(转)自动化管理工具Saltstack之nginx部署
本文转载自: http://blog.csdn.net/hnhuangyiyang/article/details/50414284#t0
本文会根据原文作实验操作,所以会有少量的更改,但以原文为主。
state文件列表
[root@cong-33 nginx]# pwd /srv/salt/nginx [root@cong-33 nginx]# ll total 16 -rw-r--r--. 1 root root 690 Nov 24 15:09 conf.sls -rw-r--r--. 1 root root 58 Nov 24 14:51 init.sls -rw-r--r--. 1 root root 1309 Nov 24 16:27 install.sls -rw-r--r--. 1 root root 372 Nov 24 16:23 vhost.sls [root@cong-33 nginx]#
文件列表
[root@cong-33 nginx]# ll /srv/salt/file/nginx/ total 972 -rw-r--r--. 1 root root 2819 Nov 24 14:54 nginx -rw-r--r--. 1 root root 981687 Nov 24 14:14 nginx-1.12.2.tar.gz -rw-r--r--. 1 root root 1743 Nov 24 14:22 nginx.conf -rw-r--r--. 1 root root 387 Nov 24 16:30 vhost.conf [root@cong-33 nginx]#
nginx的init.sls入口文件内容
[root@cong-33 nginx]# pwd /srv/salt/nginx [root@cong-33 nginx]# cat init.sls include: - nginx.install - nginx.conf - nginx.vhost [root@cong-33 nginx]#
install.sls:
[root@cong-33 nginx]# cat install.sls nginx_cp_tar_file: file.managed: - name: /usr/local/src/nginx-1.12.2.tar.gz - unless: test -e /usr/local/src/nginx/nginx-1.12.2.tar.gz - user: root - group: root - makedirs: True - source: salt://file/nginx/nginx-1.12.2.tar.gz nginx_extract: cmd.run: - cwd: /usr/local/src - names: - tar zxf nginx-1.12.2.tar.gz - unless: test -d /usr/local/src/nginx-1.12.2 - require: - file: nginx_cp_tar_file nginx_user: user.present: - name: www - createhome: False - gid_from_name: True - shell: /sbin/nologin nginx_install_require: pkg.installed: - pkgs: - gcc - gcc-c++ - openssl-devel - zlib-devel - pcre-devel nginx_compile: cmd.run: - cwd: /usr/local/src/nginx-1.12.2 - names: - ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module \ --with-http_gzip_static_module --with-http_ssl_module --with-http_realip_module --with-pcre - make - make install - require: - cmd: nginx_extract - pkg: nginx_install_require - unless: test -d /usr/local/nginx create_dir: cmd.run: - names: - mkdir -p /usr/local/nginx/conf/vhost - unless: test -d /usr/local/nginx/conf/vhost - require: - cmd: nginx_compile [root@cong-33 nginx]#
conf.sls:
[root@cong-33 nginx]# cat conf.sls include: - nginx.install {% set nginx_user = 'www'%} nginx_conf: file.managed: - name: /usr/local/nginx/conf/nginx.conf - source: salt://file/nginx/nginx.conf - template: jinja - defaults: nginx_user: {{ nginx_user }} cpus: {{ grains['num_cpus'] }} nginx_service: file.managed: - name: /etc/init.d/nginx - source: salt://file/nginx/nginx - user: root - mode: 755 cmd.run: - names: - /sbin/chkconfig --add nginx - /sbin/chkconfig nginx on - unless: /sbin/chkconfig --list nginx service.running: - name: nginx - enable: True - reload: True - watch: - file: /usr/local/nginx/conf/vhost/*.conf [root@cong-33 nginx]#
vhost.sls:
[root@cong-33 nginx]# cat vhost.sls include: - nginx.install {% set hostname = ['www','bbs'] %} {% for server_name in hostname %} vhost_{{ server_name }}: file.managed: - name: /usr/local/nginx/conf/vhost/{{ server_name }}.conf - source: salt://file/nginx/vhost.conf - template: jinja - defaults: server_name: {{ server_name }} - watch_in: service: nginx {% endfor %} [root@cong-33 nginx]#
nginx主配置文件:
[root@cong-33 nginx]# cat /srv/salt/file/nginx/nginx.conf user {{ nginx_user }}; worker_processes {{ cpus }}; worker_rlimit_nofile 65535; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { use epoll; worker_connections 65535; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; tcp_nopush on; keepalive_timeout 65; gzip on; server { listen 80; server_name localhost; root /var/www/zabbix; #charset koi8-r; access_log logs/localhost.access.log main; location / { try_files $uri $uri/ =404; index index.php index.html index.htm; } location /nginx_status { stub_status on; access_log off; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } location ~ ^/(status|ping)$ { include fastcgi_params; fastcgi_pass unix:/var/run/php-fpm/php-fpm.socket; fastcgi_param SCRIPT_FILENAME $fastcgi_script_name; } location ~ \.php$ { try_files $uri =404; fastcgi_pass unix:/var/run/php-fpm/php-fpm.socket; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } include conf/vhost/*.conf; } [root@cong-33 nginx]#
nginx虚拟机配置文件:
[root@cong-33 nginx]# cat /srv/salt/file/nginx/vhost.conf server { listen 80; server_name {{ server_name }}.cong.com; index index.html index.htm; root /var/www/localhost; location /status { stub_status on; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)${ expires 3d; } location ~ .*\.(js|css)?${ expires 1d; } access_log /logs/{{ server_name }}-access.log main; } [root@cong-33 nginx]#
nginx的启动脚本:
[root@cong-33 nginx]# cat /srv/salt/file/nginx/nginx #!/bin/sh # # nginx - this script starts and stops the nginx daemon # # chkconfig: - 85 15 # description: Nginx is an HTTP(S) server, HTTP(S) reverse \ # proxy and IMAP/POP3 proxy server # processname: nginx # config: /usr/local/nginx/conf/nginx.conf # pidfile: /usr/local/nginx/logs/nginx.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ "$NETWORKING" = "no" ] && exit 0 nginx="/usr/local/nginx/sbin/nginx" prog=$(basename $nginx) NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf" lockfile=/var/lock/subsys/nginx make_dirs() { # make required directories user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=[]∗.*/\1/g' -` if [ -z "`grep $user /etc/passwd`" ]; then useradd -M -s /bin/nologin $user fi options=`$nginx -V 2>&1 | grep 'configure arguments:'` for opt in $options; do if [ `echo $opt | grep '.*-temp-path'` ]; then value=`echo $opt | cut -d "=" -f 2` if [ ! -d "$value" ]; then # echo "creating" $value mkdir -p $value && chown -R $user $value fi fi done } start() { [ -x $nginx ] || exit 5 [ -f $NGINX_CONF_FILE ] || exit 6 make_dirs echo -n $"Starting $prog: " daemon $nginx -c $NGINX_CONF_FILE retval=$? echo [ $retval -eq 0 ] && touch $lockfile return $retval } stop() { echo -n $"Stopping $prog: " killproc $prog -QUIT retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { configtest || return $? stop sleep 1 start } reload() { configtest || return $? echo -n $"Reloading $prog: " killproc $nginx -HUP RETVAL=$? echo } force_reload() { restart } configtest() { $nginx -t -c $NGINX_CONF_FILE } rh_status() { status $prog } rh_status_q() { rh_status >/dev/null 2>&1 } case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart|configtest) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}" exit 2 esac [root@cong-33 nginx]#
