│   └── wsgi.py
└── manage.py
[root@server1 HelloDjango]# python manage.py runserver 0.0.0.0:8888

在浏览器输入你服务器的ip及端口号,如果正常启动,输出结果如下:

如果如下图所示,则修改settings文件即可 

[root@server1 HelloDjango]# vim HelloDjango/view.py
from django.http import HttpResponse

def hello(request):
    return HttpResponse("Hello Django ! ")

[root@server1 HelloDjango]# vim HelloDjango/urls.py
from django.conf.urls import url
#from django.contrib import admin
from . import view
urlpatterns = [
    url(r'^hello/', view.hello),
]
[root@server1 HelloDjango]# python manage.py runserver 0.0.0.0:8888

访问 http://127.0.0.1:8888/hello/ 
如下图则django框架正常

8.下载并部署oms

代码已经放到github上,传送门:github

[root@server1 ~]# yum install git -y
[root@server1 ~]# git clone https://github.com/valor7/oms_valor7.git
[root@server1 ~]# cd oms_valor7/
[root@server1 oms-valor7]# vim oms_valor7/settings.py

1.Django数据库连接设置

1.建库并授权

[root@server1 oms-valor7]# mysql -p
MariaDB [(none)]> CREATE DATABASE saltDB;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL ON saltDB.* TO django@'localhost' IDENTIFIED BY 'redhat';

2.配置Django与数据库连接

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'saltDB',
        'USER': 'django',
        'PASSWORD': 'redhat',
        'HOST': '127.0.0.1',
        'PORT': '3306',
    }
}
[root@server1 oms-valor7]# pip install xlwt
[root@server1 oms-valor7]# python manage.py makemigrations
[root@server1 oms-valor7]# python manage.py migrate

登录MariaDB数据库验证数据库同步

[root@server1 oms-valor7]# mysql -h127.0.0.1 -udjango -p
MariaDB [(none)]> USE saltDB;
MariaDB [saltDB]> SHOW tables;
+--------------------------------+
| Tables_in_saltDB               |
+--------------------------------+
| asset_areas                    |
| asset_cities                   |
| asset_idcasset                 |
| asset_provinces                

同步成功,创建应用的超级登录用户

[root@server1 oms-valor7]# python manage.py createsuperuser
[root@server1 oms-valor7]# python manage.py runserver 0.0.0.0:9999

浏览器访问然后用刚才创建的用户登录

发现这里有台未授权主机,点击操作那一栏的加号,给它授权 
也可以通过命令行输入命令

[root@server1 oms-valor7]# salt-key -A

来添加授权

OMS在线运维管理平台到这里就搭建就完成了,接下来整合NGINX

三、部署进阶

1.配置Nginx支持Django

1.安装uwsgi

[root@server1 ~]# pip install uwsgi
##如果出现以下错误:
    plugins/python/uwsgi_python.h:2:20: fatal error: Python.h: No such file or directory
     #include <Python.h>
                        ^
    compilation terminated.

    ----------------------------------------
Command "/usr/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-cj_mjG/uwsgi/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-sHka7Q-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-cj_mjG/uwsgi/

[root@server1 ~]# yum install python-devel
[root@server1 ~]# pip install uwsgi        ##安装python-devel之后再安装就ok了
Collecting uwsgi
  Using cached uwsgi-2.0.15.tar.gz
Installing collected packages: uwsgi
  Running setup.py install for uwsgi ... done
Successfully installed uwsgi-2.0.15
[root@server1 ~]# uwsgi --version  ##查看版本
2.0.15
  • 测试uwsgi的可用性
    [root@server1 ~]# vim uwsgi.py
    def application(env, start_response):
        start_response('200 OK', [('Content-Type','text/html')])
        return "Hello Uwsgi"
    [root@server1 ~]# uwsgi --http :8888 --wsgi-file uwsgi.py
    

    访问 http://127.0.0.1:8888/ 出现以下结果则uwsgi 安装成功 

  • 2.配置NGINX支持uwsgi

    Django结合了nginx之后就不需要再执行runserver来启动服务了,而且访问端口就是nginx的默认端口80,使用时方便许多

    [root@server1 ~]# vim /usr/local/nginx/conf/nginx.conf
    user  root;
    
        server {
            listen       80;
            server_name  localhost;
    
            #charset koi8-r;
            root /root/oms_valor7;
            #access_log  logs/host.access.log  main;
            access_log  logs/host.access.log;
    
            location / {
                root   /root/oms_valor7;
                include uwsgi_params;
                uwsgi_pass 127.0.0.1:9999;
                uwsgi_param UWSGI_CHDIR /root/oms_valor7;
                uwsgi_param UWSGI_SCRIPT oms_valor7.wsgi;
            }
    location /static {
            alias /root/oms_valor7/static;
            }
    

    3.uwsgi 配置

    uwsgi支持ini、xml等多种配置方式,本文以 ini 为例, 在/root/oms_valor7/目录下新建uwsgi.ini,添加如下配置

    [uwsgi]
    chdir=/root/oms_valor7/
    module=oms_valor7.wsgi:application
    master=True
    pidfile=/var/run/uwsgi9999.pid 
    vacuum=True
    max-requests=5000
    daemonize=/root/oms_valor7/uwsgi9999.log
    socket=0.0.0.0:9999
    

    4.启动服务,运行平台

    重载nginx ,并将uwsgi后台运行

    [root@server1 oms-valor7]# cd 
    [root@server1 ~]# mv oms-valor7 oms_valor7     ##配置文件里路径写串了,这里改下
    [root@server1 oms-valor7]# nginx -t
    [root@server1 oms-valor7]# nginx -s reload
    [root@server1 oms-valor7]# uwsgi --ini uwsgi.ini &
    

    直接访问ip即可 

    可以执行远程命令等     

        至此,OMS运维管理平台搭建完成

文 / Aex
LEAVE A REPLY
loading