zoukankan      html  css  js  c++  java

  • puppet使用 apache passsenger 作为前端 (centos)

    概要

    使用 nginx + passenger 作为puppet master 的前端

    nginx + passenger 配置

    package 安装

    通过 gem 的方式来安装 passenger,

    # gem install rake rack passenger --no-rdoc --no-ri

    安装完成之后, nginx 不能直接从 yum 的源来安装, 用下面的命令来安装,
    这样安装的 nginx 中就包含了 passenger 模块.

    root@master-2:~# passenger-install-nginx-module
# 根据提示完成安装, 中途可能会提示用 apt-get 安装一些缺失的包.
# 安装完缺失的包后, 再次执行 passenger-install-nginx-module 即可.
# 安装 nginx 之前, 会有如下选择
Do you want this installer to download, compile and install Nginx for you?

 1. Yes: download, compile and install Nginx for me. (recommended)
    The easiest way to get started. A stock Nginx 1.6.2 with Passenger
    support, but with no other additional third party modules, will be
    installed for you to a directory of your choice.

 2. No: I want to customize my Nginx installation. (for advanced users)
    Choose this if you want to compile Nginx with more third party modules
    besides Passenger, or if you need to pass additional options to Nginx's
    'configure' script. This installer will  1) ask you for the location of
    the Nginx source code,  2) run the 'configure' script according to your
    instructions, and  3) run 'make install'.

Whichever you choose, if you already have an existing Nginx configuration file,
then it will be preserved.

Enter your choice (1 or 2) or press Ctrl-C to abort: 1

# 根据情况, 如果熟悉的话, 可以选择2, 否则选择1 即可自动编译安装 nginx

    配置文件设置

    nginx 配置文件 nginx.conf

    # cat /etc/nginx/conf/nginx.conf

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    passenger_root /usr/lib/ruby/gems/1.8/gems/passenger-4.0.57;
    passenger_ruby /usr/bin/ruby;

    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;
    include /etc/nginx/conf.d/*.conf;
    #gzip  on;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

    }
}

    nginx中作为puppet前端的配置.

    # cat /etc/nginx/conf.d/puppetserver.conf
server {
  listen                     8140 ssl;
  server_name                puppet-server puppet-server.yunji.com;

  passenger_enabled          on;
  passenger_set_cgi_param    HTTP_X_CLIENT_DN $ssl_client_s_dn;
  passenger_set_cgi_param    HTTP_X_CLIENT_VERIFY $ssl_client_verify;

  access_log                 /var/log/nginx/puppet_access.log;
  error_log                  /var/log/nginx/puppet_error.log;

  root                       /usr/share/puppet/rack/puppetmasterd/public;

  ssl_certificate            /var/lib/puppet/ssl/certs/puppet-server.yunji.com.pem;
  ssl_certificate_key        /var/lib/puppet/ssl/private_keys/puppet-server.yunji.com.pem;
  ssl_crl                    /var/lib/puppet/ssl/ca/ca_crl.pem;
  ssl_client_certificate     /var/lib/puppet/ssl/certs/ca.pem;
  ssl_ciphers                SSLv2:-LOW:-EXPORT:RC4+RSA;
  ssl_prefer_server_ciphers  on;
  ssl_verify_client          optional;
  ssl_verify_depth           1;
  ssl_session_cache          shared:SSL:128m;
  ssl_session_timeout        5m;
}

    rack 目录生成

    centos 不像 debian, 没有自动生成 puppetmasterd 的 rack 目录.

    [root@puppet-server ~]# cd /usr/share/puppet
[root@puppet-server puppet]# mkdir -p rack/puppetmasterd/public
[root@puppet-server puppet]# mkdir -p rack/puppetmasterd/tmp
[root@puppet-server puppet]# cp ext/rack/config.ru rack/puppetmasterd/
[root@puppet-server puppet]# chown puppet:puppet rack/puppetmasterd/config.ru
  • 相关阅读:
    php实现base64图片上传方式实例代码
    Html5 js FileReader接口
    获取月份
    JS实现双击编辑可修改
    SimpleMDE编辑器 + 提取HTML + 美化输出
    基于visual Studio2013解决C语言竞赛题之0608水仙花函数
    基于visual Studio2013解决C语言竞赛题之0607strcpy
    基于visual Studio2013解决C语言竞赛题之0605strcat
    android --静默安装
    基于visual Studio2013解决C语言竞赛题之0604二维数组置换
  • 原文地址:https://www.cnblogs.com/wang_yb/p/4247937.html
Copyright © 2011-2022 走看看