ansible - playbook 대량 배치 Nginx
# vim /etc/ansible/hosts
[webserver]
192.168.30.128
192.168.30.129
192.168.30.130
# mkdir -p nginx/roles/nginx_install/{files,handlers,meta,tasks,templates,vars}
# cd nginx/
설명:
files: ;
handlers: , ;
meta: 、 , ;
tasks:nginx ;
templates: nginx , ;
vars:
# tree .
.
├── nginx.yml
└── roles
└── nginx_install
├── files
│ └── nginx-1.15.0.tar.gz # nginx files
├── handlers
├── meta
├── tasks
│ ├── copy.yml
│ ├── install.yml
│ ├── main.yml
│ └── prepare.yml
├── templates
│ ├── fastcgi_params
│ ├── nginx.conf
│ ├── nginx.service
│ └── server.conf
└── vars
└── main.yml
8 directories, 11 files
# vim nginx.yml
# Nginx
- hosts: webserver
remote_user: root
gather_facts: True
roles:
- nginx_install# vim roles/nginx_install/vars/main.yml
# nginx
NGINX_VER: 1.15.0
DOWNLOAD_URL: http://nginx.org/download/nginx-{{ NGINX_VER }}.tar.gz
NGINX_USER: nginx
NGINX_PORT: 80
SOURCE_DIR: /software
NGINX_DIR: /usr/local/nginx
DATA_DIR: /data/nginx
# vim roles/nginx_install/templates/nginx.conf
user nobody nobody;
worker_processes 1;
error_log {{ DATA_DIR }}/log/error.log crit;
pid /run/nginx.pid;
worker_rlimit_nofile 51200;
events {
use epoll;
worker_connections 1024;
}
http {
include mime.types;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log {{ DATA_DIR }}/log/access.log main;
server_tokens off;
sendfile on;
send_timeout 3m;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_header_timeout 3m;
client_body_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path {{ NGINX_DIR }}/client_body_temp;
proxy_temp_path {{ NGINX_DIR }}/proxy_temp;
fastcgi_temp_path {{ NGINX_DIR }}/fastcgi_temp;
fastcgi_intercept_errors on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
default_type application/octet-stream;
include {{ NGINX_DIR }}/conf/vhost/*.conf;
}
nginx vhost 프로필 server. conf
# vim roles/nginx_install/templates/server.conf
server {
listen 80;
server_name localhost;
location / {
root {{ NGINX_DIR }}/html;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root {{ NGINX_DIR }}/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
nginx 추가 프로필 fastcgiparams
# vim roles/nginx_install/templates/fastcgi_params
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
nginx 서비스 파일 nginx. service
# vim roles/nginx_install/templates/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre={{ NGINX_DIR }}/sbin/nginx -t
ExecStart={{ NGINX_DIR }}/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
# vim roles/nginx_install/tasks/prepare.yml
- name: firewalld
service: name=firewalld state=stopped enabled=no
- name: selinux
shell: "setenforce 0"
failed_when: false
- name: selinux
lineinfile:
dest: /etc/selinux/config
regexp: "^SELINUX="
line: "SELINUX=disabled"
- name: EPEL
yum: name=epel-release state=latest
- name:
yum:
name:
- vim
- lrzsz
- net-tools
- wget
- curl
- bash-completion
- rsync
- gcc
- gcc-c++
- unzip
- git
- autoconf
- cmake
- openssl
- openssl-devel
- pcre
- pcre-devel
- zlib
- zlib-devel
- gd-devel
- libxml2-devel
state: latest
- name:
shell: "yum update -y"
args:
warn: False
# vim roles/nginx_install/tasks/copy.yml
- name: nginx
group: name={{ NGINX_USER }} state=present
- name: nginx
user: name={{ NGINX_USER }} group={{ NGINX_USER }} state=present create_home=False shell=/sbin/nologin
- name: software
file: name={{ SOURCE_DIR }} state=directory mode=0755 recurse=yes
- name:
file: name={{ item }} state=directory owner={{ NGINX_USER }} group={{ NGINX_USER }} mode=0755 recurse=yes
with_items:
- "{{ DATA_DIR }}"
- "{{ DATA_DIR }}/log"
- name:
file: name={{ item }} state=touch owner={{ NGINX_USER }} group={{ NGINX_USER }} mode=0644
with_items:
- "{{ DATA_DIR }}/log/access.log"
- "{{ DATA_DIR }}/log/error.log"
# nginx
- name: nginx
get_url: url={{ DOWNLOAD_URL }} dest={{ SOURCE_DIR }} owner={{ NGINX_USER }} group={{ NGINX_USER }}
# file nginx
#- name: nginx
# copy: src=nginx-{{ NGINX_VER }}.tar.gz dest={{ SOURCE_DIR }} owner={{ NGINX_USER }} group={{ NGINX_USER }}
- name: nginx
unarchive: src={{ SOURCE_DIR }}/nginx-{{ NGINX_VER }}.tar.gz dest={{ SOURCE_DIR }} owner={{ NGINX_USER }} group={{ NGINX_USER }}
# nginx
- name: nginx
template: src=nginx.service dest=/usr/lib/systemd/system/nginx.service owner=root group=root
# vim roles/nginx_install/tasks/install.yml
# nginx
- name: nginx
shell: "cd {{ SOURCE_DIR }}/nginx-{{ NGINX_VER }} && ./configure --prefix={{ NGINX_DIR }} --user={{ NGINX_USER }} --group={{ NGINX_USER }} --http-log-path={{ DATA_DIR }}/log/access.log --error-log-path={{ DATA_DIR }}/log/error.log --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_stub_status_module"
# nginx
- name: nginx
shell: "cd {{ SOURCE_DIR }}/nginx-{{ NGINX_VER }} && make && make install"
# nginx
- name: nginx
template: src=nginx.conf dest={{ NGINX_DIR }}/conf/nginx.conf owner={{ NGINX_USER }} group={{ NGINX_USER }}
- name: vhost
file: name={{ NGINX_DIR }}/conf/vhost state=directory owner={{ NGINX_USER }} group={{ NGINX_USER }} mode=0755 recurse=yes
# nginx vhost
- name: nginx vhost
template: src=server.conf dest={{ NGINX_DIR }}/conf/vhost/server.conf owner={{ NGINX_USER }} group={{ NGINX_USER }} mode=0644
# nginx
- name: nginx
template: src=fastcgi_params dest={{ NGINX_DIR }}/conf/fastcgi_params owner={{ NGINX_USER }} group={{ NGINX_USER }} mode=0644
- name:
shell: " if [ `grep {{ NGINX_DIR }}/sbin /etc/profile |wc -l` -eq 0 ]; then echo export PATH=$PATH:{{ NGINX_DIR }}/sbin >> /etc/profile && source /etc/profile; else source /etc/profile; fi"
- name: nginx
shell: "systemctl daemon-reload && systemctl enable nginx && systemctl start nginx"
# vim roles/nginx_install/tasks/main.yml
# prepare、copy、install
- include: prepare.yml
- include: copy.yml
- include: install.yml
# ansible-playbook nginx.yml
# netstat -lntp |grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 48931/nginx: master
이 내용에 흥미가 있습니까?
현재 기사가 여러분의 문제를 해결하지 못하는 경우 AI 엔진은 머신러닝 분석(스마트 모델이 방금 만들어져 부정확한 경우가 있을 수 있음)을 통해 가장 유사한 기사를 추천합니다:
puppet 자동화 운영 의 puppet 자원 기초 지식첫 번 째 줄 의 file 은 자원 의 유형 을 지정 하 는 것 입 니 다. title 의 역할 은 puppet 가 이 자원 을 유일 하 게 표시 할 수 있 도록 하 는 것 입 니 다. 자원 의 title 은 ssh...
텍스트를 자유롭게 공유하거나 복사할 수 있습니다.하지만 이 문서의 URL은 참조 URL로 남겨 두십시오.
CC BY-SA 2.5, CC BY-SA 3.0 및 CC BY-SA 4.0에 따라 라이센스가 부여됩니다.
좋은 웹페이지 즐겨찾기
