使用saltstack源码安装nginx,首先先看一下我nginx的目录 tree一下,我们只需要关系nginx-install.sls 和nignx-service.sls。clu-vhost是我用python写的自动添加集群和自动更新踢出集群,后面会讲到。
nginx
├── files
│ ├── clu-vhost
│ │ ├── 11.py
│ │ ├── content.txt
│ │ ├── epel-release-latest-7.noarch.rpm
│ │ ├── inputcluster.py
│ │ ├── nginx-user.conf
│ │ ├── nginx-web.conf
│ │ ├── pycurlcheck.py
│ │ ├── pycurlcheck.pyc
│ │ ├── pycurltest.py
│ │ ├── testfor2.py
│ │ ├── testforfun.py
│ │ ├── testforfunuserdel.py
│ │ ├── testforfunuserdel.pyc
│ │ ├── testforfunuser.py
│ │ ├── testforfunuser.pyc
│ │ ├── testforfunweb.py
│ │ ├── testgroup.py
│ │ └── updatecluster.py
│ ├── nginx-1.9.1.tar.gz
│ ├── nginx.conf
│ └── nginx.service
├── nginx-install.sls
└── nginx-service.sls
由于需要nginx 支持正则,所以需要安装pcre,我们tree一下pcre的目录:
pcre/
├── files
│ └── pcre-8.37.tar.gz
└── pcre-install.sls
首先我们先安装pcre,pcre-install.sls:
pcre-source:
file.managed:
- name: /opt/pcre-8.37.tar.gz
- source: salt://pcre/files/pcre-8.37.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /opt && tar zxf pcre-8.37.tar.gz && cd pcre-8.37 && ./configure --prefix=/usr/local/pcre && make && make install
- unless: test -d /usr/local/pcre
- require:
- file: pcre-source
- pkg: pkg-install
安装完成pcre之后,安装nginx,nginx-install.sls:
include:
- pcre.pcre-install
- user.www
nginx-source:
file.managed:
- name: /opt/nginx-1.9.1.tar.gz
- source: salt://nginx/files/nginx-1.9.1.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /opt && tar -zxvf nginx-1.9.1.tar.gz && cd nginx-1.9.1 &&./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-http_dav_module --with-pcre=/opt/pcre-8.37 && make && make install && chown -R www:www /usr/local/nginx
- unless: test -d /usr/local/nginx
- require:
- user: www-user-group
- file: nginx-source
- pkg: pkg-install
将nginx使用系统服务来管理,nginx-service:
cat nginx/nginx-service.sls
include:
- nginx.nginx-install
nginx-config:
file.managed:
- name: /usr/local/nginx/conf/nginx.conf
- source: salt://nginx/files/nginx.conf
- user: www
- group: www
- mode: 644
- template: jinja
- defaults:
USER: {{ pillar['nginx']['nginx_user'] }}
ROOT: {{ pillar['nginx']['web_root'] }}
GROUP: {{ pillar['nginx']['nginx_group'] }}
MAX_OPEN_FILE: {{ pillar['nginx']['max_open_file'] }}
WEB_ROOT: {{ pillar['nginx']['web_root'] }}
nginx-initsv:
file.managed:
- name: /lib/systemd/system/nginx.service
- source: salt://nginx/files/nginx.service
- user: www
- group: www
- mode: 755
nginx-web:
file.directory:
- name: /opt/web
- unless: test -d /opt/web
nginx-vhost-config:
file.directory:
- name: /usr/local/nginx/conf/vhost
- unless: test -d /usr/local/nginx/conf/vhost
service.running:
- name: nginx
- enable: True
- reload: True
- require:
- file: nginx-config
- file: nginx-initsv
- watch:
- file: nginx-vhost-config
###这里大家可能注意到了变量,这个是蒹葭模板,是saltstack的一种写法。多写就知道了,这里的作用是动态配置nginx.conf的nginx进程数量。
下面看一下nginx.conf的模板文件就明白了:
cat nginx.conf
user `USER` `GROUP`;
worker_processes {{ grains['num_cpus'] }};
{% if grains['num_cpus'] == 2 %}
worker_cpu_affinity 01 10;
{% elif grains['num_cpus'] == 4 %}
worker_cpu_affinity 1000 0100 0010 0001;
{% elif grains['num_cpus'] >= 8 %}
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
{% else %}
worker_cpu_affinity 01;
{% endif %}
error_log `WEB_ROOT`/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile `MAX_OPEN_FILE`;
events
{
use epoll;
worker_connections `MAX_OPEN_FILE`;
#multi_accept on;
}
http
{
include mime.types;
default_type application/octet-stream;
charset utf-8;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
# client_max_body_size 8m;
sendfile on;
tcp_nopush on;
keepalive_timeout 120;
fastcgi_connect_timeout 400;
fastcgi_send_timeout 400;
fastcgi_read_timeout 400;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
server_tokens off;
client_max_body_size 512m; #允许客户端请求的最大单个文件字节数
client_body_buffer_size 128k; #缓冲区代理缓冲用户端请求的最大字节数
proxy_connect_timeout 600; #跟后端服务器连接超时时间,发起握手等候响应超时时间
proxy_read_timeout 600; #连接成功后,等候后端服务器响应时间,在后端排队中等候
proxy_send_timeout 600; #后端服务器数据回传时间,就是在规定时间内后端服务器必须传完有数
proxy_buffer_size 16k; #代理请求缓存区,这个缓存区间会保存用户的信息以供nginx进行则处理,一般只要能保存下头信息即可
proxy_buffers 4 32k; #同上,告诉nginx保存单个用的几个Buffer最大用多大空间
proxy_busy_buffers_size 64k; #如果系统很忙可以申请用的几个更大的proxy_buffer
proxy_temp_file_write_size 64k; #缓存临时文件大小
#log format
log_format access '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
include vhost/*.conf;
}
好了,nginx的安装完成了,执行salt,minion端的nginx就自动起来了。
以上如有问题,请指正
本文转自 674591788 51CTO博客,原文链接:http://blog.51cto.com/mrdeng/1901032