Ansible自动化编译安装Nginx服务

企业的生意是越来越好,咱运维也不能落下。部署了那么多线上服务器,80%以上几乎都是脚本搞定,自动化的今天我可能有点土逼了。。 说搞就搞~~

Ansible自动化编译安装Nginx服务

Ansible 这款软件简直是太灵巧了。如下分享是经过实操的,也就是真正应用在了线上。后期的可扩展性极强!

  • 充分利用现有设施。使用 Ansible 无需安装服务端和客户端,只要 SSH 即可。这意味着,任何一台装有 Ansible 的机器都可以成为强大的管理端。我觉得,这种去中心化的思路显得更为灵活。可能有人会担心 SSH 的效率,Ansible 的并行执行及加速模式或许可以打消你的顾虑。
  • 使用简单,快速上手相当容易。Ansible 上手十分快,用 Ad-Hoc 可以应付简单的管理任务,麻烦点的也可以定义 Playbook 文件来搞定。
  • 采用人类易读的格式。Ansible 的主机定义文件使用 INI 格式,支持分组,能够指定模式;此外也能动态生成,这对管理云主机应当很有用。而 Playbook 则是 YAML 格式。
  • 能够使用你熟悉的语言来编写模块。虽然 Ansible 是使用 Python 开发的,但它不会将你限制到某种具体的编程语言,Bash、Python、Perl、Ruby 等等都可以,你擅长什么就用什么。

企业的区域主框架图和这个类似:

Ansible自动化编译安装Nginx服务

1.定义主机组:

[root@ansible-master ~]# vim /etc/ansible/hosts

[webserver]

192.168.23.61

192.168.23.62

[root@ansible-master ~]# ansible webserver -m ping

192.168.23.62 | SUCCESS => {

“changed”: false,

“ping”: “pong”

}

192.168.23.61 | SUCCESS => {

“changed”: false,

“ping”: “pong”

}

2.规划的目录结构:

[root@zhdy01 roles]# tree

.

├── nginx_config

│ ├── default

│ ├── files

│ ├── handlers

│ │ └── main.yml

│ ├── meta

│ ├── tasks

│ │ └── main.yml

│ ├── templates

│ │ └── temp_server.conf

│ └── vars

│ └── main.yml

└── nginx_install

├──default

├──files

│ └── nginx-1.12.0.tar.gz

├──handlers

│ └── main.yml

├──meta

├──tasks

│ └── main.yml

├──templates

│ └── nginx.conf

└── vars

[root@ansible-master roles]# mkdir -pv nginx_install/{default,files,handlers,meta,tasks,templates,vars}

[root@ansible-master roles]# cd nginx_install/

[root@ansible-master nginx_install]# ls

default files handlers meta tasks templates vars

3.task定义开始任务:

[root@ansible-master nginx_install]# cd tasks/

[root@ansible-master tasks]# vim main.yml

– name: copy nginx package to remote host

copy: src=nginx-1.12.0.tar.gz dest=/tmp/nginx-1.12.0.tar.gz

tags: cppkg

– name: tar nginx

shell: cd /tmp;tar -xf nginx-1.12.0.tar.gz

– name: install packager

yum: name={{ item }} state=latest

with_items:

– openssl-devel

– pcre-devel

– gcc

– name: install nginx

shell: cd /tmp/nginx-1.12.0;./configure –user=nginx –group=nginx –prefix=/usr/local/nginx –with

-http_stub_status_module –with-http_ssl_module –with-pcre;make && make install

– name: copy config file nginx.conf

template: src=nginx.conf dest=/usr/local/nginx/conf/nginx.conf

tags: ngxconf

– name: copy shell

copy: src=/opt/create_users.sh dest=/tmp/create_users.sh

– name: create user nginx

shell: /bin/bash /tmp/create_users.sh

tags: addnginx

notify: start nginx service

为什么要写这个脚本?因为加入有些主机创建的用户已存在就会报错

[root@ansible-master tasks]# vim /opt/create_usrs.sh

#!/bin/bash

a=`cat /etc/passwd | awk -F ‘:’ ‘{print $1}’|grep nginx|wc -l`

if [ $a == 0;]then

useradd nginx

fi

4.第二行copy对应file目录:

[root@ansible-master nginx_install]# cd files/

[root@ansible-master files]# ls

nginx-1.12.0.tar.gz

5.template这一行对应的是template这个目录和主服务端定义的变量:

[root@ansible-master nginx_install]# cd templates/

[root@ansible-master templates]# vim nginx.conf

user nginx;

worker_processes {{ ansible_processor_vcpus }};

#error_log logs/error.log;

#error_log logs/error.log notice;

#error_log logs/error.log info;

#pid logs/nginx.pid;

events {

worker_connections 65535;

}

http {

include mime.types;

default_type application/octet-stream;

#log_format main ‘$remote_addr – $remote_user[$time_local] “$request” ‘

# ‘$status $body_bytes_sent”$http_referer” ‘

# ‘”$http_user_agent””$http_x_forwarded_for”‘;

log_format zhdy01 ‘$remote_addr -$remote_user [$time_local] ‘

‘”$request” $status$body_bytes_sent ‘

‘”$http_referer” “$http_user_agent” ‘;

#access_log logs/access.log main;

sendfile on;

#tcp_nopush on;

#keepalive_timeout 0;

keepalive_timeout 65;

#gzip on;

server {

listen {{ ngxport }};

server_name www.yh.com

access_log logs/www.yh.com yh;

#location / {

# proxy_pass http://192.168.5.101;

#}

#error_page 404 /404.html;

# redirect server error pages to thestatic page /50x.html

#

error_page 500 502 503 504;

# proxy the PHP scripts to Apachelistening on 127.0.0.1:80

#

#location ~ \.php$ {

# proxy_pass http://127.0.0.1;

#}

# pass the PHP scripts to FastCGIserver listening on 127.0.0.1:9000

#

location ~ \.php$ {

root /web;

fastcgi_pass 127.0.0.1:9000;

fastcgi_index index.php;

include fastcgi_params;

}

# deny access to .htaccess files, ifApache’s document root

# concurs with nginx’s one

#

#location ~ /\.ht {

# deny all;

#}

}

include vhosts/*.conf;

}##需要注意的就是模板变量(客户端自动采集)、和在服务端定义的变量{{ngx_port}}

6.在vars定义变量:

[root@ansible-master nginx_install]# cd vars/

[root@ansible-master vars]# vim main.yml

ngxport: “8080”

7.定义触发器:

[root@ansible-master nginx_install]# cd handlers/

[root@ansible-master handlers]# vim main.yml

– name: start nginx service

shell: /usr/local/nginx/sbin/nginx

7.在nginx_config目录加入我们经常要增加nginx站点,直接写好模板推送到vhos目录:

[root@ansible-master roles]# mkdir -p nginx_config/{default,files,handlers,meta,tasks,templates,vars}

[root@ansible-master nginx_config]# cd templates/

[root@ansible-master templates]# vim temp_server.conf

server

{

listen 80;

server_name {{server_name }};

index index.phpindex.html;

root {{root_dir }};

}

[root@ansible-master nginx_config]# cd vars/

[root@ansible-master vars]# vim main.yml

server_name: “www.yh.com”

root_dir: “/web”

8.写配置nginx的tasks步骤:

[root@ansible-master nginx_config]# cd tasks/

[root@ansible-master tasks]# vim main.yml

– name: create hosts

shell: mkdir -p /usr/local/nginx/conf/vhosts/

tags: create_dir

– name: copy conf file nginx.conf

template: src=temp_server.conf dest=/usr/local/nginx/conf/vhosts/{{ server_name }}.conf

tags: ngxconf

notify: reload nginx service

[root@ansible-master nginx_config]# cd handlers/

[root@ansible-master handlers]# vim main.yml

– name: reload nginx service

shell: /usr/local/nginx/sbin/nginx -t;/usr/local/nginx/sbin/nginx -s reload

9.最终定义下入口:

[root@ansible-master ~]# vim /etc/ansible/nginx.yaml

– hosts: webserver

remote_user: root

roles:

– nginx_install

– nginx_config

roles目录下的nginx_install目录

roles目录下的nginx_config目录

10.测试:

[root@ansible-master ansible]# ansible-playbook -C nginx.yaml

PLAY [webserver] ************************************************************************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************************************************************************

ok: [192.168.23.62]

ok: [192.168.23.61]

TASK [nginx_install : copy nginx package to remote host] ********************************************************************************************************************************************************

changed: [192.168.23.62]

changed: [192.168.23.61]

TASK [nginx_install : tar nginx] ********************************************************************************************************************************************************************************

skipping: [192.168.23.62]

skipping: [192.168.23.61]

TASK [nginx_install : install packager] *************************************************************************************************************************************************************************

changed: [192.168.23.62] => (item=[u’openssl-devel’, u’pcre-devel’, u’gcc’])

changed: [192.168.23.61] => (item=[u’openssl-devel’, u’pcre-devel’, u’gcc’])

TASK [nginx_install : install nginx] ****************************************************************************************************************************************************************************

skipping: [192.168.23.62]

skipping: [192.168.23.61]

TASK [nginx_install : copy config file nginx.conf] **************************************************************************************************************************************************************

changed: [192.168.23.62]

changed: [192.168.23.61]

TASK [nginx_install : copy shell] *******************************************************************************************************************************************************************************

changed: [192.168.23.62]

changed: [192.168.23.61]

TASK [nginx_install : create user nginx] ************************************************************************************************************************************************************************

skipping: [192.168.23.62]

skipping: [192.168.23.61]

TASK [nginx_config : create hosts] ******************************************************************************************************************************************************************************

skipping: [192.168.23.62]

skipping: [192.168.23.61]

TASK [nginx_config : copy conf file nginx.conf] *****************************************************************************************************************************************************************

changed: [192.168.23.62]

changed: [192.168.23.61]

RUNNING HANDLER [nginx_config : reload nginx service] ***********************************************************************************************************************************************************

skipping: [192.168.23.62]

skipping: [192.168.23.61]

PLAY RECAP ******************************************************************************************************************************************************************************************************

192.168.23.61 : ok=6 changed=5 unreachable=0 failed=0

192.168.23.62 : ok=6 changed=5 unreachable=0 failed=0

[root@ansible-master ansible]# ansible-playbook nginx.yaml

PLAY [webserver] ************************************************************************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************************************************************************

ok: [192.168.23.62]

ok: [192.168.23.61]

TASK [nginx_install : copy nginx package to remote host] ********************************************************************************************************************************************************

ok: [192.168.23.62]

ok: [192.168.23.61]

TASK [nginx_install : tar nginx] ********************************************************************************************************************************************************************************

changed: [192.168.23.62]

changed: [192.168.23.61]

TASK [nginx_install : install packager] *************************************************************************************************************************************************************************

ok: [192.168.23.61] => (item=[u’openssl-devel’, u’pcre-devel’, u’gcc’])

ok: [192.168.23.62] => (item=[u’openssl-devel’, u’pcre-devel’, u’gcc’])

TASK [nginx_install : install nginx] ****************************************************************************************************************************************************************************

changed: [192.168.23.61]

changed: [192.168.23.62]

TASK [nginx_install : copy config file nginx.conf] **************************************************************************************************************************************************************

ok: [192.168.23.62]

ok: [192.168.23.61]

TASK [nginx_install : copy shell] *******************************************************************************************************************************************************************************

ok: [192.168.23.62]

ok: [192.168.23.61]

TASK [nginx_install : create user nginx] ************************************************************************************************************************************************************************

changed: [192.168.23.62]

changed: [192.168.23.61]

TASK [nginx_config : create hosts] ******************************************************************************************************************************************************************************

[WARNING]: Consider using the file module with state=directory rather than running mkdir. If you need to use command because file is insufficient you can add warn=False to this command task or set

command_warnings=False in ansible.cfg to get rid of this message.

changed: [192.168.23.62]

changed: [192.168.23.61]

TASK [nginx_config : copy conf file nginx.conf] *****************************************************************************************************************************************************************

ok: [192.168.23.62]

ok: [192.168.23.61]

RUNNING HANDLER [nginx_install : start nginx service] ***********************************************************************************************************************************************************

changed: [192.168.23.62]

changed: [192.168.23.61]

PLAY RECAP ******************************************************************************************************************************************************************************************************

192.168.23.61 : ok=11 changed=5 unreachable=0 failed=0

192.168.23.62 : ok=11 changed=5 unreachable=0 failed=0

本文版权归 飞翔沫沫情 作者所有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出 原文链接 如有问题, 可发送邮件咨询,转贴请注明出处:https://www.fxkjnj.com/320/

发表评论

登录后才能评论