Ansible之角色基础服务Nginx安装

Ansible批量部署编译安装nginx

使用Ansible角色来编译安装Nginx,来对之前学的做总结。

思路: 安装nginx的编译环境 下载文件、解压 编译安装 使用yum、user、get_url、file、unarchive、shell等模块。

创建启动nginx用户

代码语言:javascript
复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/user.yml 
- name: create nginx group
  group: name={{ group }} gid={{ gid }} system=yes
- name: create nginx user
  user: name={{ user }} group={{ group }} uid={{ uid }} system=yes shell=/sbin/nologin create_home=no

安装依赖软件

代码语言:javascript
复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/packages.yml 
- name: installed packages
  yum: name={{ packages }} state=present
  vars:
    packages:
      - openssl-devel
      - pcre-devel
      - gcc
      - libxml2-devel
      - libxslt-devel
      - gd-devel

解压nginx文件包

代码语言:javascript
复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/download.yml 
- name: download nginxserver
  get_url: dest={{ download }} url=http://nginx.org/download/{{ nginx_ver }}.tar.gz
- name: tar xf nginx
  unarchive: src={{ download }}/{{ nginx_ver }}.tar.gz dest={{ download }} copy=no

安装nginx

代码语言:javascript
复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/install.yml 
- name: install nginx code
  shell:
    chdir: "{{ download }}/{{ nginx_ver }}"
    cmd: >
       ./configure 
       --prefix={{ install_dir}}/{{ nginx_ver }} 
       --sbin-path={{ sbin_path }}
       --conf-path={{ conf_path }} 
       --error-log-path={{ error_log }} 
       --http-log-path={{ http_log }} 
       --user={{ user }} 
       --group={{ group }} 
       --with-compat --with-debug 
       --with-file-aio 
       --with-http_addition_module 
       --with-http_auth_request_module 
       --with-http_dav_module 
       --with-http_degradation_module 
       --with-http_flv_module 
       --with-http_gunzip_module 
       --with-http_gzip_static_module 
       --with-http_image_filter_module=dynamic 
       --with-http_mp4_module  
       --with-http_random_index_module 
       --with-http_realip_module 
       --with-http_secure_link_module 
       --with-http_slice_module 
       --with-http_ssl_module 
       --with-http_stub_status_module 
       --with-http_sub_module 
       --with-http_v2_module 
       --with-http_xslt_module=dynamic 
       --with-mail=dynamic 
       --with-mail_ssl_module 
       --with-pcre 
       --with-pcre-jit 
       --with-stream=dynamic 
       --with-stream_ssl_module 
       --with-stream_ssl_preread_module
       --with-threads 
       &&
       make;make install
    creates: {{ install_dir }}{{ nginx_ver }}

检查nginx并加入systemd启动

代码语言:javascript
复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/systemd.yml 
- name: Check Nginx Configure Status
  command: /usr/sbin/nginx -t
  register: check_nginx
  changed_when: ( check_nginx.stdout.find('successful') )
  • name: Configure Nginx systemd
    template: src=nginx.service.j2 dest=/usr/lib/systemd/system/nginx.service

  • name: Systemd Started nginx server
    systemd:
    daemon_reload: yes
    name: nginx
    enabled: yes
    state: started

环境变量准备

代码语言:javascript
复制
[root@ansbile01 ~/roles]$ cat nginx/vars/main.yml

user configure

group: www
user: www
gid: 666
uid: 666

nginx configure

download: "/data/"
nginx_ver: nginx-1.18.0
install_dir: "/usr/local"
sbin_path: "/usr/sbin/nginx"
conf_path: "/etc/nginx/nginx.conf"
error_log: "/var/log/nginx/error.log"
http_log: "/var/log/nginx/access.log"

nginx.service模板准备

代码语言:javascript
复制
[Unit]
Description=nginx service
After=network.target

[Service]
Type=forking
PIDFile={{ install_dir }}/{{ nginx_ver }}/logs/nginx.pid
ExecStart={{ sbin_path }}
ExecReload={{ sbin_path }} -s reload
ExecStop={{ sbin_path }} -s stop
PrivateTmp=true

[Install]
WantedBy=multi-user.target

tasks主体

代码语言:javascript
复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/main.yml

  • include_tasks: user.yml
  • include_tasks: packages.yml
  • include_tasks: download.yml
  • include_tasks: install.yml
  • include_tasks: systemd.yml

定义playbook

代码语言:javascript
复制
[root@ansible01 ~/roles]$cat nginx.yml
  • hosts: webserver
    roles:
    • role: nginx