ansiblie自动化安装nginx

Posted 人间忽晚,山河以秋

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ansiblie自动化安装nginx相关的知识,希望对你有一定的参考价值。

安装好ansible的前提下
思路:首先在一台机器上编译安装好nginx,然后打包,在通过ansible下发,安装


一、源码编译安装nginx


下载nginx源码编译包

[root@ansible-01 ~]# wget http://mirrors.sohu.com/nginx/nginx-1.9.6.tar.gz
--2021-05-27 16:25:16--  http://mirrors.sohu.com/nginx/nginx-1.9.6.tar.gz
正在解析主机 mirrors.sohu.com (mirrors.sohu.com)... 123.125.123.141
正在连接 mirrors.sohu.com (mirrors.sohu.com)|123.125.123.141|:80... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:884733 (864K) [application/octet-stream]
正在保存至: “nginx-1.9.6.tar.gz”

100%[================>] 884,733     65.9KB/s 用时 13s    

2021-05-27 16:25:29 (66.5 KB/s) - 已保存 “nginx-1.9.6.tar.gz” [884733/884733])

[root@ansible-01 ~]#

下载完成,用ls命令可以看到一个nginx的压缩包

[root@ansible-01 ~]# ls
1.txt  anaconda-ks.cfg  nginx-1.9.6.tar.gz  test  www
[root@ansible-01 ~]# 

解压

[root@ansible-01 ~]# tar -zxvf nginx-1.9.6.tar.gz 
[root@ansible-01 ~]# ls
1.txt            nginx-1.9.6         test
anaconda-ks.cfg  nginx-1.9.6.tar.gz  www

编译nginx

[root@ansible-01 ~]# cd nginx-1.9.6
[root@ansible-01 nginx-1.9.6]# ls
auto     CHANGES.ru  configure  html     man     src
CHANGES  conf        contrib    LICENSE  README
[root@ansible-01 nginx-1.9.6]# ./ conf
conf/      configure  
[root@ansible-01 nginx-1.9.6]# ./configure --prefix=/usr/local/nginx
checking for OS
 + Linux 3.10.0-862.el7.x86_64 x86_64
checking for C compiler ... not found

./configure: error: C compiler cc is not found

编译没有没有成功,是因为没有安装依赖,于是安装一下依赖

[root@ansible-01 nginx-1.9.6]# yum install gcc gcc-c++ pcre-devel  zlib-devel openssl-devel -y

再次编译

[root@ansible-01 nginx-1.9.6]# ./configure --prefix=/usr/local/nginx

编译安装,然后查看返回值为0,说明上面的安装没有错误

[root@ansible-01 nginx-1.9.6]# make && make install 
[root@ansible-01 nginx-1.9.6]# echo $?
0

编辑启动脚本

[root@ansible-01 nginx-1.9.6]# vim /etc/init.d/nginx
#!/bin/bash
# chkconfig: - 30 21
# description: http service.
# Source Function Library
. /etc/init.d/functions
# Nginx Settings
NGINX_SBIN="/usr/local/nginx/sbin/nginx"
NGINX_CONF="/usr/local/nginx/conf/nginx.conf"
NGINX_PID="/usx/local/nginx/logs/nginx.pid"
RETVAL=0
prog="Nginx"

start()
{
        echo -n $"Starting $prog: "
        mkdir -p /dev/shm/nginx_temp
        daemon $NGINX_SBIN -c $NGINX_CONF
        RETVAL=$?
        echo
        return $RETVAL
}
stop()
{
        echo -n $"Stopping $prog: "
        killproc -p $NGINX_PID $NGINX_SBIN -TERM
        rm -rf /dev/shm/nginx_temp
        RETVAL=$?
        echo
        return $RETVAL
}
reload()
{
        echo -n $"Reloading $prog: "
        killproc -p $NGINX_PID $NGINX_SBIN -HUP
        RETVAL=$?
        echo
        return $RETVAL
}
restart()
{
        stop
        start
}
configtest()
{
        $NGINX_SBIN -c $NGINX_CONF -t
        return 0
}
case "$1" in
        start)
                start
                ;;
        stop)
                stop
                ;;
        reload)
                reload
                ;;
        restart)
                restart
                ;;
        configtest)
                configtest
                ;;
        *)
                echo $"Usage: $0 {start|stop|reload|restart|configtest}"
                RETVAL=1
esac
exit $RETVAL

把nginx的配置文件清空后再重新编写

user nobody nobody;		//定义nginx运行的用户和用户组
worker_processes 2;		//nginx进程数,一般为CPU总核心数
error_log /usr/local/nginx/logs/nginx_error.log crit;	//全局错误日志定义类型
pid /usr/local/nginx/logs/nginx.pid;	//进程文件
worker_rlimit_nofile 51200;
events		//工作模式与连接数上限
{
use epoll;
worker_connections 6000;
}
http		//http下的一些配置
{
include mime.types;		//文件扩展名与文件类型映射表
default_type application/octet-stream;		//默认文件类型
server_names_hash_bucket_size 3526;
server_names_hash_max_size 4096;
log_format combined_realip '$remote_addr $http_x_forwarded_for [$time_local]'
'$host "$request_uri" $status'
'"$http_referer" "$http_user_agent"';
sendfile on;		//开启高效文件传输模式
tcp_nopush on;		//防止网络阻塞
keepalive_timeout 30;		//长连接超时时间,单位为秒
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path /usr/local/nginx/client_body_temp;
proxy_temp_path /usr/local/nginx/proxy_temp;
fastcgi_temp_path /usr/local/nginx/fastcgi_temp;
fastcgi_intercept_errors on;
tcp_nodelay on;		//防止网络阻塞
gzip on;		//开启gzip压缩输出
gzip_min_length 1k;
gzip_buffers 4 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
server		//虚拟主机配置
{
listen 80;
server_name localhost;
index index.html index.htm index.php;
root /usr/local/nginx/html;
location ~ \\.php$
{
include fastcgi_params;
fastcgi_pass unix:/tmp/php-fcgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/1ocal/nginx/html$fastcgi_script_name;
}
}
}

<inx/conf/nginx.conf" 61L, 1481C 已写入

检查文件是否有错误,可以看到,没有错误

[root@ansible-01 nginx-1.9.6]# /usr/local/nginx/sbin/nginx  -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful

启动nginx服务,但是权限不够

[root@ansible-01 nginx-1.9.6]# service nginx start
env: /etc/init.d/nginx: 权限不够

给启动脚本权限,再次启动,还是有错误

[root@ansible-01 nginx-1.9.6]# chmod 777 /etc/init.d/nginx 
[root@ansible-01 nginx-1.9.6]# service nginx start       
 Reloading systemd:                                       [  OK  ]
Starting nginx (via systemctl):  Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
                                                         [FAILED]

查看端口,原来端口被http占用

[root@ansible-01 nginx-1.9.6]# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1095/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1367/master         
tcp        0      0 10.30.59.248:25         0.0.0.0:*               LISTEN      1367/master         
tcp6       0      0 :::80                   :::*                    LISTEN      1773/httpd          
tcp6       0      0 :::22                   :::*                    LISTEN      1095/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1367/master       

关闭http

[root@ansible-01 nginx-1.9.6]# systemctl stop httpd
[root@ansible-01 nginx-1.9.6]# netstat -ntpl       
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1095/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1367/master         
tcp        0      0 10.30.59.248:25         0.0.0.0:*               LISTEN      1367/master         
tcp6       0      0 :::22                   :::*                    LISTEN      1095/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1367/master         

再次启动,这回启动成功,查看端口和nginx的状态可以看到都是开启的

[root@ansible-01 nginx-1.9.6]# service nginx start   
Starting nginx (via systemctl):                          [  OK  ]
[root@ansible-01 nginx-1.9.6]# netstat -ntpl      
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      9704/nginx: master  
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1095/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1367/master         
tcp        0      0 10.30.59.248:25         0.0.0.0:*               LISTEN      1367/master         
tcp6       0      0 :::22                   :::*                    LISTEN      1095/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1367/master         
[root@ansible-01 nginx-1.9.6]# systemctl status nginx
● nginx.service - SYSV: http service.
   Loaded: loaded (/etc/rc.d/init.d/nginx; bad; vendor preset: disabled)
   Active: active (running) since 四 2021-05-27 17:40:07 CST; 16s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 9696 ExecStart=/etc/rc.d/init.d/nginx start (code=exited, status=0/SUCCESS)
    Tasks: 3
   Memory: 5.4M
   CGroup: /system.slice/nginx.service
           ├─9704 nginx: master process /usr/local/ngin...
           ├─9705 nginx: worker process
           └─9706 nginx: worker process

527 17:40:07 ansible-01 systemd[1]: Starting SYSV: ...
527 17:40:07 ansible-01 nginx[9696]: Starting Nginx...
527 17:40:07 ansible-01 systemd[1]: Started SYSV: h...
Hint: Some lines were ellipsized, use -l to show in full.

到这里,源码编译安装nginx成功


二、环境准备


新建目录,用于存放关于ansible自动安装nginx的数据和yml的文件

[root@ansible-01 ~]# cd /etc/ansible/
[root@ansible-01 ansible]# mkdir nginx_install/

在目录下面还要创建多个目录

[root@ansible-01 ansible]# cd nginx_install/
[root@ansible-01 nginx_install]# ls

在nginx_install下面在创建一个roles目录,roles目录下面还有common和install目录,这两个目录下面分别都有handles,files,meta,tasks,templates,vars目录
roles下:
common:为一些准备操作,
install:是安装nginx上午操作
以上两个目录下:
handlers:是当发生改变时要执行的操作,通常用在配置文件发生改变,重启服务。
files:为安装时用到的一些问价,
meta:为说明信息,说明校色依赖等信息
tasks:里面是核心的配置文件
templates:通常存一些配置文件,启动脚本等模板文件
vars:定义的变量

[root@ansible-01 nginx_install]# mkdir -p roles/{common,install}/{handlers,files,meta,tasks,templates,vars}
[root@ansible-01 nginx_install]# ls
roles
[root@ansible-01 nginx_install]# cd roles/
[root@ansible-01 roles]# ls
common  install

然后把存放服务数据的nginx目录打包,移到/etc/ansible/nginx_install/roles/install/files/目录里

[root@ansible-01 ~]# cd /usr/local/
[root@ansible-01 local]# ls
bin   etc    html     lib    libexec  nginx  share
conf  games  include  lib64  logs     sbin   src
[root@ansible-01 local]# tar -zcvf nginx.tar.gz nginx/
[root@ansible-01 local]# mv nginx.tar.gz /etc/ansible/nginx_install/roles/install/files/

把配置文件和启动脚本都移动到/etc/ansible/nginx_install/roles/install/templates/里

[root@ansible-01 local]# cd nginx/
[root@ansible-01 nginx]# ls
client_body_temp  html        sbin
conf              logs        scgi_temp
fastcgi_temp      proxy_temp  uwsgi_temp
[root@ansible-01 nginx]# cp conf/nginx.conf /etc/ansible/nginx_install/roles/install/templates/
[root@ansible-01 nginx]# cp /etc/init.d/nginx /etc/ansible/nginx_install/roles/install/templates/

三、编写需要的yml文件


所有的编写都在我们之前创建的关于ansible自动安装的目录里,即/etc/ansible/nginx_install里
1、编写安装依赖的yml文件(在存放依赖的common目录的tasks里,文件名:main.yml)

[root@ansible-01 ~]# vim /etc/ansible/nginx_install/roles/common/tasks/main.yml 
- name: install initializtion requre software
  yum: name={{ item }} state=installed
  with_items:
    - zlib-devel
    - pcre-devel
~                                                                                
~                                                                                
~                                                                                
~                                                                                                                                                                                                                                          
~                                                                                
~                                                                                
~                                                                                
~                                                                                
<le/nginx_install/roles/common/tasks/main.yml" 5L, 133C 已写入

2、编写定义所需的变量
编写目录是安装目录(install)的存放变量的目录(vars),文件名是,main.yml

[root@ansible-01 ~]# vim /etc/ansible/nginx_install/roles/install/vars/main.yml 
nginx_user: www
nginx_port: 80
nginx_basedir: /usr/local/nginx
~                                                                                
~                                                                                                                                                             
~                                                                                
<ble/nginx_install/roles/install/vars/main.yml" 3L, 63C 已写入

3、编写压缩包处理的文件(在安装目录install的tasks里,和第四,第五个文件一起)

[root@ansible-01 ~]# vim /etc/ansible/nginx_install/roles/install/tasks/copy.yml 
 
- name: Copy Nginx Software
  copy: src=nginx.tar.gz dest=/tmp/nginx.tar.gz owner=root  group=root
- name: Uncompression Nginx Software
  shell: tar zxf /tmp/nginx.tar.gz -C /usr/local/
- name: Copy Nginx Start Script
  template: src=nginx dest=/etc/init.d/nginx owner=root group=root mode=0755
- name: Copy Nginx Config
  template: src=nginx.conf dest={{ nginx_basedir }}/conf/ owner=root group=root m
ode=0644
~                                                                                
~                                                                                
~                                                                                
~                                                                                                                                                      
~                                                                                
~                                                                                
~                                                                                
<e/nginx_install/roles/install/tasks/copy.yml" 8L, 411C 已写入

4、编写创建用户的文件(和第三个一起)

[root@ansible-01 ~]# vim /etc/ansible/nginx_install/roles/install/tasks/install.yml 
- name: Create Nginx User
  user: name={{ nginx_user }} state=present createhome=no shell=/sbin/nologin
- name: Start Nginx Service
  shell: /etc/init.d/nginx start
- name: Add Boot start Nginx service
  shell: chkconfig --level 345 nginx on
- name: Delete Nginx compression files
  shell: rm -rf /tmp/nginx.tar.gz
~                                                                                
~                                                                                
~                                                                                
~                                                                                                                                                               
~                                                                                
~                                                                                
<ginx_install/roles/install/tasks/install.yml" 8L, 315C 已写入

5、调用copy.yml和install.yml(和第三,第四个一起)

[root@ansible-01 ~]# vim /etc/ansible/nginx_install/roles/install/tasks/main.yml 
 
- include: copy.yml
- include: install.yml

~                                                                                
~                                                                                
~                                                                                                                                                                                                                           
~                                                                                
~                                                                                
~                                                                                
~                                                                                
<le/nginx_install/roles/install/tasks/main.yml" 3L, 44C 已写入

6、编写入口文件,即终极文件

[root@ansible-01 ~]# vim /etc/ansible/nginx_install/install.yml 
---
- hosts: 10.30.59.216
  remote_user: root
  gather_facts: True
  roles:
    - common
    - install
~                                                                                
~                                                                                
~                                                                                                                                                               
~                                                                                
~                                                                                
~                                                                                
~                                                                                
"/etc/ansible/nginx_install/install.yml" 7L, 103C 已写入

最后执行一下就可以远程安装给nginx,但是另一台机器要确保80端口没有被占用
我的没有被占用

[root@ansible-02 local]# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1077/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1338/master         
tcp6       0      0 :::2222                 :::*                    LISTEN      2459/docker-proxy   
tcp6       0      0 :::8080                 :::*                    LISTEN      3886/docker-proxy   
tcp6       0      0 :::22                   :::*                    LISTEN      1077/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1338/master         
tcp6       0      0 :::8443                 :::*                    LISTEN      3

然后执行ansible-playbook

[root@ansible-01 ~]# ansible-playbook /etc/ansible/nginx_install/install.yml 

PLAY [10.30.59.216] *************************************************************

TASK [Gathering Facts] **********************************************************
ok: [10.30.59.216]

TASK [common : install initializtion requre software] ***************************
[DEPRECATION WARNING]: Invoking "yum" only once while using a loop via 
squash_actions is deprecated. Instead of using a loop to supply multiple items 
and specifying `name: "{{ item }}"`, please use `name: ['zlib-devel', 'pcre-
devel']` and remove the loop. This feature will be removed in version 2.11. 
Deprecation warnings can be disabled by setting deprecation_warnings=False in 
ansible.cfg.
ok: [10.30.59.216] => (item=[u'zlib-devel', u'pcre-devel'])

TASK [install : Copy Nginx Software] ********************************************
changed: [10.30.59.216]

TASK [install : Uncompression Nginx Software] ***********************************
[WARNING]: Consider using the unarchive module rather than running 'tar'.  If
you need to use command because unarchive is insufficient you can add 'warn:
  lse' to this command task or set 'command_warnings=False' in ansible.cfg to
get rid of this message.
changed: [10.30.59.216]

TASK [install : Copy Nginx Start Script] ****************************************
changed: [10.30.59.216]

TASK [install : Copy Nginx Config] **********************************************
ok: [10.30.59.216]

TASK [install : Create Nginx User] **********************************************
changed: [10.30.59.216]

TASK [install : Start Nginx Service] ********************************************
changed: [10.30.59.216]

TASK [install : Add Boot start Nginx service] ***********************************
changed: [10.30.59.216]

TASK [install : Delete Nginx compression files] *********************************
[WARNING]: Consider using the file module with state=absent rather than running
'rm'.  If you need to use command because file is insufficient you can add
'warn: false' to this command task or set 'command_warnings=False' in
ansible.cfg to get rid of this message.
changed: [10.30.59.216]

PLAY RECAP **********************************************************************
10.30.59.216               : ok=10   changed=7    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

[root@ansible-01 ~]#

再次查看另一台的端口,看nginx是否安装启动成功

[root@ansible-02 ~]# netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      32668/nginx: master 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1077/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1338/master         
tcp6       0      0 :::2222                 :::*                    LISTEN      2459/docker-proxy   
tcp6       0      0 :::8080                 :::*                    LISTEN      3886/docker-proxy   
tcp6       0      0 :::22                   :::*                    LISTEN      1077/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      1338/master         
tcp6       0      0 :::8443                 :::*                    LISTEN      3874/docker-proxy   

可以看到有了nginx的端口,说明自动化安装nginx成功

以上是关于ansiblie自动化安装nginx的主要内容,如果未能解决你的问题,请参考以下文章

nodejs常用代码片段

vim代码片段插件ultisnips的使用

Nginx配置文件详细介绍

postman 自动生成 curl 代码片段

postman 自动生成 curl 代码片段

nginx.conf 忽略了 nginx-ingress 配置映射片段