首页 > 代码库 > (七)saltstack项目实战_安装nginx

(七)saltstack项目实战_安装nginx


创建nginx所需目录

[root@node1 ~]# cd /data/etc/salt/

[root@node1 salt]# mkdir -p nginx/files

[root@node1 salt]# cd nginx/files/

[root@node1 files]# wget http://nginx.org/download/nginx-1.11.3.tar.gz

[root@node1 salt]# tree nginx/

nginx/

|-- conf.sls

|-- files

|   |-- nginx

|   |-- nginx-1.11.3.tar.gz

|   |-- nginx.conf

|   |-- nginx_log_cut.sh

|   `-- vhost.conf

|-- init.sls

|-- install.sls

`-- vhost.sls

[root@node1 salt]# cat nginx/init.sls

include:

  - nginx.install

  - nginx.conf

  - nginx.vhost

[root@node1 salt]# cat top.sls

base:

  ‘*‘:

    - nginx.init

2. 安装nginx文件


[root@node1 nginx]# vim install.sls

nginx_source:

  file.managed:

    - name: /usr/local/src/nginx-1.11.3.tar.gz

    - unless: test -e /usr/local/src/nginx-1.11.3.tar.gz

    - user: root

    - group: root

    - source: salt://nginx/files/nginx-1.11.3.tar.gz

 

nginx_pkg:

  pkg.installed:

    - pkgs:

      - openssl-devel

      - pcre-devel

      - zlib-devel

      - unzip

 

nginx_user:

  user.present:

    - name: www

    - createhome: False

    - shell: /sbin/nologin

 

nginx_extrace:

  cmd.run:

    - cwd: /usr/local/src

    - names:

      - tar zxf nginx-1.11.3.tar.gz && chown -R root:root nginx-1.11.3

    - unless: test -d /usr/local/src/nginx-1.11.3

    - require:

      - pkg: nginx_pkg

 

nginx_compile:

  cmd.run:

    - name: cd /usr/local/src/nginx-1.11.3 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --with-http_realip_module && make && make install

    - unless: test -d /usr/local/nginx

    - require:

      - cmd: nginx_extrace

      - user: nginx_user

 

create_dir:

  cmd.run:

    - names:

      - chown -R www:www /usr/local/nginx/html && mkdir -p /usr/local/nginx/conf/vhost

    - unless: test -d /usr/local/nginx/conf/vhost

    - require:

      - cmd: nginx_compile

3. 管理nginx配置文件


[root@node1 nginx]# cat conf.sls

include:

  - nginx.install               -> 引用nginx目录下install.sls文件

 

{% set nginx_user = ‘www‘ %}

 

nginx_conf:

  file.managed:                 -> nginx主配置文件

    - name: /usr/local/nginx/conf/nginx.conf

    - source: salt://nginx/files/nginx.conf

    - template: jinja

    - defaults:

      nginx_user: {{ nginx_user }}

      num_cpus: {{ grains[‘num_cpus‘] }}

 

nginx_service:                  -> nginx服务管理

  file.managed:

    - name: /etc/init.d/nginx

    - user: root

    - group: root

    - mode: 755

    - source: salt://nginx/files/nginx

  cmd.run:

    - names:

      - /sbin/chkconfig --add nginx && /sbin/chkconfig nginx on

    - unless: /sbin/chkconfig --list nginx

  service.running:

    - name: nginx

    - enable: True

    - reload: True

    - watch:

      - file: /usr/local/nginx/conf/vhost/*.conf

 

nginx_log_cut:

  file.managed:

    - name: /usr/local/nginx/sbin/nginx_log_cut.sh

    - source: salt://nginx/files/nginx_log_cut.sh

  cron.present:

    - name: sh /usr/local/nginx/sbin/nginx_log_cut.sh

    - user: root

    - minute: 10

    - hour: 0

    - require:

      - file: nginx_log_cut

4. 使用pillar适合针对不同的主机动态生成配置文件


[root@node1 ~]# cd /data/etc/salt/pillar/

[root@node1 pillar]# cat top.sls

base:

  ‘*‘:

    - vhost

[root@node1 pillar]# cat vhost.sls

vhost:

  {% if ‘node2‘ in grains[‘id‘] %}     -> 如果id中有node2字符, 使用www配置文件, 反之使用bbs.conf

  - name: www

    target: /usr/local/nginx/conf/vhost/www.conf

  {% else %}

  - name: bbs

    target: /usr/local/nginx/conf/vhost/bbs.conf

  {% endif %}

5. 生成虚拟主机配置文件


[root@node1 pillar]# cd /data/etc/salt/nginx/

[root@node1 nginx]# cat vhost.sls

include:

  - nginx.install

 

{% for vhostname in pillar[‘vhost‘] %}

{{ vhostname[‘name‘] }}:

  file.managed:

    - name: {{ vhostname[‘target‘] }}

    - source: salt://nginx/files/vhost.conf

    - target: {{ vhostname[‘target‘] }}

    - template: jinja

    - defaults:

      server_name: {{grains[‘fqdn‘]}}

      log_name: {{vhostname[‘name‘]}}

    - watch_in:

      service: nginx

{% endfor %}

6. nginx主配置文件模版


[root@node1 nginx]# vim files/nginx.conf

user {{ nginx_user }};

worker_processes {{grains[‘num_cpus‘]}};

error_log logs/nginx_error.log notice;

pid logs/nginx.pid;

worker_rlimit_nofile 65535;

 

events{

        use epoll;

        worker_connections 65535;

}

 

http{

        include       mime.types;

        default_type  application/octet-stream;

        charset  utf-8;

        server_names_hash_bucket_size 128;

        client_header_buffer_size 32k;

        large_client_header_buffers 4 32k;

        client_max_body_size 128m;

        sendfile on;

        tcp_nopush     on;

        keepalive_timeout 60;

        tcp_nodelay on;

        server_tokens off;

        client_body_buffer_size  512k;

        gzip on;

        gzip_min_length  1k;

        gzip_buffers     4 16k;

        gzip_http_version 1.1;

        gzip_comp_level 2;

        gzip_types      text/plain application/x-javascript text/css application/xml;

        gzip_vary on;

        log_format  main  ‘$remote_addr - $remote_user [$time_local] "$request" ‘

                          ‘$status $body_bytes_sent "$http_referer" ‘

                          ‘"$http_user_agent" "$http_x_forwarded_for" "$host"‘ ;

 

        include vhost/*.conf;

}

7. nginx服务管理脚本


[root@node1 nginx]# cat files/nginx

#!/bin/sh

# chkconfig: - 30 21

# description: http service.

# Source Function Library

. /etc/init.d/functions

# Nginx Settings

 

NGINX_SBIN="/usr/local/nginx/sbin/nginx"

NGINX_CONF="/usr/local/nginx/conf/nginx.conf"

NGINX_PID="/usr/local/nginx/logs/nginx.pid"

RETVAL=0

prog="Nginx"

 

start() {

        echo -n $"Starting $prog: "

        mkdir -p /dev/shm/nginx_temp

        daemon $NGINX_SBIN -c $NGINX_CONF

        RETVAL=$?

        echo

        return $RETVAL

}

 

stop() {

        echo -n $"Stopping $prog: "

        killproc -p $NGINX_PID $NGINX_SBIN -TERM

        rm -rf /dev/shm/nginx_temp

        RETVAL=$?

        echo

        return $RETVAL

}

 

reload(){

        echo -n $"Reloading $prog: "

        killproc -p $NGINX_PID $NGINX_SBIN -HUP

        RETVAL=$?

        echo

        return $RETVAL

}

 

restart(){

        stop

        start

}

 

configtest(){

    $NGINX_SBIN -c $NGINX_CONF -t

    return 0

}

 

case "$1" in

  start)

        start

        ;;

  stop)

        stop

        ;;

  reload)

        reload

        ;;

  restart)

        restart

        ;;

  configtest)

        configtest

        ;;

  *)

        echo $"Usage: $0 {start|stop|reload|restart|configtest}"

        RETVAL=1

esac

exit $RETVAL

8. nginx日志切割脚本


[root@node1 nginx]# cat files/nginx_log_cut.sh

#!/bin/bash

logs_path=/usr/local/nginx/logs

yesterday=`date -d "yesterday" +%F`

mkdir -p $logs_path/$yesterday

cd $logs_path

for nginx_logs in `ls *log` ;do

    mv $nginx_logs ${yesterday}/${yesterday}-${nginx_logs}

    kill -USR1  `cat /data/src/nginx/logs/nginx.pid`

done

9. 虚拟主机配置文件


[root@node1 nginx]# cat files/vhost.conf

server

        {

                listen       80;

                server_name {{ server_name }};      -> 调用vhosts.sls中配置

                index index.html index.htm ;

                root  html;

                #location ~ .*\.(php|php5)?$

                #        {

                #                try_files $uri =404;

                #                fastcgi_pass  unix:/tmp/php-cgi.sock;

                #                fastcgi_index index.php;

                #                include fcgi.conf;

                #        }

                location /status {

                       stub_status on;

                }

                location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

                        {

                                expires      30d;

                        }

                location ~ .*\.(js|css)?$

                        {

                                expires      1d;

                        }

                access_log  logs/{{ log_name }}-access.log  main;

        }


10. SaltStack install Nginx


[root@node1 nginx]# salt ‘node2‘ state.highstate test=True       -> 无报错既可

[root@node1 nginx]# salt ‘node2‘ state.highstate  

[root@node1 nginx]# curl 172.168.200.211 -I

HTTP/1.1 200 OK

Server: nginx

Date: Mon, 29 Aug 2016 08:28:25 GMT

Content-Type: text/html; charset=utf-8

Content-Length: 612

Last-Modified: Mon, 29 Aug 2016 07:55:02 GMT

Connection: keep-alive

ETag: "57c3ea56-264"

Accept-Ranges: bytes


本文出自 “比尔linux运维笔记” 博客,请务必保留此出处http://chenshoubiao.blog.51cto.com/6159058/1884494

(七)saltstack项目实战_安装nginx