首页 > 代码库 > (七)saltstack项目实战_安装nginx
(七)saltstack项目实战_安装nginx
创建nginx所需目录
[root@node1 ~]# cd /data/etc/salt/
[root@node1 salt]# mkdir -p nginx/files
[root@node1 salt]# cd nginx/files/
[root@node1 files]# wget http://nginx.org/download/nginx-1.11.3.tar.gz
[root@node1 salt]# tree nginx/
nginx/
|-- conf.sls
|-- files
| |-- nginx
| |-- nginx-1.11.3.tar.gz
| |-- nginx.conf
| |-- nginx_log_cut.sh
| `-- vhost.conf
|-- init.sls
|-- install.sls
`-- vhost.sls
[root@node1 salt]# cat nginx/init.sls
include:
- nginx.install
- nginx.conf
- nginx.vhost
[root@node1 salt]# cat top.sls
base:
‘*‘:
- nginx.init
2. 安装nginx文件
[root@node1 nginx]# vim install.sls
nginx_source:
file.managed:
- name: /usr/local/src/nginx-1.11.3.tar.gz
- unless: test -e /usr/local/src/nginx-1.11.3.tar.gz
- user: root
- group: root
- source: salt://nginx/files/nginx-1.11.3.tar.gz
nginx_pkg:
pkg.installed:
- pkgs:
- openssl-devel
- pcre-devel
- zlib-devel
- unzip
nginx_user:
user.present:
- name: www
- createhome: False
- shell: /sbin/nologin
nginx_extrace:
cmd.run:
- cwd: /usr/local/src
- names:
- tar zxf nginx-1.11.3.tar.gz && chown -R root:root nginx-1.11.3
- unless: test -d /usr/local/src/nginx-1.11.3
- require:
- pkg: nginx_pkg
nginx_compile:
cmd.run:
- name: cd /usr/local/src/nginx-1.11.3 && ./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --with-http_realip_module && make && make install
- unless: test -d /usr/local/nginx
- require:
- cmd: nginx_extrace
- user: nginx_user
create_dir:
cmd.run:
- names:
- chown -R www:www /usr/local/nginx/html && mkdir -p /usr/local/nginx/conf/vhost
- unless: test -d /usr/local/nginx/conf/vhost
- require:
- cmd: nginx_compile
3. 管理nginx配置文件
[root@node1 nginx]# cat conf.sls
include:
- nginx.install -> 引用nginx目录下install.sls文件
{% set nginx_user = ‘www‘ %}
nginx_conf:
file.managed: -> nginx主配置文件
- name: /usr/local/nginx/conf/nginx.conf
- source: salt://nginx/files/nginx.conf
- template: jinja
- defaults:
nginx_user: {{ nginx_user }}
num_cpus: {{ grains[‘num_cpus‘] }}
nginx_service: -> nginx服务管理
file.managed:
- name: /etc/init.d/nginx
- user: root
- group: root
- mode: 755
- source: salt://nginx/files/nginx
cmd.run:
- names:
- /sbin/chkconfig --add nginx && /sbin/chkconfig nginx on
- unless: /sbin/chkconfig --list nginx
service.running:
- name: nginx
- enable: True
- reload: True
- watch:
- file: /usr/local/nginx/conf/vhost/*.conf
nginx_log_cut:
file.managed:
- name: /usr/local/nginx/sbin/nginx_log_cut.sh
- source: salt://nginx/files/nginx_log_cut.sh
cron.present:
- name: sh /usr/local/nginx/sbin/nginx_log_cut.sh
- user: root
- minute: 10
- hour: 0
- require:
- file: nginx_log_cut
4. 使用pillar适合针对不同的主机动态生成配置文件
[root@node1 ~]# cd /data/etc/salt/pillar/
[root@node1 pillar]# cat top.sls
base:
‘*‘:
- vhost
[root@node1 pillar]# cat vhost.sls
vhost:
{% if ‘node2‘ in grains[‘id‘] %} -> 如果id中有node2字符, 使用www配置文件, 反之使用bbs.conf
- name: www
target: /usr/local/nginx/conf/vhost/www.conf
{% else %}
- name: bbs
target: /usr/local/nginx/conf/vhost/bbs.conf
{% endif %}
5. 生成虚拟主机配置文件
[root@node1 pillar]# cd /data/etc/salt/nginx/
[root@node1 nginx]# cat vhost.sls
include:
- nginx.install
{% for vhostname in pillar[‘vhost‘] %}
{{ vhostname[‘name‘] }}:
file.managed:
- name: {{ vhostname[‘target‘] }}
- source: salt://nginx/files/vhost.conf
- target: {{ vhostname[‘target‘] }}
- template: jinja
- defaults:
server_name: {{grains[‘fqdn‘]}}
log_name: {{vhostname[‘name‘]}}
- watch_in:
service: nginx
{% endfor %}
6. nginx主配置文件模版
[root@node1 nginx]# vim files/nginx.conf
user {{ nginx_user }};
worker_processes {{grains[‘num_cpus‘]}};
error_log logs/nginx_error.log notice;
pid logs/nginx.pid;
worker_rlimit_nofile 65535;
events{
use epoll;
worker_connections 65535;
}
http{
include mime.types;
default_type application/octet-stream;
charset utf-8;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 128m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
server_tokens off;
client_body_buffer_size 512k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
log_format main ‘$remote_addr - $remote_user [$time_local] "$request" ‘
‘$status $body_bytes_sent "$http_referer" ‘
‘"$http_user_agent" "$http_x_forwarded_for" "$host"‘ ;
include vhost/*.conf;
}
7. nginx服务管理脚本
[root@node1 nginx]# cat files/nginx
#!/bin/sh
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usr/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"
start() {
echo -n $"Starting $prog: "
mkdir -p /dev/shm/nginx_temp
daemon $NGINX_SBIN -c $NGINX_CONF
RETVAL=$?
echo
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -TERM
rm -rf /dev/shm/nginx_temp
RETVAL=$?
echo
return $RETVAL
}
reload(){
echo -n $"Reloading $prog: "
killproc -p $NGINX_PID $NGINX_SBIN -HUP
RETVAL=$?
echo
return $RETVAL
}
restart(){
stop
start
}
configtest(){
$NGINX_SBIN -c $NGINX_CONF -t
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
restart
;;
configtest)
configtest
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|configtest}"
RETVAL=1
esac
exit $RETVAL
8. nginx日志切割脚本
[root@node1 nginx]# cat files/nginx_log_cut.sh
#!/bin/bash
logs_path=/usr/local/nginx/logs
yesterday=`date -d "yesterday" +%F`
mkdir -p $logs_path/$yesterday
cd $logs_path
for nginx_logs in `ls *log` ;do
mv $nginx_logs ${yesterday}/${yesterday}-${nginx_logs}
kill -USR1 `cat /data/src/nginx/logs/nginx.pid`
done
9. 虚拟主机配置文件
[root@node1 nginx]# cat files/vhost.conf
server
{
listen 80;
server_name {{ server_name }}; -> 调用vhosts.sls中配置
index index.html index.htm ;
root html;
#location ~ .*\.(php|php5)?$
# {
# try_files $uri =404;
# fastcgi_pass unix:/tmp/php-cgi.sock;
# fastcgi_index index.php;
# include fcgi.conf;
# }
location /status {
stub_status on;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 1d;
}
access_log logs/{{ log_name }}-access.log main;
}
10. SaltStack install Nginx
[root@node1 nginx]# salt ‘node2‘ state.highstate test=True -> 无报错既可
[root@node1 nginx]# salt ‘node2‘ state.highstate
[root@node1 nginx]# curl 172.168.200.211 -I
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 Aug 2016 08:28:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 612
Last-Modified: Mon, 29 Aug 2016 07:55:02 GMT
Connection: keep-alive
ETag: "57c3ea56-264"
Accept-Ranges: bytes
本文出自 “比尔linux运维笔记” 博客,请务必保留此出处http://chenshoubiao.blog.51cto.com/6159058/1884494
(七)saltstack项目实战_安装nginx