配置ansible环境:
1.安装软件:
ansible-2.7.8-1.el7.noarch.rpm
libtomcrypt-1.17-25.el7.x86_64.rpm
libtommath-0.42.0-5.el7.x86_64.rpm
python2-crypto-2.6.1-13.el7.x86_64.rpm
python2-jmespath-0.9.0-1.el7.noarch.rpm
python-httplib2-0.9.2-0.1.el7.noarch.rpm
python-keyczar-0.71c-2.el7.noarch.rpm
python-paramiko-2.1.1-0.9.el7.noarch.rpm
sshpass-1.06-1.el7.x86_64.rpm
python版本为2.7,此时缺少epel-release安装包
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm ##下载epel包
yum install -y epel-release-6-8.noarch.rpm ##安装
2.实现各主机免密登陆
vim /etc/hosts
172.25.30.1 server1
172.25.30.2 server2
172.25.30.3 server3
172.25.30.4 server4
ssh-keygen -t rsa ##生成rsa认证密钥
rpm -qc ansible ##查看ansible文件
vim /etc/ansible/ansible.cfg
71 host_key_checking = False
111 log_path = /var/log/ansible.log
455 accelerate_port = 10000
464 accelerate_multi_key = yes
vim /etc/ansible/hosts ##编辑ansible服务组,由于nginx配置文件调度器与real server不同,所以分开安装
[webservers]
172.25.30.4
cp /root/.ssh/id_rsa.pub authorized_keys
cd /root/.ssh/
mv /root/authorized_keys .
scp * root@172.25.30.2:/root/.ssh/ ##发送免密登陆密钥
scp * root@172.25.30.3:/root/.ssh/
scp * root@172.25.30.4:/root/.ssh/
3.检测ansible环境
ansible all -m ping ##查看服务组ip是否可以链接
ansible webserver --list-hosts ##列出所有webserbvers成员
4.配置ansible中playbook文件
cd /etc/ansible
mkdir -p roles/ ##创建nginx服务角色
mkdir -p roles/nginx/{files,templates,vars,handlers,meta,default,tasks}
cd roles/nginx/files/ ##存放nginx安装包
wget http://nginx.org/download/nginx-1.13.6.tar.gz
cd ../tasks/
vim main.yml ##编辑配置文件,注意缩进,完成nginx安装
- name: copy package
copy: src=nginx-1.13.6.tar.gz dest=/usr/local/src/nginx-1.13.6.tar.gz
tags: cppkg
- name: tar nginx
shell: cd /usr/local/src;tar -xf nginx-1.13.6.tar.gz
- name: yum install
yum: name={{ item }} state=latest
with_items:
- openssl-devel
- pcre-devel
- gcc
- name: install nginx
shell: useradd nginx;cd /usr/local/src/nginx-1.13.6;./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --with-pcre;make && make install
- name: copy conf file
template: src=nginx.conf dest=/usr/local/nginx/conf/nginx.conf
- name: systemctl init
template: src=nginx.service dest=/usr/lib/systemd/system/nginx.service
- name: start nginx service
service: name=nginx state=started enabled=true
cd ../vars/
vim main.yml ##指定nginx服务端口,nginx.conf从该文件中取得端口等信息
nginxport: "8080"
server_name: "web.wsl.com"
root_dir: "/web"
cd ../templates/
vim nginx.conf ##调度机nginx文件配置
调度机nginx文件配置:
user nginx;
worker_processes {{ ansible_processor_vcpus }};
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
upstream westos { ##做出轮询策略
server 172.25.30.2:8080;
server 172.25.30.3:8080;
}
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen {{ nginxport }};
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen {{ nginxport }};
server_name www.westos.com;
location / {
proxy_pass http://westos;
}
}
}
真实服务机文件配置
user nginx;
worker_processes {{ ansible_processor_vcpus }};
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen {{ nginxport }};
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
vim nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
KillMode=process
KillSignal=SIGQUIT
TimeoutStopSec=5
PrivateTmp=true
[Install]
WantedBy=multi-user.target
cd /etc/ansible/
vim nginx.yaml ##编辑注配置文件,此文件会调度生成的其他配置文件,生成nginx
- hosts: webservers
remote_user: root
roles:
- nginx
ansible-playbook --syntax-check /etc/ansible/nginx.yaml ##检测playbook语法
ansible-playbook -C /etc/ansible/nginx.yaml ##检测部署环境
ansible-playbook /etc/ansible/nginx.yaml ##部署nginx
安装成功截图:
目的机nginx已经打开,端口8080也开启:
为了将负载均衡效果更加明显,修改了server2的nginx初始化页面,server3没有修改,实验效果: