zoukankan      html  css  js  c++  java

  • saltstack之nginx部署

    1./srv/salt/nginx目录树

    .
conf.sls
file
|--- nginx
|--- nginx-1.5.1.tar.gz
|--- nginx.conf
|--- nginx_log_cut.sh
|--- vhost.conf
init.sls
install.sls
vhost.sls

    /srv/salt/top.sls

    base:
  'test82.salt.cn':
    - nginx.init

    2.init.sls 初始化所有sls文件

    /srv/salt/nginx/init.sls

    include:
  - nginx.install
  - nginx.conf
  - nginx.vhost

    3.install.sls nginx的安装sls

    /srv/salt/nginx/install.sls

    nginx_source:
  file.managed:
    - name: /tmp/nginx-1.5.1.tar.gz
    - unless: test -e /tmp/nginx-1.5.1.tar.gz
    - user: root
    - group: root
    - makedirs: True
    - source: salt://nginx/file/nginx-1.5.1.tar.gz
nginx_extract:
  cmd.run:
    - cwd: /tmp
    - names: 
      - tar zxf nginx-1.5.1.tar.gz
    - unless: test -d /tmp/nginx-1.5.1
    - require:
      - file: nginx_source
nginx_user:
  user.present:
    - name: www
    - createhome: False
    - gid_from_name: True
    - shell: /sbin/nologin
nginx_pkg:
  pkg.installed:
    - pkgs:
      - gcc
      - gcc-c++
      - openssl-devel
      - pcre-devel
      - zlib-devel
nginx_compile:
  cmd.run:
    - cwd: /tmp/nginx-1.5.1
    - names:
      - ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_gzip_static_module --with-http_ssl_module --with-http_realip_module
      - make
      - make install
    - require:
      - cmd: nginx_extract
      - pkg: nginx_pkg
    - unless: test -d /usr/local/nginx
create_dir:
  cmd.run:
    - names:
      - chown -R www.www /var/html/www
      - mkdir -p /usr/local/nginx/conf/vhost
    - unless: test -d /usr/local/nginx/conf/vhost
    - require: 
      - cmd: nginx_compile

    4.conf.sls 管理nginx主配置文件

    /srv/salt/nginx/conf.sls

    include:
  - nginx.install

{% set nginx_user = 'www' %}

nginx_conf:
  file.managed:
    - name: /usr/local/nginx/conf/nginx.conf
    - source: salt://nginx/file/nginx.conf
    - template: jinja
    - defaults:
      nginx_user: {{ nginx_user }}
      num_cpus: {{ grains['num_cpus'] }}
nginx_service :
  file.managed:
    - name: /etc/init.d/nginx
    - user: root
    - mode: 755
    - source: salt://nginx/file/nginx
  cmd.run:
    - names:
      - /sbin/chkconfig --add nginx
      - /sbin/chkconfig nginx on
    - unless: /sbin/chkconfig --list nginx
  service.running:
    - name: nginx
    - enable: True
    - reload: True
    - watch:
      - file: /usr/local/nginx/conf/vhost/*.conf  
nginx_log_cut:             
  file.managed:
    - name: /usr/local/nginx/sbin/nginx_log_cut.sh
    - source: salt://nginx/file/nginx_log_cut.sh
  cron.present:    
    - name: sh /usr/local/nginx/sbin/nginx_log_cut.sh
    - user: root
    - minute: 10
    - hour: 0
    - require:
      - file: nginx_log_cut

    5.使用pillar适合针对不同的主机动态生成配置

    /srv/pillar目录树

    .
top.sls
vhost.sls

    /srv/pillar/top.sls

    base:
  'test82.salt.cn':
    - vhost

    /srv/pillar/vhost.sls

    vhost:
  {% if 'test8' in grains['id'] %}  
  - name: www 
    target: /usr/local/nginx/conf/vhost/vhost_www.conf
  {% else %}
  - name: bbs
    target: /usr/local/nginx/conf/vhost/vhost_bbs.conf
  {% endif %}

    6.vhost.sls 生成虚拟机配置文件

    /srv/salt/nginx/vhost.sls

    include:
  - nginx.install

{% for vhostname in pillar['vhost'] %}

{{ vhostname['name'] }}:
  file.managed:
    - name: {{ vhostname['target'] }}
    - source: salt://nginx/file/vhost.conf
    - target: {{ vhostname['target'] }}
    - template: jinja
    - defaults:
      server_name: {{ grains['fqdn_ip4'][0] }} 
      log_name: {{ vhostname['name'] }}
    - watch_in:
      service: nginx

{% endfor %}

    6.nginx.conf 主配置文件模板

    /srv/salt/nginx/file/nginx.conf

    #
user  {{ nginx_user }}; 
worker_processes {{grains['num_cpus']}};
error_log  logs/nginx_error.log  notice;
pid        /usr/local/nginx/sbin/nginx.pid;

worker_rlimit_nofile 65535;

events
     {
              use epoll;
              worker_connections 65535;
      }
http
     {
              include       mime.types;
              default_type  application/octet-stream;
              charset  utf-8;
              server_names_hash_bucket_size 128;
              client_header_buffer_size 32k;
              large_client_header_buffers 4 32k;
              client_max_body_size 128m;
              sendfile on;
              tcp_nopush     on;
              keepalive_timeout 60;
              tcp_nodelay on;
              server_tokens off;
              client_body_buffer_size  512k;
              gzip on;
              gzip_min_length  1k;
              gzip_buffers     4 16k;
              gzip_http_version 1.1;
              gzip_comp_level 2;
              gzip_types      text/plain application/x-javascript text/css application/xml;
              gzip_vary on;
              log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                                '$status $body_bytes_sent "$http_referer" '
                                '"$http_user_agent" "$http_x_forwarded_for" "$host"' ;

              include vhost/*.conf;
       }

    7.nginx nginx服务管理脚本

    /srv/salt/nginx/file/nginx

    #!/bin/sh
#
# nginx - this script starts and stops the nginx daemon
#
# chkconfig:   - 85 15 
# description:  Nginx is an HTTP(S) server, HTTP(S) reverse 
#               proxy and IMAP/POP3 proxy server
# processname: nginx
# config:      /usr/local/nginx/conf/nginx.conf
# pidfile:     /usr/local/nginx/logs/nginx.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0

nginx="/usr/local/nginx/sbin/nginx"
prog=$(basename $nginx)

NGINX_CONF_FILE="/usr/local/nginx/conf/nginx.conf"


lockfile=/var/lock/subsys/nginx

make_dirs() {
   # make required directories
   user=`$nginx -V 2>&1 | grep "configure arguments:" | sed 's/[^*]*--user=([^ ]*).*/1/g' -`
   if [ -z "`grep $user /etc/passwd`" ]; then
       useradd -M -s /bin/nologin $user
   fi
   options=`$nginx -V 2>&1 | grep 'configure arguments:'`
   for opt in $options; do
       if [ `echo $opt | grep '.*-temp-path'` ]; then
           value=`echo $opt | cut -d "=" -f 2`
           if [ ! -d "$value" ]; then
               # echo "creating" $value
               mkdir -p $value && chown -R $user $value
           fi
       fi
   done
}

start() {
    [ -x $nginx ] || exit 5
    [ -f $NGINX_CONF_FILE ] || exit 6
    make_dirs
    echo -n $"Starting $prog: "
    daemon $nginx -c $NGINX_CONF_FILE
    retval=$?
    echo
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
}

stop() {
    echo -n $"Stopping $prog: "
    killproc $prog -QUIT
    retval=$?
    echo
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
}

restart() {
    configtest || return $?
    stop
    sleep 1
    start
}

reload() {
    configtest || return $?
    echo -n $"Reloading $prog: "
    killproc $nginx -HUP
    RETVAL=$?
    echo
}

force_reload() {
    restart
}

configtest() {
  $nginx -t -c $NGINX_CONF_FILE
}

rh_status() {
    status $prog
}

rh_status_q() {
    rh_status >/dev/null 2>&1
}

case "$1" in
    start)
        rh_status_q && exit 0
        $1
        ;;
    stop)
        rh_status_q || exit 0
        $1
        ;;
    restart|configtest)
        $1
        ;;
    reload)
        rh_status_q || exit 7
        $1
        ;;
    force-reload)
        force_reload
        ;;
    status)
        rh_status
        ;;
    condrestart|try-restart)
        rh_status_q || exit 0
            ;;                   
    *)
        echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
        exit 2
esac

    8.nginx_log_cut.sh nginx日志切割脚本

    /srv/salt/nginx/file/nginx_log_cut.sh

    #!/bin/bash

logs_path=/usr/local/nginx/logs
yesterday=`date -d "yesterday" +%F`

mkdir -p $logs_path/$yesterday

cd $logs_path

for nginx_logs in `ls *log` ;
do
mv $nginx_logs ${yesterday}/${yesterday}-${nginx_logs}

kill -USR1  `cat /usr/local/nginx/sbin/nginx.pid`
done

    9.vhost.sls 虚拟机配置文件

    /srv/salt/nginx/file/vhost.conf

    server
        {
                listen       80;
                server_name {{ server_name }}; 
                index index.html index.htm ;
                root  html;
                #location ~ .*.(php|php5)?$
                #        {
                #                try_files $uri =404;
                #                fastcgi_pass  unix:/tmp/php-cgi.sock;
                #                fastcgi_index index.php;
                #                include fcgi.conf;
                #        }
                location /status {
                       stub_status on;
                }
                location ~ .*.(gif|jpg|jpeg|png|bmp|swf)$
                        {
                                expires      30d;
                        }
                location ~ .*.(js|css)?$
                        {
                                expires      1d;
                        }
                access_log  logs/{{ log_name }}-access.log  main;
        }

    10.安装配置nginx

    命令行执行如下

    salt 'test82.salt.cn' state.highstate
  • 相关阅读:
    我的第一个python web开发框架(4)——数据库结构设计与创建
    我的第一个python web开发框架(3)——怎么开始?
    我的第一个python web开发框架(2)——一个简单的小外包
    我的第一个python web开发框架(1)——前言
    让python bottle框架支持jquery ajax的RESTful风格的PUT和DELETE等请求(新方法)
    让python bottle框架支持jquery ajax的RESTful风格的PUT和DELETE等请求
    python服务器环境搭建(3)——参数配置
    python服务器环境搭建(2)——安装相关软件
    python服务器环境搭建(1)——本地服务器准备
    一个按成绩排序SQL的写法问题
  • 原文地址:https://www.cnblogs.com/jim-hwg/p/4620802.html
Copyright © 2011-2022 走看看