OMS运维管理平台搭建

一、简述

最近学了django框架，恰好又学了saltstack，感觉saltstack是个非常不错的管理工具。但是命令行的操作多少没有图形界面直观，所以考虑搭建一个可以管理多个运维工具的在线管理平台。参考了众多开源资料，目前算是搭起来一个框架，欢迎感兴趣的同学们可以一起交流。

二、部署开始

1.架构

了解架构才能更好的部署与运用，简单画了个拓扑图

2.实验环境

操作系统：redhat7.2

需要的环境：

- Django 1.11.6

- Python 2.7.5

- Saltstack

- Salt API

- MariaDB

- MySQL-python

- Nginx

- uwsgi

3.pip 安装

后面用到pip会方便不少，我们就先安装pip

pip官网：https://pypi.python.org/pypi/pip

pip下载：https://pypi.python.org/packages/11/b6/abcb525026a4be042b486df43905d6893fb04f05aac21c32c638e939e447/pip-9.0.1.tar.gz#md5=35f01da33009719497f01a4ba69d63c9

安装pip需要setuptools

setuptools下载：https://pypi.python.org/packages/source/s/setuptools/setuptools-7.0.tar.gz

下载pip和setuptools放到家目录

redhat7.2自带python，如无python需要下载安装

[root@server1 ~]# which python
/usr/bin/python
[root@server1 ~]# python
Python 2.7.5 (default, Oct 11 2015, 17:47:16)

[root@server1 ~]# ls
pip-9.0.1.tar.gz setuptools-7.0.tar.gz
[root@server1 setuptools-7.0]# python setup.py install

[root@server1 ~]# tar -zxf pip-9.0.1.tar.gz
[root@server1 ~]# cd pip-9.0.1/
[root@server1 pip-9.0.1]# python setup.py install

pip 安装完成

4.Saltstack安装

请参阅：

自动化运维工具SaltStack详细部署及用SaltStack实现自动部署lamp架构

这里简单示范

server1为master端，server2为minion端

[root@server1 ~]# vim /etc/yum.repos.d/saltstack.repo

[saltstack-repo]
name=SaltStack repo for RHEL/CentOS $releasever
baseurl=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest
enabled=1
gpgcheck=1
gpgkey=https://repo.saltstack.com/yum/redhat/$releasever/$basearch/latest/SALTSTACK-GPG-KEY.pub

[root@server1 ~]# yum clean all
[root@server1 ~]# yum repolist
[root@server1 ~]# yum install -y salt-master
##server2一样配置，只不过安装的包不一样
[root@server2 ~]# yum install -y salt-minion

接下来进行配置

[root@server2 ~]# sed -i.bak 's/#master: salt/master: server1/g' /etc/salt/minion
[root@server1 ~]# systemctl start salt-master
[root@server2 ~]# systemctl start salt-minion
[root@server1 ~]# salt-key -L
Accepted Keys:
Denied Keys:
Unaccepted Keys:
server2
Rejected Keys:

配置成功

5.MariaDB安装

[root@server1 ~]# yum install -y mariadb-server
[root@server1 ~]# systemctl start mariadb
[root@server1 ~]# mysql        ##刚装上是无密码的，为安全，我们设个密码吧
[root@server1 ~]# mysql_secure_installation        ##出来提示除了输密码，其他均可直接回车
[root@server1 ~]# mysql -uroot -p
Enter password:

安装MySQL-python模块

[root@server1 ~]# yum install -y MySQL-python

MariaDB安装完成

6.nginx环境

请参阅：

nginx安装与基本配置

简单示范

下载好nginx放到根目录

[root@server1 ~]# tar -zxf nginx-1.12.1.tar.gz
[root@server1 ~]# cd nginx-1.12.1/
[root@server1 nginx-1.12.1]# sed -i.bak 's/#define NGINX_VER          "nginx\/" NGINX_VERSION/#define NGINX_VER          "nginx"/g' src/core/nginx.h
[root@server1 nginx-1.12.1]# sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc
[root@server1 nginx-1.12.1]# yum install -y gcc-c++ pcre-devel openssl-devel
[root@server1 nginx-1.12.1]# ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-file-aio --with-threads --with-http_stub_status_module
[root@server1 nginx-1.12.1]# make && make install
[root@server1 nginx-1.12.1]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@server1 nginx-1.12.1]# nginx -t
[root@server1 nginx-1.12.1]# nginx

网页访问测试 http://172.25.27.1/



安装成功，后续再配置

7.Salt API安装配置

[root@server1 ~]# yum install -y salt-api
[root@server1 ~]# salt-api --version
salt-api 2017.7.2 (Nitrogen)
[root@server1 ~]# cd /etc/pki/tls/private
[root@server1 private]# openssl genrsa 2048 > localhost.key
Generating RSA private key, 2048 bit long modulus
.+++
...........+++
e is 65537 (0x10001)
[root@server1 private]# cd /etc/pki/tls/certs
[root@server1 certs]# make testcert
[root@server1 certs]# vim /etc/salt/master
default_include: master.d/*.conf        ##注释去掉
[root@server1 ~]# useradd saltapi
[root@server1 ~]# passwd saltapi
[root@server1 ~]# vim /etc/salt/master.d/api.conf
rest_cherrypy:
port: 8000
ssl_crt: /etc/pki/tls/certs/localhost.crt
ssl_key: /etc/pki/tls/private/localhost.key

[root@server1 ~]# vim /etc/salt/master.d/eauth.conf
external_auth:
pam:
saltapi:
- .*
- '@wheel'
- '@runner'
- '@jobs'

[root@server1 ~]# systemctl restart salt-master
[root@server1 ~]# systemctl start salt-api

7.Django开发环境搭建

用pip安装

[root@server1 ~]# pip install django==1.11.6

测试Django是否安装成功

[root@server1 ~]# python
>>> import django
>>> django.get_version()
'1.11.6'

Django 创建第一个项目HelloDjango

[root@server1 ~]# django-admin.py startproject HelloDjango
[root@server1 ~]# tree HelloDjango/
HelloDjango/
├── HelloDjango
│   ├── __init__.py
│   ├── settings.py
│   ├── urls.py
│   └── wsgi.py
└── manage.py
[root@server1 HelloDjango]# python manage.py runserver 0.0.0.0:8888

在浏览器输入你服务器的ip及端口号，如果正常启动，输出结果如下：

如果如下图所示，则修改settings文件即可

[root@server1 HelloDjango]# sed -i.bak 's/ALLOWED_HOSTS = \[\]/ALLOWED_HOSTS = \["*"\]/g' HelloDjango/settings.py

[root@server1 HelloDjango]# vim HelloDjango/view.py
from django.http import HttpResponse

def hello(request):
return HttpResponse("Hello Django ! ")

[root@server1 HelloDjango]# vim HelloDjango/urls.py
from django.conf.urls import url
#from django.contrib import admin
from . import view
urlpatterns = [
url(r'^hello/', view.hello),
]
[root@server1 HelloDjango]# python manage.py runserver 0.0.0.0:8888

访问 http://172.25.27.1:8888/hello/

如下图则django框架正常

8.下载并部署oms

代码已经放到github上，传送门：github

[root@server1 ~]# yum install git -y
[root@server1 ~]# git clone https://github.com/valor7/oms_valor7.git [root@server1 ~]# cd oms_valor7/
[root@server1 oms-valor7]# vim oms_valor7/settings.py

1.Django数据库连接设置

1.建库并授权

[root@server1 oms-valor7]# mysql -p
MariaDB [(none)]> CREATE DATABASE saltDB;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL ON saltDB.* TO django@'localhost' IDENTIFIED BY 'redhat';

2.配置Django与数据库连接

DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'saltDB',
'USER': 'django',
'PASSWORD': 'redhat',
'HOST': '127.0.0.1',
'PORT': '3306',
}
}

[root@server1 oms-valor7]# pip install xlwt
[root@server1 oms-valor7]# python manage.py makemigrations
[root@server1 oms-valor7]# python manage.py migrate

登录MariaDB数据库验证数据库同步

[root@server1 oms-valor7]# mysql -h127.0.0.1 -udjango -p
MariaDB [(none)]> USE saltDB;
MariaDB [saltDB]> SHOW tables;
+--------------------------------+
| Tables_in_saltDB               |
+--------------------------------+
| asset_areas                    |
| asset_cities                   |
| asset_idcasset                 |
| asset_provinces                |

同步成功，创建应用的超级登录用户

[root@server1 oms-valor7]# python manage.py createsuperuser
[root@server1 oms-valor7]# python manage.py runserver 0.0.0.0:9999

浏览器访问然后用刚才创建的用户登录





发现这里有台未授权主机，点击操作那一栏的加号，给它授权

也可以通过命令行输入命令

[root@server1 oms-valor7]# salt-key -A

来添加授权



OMS在线运维管理平台到这里就搭建就完成了，接下来整合NGINX

三、部署进阶

1.配置Nginx支持Django

1.安装uwsgi

[root@server1 ~]# pip install uwsgi
##如果出现以下错误：
plugins/python/uwsgi_python.h:2:20: fatal error: Python.h: No such file or directory
#include <Python.h>
^
compilation terminated.

----------------------------------------
Command "/usr/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-cj_mjG/uwsgi/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-sHka7Q-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-cj_mjG/uwsgi/

[root@server1 ~]# yum install python-devel
[root@server1 ~]# pip install uwsgi        ##安装python-devel之后再安装就ok了
Collecting uwsgi
Using cached uwsgi-2.0.15.tar.gz
Installing collected packages: uwsgi
Running setup.py install for uwsgi ... done
Successfully installed uwsgi-2.0.15
[root@server1 ~]# uwsgi --version  ##查看版本
2.0.15

测试uwsgi的可用性

[root@server1 ~]# vim uwsgi.py
def application(env, start_response):
start_response('200 OK', [('Content-Type','text/html')])
return "Hello Uwsgi"
[root@server1 ~]# uwsgi --http :8888 --wsgi-file uwsgi.py

访问 http://172.25.27.1:8888/ 出现以下结果则uwsgi 安装成功

2.配置NGINX支持uwsgi

Django结合了nginx之后就不需要再执行runserver来启动服务了，而且访问端口就是nginx的默认端口80，使用时方便许多

[root@server1 ~]# vim /usr/local/nginx/conf/nginx.conf
user  root;

server {
listen       80;
server_name  localhost;

#charset koi8-r;
root /root/oms_valor7;
#access_log  logs/host.access.log  main;
access_log  logs/host.access.log;

location / {
root   /root/oms_valor7;
include uwsgi_params;
uwsgi_pass 127.0.0.1:9999;
uwsgi_param UWSGI_CHDIR /root/oms_valor7;
uwsgi_param UWSGI_SCRIPT oms_valor7.wsgi;
}
location /static {
alias /root/oms_valor7/static;
}

3.uwsgi 配置

uwsgi支持ini、xml等多种配置方式，本文以 ini 为例， 在/root/oms_valor7/目录下新建uwsgi.ini，添加如下配置

[uwsgi]
chdir=/root/oms_valor7/
module=oms_valor7.wsgi:application
master=True
pidfile=/var/run/uwsgi9999.pid
vacuum=True
max-requests=5000
daemonize=/root/oms_valor7/uwsgi9999.log
socket=0.0.0.0:9999

4.启动服务，运行平台

重载nginx ，并将uwsgi后台运行

[root@server1 oms-valor7]# cd
[root@server1 ~]# mv oms-valor7 oms_valor7     ##配置文件里路径写串了，这里改下
[root@server1 oms-valor7]# nginx -t
[root@server1 oms-valor7]# nginx -s reload
[root@server1 oms-valor7]# uwsgi --ini uwsgi.ini &

直接访问ip即可



可以执行远程命令等





至此，OMS运维管理平台搭建完成