使用ansible-playbook 在新的服务器上面安装和配置nginx
服务器信息
ip | 系统 | 配置 | 角色 |
---|---|---|---|
172.24.32.200 | centos7.7 | 2c4g | ansible-server |
172.24.32.201 | centos7.7 | 2c4g | agent、web |
配置
在ansible-server服务器上(172.24.32.200)创建目录
cd /etc/ansible/roles/
mkdir -pv ./nginx/{files,templates,tasks,handlers,vars,meta,dafault}
查看目录结构
tree .
[root@test01 roles]# tree .
.
└── nginx
├── dafault
├── files
├── handlers
├── meta
├── tasks
├── templates
└── vars
8 directories, 0 files
Task1:安装nginx
安装的yml文件
vim nginx/tasks/install.yml
###安装epel源
- name: install epel-release package
yum: name=epel-release state=installed
###安装nginx
- name: install nginx package
yum: name=nginx state=installed
###启动nginx,并添加开机自启动
- name: start nginx service
service: name=nginx enabled=true state=started
编辑task目录下的main.yml,准备测试执行task1
vim nginx/tasks/main.yml
##安装nginx
- include: install.yml
roles的nginx 同级目录下创建playbook
vim nginx.yml
playbook 内容如下
- hosts: web
remote_user: root
roles:
- role: nginx
测试并且执行playbook,这里测试的时候,第二个报错了,但是别慌,是因为没有正式安装epel源,所以找不到nginx安装包。
[root@test01 roles]# ansible-playbook -C nginx.yml
PLAY [web] ******************************************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************************
ok: [172.24.32.201]
TASK [nginx : install epel-release package] *********************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginx : install nginx package] ****************************************************************************************************************************************************************************
fatal: [172.24.32.201]: FAILED! => {"changed": false, "msg": "No package matching 'nginx' found available, installed or updated", "rc": 126, "results": ["No package matching 'nginx' found available, installed or updated"]}
PLAY RECAP ******************************************************************************************************************************************************************************************************
172.24.32.201 : ok=2 changed=1 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
[root@test01 roles]# ansible-playbook nginx.yml
PLAY [web] ******************************************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************************
ok: [172.24.32.201]
TASK [nginx : install epel-release package] *********************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginx : install nginx package] ****************************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginx : start nginx service] ******************************************************************************************************************************************************************************
changed: [172.24.32.201]
PLAY RECAP ******************************************************************************************************************************************************************************************************
172.24.32.201 : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
执行成功
验证:
使用ansible指令查看web这台服务器上nginx的状态
ansible web -m shell -a 'shell=/bin/bash systemctl status nginx'
验证结果
172.24.32.201 | CHANGED | rc=0 >>
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2020-05-13 11:48:53 CST; 1h 58min ago
Process: 2398 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 2395 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 2393 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 2400 (nginx)
CGroup: /system.slice/nginx.service
├─2400 nginx: master process /usr/sbin/ngin
├─2401 nginx: worker proces
└─2402 nginx: worker proces
May 13 11:48:53 test02 systemd[1]: Starting The nginx HTTP and reverse proxy server...
May 13 11:48:53 test02 nginx[2395]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
May 13 11:48:53 test02 nginx[2395]: nginx: configuration file /etc/nginx/nginx.conf test is successful
May 13 11:48:53 test02 systemd[1]: Started The nginx HTTP and reverse proxy server.
Task2:修改nginx的配置
创建新的文件夹
cd /etc/ansible/roles/
mkdir -pv ./nginxconfig/{files,templates,tasks,handlers,vars,meta,dafault}
cd /etc/ansible/roles/nginxconfig
目录结构
├── dafault
├── files
│ └── 50x.html
├── handlers
│ └── main.yml
├── meta
├── tasks
│ ├── config.yml
│ ├── main.yml
│ └── main.yml.bak
├── templates
│ ├── demo.conf.j2
│ └── proxy.conf.j2
└── vars
└── main.yml
task文件
touch tasks/config.yml
cat>> tasks/config.yml<<EOF
###准备目录路径
- name: create html root dir
file: path={{ htmlroot }} state=directory
when: servertype == 'web'
###修改配置文,并cp到对应的目录
- name: install web conf file
template: src=templates/demo.conf.j2 dest=/etc/nginx/conf.d/demo.conf
when: servertype == 'web'
notify: reload nginx
###添加proxy部分配置段
- name: install proxy conf file
template: src=templates/proxy.conf.j2 dest=/etc/nginx/conf.d/demo.conf
when: servertype == 'web'
notify: reload nginx
###设置50x.html
- name: install error page
copy: src=files/50x.html dest={{ htmlroot }}/
when: servertype == 'web'
EOF
tasks目录下的main文件
touch tasks/main.yml
cat >>tasks/main.yml<<EOF
- include: config.yml
EOF
templates目录下的server文件
touch templates/demo.conf.j2
cat >>templates/demo.conf.j2<<EOF
server {
listen 9090;
server_name {{ ansible_hostname }};
}
EOF
templates目录下proxy的文件
templates/proxy.conf.j2
cat >>templates/proxy.conf.j2<<EOF
server {
listen 9090;
server_name {{ ansible_hostname }};
{% if nginx_use_proxy %}
{% for proxy in nginx_proxies %}
location {{ proxy.location }} {
proxy_pass {{ proxy.url }};
}
{% endfor %}
{% endif %}
{% if nginx_server_error %}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root {{ htmlroot }};
}
{% endif %}
{% if nginx_server_websocket %}
location /socket {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass {{ backendurl_socket }};
}
{% endif %}
}
EOF
将50x.html文件上传到/etc/ansible/roles/nginxconfig/file目录下
触发器文件
touch handlers/main.yml
cat >>handlers/main.yml<<EOF
- name: reload nginx
service: name=nginx state=reloaded
EOF
参数文件
touch vars/main.yml
cat >>vars/main.yml<<EOF
servertype: web
backendurl_socket: 'http://172.24.32.200:3000/socket'
ansible_hostname: test02
htmlroot: /etc/nginx/html
nginx_proxies:
- url: http://172.24.32.200:3000
location: /
- url: http://172.24.32.200:3000/test
location: /error
EOF
至此,roles下面的文件全部准备完毕
在nginxconfig同级目录下面写playbook文件
touch /etc/ansible/roles/nginxconf.yml
cat >>/etc/ansible/roles/nginxconf.yml<<EOF
- name: edit nginx config file
hosts: web
remote_user: root
vars:
nginx_use_proxy: true
nginx_server_error: true
nginx_server_websocket: true
roles:
- role: nginxconfig
EOF
验证palybook文件
[root@test01 roles]# ansible-playbook -C nginxconf.yml
PLAY [edit nginx config file] ***********************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************************
ok: [172.24.32.201]
TASK [nginxconfig : create html root dir] ***********************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginxconfig : install web conf file] **********************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginxconfig : install proxy conf file] ********************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginxconfig : install error page] *************************************************************************************************************************************************************************
changed: [172.24.32.201]
RUNNING HANDLER [nginxconfig : reload nginx] ********************************************************************************************************************************************************************
changed: [172.24.32.201]
PLAY RECAP ******************************************************************************************************************************************************************************************************
172.24.32.201 : ok=6 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
没问题,执行playbook文件
[root@test01 roles]# ansible-playbook nginxconf.yml
PLAY [edit nginx config file] ***********************************************************************************************************************************************************************************
TASK [Gathering Facts] ******************************************************************************************************************************************************************************************
ok: [172.24.32.201]
TASK [nginxconfig : create html root dir] ***********************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginxconfig : install web conf file] **********************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginxconfig : install proxy conf file] ********************************************************************************************************************************************************************
changed: [172.24.32.201]
TASK [nginxconfig : install error page] *************************************************************************************************************************************************************************
changed: [172.24.32.201]
RUNNING HANDLER [nginxconfig : reload nginx] ********************************************************************************************************************************************************************
changed: [172.24.32.201]
PLAY RECAP ******************************************************************************************************************************************************************************************************
172.24.32.201 : ok=6 changed=5 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
执行成功
检验配置文件
ansible web -m shell -a 'shell=/bin/bash cat /etc/nginx/conf.d/demo.conf'
结果:
[root@test01 roles]# ansible web -m shell -a 'shell=/bin/bash cat /etc/nginx/conf.d/demo.conf'
172.24.32.201 | CHANGED | rc=0 >>
server {
listen 9090;
server_name test02;
location / {
proxy_pass http://172.24.32.200:3000;
}
location /error {
proxy_pass http://172.24.32.200:3000/test;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /etc/nginx/html;
}
location /socket {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://172.24.32.200:3000/socket;
}
}
修改成功
网友评论