7, Install Nginx and playbook management profiles with Playbook

1, Installing Nginx with playbook

Idea: first compile and install nginx on a machine, package it, and then issue it with ansible

#cd / etc/ansible enter the ansible configuration file directory
#mkdir nginx install creates a nginx install directory for easy management
# cd nginx_install
# mkdir -p roles/{common,install}/{handlers,files,meta,tasks,templates,vars}

Note: there are two roles in the roles directory. common is for some preparation operations and install is for the installation of nginx. There are several directories under each role. Under handlers are the operations to be performed when changes occur. They are usually used to restart the service when the configuration file changes. Files are some files used during installation (files copied to the other machine), meta is description information, description role dependency and other information (can be left blank), tasks are the core configuration files, templates usually store some configuration files, startup scripts and other template files, and vars is the defined variable.


The files for installation shall be prepared in advance, as follows:

1. Compile and install nginx in advance on a machine, configure startup script and configuration file.

2. After installation, we need to package the nginx directory and put it under / etc/ansible/nginx_install/roles/install/files /. The name is nginx.tar.gz

3. The startup script and configuration file should be placed under / etc/ansible/nginx_install/roles/install/templates

Nginx, startup script, nginx configuration file.

# ls /usr/local/nginx/
client_body_temp  conf  fastcgi_temp  html  logs  proxy_temp  sbin  scgi_temp  uwsgi_temp
[root@fuxi01 nginx_install]# ls /etc/init.d/nginx 
/etc/init.d/nginx
[root@fuxi01 nginx_install]# ls /usr/local/nginx/conf/nginx.conf
/usr/local/nginx/conf/nginx.conf
//Compiled nginx, startup script, configuration file.
//Then pack:
# cd /usr/local/
[root@fuxi01 local]#Tar czvf nginx.tar.gz -- exclude "nginx. Conf" -- exclude "vhost" nginx / / / do not filter out the nginx.conf and vhost directories.
[root@fuxi01 local]#mv nginx.tar.gz / etc/ansible/nginx_install/roles/install/files / / move to this directory
[root@fuxi01 local]# cp nginx/conf/nginx.conf /etc/ansible/nginx_install/roles/install/templates/
[root@fuxi01 local]# cp /etc/init.d/nginx /etc/ansible/nginx_install/roles/install/templates/


To define the tasks of common, nginx needs some dependency packages. It uses the yum module and installs zlib and pcre packages.

# cd  /etc/ansible/nginx_install/roles
#vim. / common/tasks/main.yml / / as follows
- name: Install initializtion require software
  yum: name={{ item }} state=installed
  with_items:
    - zlib-devel
    - pcre-devel

Defining variables

Why put it in the template?

Because the template supports variables.

During deployment, different values can be defined according to different machine environments. For example, the first machine defines www, and the second machine defines Apache. On the left is the variable name and on the right is the variable value (www).

#vim / etc/ansible/nginx_install/roles/install/vars/main.yml / / the content is as follows
nginx_user: www
nginx_port: 80
nginx_basedir: /usr/local/nginx

First, copy all the used documents to the target machine

#vim / etc/ansible/nginx_install/roles/install/tasks/copy.yml / / is as follows
- name: Copy Nginx Software
  copy: src=nginx.tar.gz dest=/tmp/nginx.tar.gz owner=root group=root
- name: Uncompression Nginx Software
  shell: tar zxf /tmp/nginx.tar.gz -C /usr/local/
- name: Copy Nginx Start Script
  template: src=nginx dest=/etc/init.d/nginx owner=root group=root mode=0755
- name: Copy Nginx Config
  template: src=nginx.conf dest={{ nginx_basedir }}/conf/ owner=root group=root mode=0644

The nginx.tar.gz here does not write the absolute path, because the copy module will be found in the install/files directory by default, and the template module will be found under templates.


Next, the user will be created, the service will be started, and the compressed package will be deleted. (this is a total yml.)

#vim / etc/ansible/nginx_install/roles/install/tasks/install.yml / / as follows
- name: Create Nginx User
  user: name={{ nginx_user }} state=present createhome=no shell=/sbin/nologin
- name: Start Nginx Service
  shell: /etc/init.d/nginx start
- name: Add Boot Start Nginx Service
  shell: chkconfig --level 345 nginx on
- name: Delete Nginx compression files
  shell: rm -rf /tmp/nginx.tar.gz

Explain:

Module user, variable nginx ﹣ user, defined in install/vars/main.yml, present already exists, whether createhome creates the user's home directory.

Create users, start nginx service, start nginx service, delete nginx compression package.


Then create main.yml and call copy and install

#vim / etc/ansible/nginx_install/roles/install/tasks/main.yml / / the content is as follows
- include: copy.yml
- include: install.yml

The two roles: common and install are defined. Next, define an entry configuration file

#vim / etc/ansible/nginx_install/install.yml / / as follows
---
- hosts: testhost
  remote_user: root
  gather_facts: True
  roles:
    - common
    - install

Execute: ansible playbook / etc / ansible / nginx_install / install.yml

Before performing this step, you must ensure that nginx is not installed on the other machine. After successful execution, you can check the nginx process on the other machine to see if it is correct:

[root@yw03 ~]# ps aux |grep nginx
root       1127  0.0  0.0  45912  1284 ?        Ss   11 Month 21   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody     1128  0.0  0.2  48404  4168 ?        S    11 Month 21   0:43 nginx: worker process
nobody     1129  0.0  0.2  48404  3912 ?        S    11 Month 21   0:00 nginx: worker process
root       8061  0.0  0.0 112732   972 pts/0    S+   22:02   0:00 grep --color=auto nginx

Train of thought 1:

Train of thought 2:



2, playbook Management Profile

Most of the time, configuration files need to be managed in the production environment. The installation package is only used when initializing the environment. Next write a playbook to manage the nginx configuration file.

# mkdir -p /etc/ansible/nginx_config/roles/{new,old}/{files,handlers,vars,tasks}

Among them, new is used for update, old is used for rollback, under files are nginx.conf and vhosts directories, and handlers are commands for restarting nginx services.

For rollback, if the configuration file is corrected, it needs to be rolled back to the original configuration file, and then the corresponding service is loaded. The old configuration needs to be backed up before the playbook is executed. Therefore, the management of the old configuration file must be strict, and the configuration of the online machine must not be modified at will, and the configuration under the new/files must be consistent with the online configuration.

First, put the nginx.conf and vhosts directories under the files directory

# cd /usr/local/nginx/conf/
# cp -r nginx.conf vhost  /etc/ansible/nginx_config/roles/new/files/

#vim / etc / ansible / nginx ﹐ config / roles / new / vars / main. YML / / define variables
nginx_basedir: /usr/local/nginx

#vim / etc / ansible / nginx ﹐ config / roles / new / handlers / main. YML / / definition reload nginx service
- name: restart nginx
  shell: /etc/init.d/nginx reload

#vim / etc / ansible / nginx ﹐ config / roles / new / tasks / main. YML / / this is the core task
- name: copy conf file
  copy: src={{ item.src }} dest={{ nginx_basedir }}/{{ item.dest }} backup=yes owner=root group=root mode=0644
  with_items:
    - { src: nginx.conf, dest: conf/nginx.conf }
    - { src: vhost, dest: conf/ }
  notify: restart nginx
  //Explain:
  //The loop object here has two children. One is SRC, the other is dest. item.src only circulates Src in items, and item.dest only circulates dest in items.
  //Copy nginx.conf to / usr/local/nginx/conf/nginx.conf.
  notify,Here it is. handlers,Used is restart nginx    In this document:/etc/ansible/nginx_config/roles/new/handlers/main.yml

#vim / etc / ansible / nginx ﹐ config / update. YML / / finally, define the total entry configuration
---
- hosts: testhost
  user: root
  roles:
  - new

Execute: ansible playbook / etc / ansible / nginx ﹐ config / update.yml

When the content of a file is changed, executing this command again will only update the changed file.

The roles corresponding to the rollback backup.yml are old

# rsync -av  /etc/ansible/nginx_config/roles/new/ /etc/ansible/nginx_config/roles/old/

The rollback operation is to overwrite the old configuration, and then reload the nginx service. Before changing the nginx configuration file, it is backed up to the old. The corresponding directory is / etc/ansible/nginx_config/roles/old/files

#vim / etc / ansible / nginx ﹐ config / rollback. YML / / finally, define the total entry configuration
---
- hosts: testhost
  user: root
  roles:
  - old

The order is: before changing the content of the configuration file, rsync is backed up to old, and then the configuration file under / new/files is changed. After the change, ansible playbook update.yml is executed. If there is no problem, OK. If there is a problem, ansible playbook rollback.yml is executed to roll back to the previous configuration.

Tags: Linux Nginx ansible vim shell

Posted on Fri, 10 Jan 2020 02:41:02 -0800 by parkej60