使用Ansible自动配置Nginx服务

时间:2022-09-06 09:09:11

1、首先安装好Ansible环境,具体步骤请见Ansible安装

2、先创建hosts文件(为后面编写脚本安装JDK做铺垫)

[root@localhost /]# vi hosts

[jdktest]

192.168.186.133 ansible_ssh_user=guxiong ansible_ssh_pass=private
192.168.186.134 ansible_ssh_user=guxiong ansible_ssh_pass=private

注:记得/etc/ansible/hosts也要加入

3、创建文件夹

[root@localhost /]#

makedir roles

nginx-install

default

files

ngnix-install

使用Ansible自动配置Nginx服务

nginx-install.tar.gz

handler

meta

tasks    main.yml

templates  install-nginx.sh   nginx.conf

vars   main.yml

4、编辑tasks下面的main.yml

 - name: create direc

    shell: mkdir -p {{ nginx_path }}

  - name: copy nginx file to remote client

    copy: src=nginx-install.tar.gz dest=/home/{{ user }}

  - name: untar nginx

    shell: tar -zxf nginx-install.tar.gz

  - name: configure install-nginx.sh user template

    template: src=install-nginx.sh dest=/home/{{ user }}/nginx-install/install-nginx.sh

  - name: cd install direc and excu install

    shell: cd /home/{{ user }}/nginx-install && sh install-nginx.sh

  - name: configure nginx.conf use template

    template: src=nginx.conf dest={{ nginx_path }}/conf/nginx.conf

  - name: rm nginxfiles

    shell: rm -rf /home/{{ user }}/nginx-install*

5、编辑templates下的 install-nginx.sh

#!/bin/bash

mkdir -p {{ nginx_path }}

cd nginx-1.9.3-hide-version

./configure --prefix={{ nginx_path }} --with-http_ssl_module --with-http_gunzip_module --with-http_stub_status_module --with-http_gzip_static_module --with-zlib=../zlib-1.2.8 --with-pcre=../pcre-8.38 --add-module=../nginx_upstream_check_module-master --add-module=../ngx_cache_purge-2.3  && make && make install

sleep 6

exit 0

nginx.conf

#user  nobody;

worker_processes  4;

error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

pid        logs/nginx.pid;

events {

    worker_connections  1024;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

    #                  '$status $body_bytes_sent "$http_referer" '

    #                  '"$http_user_agent" "$http_x_forwarded_for"';

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

                  '$status $body_bytes_sent "$http_referer" '

                  '"$http_user_agent" "$http_x_forwarded_for"'

                  '"$upstream_cache_status"';

    access_log  logs/access.log  main;

    sendfile        on;

    #tcp_nopush     on;

    server_tokens off;

    #keepalive_timeout  0;

    keepalive_timeout  65;

    gzip  on;

        proxy_connect_timeout      60;

        proxy_read_timeout         30;

        proxy_send_timeout         60;

        proxy_buffer_size          4k;

        proxy_buffers              32 4k;

        proxy_busy_buffers_size    8k;

        proxy_temp_file_write_size 512k;

        proxy_next_upstream http_500 http_502 http_503 error invalid_header;

    proxy_temp_path {{ nginx_path }}/proxy_temp;

    proxy_cache_path {{ nginx_path }}/proxy_cache

 levels=1:2 keys_zone=cache_one:100m inactive=2d max_size=2g;

    upstream test {

			server 192.168.186.133:8080;

			server 192.168.186.134:8080;

			check interval=3000 rise=2 fall=5 timeout=1000 type=tcp;

			ip_hash;

}

    server {

        listen       {{ nginx_port }};

        server_name  {{ nginx_host }};

        check_status;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {

       #     root   html;

        #    index  index.html index.htm;

	proxy_pass  http://test/baidu/;

        }

               location / {

                            proxy_pass  http://test;

                                    }

location ~ /purge(/.*) {

	#	allow 192.168.100.112;

	#	allow 192.168.100.64;

		allow all;

#		deny all;

		proxy_cache_purge  cache_one $host$1$is_args$args;

		error_page 405 =200 /purge$1;

}

location ^~ /jenkins {

proxy_pass http://test/jenkins/;

proxy_set_header Host $host;

            proxy_set_header   X-Real-IP   $remote_addr;

            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

access_log logs/jenkins_access.log main; 

}

	location /status {

			check_status;

			access_log off;

		#	allow 192.168.100.64;

			allow all;

			deny all;

	}

        #error_page  404              /404.html;

location ~ .*\.(gif|jpg|png|html|css|ico|pdf) {

            proxy_pass  http://test;

            proxy_redirect off;

            proxy_set_header Host $host;

            proxy_set_header   X-Real-IP   $remote_addr;

            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_cache cache_one;

            add_header Nginx-Cache $upstream_cache_status;

            proxy_cache_valid  200 304 301 302 8h;

            proxy_cache_valid 404 1m;

            proxy_cache_valid  any 2d;

            proxy_cache_key $host$uri$is_args$args;

            expires 30d;

		access_log  logs/host.access.log  main;

#		access_log  logs/access.log  main;

        }

        # redirect server error pages to the static page /50x.html

        #

        error_page   500 502 503 504  /50x.html;

        location = /50x.html {

            root   html;

        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80

        #

        #location ~ \.php$ {

        #    proxy_pass   http://127.0.0.1;

        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

        #

        #location ~ \.php$ {

        #    root           html;

        #    fastcgi_pass   127.0.0.1:9000;

        #    fastcgi_index  index.php;

        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;

        #    include        fastcgi_params;

        #}

        # deny access to .htaccess files, if Apache's document root

        # concurs with nginx's one

        #

        #location ~ /\.ht {

        #    deny  all;

        #}

    }

    # another virtual host using mix of IP-, name-, and port-based configuration

    #

    #server {

    #    listen       8000;

    #    listen       somename:8080;

    #    server_name  somename  alias  another.alias;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

    # HTTPS server

    #

    #server {

    #    listen       443 ssl;

    #    server_name  localhost;

    #    ssl_certificate      cert.pem;

    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;

    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;

    #    ssl_prefer_server_ciphers  on;

    #    location / {

    #        root   html;

    #        index  index.html index.htm;

    #    }

    #}

}

6、将使用到的变量编辑vars下的main.yml

user: guxiong

nginx_host: 192.168.186.134

nginx_port: 3080

nginx_path: /home/guxiong/nginx1.9.0

7、ansible-playbook安装  

[root@localhost /]# ansible-playbook nginx-install.yml --extra-var "host_cluster=jdktest user=guxiong nginx_host=192.168.186.134 nginx_port=3080 nginx_path=/home/guxiong/nginx1.9.0"

PLAY [jdktest] **************************************************************** 

TASK: [nginx-install | create direc] ******************************************

changed: [192.168.186.134]

changed: [192.168.186.133]

TASK: [nginx-install | copy nginx file to remote client] **********************

changed: [192.168.186.134]

changed: [192.168.186.133]

TASK: [nginx-install | untar nginx] *******************************************

changed: [192.168.186.134]

changed: [192.168.186.133]

TASK: [nginx-install | configure install-nginx.sh user template] **************

changed: [192.168.186.134]

changed: [192.168.186.133]

TASK: [nginx-install | cd install direc and excu install] *********************

changed: [192.168.186.134]

changed: [192.168.186.133]

TASK: [nginx-install | configure nginx.conf use template] *********************

changed: [192.168.186.134]

changed: [192.168.186.133]

TASK: [nginx-install | rm nginxfiles] *****************************************

changed: [192.168.186.134]

changed: [192.168.186.133]

PLAY RECAP ********************************************************************

192.168.186.133            : ok=7    changed=7    unreachable=0    failed=0

192.168.186.134            : ok=7    changed=7    unreachable=0    failed=0

  

使用Ansible自动配置Nginx服务的更多相关文章

  1. Ansible安装配置Nginx

    一.思路 现在一台机器上编译安装好nginx.打包,然后在用ansible去下发 cd /etc/ansible 进入ansible配置文件目录 mkdir roles/{common,install ...

  2. 自动分割nginx服务的日志文件

    nginx服务每天都会产生大量的日志信息,时间一长导致日志文件容量很大,会影响系统性能.通过以下shell代码,配合crontab定时执行可实现nginx日志定时分割的功能. #!/bin/bash ...

  3. 配置Nginx服务

    一,安装之前准备1.nginx依赖: gcc openssl-devel pcre-devel zlib-devel    安装依赖:yum install gcc openssl-devel pcr ...

  4. Centos 6.5 配置nginx服务

    官方网站:http://nginx.org最新版本:1.7.11官方文档:http://nginx.org/en/docs/ 一.安装NGINX查看当前centos版本: #cat /etc/redh ...

  5. 使用Ansible自动配置JDK环境

    1.首先安装好Ansible环境,具体步骤请见Ansible安装 2.先创建hosts文件(为后面编写脚本安装JDK做铺垫) [root@localhost /]# vi hosts [jdktest ...

  6. 【CNMP系列】CentOS7.0下安装Nginx服务

    话步前言,CNMP之路,系统起步:http://www.cnblogs.com/riverdubu/p/6425028.html 这回我来讲解下CentOS7.0下如何安装和配置Nginx服务 Ngi ...

  7. nodejs配置nginx 以后链接mongodb数据库

    服务器 :windows server2008 R2 反向代理 :nginx 1.15.1 for window 64位 数据库:mongodb 4 64位 使用框架express 首先下载nodej ...

  8. Nginx优化之基本安全优化 (隐藏Nginx软件版本号信息,更改源码隐藏Nginx软件名及版本号,更改Nginx服务的默认用户)

    一,隐藏Nginx软件版本号信息 查看版本号 curl -I 192.168.0.220 HTTP/1.1 200 OK Server: nginx/1.6.2 #这里清晰的暴露了Web版本号(1.6 ...

  9. ansible自动部署Keepalived实现Nginx服务双机热备

    脚本实现通过ansible-playbook自动化安装Keepalived和配置,主要解决问题如下: Keepalived自动化安装: keepalived_vrid配置,自动根据vip获取最后一段作 ...

随机推荐

  1. 实践Html5的上传文件

    技术点: 1.通过input的change事件获取文件信息: onchange = function() { this.files } 这个files属性是htmlInputElement接口的属性, ...

  2. H264解码的一个測试程序

    网上看到的一个H264视频格式的解码測试程序,能够用来參考其逻辑流程. 代码例如以下: Test_Display_H264(){      in_fd = open(H264_INPUT_FILE, ...

  3. CodeForces 1B-字符串,进制转换与数学

    一个萌新的成长之路 Background 同学们都回家了,只有我和wjh还有邢神在机房敲代码,吃random口味的方便面-- Description Translated by @PC_DOS fro ...

  4. VBA find方法

    Sub Sample() Dim sfzs As New Collection Dim ws, wbs, dbs As Worksheet Dim r As Long Set ws = ThisWor ...

  5. 网络协议 3 - 从物理层到 MAC 层

        在上一篇博文中,我们见证了 IP 地址的诞生,机器一旦有了 IP,就可以在网络的环境里和其他的机器展开沟通了.     今天,我们来认识下 物理层 和 MAC 层.     日常生活中,身为 ...

  6. laravel添加model文件夹,需要改动的地方

    首先,将app\User(等model文件),移入APP\modellists文件夹中,方便整理 第二,修改模型中命名空间和引用其他model的路径 第三,将文件夹app\admin中的控制器文件,全 ...

  7. hibernate09--连接查询

    创建实体类 package cn.bdqn.bean; import java.util.ArrayList; import java.util.Date; import java.util.List ...

  8. 单台机器安装zookeeper

    先给一堆学习文档,方便以后查看 官网文档地址大全: OverView(概述) http://zookeeper.apache.org/doc/r3.4.6/zookeeperOver.html Get ...

  9. SQL 必知必会·笔记<4>使用通配符过滤数据

    LIKE操作符 通配符(wildcard): 用来匹配值的一部分的特殊字符. 百分号(%)通配符 最常使用的通配符是百分号(%).在搜索串中,%表示任何字符出现任意次数: SELECT prod_id ...

  10. python第八十八天----dom js

    DOM操作 1. 找到标签直接查找 document.getElementById 根据ID获取一个标签 document.getElementsByName 根据name属性获取标签集合 docum ...

相关文章