puppet 基礎-nginx

centos 系統 部署 nginx

一. 安裝nginx伺服器 建立子產品 nginx-deploy-1_8_0 [[email protected] modules]# tree nginx-deploy-1_8_0/ nginx-deploy-1_8_0/ ├── files │   ├── nginx-1.8.0.tar.gz │   ├── nginx.conf │   ├── nginx-deploy-1.8.0.sh │   └── nginx-restart-1.8.0.sh ├── manifests │   ├── before.pp │   ├── init.pp │   └── install.pp └── templates

3 directories, 7 files

init.pp

[[email protected] manifests]# cat init.pp  class nginx-deploy-1_8_0 {   include nginx-deploy-1_8_0::before   include nginx-deploy-1_8_0::install }

before.pp

[[email protected] manifests]# cat before.pp  class nginx-deploy-1_8_0::before {   file { "/tools/nginx-deploy-1.8.0":     ensure => directory,     owner  => "root",     group  => "root",     mode   => "0775"   }

  group { 'nginx':     ensure => present,     name => 'nginx',     gid => '602',     allowdupe => true   }

  user { 'nginx':     ensure => present,     uid => '602',     allowdupe => true,     groups => 'nginx',     managehome => true,     home => '/home/nginx',     shell => '/bin/bash'   }

  package { "gcc":     ensure => installed,     require => Yumrepo["repo163"];   }      package { "pcre-devel":     ensure => installed,     require => Yumrepo["repo163"];   }

  package { "openssl":     ensure => installed,     require => Yumrepo["repo163"];   }

  package { "openssl-devel":     ensure => installed,     require => Yumrepo["repo163"];   }      file { "/tools/nginx-deploy-1.8.0/nginx-1.8.0.tar.gz":     source => "puppet://master-192.168.9.157.centos.test.com/files/nginx-deploy-1_8_0/files/nginx-1.8.0.tar.gz",     owner => "root",     group => "root",     mode => "744"   }     file { "/tools/nginx-deploy-1.8.0/nginx-deploy-1.8.0.sh":     source => "puppet://master-192.168.9.157.centos.test.com/files/nginx-deploy-1_8_0/files/nginx-deploy-1.8.0.sh",     owner => "root",     group => "root",     mode => "744"   }

  file { "/tools/nginx-deploy-1.8.0/nginx-restart-1.8.0.sh":     source => "puppet://master-192.168.9.157.centos.test.com/files/nginx-deploy-1_8_0/files/nginx-restart-1.8.0.sh",     owner => "root",     group => "root",     mode => "744"   }

  file { "/tools/nginx-deploy-1.8.0/nginx.conf":     source => "puppet://master-192.168.9.157.centos.test.com/files/nginx-deploy-1_8_0/files/nginx.conf",     owner => "root",     group => "root",     mode => "744"   }    }

install.pp

[[email protected] manifests]# cat install.pp  class nginx-deploy-1_8_0::install {   exec { "install nginx-deploy-1_8_0":     cwd => "/tools/nginx-deploy-1.8.0",     command => "sh /tools/nginx-deploy-1.8.0/nginx-deploy-1.8.0.sh",     user => "root",     group => "root",     path => ["/usr/bin:/usr/sbin:/bin:/sbin"],     require => Class[nginx-deploy-1_8_0::before]   }  }

nginx-deploy-1.8.0.sh   nginx部署腳本

[[email protected] files]# cat nginx-deploy-1.8.0.sh #!/bin/sh

rootpath=/tools/nginx-deploy-1.8.0 gzpath=${rootpath}/nginx-1.8.0.tar.gz dirpath=${rootpath}/nginx-1.8.0

cd ${rootpath} tar zxvf ${gzpath} cd ${dirpath} ./configure make make install

if [ -d /usr/local/nginx ];then   mkdir -p /usr/local/nginx/conf/vhosts_conf fi if [ -f ${rootpath}/nginx.conf ];then   rm -f /usr/local/nginx/conf/nginx.conf   cp ${rootpath}/nginx.conf /usr/local/nginx/conf/ fi chown -R nginx:nginx /usr/local/nginx sh ${rootpath}/nginx-restart-1.8.0.sh start retcode=`echo $?` if [ $retcode -ne 0 ];then   exit 1 fi

exit 0

nginx-restart-1.8.0.sh  nginx啟動，停止和重新開機腳本

[[email protected] files]# cat nginx-restart-1.8.0.sh  #!/bin/sh

rootpath=/usr/local/nginx  nginxpath=${rootpath}/sbin/nginx confpath=${rootpath}/conf/nginx.conf pidpath=${rootpath}/nginx.pid

count=`ps -ef|grep ${nginxpath}|wc -l`   do_start() {   if [ $count -eq 1 ];then      ${nginxpath} -c ${confpath}   else     echo "nginx is running"      exit 1   fi }   do_stop() {   if [ $count -eq 1 ];then     echo "nginx is stopped"      exit 1   else     kill -QUIT `cat ${pidpath}`   fi }   do_reload() {   if [ $count -eq 1 ];then     echo "nginx is stopped"      ${nginxpath} -c ${confpath}   else     ${nginxpath} -s reload   fi }   case "$1" in   start)     do_start   ;;   stop)     do_stop   ;;   reload)     do_reload   ;;   restart)     do_stop     sleep 10     do_start   ;;   *)     echo "Usage: {start|stop|reload|restart}"     exit 3   ;; esac

exit 0

nginx.conf  nginx配置檔案

[[email protected] files]# cat nginx.conf  user nginx nginx; worker_processes  4; error_log  logs/error.log crit; pid        /usr/local/nginx/nginx.pid; worker_rlimit_nofile 51200;

events {     use epoll;     worker_connections  1024; }

http {     include       mime.types;     default_type  application/octet-stream;

    client_body_buffer_size 8K;     client_body_temp_path /usr/local/nginx/client_body_temp;     client_body_timeout 30;     client_header_buffer_size 32k;     large_client_header_buffers 4 32k;     client_header_timeout 30;     client_max_body_size 32m;          log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '                       '$status $body_bytes_sent "$http_referer" '                       '"$http_user_agent" "$http_x_forwarded_for"';

    sendfile        on;     tcp_nopush     on;     keepalive_timeout  3;     tcp_nodelay on;     send_timeout 30;

    server_names_hash_max_size 512;     server_names_hash_bucket_size 128;     server_tokens off;     open_file_cache off;

    fastcgi_connect_timeout 60;     fastcgi_send_timeout 60;     fastcgi_read_timeout 60;     fastcgi_temp_path /usr/local/nginx/fastcgi_temp 1 2;     fastcgi_buffer_size 64k;     fastcgi_buffers 256 4k;     fastcgi_max_temp_file_size 256k;     fastcgi_intercept_errors on;     fastcgi_index index.php;

    gzip  on;     gzip_buffers     16 4k;     gzip_comp_level 1;     gzip_http_version 1.1;     gzip_min_length 1024;     gzip_types text/css text/xml text/plain text/vnd.wap.wml application/x-javascript application/rss+xml application/xhtml+xml; 

    proxy_temp_path /usr/local/nginx/proxy_temp;     proxy_buffer_size 4k;     proxy_buffering on;     proxy_buffers 256 4k;     proxy_busy_buffers_size 8k;           #virtualhost  加載虛拟主機     include /usr/local/nginx/conf/vhosts_conf/*;

}

二.nginx做代理伺服器 建立子產品nginx-restart-1_8_0 [[email protected] modules]# tree nginx-restart-1_8_0 nginx-restart-1_8_0 ├── files │   ├── restart.sh │   └── web.conf ├── manifests │   ├── before.pp │   ├── init.pp │   └── install.pp └── templates

3 directories, 5 files

init.pp

[[email protected] manifests]# cat init.pp  class nginx-restart-1_8_0 {   include nginx-restart-1_8_0::before   include nginx-restart-1_8_0::install }

before.pp

[[email protected] manifests]# cat before.pp  class nginx-restart-1_8_0::before {   file { "/tools/nginx-restart-1.8.0":     ensure => directory,     owner  => "root",     group  => "root",     mode   => "0775"   }      file { "/tools/nginx-restart-1.8.0/web.conf":     source => "puppet://master-192.168.9.157.centos.test.com/files/nginx-restart-1_8_0/files/web.conf",     owner => "root",     group => "root",     mode => "744"   }

  file { "/tools/nginx-restart-1.8.0/restart.sh":     source => "puppet://master-192.168.9.157.centos.test.com/files/nginx-restart-1_8_0/files/restart.sh",     owner => "root",     group => "root",     mode => "744"   }

}

install.pp

[[email protected] manifests]# cat install.pp  class nginx-restart-1_8_0::install {   exec { "install nginx-restart-1_8_0":     cwd => "/tools/nginx-restart-1.8.0",     command => "sh /tools/nginx-restart-1.8.0/restart.sh",     user => "root",     group => "root",     path => ["/usr/bin:/usr/sbin:/bin:/sbin"],     require => Class[nginx-restart-1_8_0::before]   }  }

restart.sh  修改nginx配置，重新開機nginx

[[email protected] files]# cat restart.sh  #!/bin/sh

rootpath=/tools/nginx-restart-1.8.0 confpath=/usr/local/nginx/conf vhostspath=/usr/local/nginx/conf/vhosts_conf restartpath=/tools/nginx-deploy-1.8.0/nginx-restart-1.8.0.sh

strdate=`date +%Y%m%d%H%M`

if [ ! -d ${rootpath}/${strdate} ];then   mkdir -p ${rootpath}/${strdate} fi

mv ${rootpath}/*.conf ${rootpath}/${strdate}/

#判斷是否修改nginx.conf ls -lrt ${rootpath}/${strdate}/nginx.conf  2>/etc/null retcode=`echo $?` if [ $retcode -ne 0 ];then   echo "no nginx.conf"   else   mv ${confpath}/nginx.conf ${confpath}/nginx.conf_${strdate}    cp ${rootpath}/${strdate}/nginx.conf ${confpath}/   mv ${rootpath}/${strdate}/nginx.conf ${rootpath}/${strdate}/nginx.conf_bak fi

#判斷是否修改虛拟主機配置 ls -lrt ${rootpath}/${strdate}/*.conf 2>/etc/null retcode=`echo $?` if [ $retcode -ne 0 ];then   echo "no nginx.conf"   else   ls -lrt ${rootpath}/${strdate}/*.conf|awk '{print $9}'|while read file   do     if [ -f ${vhostspath}/${file} ];then       mv ${vhostspath}/${file} ${vhostspath}/${file}_${strdate}           cp ${file} ${vhostspath}/     else       cp ${file} ${vhostspath}/     fi   done fi

chown -R nginx:nginx /usr/local/nginx sh ${restartpath} reload retcode=`echo $?` if [ $retcode -ne 0 ];then   exit 1 fi

exit 0

web.conf  nginx虛拟主機配置，nginx做代理伺服器

[[email protected] files]# cat web.conf      upstream web_server_pool {         ip_hash;         server 127.0.0.1:8080;     }

    server {         listen  80;         server_name 192.168.9.158;         access_log  logs/web.access.log  main;         location / {             proxy_next_upstream http_502 http_504 error timeout invalid_header;             proxy_pass http://web_server_pool;             proxy_set_header Host $host;             proxy_set_header X-Forwarded-For $remote_addr;         }     }