ansible安裝nginx (tengine)

# 接上篇

ansible管理機：192.168.8.35 名稱：kick

tomcat主機: 192.168.8.244，192.168.8.245   

haproxy  : 192.168.8.35

系統版本： Centos7.2

[root@kick ~]# ansible nginx -m copy -a "src=tengine-2.2.0.tar.gz dest=/tmp"

[root@kick ~]# ansible nginx -m copy -a "src=teng.sh dest=/tmp"

[root@kick ~]# ansible nginx -m shell -a "/bin/bash /tmp/teng.sh"

#####################  安裝腳本 #####################

#!/bin/bash

#

yum -y install pcre pcre-devel openssl openssl-devel

tar xf  /tmp/tengine-2.2.0.tar.gz -C /tmp

cd /tmp/tengine-2.2.0

./configure --prefix=/usr/local/nginx/  --with-http_realip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_auth_request_module --with-http_upstream_check_module

make -j 4 && make -j 4 install

useradd nginx -s /sbin/nologin

mkdir /usr/local/nginx/run

chown nginx.nginx /usr/local/nginx -R

chmod 777  /usr/local/nginx/run

####################################################

################## 啟動腳本 ##################

cat >> /usr/lib/systemd/system/nginx.server << EOF

[Unit]

Description=The nginx HTTP and reverse proxy server

After=network.target remote-fs.target nss-lookup.target

[Service]

Type=forking

PIDFile=/usr/local/nginx/logs/nginx.pid

# Nginx will fail to start if /usr/local/nginx/logs/nginx.pid already exists but has the wrong

# SELinux context. This might happen when running `nginx -t` from the cmdline.

# https://bugzilla.redhat.com/show_bug.cgi?id=1268621

ExecStartPre=/usr/bin/rm -f /usr/local/nginx/logs/nginx.pid

ExecStartPre=/usr/local/nginx/sbin/nginx -t

ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf

ExecReload=/bin/kill -s HUP $MAINPID

KillSignal=SIGQUIT

TimeoutStopSec=5

KillMode=process

PrivateTmp=true

[Install]

WantedBy=multi-user.target

EOF

#####################################################

[root@kick ~]# ansible nginx -m copy -a "src=nginx.service dest=/usr/lib/systemd/system/"

[root@kick ~]# ansible nginx -m shell -a "systemctl daemon-reload"

[root@kick ~]# ansible nginx -m shell -a "systemctl restart nginx"

########## 如一直出錯檢查一下端口被占情況 #########

####################### nginx 配置檔案 ##########################

user nginx;

worker_processes 2;

error_log /usr/local/nginx/logs/error.log;

pid /usr/local/nginx/logs/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.

include /usr/local/nginx/modules/*.conf;

events {

    worker_connections 1024;

}

http {

    log_format  main  '$http_x_forwarded_for $request_time - $remote_user [$time_local] "$request" '

                      '$status $body_bytes_sent "$http_referer" '

                      '"$http_user_agent"';

    access_log  /usr/local/nginx/logs/access.log  main;

    sendfile            on;

    tcp_nopush          on;

    tcp_nodelay         on;

    keepalive_timeout   65;

    types_hash_max_size 2048;

    include             /usr/local/nginx/conf/mime.types;

    default_type        application/octet-stream;

    upstream xiong.com {

        server 192.168.8.247:8080;

        server 192.168.8.246:8080;

        check interval=3000 rise=2 fall=5 timeout=1000 type=http;

    server {

        listen       80 default_server;

        server_name  localhost;

        charset utf-8;

        server_tokens off;

        # Load configuration files for the default server block.

        include /etc/nginx/default.d/*.conf;

        location / {

                proxy_pass http://xiong.com;

                proxy_set_header Host $proxy_host;

                proxy_set_header Connection Close;

                proxy_set_header X-Forwarded-For $remote_addr;

        }

        location /status {

                check_status;

                access_log off;

###########################################################################

# 複制檔案并生啟Nginx

[root@kick ~]# ansible nginx -m copy -a "src=nginx.conf dest=/usr/local/nginx/conf/"

# nginx_check_module 通路  在Haproxy中通路效果，也可以直接使用nginx位址通路

http://192.168.8.35:81/status

###################### haproxy配置 ######################

# kickstact中安裝

yum -y install haproxy

##################### haproxy配置檔案 #####################

global

    log         127.0.0.1 local2

    chroot      /var/lib/haproxy

    pidfile     /var/run/haproxy.pid

    maxconn     4000

    user        haproxy

    group       haproxy

    daemon

    stats socket /var/lib/haproxy/stats

defaults

    mode                    http

    log                     global

    option                  httplog

    option                  dontlognull

    option http-server-close

    option forwardfor       except 127.0.0.0/8

    option                  redispatch

    retries                 3

    timeout http-request    10s

    timeout queue           1m

    timeout connect         10s

    timeout client          1m

    timeout server          1m

    timeout http-keep-alive 10s

    timeout check           10s

    maxconn                 3000

listen stats

bind 0.0.0.0:88  #配置狀态資訊 端口号為88

mode http  #模式為http

stats enable  #開啟查詢狀态

stats hide-version   #隐藏版本号

stats uri /xiong?status  #通路狀态的uri

stats auth xiong:xiong #認證帳号密碼資訊

frontend  http *:81

    option forwardfor header X-Forwarded-For   #配置後端顯示的IP資訊

    default_backend             tes     #預設後端位址

backend tes

    balance     roundrobin     #使用rr方式

    server  tes1 192.168.8.244:80 check

    server  tes2 192.168.8.245:80 check

     本文轉自812374156 51CTO部落格，原文連結：http://blog.51cto.com/xiong51/1941194，如需轉載請自行聯系原作者