Linux自动化工具之SaltStack安装nginx
2020-03-06自动化运维90root417°c
A+ A-之前写了很多篇Linux SaltStack自动化工具的文章,接下来为大家实战安装Lnmp+Memcached+Redis。方法都一样,只需要把安装软件的命令及配置文件整理好加入到Salt中即可。
1. 创建nginx所需目录
[[email protected]_210 ~]# cd /data/etc/salt/ [[email protected]_210 salt]# mkdir -p nginx/files [[email protected]_210 salt]# cd nginx/files/ [[email protected]_210 files]# wget http://nginx.org/download/nginx-1.11.3.tar.gz [[email protected]_210 salt]# tree nginx/ nginx/ |-- conf.sls |-- files | |-- nginx | |-- nginx-1.11.3.tar.gz | |-- nginx.conf | |-- nginx_log_cut.sh | `-- vhost.conf |-- init.sls |-- install.sls `-- vhost.sls [[email protected]_210 salt]# cat nginx/init.sls include: - nginx.install - nginx.conf - nginx.vhost [[email protected]_210 salt]# cat top.sls base: '*': - nginx.init
2. 安装nginx文件
[[email protected]_210 nginx]# vim install.sls nginx_source: file.managed: - name: /usr/local/src/nginx-1.11.3.tar.gz - unless: test -e /usr/local/src/nginx-1.11.3.tar.gz - user: root - group: root - source: salt://nginx/files/nginx-1.11.3.tar.gz nginx_pkg: pkg.installed: - pkgs: - openssl-devel - pcre-devel - zlib-devel - unzip nginx_user: user.present: - name: www - createhome: False - shell: /sbin/nologin nginx_extrace: cmd.run: - cwd: /usr/local/src - names: - tar zxf nginx-1.11.3.tar.gz && chown -R root:root nginx-1.11.3 - unless: test -d /usr/local/src/nginx-1.11.3 - require: - pkg: nginx_pkg nginx_compile: cmd.run: - name: cd /usr/local/src/nginx-1.11.3 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --with-http_realip_module && make && make install - unless: test -d /usr/local/nginx - require: - cmd: nginx_extrace - user: nginx_user create_dir: cmd.run: - names: - chown -R www:www /usr/local/nginx/html && mkdir -p /usr/local/nginx/conf/vhost - unless: test -d /usr/local/nginx/conf/vhost - require: - cmd: nginx_compile
3. 管理nginx配置文件
[[email protected]_210 nginx]# cat conf.sls include: - nginx.install -> 引用nginx目录下install.sls文件 {% set nginx_user = 'www' %} nginx_conf: file.managed: -> nginx主配置文件 - name: /usr/local/nginx/conf/nginx.conf - source: salt://nginx/files/nginx.conf - template: jinja - defaults: nginx_user: {{ nginx_user }} num_cpus: {{ grains['num_cpus'] }} nginx_service: -> nginx服务管理 file.managed: - name: /etc/init.d/nginx - user: root - group: root - mode: 755 - source: salt://nginx/files/nginx cmd.run: - names: - /sbin/chkconfig --add nginx && /sbin/chkconfig nginx on - unless: /sbin/chkconfig --list nginx service.running: - name: nginx - enable: True - reload: True - watch: - file: /usr/local/nginx/conf/vhost/*.conf nginx_log_cut: file.managed: - name: /usr/local/nginx/sbin/nginx_log_cut.sh - source: salt://nginx/files/nginx_log_cut.sh cron.present: - name: sh /usr/local/nginx/sbin/nginx_log_cut.sh - user: root - minute: 10 - hour: 0 - require: - file: nginx_log_cut
4. 使用pillar适合针对不同的主机动态生成配置文件
[[email protected]_210 ~]# cd /data/etc/salt/pillar/ [[email protected]_210 pillar]# cat top.sls base: '*': - vhost [[email protected]_210 pillar]# cat vhost.sls vhost: {% if 'docker_211' in grains['id'] %} -> 如果id中有docker_211字符, 使用www配置文件, 反之使用bbs.conf - name: www target: /usr/local/nginx/conf/vhost/www.conf {% else %} - name: bbs target: /usr/local/nginx/conf/vhost/bbs.conf {% endif %}
5. 生成虚拟主机配置文件
[[email protected]_210 pillar]# cd /data/etc/salt/nginx/ [[email protected]_210 nginx]# cat vhost.sls include: - nginx.install {% for vhostname in pillar['vhost'] %} {{ vhostname['name'] }}: file.managed: - name: {{ vhostname['target'] }} - source: salt://nginx/files/vhost.conf - target: {{ vhostname['target'] }} - template: jinja - defaults: server_name: {{grains['fqdn']}} log_name: {{vhostname['name']}} - watch_in: service: nginx {% endfor %}
6. nginx主配置文件模版
[[email protected]_210 nginx]# vim files/nginx.conf user {{ nginx_user }}; worker_processes {{grains['num_cpus']}}; error_log logs/nginx_error.log notice; pid logs/nginx.pid; worker_rlimit_nofile 65535; events{ use epoll; worker_connections 65535; } http{ include mime.types; default_type application/octet-stream; charset utf-8; server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; client_max_body_size 128m; sendfile on; tcp_nopush on; keepalive_timeout 60; tcp_nodelay on; server_tokens off; client_body_buffer_size 512k; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 2; gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for" "$host"' ; include vhost/*.conf; }
7. nginx服务管理脚本
[[email protected]_210 nginx]# cat files/nginx #!/bin/sh # chkconfig: - 30 21 # description: http service. # Source Function Library . /etc/init.d/functions # Nginx Settings NGINX_SBIN="/usr/local/nginx/sbin/nginx" NGINX_CONF="/usr/local/nginx/conf/nginx.conf" NGINX_PID="/usr/local/nginx/logs/nginx.pid" RETVAL=0 prog="Nginx" start() { echo -n $"Starting $prog: " mkdir -p /dev/shm/nginx_temp daemon $NGINX_SBIN -c $NGINX_CONF RETVAL=$? echo return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc -p $NGINX_PID $NGINX_SBIN -TERM rm -rf /dev/shm/nginx_temp RETVAL=$? echo return $RETVAL } reload(){ echo -n $"Reloading $prog: " killproc -p $NGINX_PID $NGINX_SBIN -HUP RETVAL=$? echo return $RETVAL } restart(){ stop start } configtest(){ $NGINX_SBIN -c $NGINX_CONF -t return 0 } case "$1" in start) start ;; stop) stop ;; reload) reload ;; restart) restart ;; configtest) configtest ;; *) echo $"Usage: $0 {start|stop|reload|restart|configtest}" RETVAL=1 esac exit $RETVAL
8. nginx日志切割脚本
[[email protected]_210 nginx]# cat files/nginx_log_cut.sh #!/bin/bash logs_path=/usr/local/nginx/logs yesterday=`date -d "yesterday" +%F` mkdir -p $logs_path/$yesterday cd $logs_path for nginx_logs in `ls *log` ;do mv $nginx_logs ${yesterday}/${yesterday}-${nginx_logs} kill -USR1 `cat /data/src/nginx/logs/nginx.pid` done
9. 虚拟主机配置文件
[[email protected]_210 nginx]# cat files/vhost.conf server { listen 80; server_name {{ server_name }}; -> 调用vhosts.sls中配置 index index.html index.htm ; root html; #location ~ .*\.(php|php5)?$ # { # try_files $uri =404; # fastcgi_pass unix:/tmp/php-cgi.sock; # fastcgi_index index.php; # include fcgi.conf; # } location /status { stub_status on; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 1d; } access_log logs/{{ log_name }}-access.log main; }
10. SaltStack install Nginx
[[email protected]_210 nginx]# salt 'docker_211' state.highstate test=True -> 无报错既可 [[email protected]_210 nginx]# salt 'docker_211' state.highstate [[email protected]_210 nginx]# curl 172.168.200.211 -I HTTP/1.1 200 OK Server: nginx Date: Mon, 29 Aug 2016 08:28:25 GMT Content-Type: text/html; charset=utf-8 Content-Length: 612 Last-Modified: Mon, 29 Aug 2016 07:55:02 GMT Connection: keep-alive ETag: "57c3ea56-264" Accept-Ranges: bytes
下篇写Salt安装Mysql...