通过ansible-playbook,部署nginx高可用负载均衡集群。
准备
- 角色分配:
master/dir:192.168.30.128
backup1:192.168.30.129
backup2:192.168.30.130
VIP:192.168.30.100
- 将所有部署nginx高可用负载均衡的主机分为webserver组:
# vim /etc/ansible/hosts
[webserver]
192.168.30.128
192.168.30.129
192.168.30.130
- 创建管理目录:
# mkdir -p nginx+keepalived+lvs/roles/{nginx_install,keepalived_install,lvs_install}/{files,handlers,meta,tasks,templates,vars}
# cd nginx+keepalived+lvs/
说明:
files:存放需要同步到异地服务器的源码文件及配置文件;
handlers:当资源发生变化时需要进行的操作,若没有此目录可以不建或为空;
meta:存放说明信息、说明角色依赖等信息,可留空;
tasks:nginx+keepalived+lvs 安装过程中需要进行执行的任务;
templates:用于执行 nginx+keepalived+lvs 安装的模板文件,一般为脚本;
vars:本次安装定义的变量
# tree .
.
├── nginx+keepalived+lvs.yml
└── roles
├── keepalived_install
│ ├── files
│ ├── handlers
│ ├── meta
│ ├── tasks
│ │ ├── install.yml
│ │ └── main.yml
│ ├── templates
│ │ ├── check_nginx.sh
│ │ ├── keepalived_backup.conf
│ │ └── keepalived_master.conf
│ └── vars
│ └── main.yml
├── lvs_install
│ ├── files
│ ├── handlers
│ ├── meta
│ ├── tasks
│ │ ├── install.yml
│ │ └── main.yml
│ ├── templates
│ │ ├── lvs_dr_dir.sh
│ │ └── lvs_dr_rs.sh
│ └── vars
│ └── main.yml
└── nginx_install
├── files
│ └── nginx-1.15.0.tar.gz #可提前下载好nginx包放到files下
├── handlers
├── meta
├── tasks
│ ├── copy.yml
│ ├── install.yml
│ ├── main.yml
│ └── prepare.yml
├── templates
│ ├── fastcgi_params
│ ├── nginx.conf
│ ├── nginx.service
│ └── server.conf
└── vars
└── main.yml
22 directories, 22 files
- 创建安装入口文件,用来调用roles:
# vim nginx+keepalived+lvs.yml
---
- hosts: webserver
remote_user: root
gather_facts: True
roles:
- nginx_install
- keepalived_install
- lvs_install
nginx部分
- 创建nginx入口文件,用来调用nginx_install:
# vim nginx.yml
#用于批量安装Nginx
- hosts: webserver
remote_user: root
gather_facts: True
roles:
- nginx_install
- 创建变量:
# vim roles/nginx_install/vars/main.yml
#定义nginx安装中的变量
NGINX_VER: 1.15.0
DOWNLOAD_URL: http://nginx.org/download/nginx-{
{
NGINX_VER }}.tar.gz
NGINX_USER: nginx
NGINX_PORT: 80
SOURCE_DIR: /software
NGINX_DIR: /usr/local/nginx
DATA_DIR: /data/nginx
- 创建模板文件:
nginx主配置文件nginx.conf
# vim roles/nginx_install/templates/nginx.conf
user nobody nobody;
worker_processes 4;
error_log {
{
DATA_DIR }}/log/error.log crit;
pid /run/nginx.pid;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 1024;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log {
{
DATA_DIR }}/log/access.log main;
server_tokens off;
sendfile on;
send_timeout 3m;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_header_timeout 3m;
client_body_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 4k;
large_client_header_buffers 8 4k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
client_max_body_size 10m;
client_body_buffer_size 256k;
client_body_temp_path {
{
NGINX_DIR }}/client_body_temp;
proxy_temp_path {
{
NGINX_DIR }}/proxy_temp;
fastcgi_temp_path {
{
NGINX_DIR }}/fastcgi_temp;
fastcgi_intercept_errors on;
gzip on;
gzip_min_length 2k;
gzip_buffers 4 32k;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css text/htm
application/xml;
include {
{
NGINX_DIR }}/conf/vhost/*.conf;
}
nginx vhost配置文件server.conf
# vim roles/nginx_install/templates/server.conf
server {
listen 80;
server_name localhost;
location / {
root {
{
NGINX_DIR }}/html;
index index.php index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location ~ \.php$ {
root {
{
NGINX_DIR }}/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
nginx额外配置文件fastcgi_params
# vim roles/nginx_install/templates/fastcgi_params
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
nginx服务文件nginx.service
# vim roles/nginx_install/templates/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStar