puppet搭建lnmp
server4
#cd /etc/puppet/modules
#cp -r httpd nginx
#cd files
#rm -fr httpd.conf
#rm -fr * ../templates
编写puppet执行脚本 nginx-install.sh
#touch nginx-install.sh
#chmod +x nginx-install.sh
脚本内容如下
#!/bin/bash
yum install -y openssl-devel pcre-devel gcc
cd /mnt
tar zxf nginx-1.9.14.tar.gz
cd nginx-1.9.14
./configure --prefix=/usr/local/nginx --with-http_ssl_module &>/dev/null & make & /dev/null && make install &>/dev/null
脚本发送到server6:~上
server6
#cp nginx-1.9.14.tar.gz /mnt
#/mnt/nginx-install.sh //测试脚本是否无错,server5与server6上不要预先安装nginx
#/usr/local/nginx/sbin/nginx/ -t
若脚本正常运行
server4
在脚本最后添加rm -fr /mnt/*
server4
#vim /etc/puppet/modules/nginx/files/nginx.conf
worker_processes下添加worker_cpu_affinity 01 10(表示开启第一个cpu内核,第二个cup内核,有几个cpu就写几位。绑定cpu)
events下添加use epoll,将worker_connections 改为4096 (增大连接数),
#cd /etc/puppet/modules/nginx/manifests/
#cp nginx-1.9.14.tar.gz /etc/puppet/modles/nginx/files
将pp中的httpd改为nginx
#vim install.pp
class nginx::install {
file {
‘/mnt/nginx-1.9.14.tar.gz’:
source => ‘puppet:///modules/nginx/nginx-1.9.14.tar.gz’
}
file {
‘/mnt/nginx-install.sh’:
source => ‘puppet:///modules/nginx/nginx-install.sh’,
mode => 755
}
exec {
‘/mnt/nginx-install.sh’:
path => ‘/bin:/sbin:/usr/bin:/usr/sbin’,
create => ‘/usr/local/nginx/sbin/nginx’, //命令只会在指定文件不存在的情况下执行
require => File [‘/mnt/nginx-1.9.14.tar.gz’,’/mnt/nginx-install.sh’]
}
}
#vim config.pp
class nginx::config {
file {
‘/usr/local/nginx/conf/nginx.conf’:
source => ‘puppet:///modules/ngxinx/nginx.conf’,
require => Class[‘nginx::install’],
notify => Exec[‘nginx reload’]
}
}
#vim service
class nginx::service {
exec {
‘nginx start’:
command => ‘/usr/local/nginx/sbin/nginx’,
require => Class[‘nginx::install’,’nginx::config’],
creates => ‘/usr/local/nginx/logs/nginx.pid’
}
exec {
‘nginx reload’:
command => ‘/usr/local/nginx/sbin/nginx -s reload’,
refreshonly => true //只有当1个依赖的对象改变时,命令才会被执行
}
#vim /etc/puppet/manifests/nodes/server5.pp
node ‘server5.example.com’
{
}
server5
#puppet agent --server server4.example.com --no-daemonize -vt
其他mysql,php配置类同。
puppet dashboard(以web方式管理puppet)
安装
server4
#yum install ruby rubygems rubygem-rake mysql-server ruby-mysql puppet-dashboard -y
#cd /usr/share/doc/
#cd puppet-dashboard/config
#vim databash.yml
复制文件中sql语句
CREATE DATABASE dashboard_production CHARACTER SET utf8;
CREATE USER 'dashboard'@'localhost' IDENTIFIED BY 'westos';
GRANT ALL PRIVILEGES ON dashboard_production.* TO 'dashboard'@'localhost';
复制到test.sql文件中
#service mysqld start
#mysql < test.sql
#vim database.yml
上面全部删除,只留下生产环境配置
production:
database: dashboard_production
username: dashboard
password: westos
encoding: utf8
adapter: mysql
#rake RAILS_ENV=production db:migrate //建立 dashboard 所需的数据库和表
#rake tim:zone:local //显示dashboard时区
#vim settings.yml //puppet-dashboard 默认时区不正确,需要修改
time_zone: ‘Beijing’
#/etc/init.d/puppet-dashboard start 启动服务
#mysql
>use dashboard_production;
>show tables;
#cd ../log
#chmod 666 production.log
#/etc/init.d/puppet-dashboard-workers start //启动服务
设置 server 端:
#vim /etc/puppet/puppet.conf
[main]
#添加以下两项
reports = http
reporturl = http://172.25.0.4:3000/reports
设置 client 端:
[agent] 添加以下行
report = true
客户端会半个小时跟服务器同步一次,我们可以修改这个时间。
runinterval = 60 //代表 60 秒跟服务器同步一次
# service puppet reload
server5
让客户端自动与服务器同步,设置同步时间
#vim /etc/sysconfig/puppet 进行如下添加修改
PUPPET_SERVER=server4.example.com //puppet master 的地址
PUPPET_PORT=8140 //puppet 监听端口
PUPPET_LOG=/var/log/puppet/puppet.log //puppet 本地日志
#puppet agent --server server4.example.com --no-daemonize -vt
web上,可看到
server5上重启nginx,统计图发生了变化
点击日志可查看信息
nginx+passenger:
puppet 默认使用基于 Ruby 的 WEBRickHTTP 来处理 HTTPS 请求,单个服务器使用。webrickhttp只适合测试,实际生产中通过Apache/Nginx+Passenger 替换掉 WEBRickHTTP,Passenger 是用于将 Ruby 程序进行嵌入执行的Apache 模块,实现对 puppet 的负载均衡。
server4
#tar zxf nginx-1.9.14.tar.gz -C /mnt/
#gem install passenger-5.0.15.gem rack-1.6.4.gem
#passenger-config --root
#passenger-install-nginx-module //脚本会自动安装 nginx 支持,按提示操作,基本就是一路回车。
nginx 默认安装在/opt/nginx 目录:
#vim /opt/nginx/conf/nginx.conf:
#user nobody;
worker_processes 4;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid
logs/nginx.pid;
events {
use epoll;
worker_connections 4096;
}
http {
#passenger_root /usr/lib/ruby/gems/1.8/gems/passenger-4.0.58;
passenger_ruby /usr/bin/ruby;
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;#gzip on;
server {
listen 8140;
server_name server4.example.com;
root /etc/puppet/rack/public;
passenger_enabled on;
passenger_set_header X_CLIENT_DN $ssl_client_s_dn;
passenger_set_header X_CLIENT_VERIFY $ssl_client_verify;
sslon;
ssl_session_timeout 5m;
ssl_certificate /var/lib/puppet/ssl/certs/server4.example.com.pem;
ssl_certificate_key /var/lib/puppet/ssl/private_keys/server4.example.com.pem;
ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem;
ssl_crl /var/lib/puppet/ssl/ca/ca_crl.pem;
ssl_verify_client optional;
ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA;
ssl_prefer_server_ciphers on;
ssl_verify_depth 1;
ssl_session_cache
shared:SSL:128m;
}
}
# mkdir /etc/puppet/rack/{public,tmp} -p
# cp /usr/share/puppet/ext/rack/config.ru /etc/puppet/rack/
# chown puppet.puppet /etc/puppet/rack/config.ru
# chkconfig puppetmaster off
# service puppetmaster stop //puppetmaster 不需要启动 , nginx 启动时会自动调用 puppet。
# /opt/nginx/sbin/nginx -t
# /opt/nginx/sbin/nginx //检测 nginx
web:
server5
#puppet agent --server server4.example.com --no-daemonize -vt
转载于:https://blog.51cto.com/simplelinux/1813895