saltstack通过state安装nginx
创建nginx.sls文件
install_nginx是安装Nginx的配置,nginx_running负责进程管理,nginx_conf下发Nginx主配置的模板文件,vhost_conf下发Vhost的配置文件。
[root@29-server]# cat /srv/salt/nginx.sls
{% set confdir="/etc/nginx/" %}
{% if grains['num_cpus'] > 2 %}
install_nginx:
pkg.installed:
- name: nginx
nginx_running:
service.running:
- name: nginx
- enable: Ture
- require:
- pkg: install_nginx
- watch:
- file: nginx_conf
- file: vhost_conf
nginx_conf:
file.managed:
- name: {{confdir}}nginx.conf
- source: salt://nginx.j2
- user: root
- group: root
- template: jinja
- mode: 644
vhost_conf:
file.managed:
- name: {{confdir}}conf.d/nginx.conf
- source: salt://test_vhost.conf
- user: root
- group: root
- mode: 644
{%endif%}
nginx主配置文件内容
[root@29-server]# cat /srv/salt/nginx.j2
user root;
worker_processes {{ grains['num_cpus'] }};
{% if grains['num_cpus'] == 4 %}
worker_cpu_affinity 1000 0100 0010 0001;
{% elif grains['num_cpus'] == 8 %}
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
{% else %}
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
{% endif %}
#error_log logs/error.log;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_ log logs/ access.log main;
sendfile on;
keepalive_timeout 65;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
tcp_nodelay on;
send_timeout 60;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
server {
listen 80 default;
server_name _;
return 403;
}
server_tokens off;
upstream backend {
server 192.168.0.1:80 max_fails=3 fail_timeout=30s;
server 192.168.0.2:80 max_fails=3 fail_timeout=30s;
server 192.168.0.3:80 max_fails=3 fail_timeout=30s;
}
include /etc/nginx/conf.d/*.conf;
}
vhost配置文件内容
[root@29-server]# cat test_vhost.conf
server {
listen 80;
server_name www.test.com;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
执行状态模块命令
这是第二次执行显示的信息,第一次执行显示信息太多,就不放在这里了。
[root@29-server salt]# salt "minion-one" state.sls nginx
minion-one:
----------
ID: install_nginx
Function: pkg.installed
Name: nginx
Result: True
Comment: All specified packages are already installed
Started: 15:28:34.922277
Duration: 2494.279 ms
Changes:
----------
ID: nginx_conf
Function: file.managed
Name: /etc/nginx/nginx.conf
Result: True
Comment: File /etc/nginx/nginx.conf is in the correct state
Started: 15:28:37.423235
Duration: 40.325 ms
Changes:
----------
ID: vhost_conf
Function: file.managed
Name: /etc/nginx/conf.d/nginx.conf
Result: True
Comment: File /etc/nginx/conf.d/nginx.conf is in the correct state
Started: 15:28:37.463761
Duration: 9.871 ms
Changes:
----------
ID: nginx_running
Function: service.running
Name: nginx
Result: True
Comment: The service nginx is already running
Started: 15:28:37.473951
Duration: 84.594 ms
Changes:
Summary for minion-one
------------
Succeeded: 4
Failed: 0
------------
Total states run: 4
Total run time: 2.629 s
