Hi 你好,欢迎访问!登录
当前位置:首页 - 自动化运维 - 正文 忍人所不忍,能人所不能。

Linux自动化工具之SaltStack安装nginx

2020-03-06自动化运维90root308°c
A+ A-

 之前写了很多篇Linux SaltStack自动化工具的文章,接下来为大家实战安装Lnmp+Memcached+Redis。方法都一样,只需要把安装软件的命令及配置文件整理好加入到Salt中即可。

1. 创建nginx所需目录

[[email protected]_210 ~]# cd /data/etc/salt/
[[email protected]_210 salt]# mkdir -p nginx/files
[[email protected]_210 salt]# cd nginx/files/
[[email protected]_210 files]# wget http://nginx.org/download/nginx-1.11.3.tar.gz
[[email protected]_210 salt]# tree nginx/
nginx/
|-- conf.sls
|-- files
|   |-- nginx
|   |-- nginx-1.11.3.tar.gz
|   |-- nginx.conf
|   |-- nginx_log_cut.sh
|   `-- vhost.conf
|-- init.sls
|-- install.sls
`-- vhost.sls
[[email protected]_210 salt]# cat nginx/init.sls
include:
  - nginx.install
  - nginx.conf
  - nginx.vhost
[[email protected]_210 salt]# cat top.sls
base:
  '*':
    - nginx.init

2. 安装nginx文件

[[email protected]_210 nginx]# vim install.sls
nginx_source:
  file.managed:
    - name: /usr/local/src/nginx-1.11.3.tar.gz
    - unless: test -e /usr/local/src/nginx-1.11.3.tar.gz
    - user: root
    - group: root
    - source: salt://nginx/files/nginx-1.11.3.tar.gz
nginx_pkg:
  pkg.installed:
    - pkgs:
      - openssl-devel
      - pcre-devel
      - zlib-devel
      - unzip
nginx_user:
  user.present:
    - name: www
    - createhome: False
    - shell: /sbin/nologin
nginx_extrace:
  cmd.run:
    - cwd: /usr/local/src
    - names:
      - tar zxf nginx-1.11.3.tar.gz && chown -R root:root nginx-1.11.3
    - unless: test -d /usr/local/src/nginx-1.11.3
    - require:
      - pkg: nginx_pkg
nginx_compile:
  cmd.run:
    - name: cd /usr/local/src/nginx-1.11.3 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --with-http_realip_module && make && make install
    - unless: test -d /usr/local/nginx
    - require:
      - cmd: nginx_extrace
      - user: nginx_user
create_dir:
  cmd.run:
    - names:
      - chown -R www:www /usr/local/nginx/html && mkdir -p /usr/local/nginx/conf/vhost
    - unless: test -d /usr/local/nginx/conf/vhost
    - require:
      - cmd: nginx_compile

3. 管理nginx配置文件

[[email protected]_210 nginx]# cat conf.sls
include:
  - nginx.install               -> 引用nginx目录下install.sls文件
{% set nginx_user = 'www' %}
nginx_conf:
  file.managed:                 -> nginx主配置文件
    - name: /usr/local/nginx/conf/nginx.conf
    - source: salt://nginx/files/nginx.conf
    - template: jinja
    - defaults:
      nginx_user: {{ nginx_user }}
      num_cpus: {{ grains['num_cpus'] }}
nginx_service:                  -> nginx服务管理
  file.managed:
    - name: /etc/init.d/nginx
    - user: root
    - group: root
    - mode: 755
    - source: salt://nginx/files/nginx
  cmd.run:
    - names:
      - /sbin/chkconfig --add nginx && /sbin/chkconfig nginx on
    - unless: /sbin/chkconfig --list nginx
  service.running:
    - name: nginx
    - enable: True
    - reload: True
    - watch:
      - file: /usr/local/nginx/conf/vhost/*.conf
nginx_log_cut:
  file.managed:
    - name: /usr/local/nginx/sbin/nginx_log_cut.sh
    - source: salt://nginx/files/nginx_log_cut.sh
  cron.present:
    - name: sh /usr/local/nginx/sbin/nginx_log_cut.sh
    - user: root
    - minute: 10
    - hour: 0
    - require:
      - file: nginx_log_cut

4. 使用pillar适合针对不同的主机动态生成配置文件

[[email protected]_210 ~]# cd /data/etc/salt/pillar/
[[email protected]_210 pillar]# cat top.sls
base:
  '*':
    - vhost
[[email protected]_210 pillar]# cat vhost.sls
vhost:
  {% if 'docker_211' in grains['id'] %}     -> 如果id中有docker_211字符, 使用www配置文件, 反之使用bbs.conf
  - name: www
    target: /usr/local/nginx/conf/vhost/www.conf
  {% else %}
  - name: bbs
    target: /usr/local/nginx/conf/vhost/bbs.conf
  {% endif %}

5. 生成虚拟主机配置文件

[[email protected]_210 pillar]# cd /data/etc/salt/nginx/
[[email protected]_210 nginx]# cat vhost.sls
include:
  - nginx.install
{% for vhostname in pillar['vhost'] %}
{{ vhostname['name'] }}:
  file.managed:
    - name: {{ vhostname['target'] }}
    - source: salt://nginx/files/vhost.conf
    - target: {{ vhostname['target'] }}
    - template: jinja
    - defaults:
      server_name: {{grains['fqdn']}}
      log_name: {{vhostname['name']}}
    - watch_in:
      service: nginx
{% endfor %}

6. nginx主配置文件模版

[[email protected]_210 nginx]# vim files/nginx.conf
user {{ nginx_user }};
worker_processes {{grains['num_cpus']}};
error_log logs/nginx_error.log notice;
pid logs/nginx.pid;
worker_rlimit_nofile 65535;
events{
       use epoll;
       worker_connections 65535;
}
http{
       include       mime.types;
       default_type  application/octet-stream;
       charset  utf-8;
       server_names_hash_bucket_size 128;
       client_header_buffer_size 32k;
       large_client_header_buffers 4 32k;
       client_max_body_size 128m;
       sendfile on;
       tcp_nopush     on;
       keepalive_timeout 60;
       tcp_nodelay on;
       server_tokens off;
       client_body_buffer_size  512k;
       gzip on;
       gzip_min_length  1k;
       gzip_buffers     4 16k;
       gzip_http_version 1.1;
       gzip_comp_level 2;
       gzip_types      text/plain application/x-javascript text/css application/xml;
       gzip_vary on;
       log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                         '$status $body_bytes_sent "$http_referer" '
                         '"$http_user_agent" "$http_x_forwarded_for" "$host"' ;
       include vhost/*.conf;
}

7. nginx服务管理脚本

[[email protected]_210 nginx]# cat files/nginx
#!/bin/sh
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start() {
        echo -n $"Starting $prog: "
        mkdir -p /dev/shm/nginx_temp
        daemon $NGINX_SBIN -c $NGINX_CONF
        RETVAL=$?
        echo
        return $RETVAL
}
stop() {
        echo -n $"Stopping $prog: "
        killproc -p $NGINX_PID $NGINX_SBIN -TERM
        rm -rf /dev/shm/nginx_temp
        RETVAL=$?
        echo
        return $RETVAL
}
reload(){
        echo -n $"Reloading $prog: "
        killproc -p $NGINX_PID $NGINX_SBIN -HUP
        RETVAL=$?
        echo
        return $RETVAL
}
restart(){
        stop
        start
}
configtest(){
    $NGINX_SBIN -c $NGINX_CONF -t
    return 0
}
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  reload)
        reload
        ;;
  restart)
        restart
        ;;
  configtest)
        configtest
        ;;
  *)
        echo $"Usage: $0 {start|stop|reload|restart|configtest}"
        RETVAL=1
esac
exit $RETVAL

8. nginx日志切割脚本

[[email protected]_210 nginx]# cat files/nginx_log_cut.sh
#!/bin/bash
logs_path=/usr/local/nginx/logs
yesterday=`date -d "yesterday" +%F`
mkdir -p $logs_path/$yesterday
cd $logs_path
for nginx_logs in `ls *log` ;do
    mv $nginx_logs ${yesterday}/${yesterday}-${nginx_logs}
    kill -USR1  `cat /data/src/nginx/logs/nginx.pid`
done

9. 虚拟主机配置文件

[[email protected]_210 nginx]# cat files/vhost.conf
server
        {
                listen       80;
                server_name {{ server_name }};      -> 调用vhosts.sls中配置
                index index.html index.htm ;
                root  html;
                #location ~ .*\.(php|php5)?$
                #        {
                #                try_files $uri =404;
                #                fastcgi_pass  unix:/tmp/php-cgi.sock;
                #                fastcgi_index index.php;
                #                include fcgi.conf;
                #        }
                location /status {
                       stub_status on;
                }
                location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
                        {
                                expires      30d;
                        }
                location ~ .*\.(js|css)?$
                        {
                                expires      1d;
                        }
                access_log  logs/{{ log_name }}-access.log  main;
        }

10. SaltStack install Nginx

[[email protected]_210 nginx]# salt 'docker_211' state.highstate test=True       -> 无报错既可
[[email protected]_210 nginx]# salt 'docker_211' state.highstate  
[[email protected]_210 nginx]# curl 172.168.200.211 -I
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2016 08:28:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 612
Last-Modified: Mon, 29 Aug 2016 07:55:02 GMT
Connection: keep-alive
ETag: "57c3ea56-264"
Accept-Ranges: bytes

下篇写Salt安装Mysql...

  移步手机端
Linux自动化工具之SaltStack安装nginx

1、打开你手机的二维码扫描APP
2、扫描左则的二维码
3、点击扫描获得的网址
4、可以在手机端阅读此文章
标签:

发表评论

选填

必填

必填

选填

请拖动滑块解锁
>>


  用户登录