Linux自动化工具之Ansible安装nginx
2020-02-21自动化运维90root314°c
A+ A-思路:先在一台机器上编译安装好 nginx、打包,然后再用 ansible 去下发。
一、安装nginx
1.首先我们需要在安装了 ansible 的机器上编译安装好nginx,详细步骤如下:
[[email protected] ~]# cd /usr/local/src/ [[email protected] src]# wget http://nginx.org/download/nginx-1.4.4.tar.gz [[email protected] src]# tar -zxvf nginx-1.4.4.tar.gz
2、安装依赖包
[[email protected] src]# yum install -y gcc zlib-devel openssl openssl-devel pcre-devel
3、配置编译参数
[[email protected] src]# cd nginx-1.4.4 [[email protected] nginx-1.4.4]#./configure \ --prefix=/usr/local/nginx \ --with-http_realip_module \ --with-http_sub_module \ --with-http_gzip_static_module \ --with-http_stub_status_module \ --with-pcre
4、编译安装nginx
[[email protected] nginx-1.4.4]# make [[email protected] nginx-1.4.4]# make install
5、编写启动脚本
[[email protected] nginx-1.4.4]# vim /etc/init.d/nginx #!/bin/bash # chkconfig: - 30 21 # description: http service. # Source Function Library . /etc/init.d/functions # Nginx Settings NGINX_SBIN="/usr/local/nginx/sbin/nginx" NGINX_CONF="/usr/local/nginx/conf/nginx.conf" NGINX_PID="/usr/local/nginx/logs/nginx.pid" RETVAL=0 prog="Nginx" start() { echo -n $"Starting $prog: " mkdir -p /dev/shm/nginx_temp daemon $NGINX_SBIN -c $NGINX_CONF RETVAL=$? echo return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p $NGINX_PID $NGINX_SBIN -TERM rm -rf /dev/shm/nginx_temp RETVAL=$? echo return $RETVAL } reload(){ echo -n $"Reloading $prog: " killproc -p $NGINX_PID $NGINX_SBIN -HUP RETVAL=$? echo return $RETVAL } restart(){ stop start } configtest(){ $NGINX_SBIN -c $NGINX_CONF -t return 0 } case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) restart ;; configtest) configtest ;; *) echo $"Usage: $0 {start|stop|reload|restart|configtest}" RETVAL=1 esac exit $RETVAL 保存退出后修改启动脚本权限: [[email protected] nginx-1.4.4]# chmod 755 /etc/init.d/nginx
6、更改配置文件
[[email protected] nginx-1.4.4]# > /usr/local/nginx/conf/nginx.conf 清空原有配置 [[email protected] nginx-1.4.4]# vim /usr/local/nginx/conf/nginx.conf user nobody nobody; worker_processes 2; error_log /usr/local/nginx/logs/nginx_error.log crit; pid /usr/local/nginx/logs/nginx.pid; worker_rlimit_nofile 51200; events { use epoll; worker_connections 6000; } http { include mime.types; default_type application/octet-stream; server_names_hash_bucket_size 3526; server_names_hash_max_size 4096; log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]' '$host "$request_uri" $status' '"$http_referer" "$http_user_agent"'; sendfile on; tcp_nopush on; keepalive_timeout 30; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; connection_pool_size 256; client_header_buffer_size 1k; large_client_header_buffers 8 4k; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; client_max_body_size 10m; client_body_buffer_size 256k; client_body_temp_path /usr/local/nginx/client_body_temp; proxy_temp_path /usr/local/nginx/proxy_temp; fastcgi_temp_path /usr/local/nginx/fastcgi_temp; fastcgi_intercept_errors on; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_comp_level 5; gzip_http_version 1.1; gzip_types text/plain application/x-javascript text/css text/htm application/xml; include vhosts/*.conf; }
保存退出后检查配置文件是否有错:
[[email protected] nginx-1.4.4]# /usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [[email protected] nginx-1.4.4]# mkdir /usr/local/nginx/conf/vhosts 新建虚拟主机后面用于测试
7、启动服务
[[email protected] nginx-1.4.4]# chkconfig --add nginx [[email protected] nginx-1.4.4]# chkconfig nginx on [[email protected] nginx-1.4.4]# service nginx start Starting Nginx: [ OK ]
二、下发nginx
1、新建所需目录
[[email protected] ~]# cd /etc/ansible/ [[email protected] ansible]# mkdir -p nginx_install/roles [[email protected] ansible]# cd nginx_install/roles/ [[email protected] roles]# mkdir common install [[email protected] roles]# mkdir common/tasks [[email protected] roles]# mkdir install/{files,tasks,templates,vars}
说明:官方建议创建以下目录(我这里简单化了,不需要的就没有创建):
# mkdir -p nginx_install/roles/{common,delete,install}/{handlers,files,meta,tasks,templates,vars}roles目录下有三个角色,common为一些准备操作,delete为删除nginx的操作,install为安装nginx的操作。每个角色下面又有几个目录,handlers下面是当发生改变时要执行的操作,通常用在配置文件发生改变,重启服务。files为安装时用到的一些文件,meta为说明信息,说明角色依赖等信息,tasks里面是核心的配置文件,templates通常存一些配置文件,启动脚本等模板文件,vars下为定义的变量。
2、打包nginx并拷贝文件
[[email protected] roles]# cd /usr/local/ [[email protected] local]# tar czvf nginx.tar.gz nginx nginx/ nginx/sbin/ nginx/sbin/nginx nginx/html/ nginx/html/index.html nginx/html/50x.html nginx/client_body_temp/ nginx/conf/ nginx/conf/fastcgi_params.default nginx/conf/mime.types nginx/conf/scgi_params.default nginx/conf/scgi_params nginx/conf/nginx.conf nginx/conf/fastcgi.conf nginx/conf/koi-win nginx/conf/koi-utf nginx/conf/nginx.conf.default nginx/conf/mime.types.default nginx/conf/uwsgi_params.default nginx/conf/fastcgi_params nginx/conf/uwsgi_params nginx/conf/vhosts/ nginx/conf/win-utf nginx/conf/fastcgi.conf.default nginx/proxy_temp/ nginx/fastcgi_temp/ nginx/logs/ nginx/logs/error.log nginx/logs/nginx_error.log nginx/logs/nginx.pid [[email protected] local]# cp nginx.tar.gz /etc/ansible/nginx_install/roles/install/files/ [[email protected] local]# cp /etc/init.d/nginx /etc/ansible/nginx_install/roles/install/templates/
说明:把安装文件放于 install/files/ 目录下,把启动脚本放于install/templates/ 目录下。
3、定义common的tasks
[[email protected] local]# cd /etc/ansible/nginx_install/roles/ [[email protected] roles]# vim common/tasks/main.yml //定义nginx需要安装的一些依赖包 --- - name: Install initializtion require software yum: name={{ item }} state=installed with_items: - gcc - zlib-devel - pcre-devel - openssl-devel
4、定义install的vars
[[email protected] roles]# vim install/vars/main.yml //定义变量 nginx_user: nobody nginx_basedir: /usr/local/nginx
说明:这里的 nginx_user 要与 nginx.conf 配置文件中定义的用户一致。变量还可以定义一些其他的,如下:
nginx_port: 80 nginx_web_dir: /data/www nginx_version: 1.4.4
5、定义install的tasks
[[email protected] roles]# vim install/tasks/copy.yml - name: Copy Nginx Software copy: src=nginx.tar.gz dest=/tmp/nginx.tar.gz owner=root group=root - name: Uncompression Nginx Software shell: tar zxf /tmp/nginx.tar.gz -C /usr/local/ - name: Copy Nginx Start Script template: src=nginx dest=/etc/init.d/nginx owner=root group=root mode=0755
说明:这里是拷贝文件到远程机器/tmp/目录下,然后解压。其中的 copy: src 相对于 install/files/ 目录下,template: src 相对于 install/templates/ 目录下。
[[email protected] roles]# vim install/tasks/install.yml - name: Create Nginx User user: name={{ nginx_user }} state=present createhome=no shell=/sbin/nologin - name: Start Nginx Service service: name=nginx state=started - name: Add Boot Start Nginx Service shell: chkconfig --level 345 nginx on - name: Delete Nginx compression files shell: rm -rf /tmp/nginx.tar.gz
说明:这里会对远程机器建立用户,启动服务,删除压缩包等操作。不过我们还可以定义nginx_web_dir目录,存放虚拟主机文件
[[email protected] roles]# vim install/tasks/main.yml - include: copy.yml - include: install.yml
说明:这里创建的是调用 copy.yml 和 install.yml 的文件。
6、定义总入口文件
[[email protected] roles]# cd /etc/ansible/nginx_install/ [[email protected] nginx_install]# vim install.yml --- - hosts: testhosts remote_user: root gather_facts: True roles: - common - install
7、执行下发
先修改下 hosts 文件,因为之前实验把本机也添加到了 [testhost] 组里面去了,这里只保留一个远程机:
[[email protected] nginx_install]# vim /etc/ansible/hosts 44 [testhosts] 45 101.200.148.30
执行
[[email protected] nginx_install]# ansible-playbook install.yml PLAY [testhosts] *************************************************************** TASK [setup] ******************************************************************* ok: [101.200.148.30] TASK [common : Install initializtion require software] ************************* changed: [101.200.148.30] => (item=[u'gcc', u'zlib-devel', u'pcre-devel', u'openssl-devel']) TASK [install : include] ******************************************************* included: /etc/ansible/nginx_install/roles/install/tasks/copy.yml for 101.200.148.30 TASK [install : Copy Nginx Software] ******************************************* changed: [101.200.148.30] TASK [install : Uncompression Nginx Software] ********************************** changed: [101.200.148.30] [WARNING]: Consider using unarchive module rather than running tar TASK [install : Copy Nginx Start Script] *************************************** changed: [101.200.148.30] TASK [install : include] ******************************************************* included: /etc/ansible/nginx_install/roles/install/tasks/install.yml for 101.200.148.30 TASK [install : Create Nginx User] ********************************************* ok: [101.200.148.30] TASK [install : Start Nginx Service] ******************************************* changed: [101.200.148.30] TASK [install : Add Boot Start Nginx Service] ********************************** changed: [101.200.148.30] TASK [install : Delete Nginx compression files] ******************************** changed: [101.200.148.30] [WARNING]: Consider using file module with state=absent rather than running rm PLAY RECAP ********************************************************************* 101.200.148.30 : ok=11 changed=7 unreachable=0 failed=0
8、在远程机上测试结果
[[email protected] ~]# rpm -qa |egrep 'gcc|zlib|pcre|openssl' pcre-7.8-7.el6.x86_64 libgcc-4.4.7-4.el6.x86_64 zlib-1.2.3-29.el6.x86_64 openssl-1.0.1e-48.el6_8.1.x86_64 zlib-devel-1.2.3-29.el6.x86_64 pcre-devel-7.8-7.el6.x86_64 openssl-devel-1.0.1e-48.el6_8.1.x86_64 gcc-gfortran-4.4.7-4.el6.x86_64 gcc-c++-4.4.7-4.el6.x86_64 gcc-4.4.7-4.el6.x86_64 [[email protected] ~]# ls /usr/local/nginx/ client_body_temp conf fastcgi_temp html logs proxy_temp sbin [[email protected] ~]# ps aux |grep nginx root 32648 0.0 0.0 24272 776 ? Ss 00:11 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 32649 0.0 0.3 26576 3348 ? S 00:11 0:00 nginx: worker process nobody 32650 0.0 0.3 26576 3260 ? S 00:11 0:00 nginx: worker process root 32695 0.0 0.0 103256 856 pts/0 S+ 00:13 0:00 grep nginx [[email protected] ~]# chkconfig --list nginx nginx 0:off 1:off 2:off 3:on 4:on 5:on 6:off