Ansible Playbooks 部署Nginx综合案例
--------------------------------------------------------------------------------------------
在ansible 主机上
1、创建目录结构
mkdir -pv /etc/ansible/roles/nginx/{files,handlers,tasks,templates,vars}
2、目录结构查看
yum -y install tree
cd /etc/ansible/
tree
在ansible 主机上
1、创建目录结构
mkdir -pv /etc/ansible/roles/nginx/{files,handlers,tasks,templates,vars}
2、目录结构查看
yum -y install tree
cd /etc/ansible/
tree
3、定义一个主调用文件
vim /etc/ansible/nginx.yaml
- hosts: laowang (执行主机范围)
gather_facts: True (开启系统内置变量)
remote_user: root
roles: (启用roles原型配置)
- nginx (执行nginx原型模组)
vim /etc/ansible/nginx.yaml
- hosts: laowang (执行主机范围)
gather_facts: True (开启系统内置变量)
remote_user: root
roles: (启用roles原型配置)
- nginx (执行nginx原型模组)
4、files:存储有copy或script等模块调用的文件
cd /etc/ansible/roles/nginx/files/
上传nginx包到files目录下
nginx-1.16.0.tar.gz
cd /etc/ansible/roles/nginx/files/
上传nginx包到files目录下
nginx-1.16.0.tar.gz
5、handlers:此目录中至少应该有一个名为main.yml的文件,用于定义各handler;其他的文件需要由main.yml进行“包含”调用;
vim /etc/ansible/roles/nginx/handlers/main.yaml
- name: start nginx
raw: /usr/local/nginx/sbin/nginx
vim /etc/ansible/roles/nginx/handlers/main.yaml
- name: start nginx
raw: /usr/local/nginx/sbin/nginx
6、tasks:目录至少应该有一个名为main.yml的文件,用于定义各task;其他文件需要由main.yml进行“包含”调用【语法检测会出错 不用管,继续做就可以】
vim /etc/ansible/roles/nginx/tasks/main.yaml
---
- name: yum install
yum: name={{ item }} state=latest (使用item变量)
with_items: (变量值)
- openssl-devel
- pcre-devel
- zlib-devel
- gcc
- gcc-c++
- make
vim /etc/ansible/roles/nginx/tasks/main.yaml
---
- name: yum install
yum: name={{ item }} state=latest (使用item变量)
with_items: (变量值)
- openssl-devel
- pcre-devel
- zlib-devel
- gcc
- gcc-c++
- make
- name: user nginx
shell: useradd -M -s /sbin/nologin nginx
shell: useradd -M -s /sbin/nologin nginx
- name: package
copy: src=nginx-1.16.0.tar.gz dest=/usr/src
copy: src=nginx-1.16.0.tar.gz dest=/usr/src
- name: install nginx
shell: cd /usr/src ; tar xf nginx-1.16.0.tar.gz -C /usr/src ; cd /usr/src/nginx-1.16.0 ; ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre && make && make install
- name: copy conf file
template: src=nginx.conf dest=/usr/local/nginx/conf/nginx.conf (模板复制配置文件)
shell: cd /usr/src ; tar xf nginx-1.16.0.tar.gz -C /usr/src ; cd /usr/src/nginx-1.16.0 ; ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre && make && make install
- name: copy conf file
template: src=nginx.conf dest=/usr/local/nginx/conf/nginx.conf (模板复制配置文件)
notify: (通知触发器)
- start nginx (启动服务)
...
- start nginx (启动服务)
...
7、templates:存储由template模块调用的模板文本
vim /etc/ansible/roles/nginx/templates/nginx.conf
user nginx;
worker_processes {{ ansible_processor_vcpus }}; (系统变量,cpu数量变量值)
{% if ansible_processor_vcpus == 1 %} (判断如果CPU核心等于1)
worker_cpu_affinity 10; (使用这个分配,依次类推)
{% elif ansible_processor_vcpus == 2 %}
worker_cpu_affinity 01 10;
{% elif ansible_processor_vcpus == 4 %}
worker_cpu_affinity 0001 0010 0100 1000;
{% elif ansible_processor_vcpus == 8 %}
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
{% else %} (否则使用下面的分配方式)
worker_cpu_affinity 0001 0010 0100 1000;
{% endif %}
vim /etc/ansible/roles/nginx/templates/nginx.conf
user nginx;
worker_processes {{ ansible_processor_vcpus }}; (系统变量,cpu数量变量值)
{% if ansible_processor_vcpus == 1 %} (判断如果CPU核心等于1)
worker_cpu_affinity 10; (使用这个分配,依次类推)
{% elif ansible_processor_vcpus == 2 %}
worker_cpu_affinity 01 10;
{% elif ansible_processor_vcpus == 4 %}
worker_cpu_affinity 0001 0010 0100 1000;
{% elif ansible_processor_vcpus == 8 %}
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
{% else %} (否则使用下面的分配方式)
worker_cpu_affinity 0001 0010 0100 1000;
{% endif %}
error_log logs/error.log;
pid logs/nginx.pid;
pid logs/nginx.pid;
events {
use epoll;
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
keepalive_timeout 65;
gzip on;
keepalive_timeout 65;
gzip on;
server {
listen {{ nginxport }}; (自定义变量,监听端口变量)
server_name {{ server_name}}; (自定义变量,服务名变量)
listen {{ nginxport }}; (自定义变量,监听端口变量)
server_name {{ server_name}}; (自定义变量,服务名变量)
location / {
root html;
index index.html index.htm;
}
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
location = /50x.html {
root html;
}
}
}
8、vars:此目录中至少应该有一个名为main.yml的文件,用于定义各variable;其它的文件需要由main.yml进行“包含”调用;
vim /etc/ansible/roles/nginx/vars/main.yaml
---
nginxport: "80"
server_name: "www.laowang.com"
...
测试
ansible-playbook -C /etc/ansible/nginx.yaml
ansible-playbook /etc/ansible/nginx.yaml
9、其他:
meta:此目录中至少应该有一个名为main.yml的文件,定义当前角色的特殊设定及其依赖关系;其它的文件需要由main.yml进行“包含”调用
vim /etc/ansible/roles/nginx/vars/main.yaml
---
nginxport: "80"
server_name: "www.laowang.com"
...
测试
ansible-playbook -C /etc/ansible/nginx.yaml
ansible-playbook /etc/ansible/nginx.yaml
9、其他:
meta:此目录中至少应该有一个名为main.yml的文件,定义当前角色的特殊设定及其依赖关系;其它的文件需要由main.yml进行“包含”调用
default:此目录中至少应该有一个名为main.yml的文件,用于设定默认变量