Ansible 部署/删除 nginx
2020-04-06 19:56:17
晏顺
当前的应用以敏捷上线,自动化部署为要求。过去的人工部署,手工验证的方式已经无法适应目前应用快速上线,环境自动化部署的要求。
针对基础环境的批量部署,我们可以通过ansible工具实现。也可以将ansible的调用放到流水线中实现环境的自动化部署。
Nginx于2017年推出了官方的ansible role,方便我们通过简单的操作实现nginx/nginx plus的批量部署。
- 安装官方的ansible role
ansible-galaxy install nginxinc.nginx
安装完成后可以在用户的家目录看到相关信息:
⇒ pwd
/Users/xxxx/.ansible/roles/nginxinc.nginx
⇒ ls
CODE_OF_CONDUCT.md LICENSE defaults/ handlers/ molecule/ templates/
CONTRIBUTING.md README.md files/ meta/ tasks/ vars/
⇒ tree
.
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── LICENSE
├── README.md
├── defaults
│ └── main
│ ├── amplify.yml
│ ├── bsd.yml
│ ├── controller.yml
│ ├── linux.yml
│ ├── main.yml
│ ├── template.yml
│ ├── unit.yml
│ └── upload.yml
├── files
│ ├── conf
│ │ ├── http
│ │ └── stream
│ ├── license
│ │ ├── nginx-repo.crt
│ │ └── nginx-repo.key
│ ├── ssl
│ └── www
├── handlers
│ └── main.yml
├── meta
│ └── main.yml
├── molecule
│ ├── common
│ │ ├── Dockerfile.j2
│ │ ├── files
│ │ │ ├── http
│ │ │ │ └── default.conf
│ │ │ └── nginx.conf
│ │ ├── playbook_default.yml
│ │ ├── playbook_module.yml
│ │ ├── playbook_stable_push.yml
│ │ ├── playbook_template.yml
│ │ ├── playbook_unit.yml
│ │ ├── test_default
│ │ │ └── test_default.py
│ │ ├── test_module
│ │ │ └── test_default.py
│ │ ├── test_stable_push
│ │ │ └── test_default.py
│ │ └── test_template
│ │ └── test_default.py
│ ├── default
│ │ └── molecule.yml
│ ├── default_alpine
│ │ └── molecule.yml
│ ├── default_centos
│ │ └── molecule.yml
│ ├── module
│ │ └── molecule.yml
│ ├── module_alpine
│ │ └── molecule.yml
│ ├── module_centos
│ │ └── molecule.yml
│ ├── stable_push
│ │ └── molecule.yml
│ ├── stable_push_alpine
│ │ └── molecule.yml
│ ├── stable_push_centos
│ │ └── molecule.yml
│ ├── template
│ │ └── molecule.yml
│ ├── template_alpine
│ │ └── molecule.yml
│ ├── template_centos
│ │ └── molecule.yml
│ ├── unit
│ │ └── molecule.yml
│ ├── unit_alpine
│ │ └── molecule.yml
│ └── unit_centos
│ └── molecule.yml
├── tasks
│ ├── amplify
│ │ ├── install-amplify.yml
│ │ ├── setup-debian.yml
│ │ └── setup-redhat.yml
│ ├── conf
│ │ ├── cleanup-config.yml
│ │ ├── debug-output.yml
│ │ ├── setup-status.yml
│ │ ├── template-config.yml
│ │ └── upload-config.yml
│ ├── controller
│ │ ├── install-controller.yml
│ │ ├── setup-controller-instance.yml
│ │ └── setup-controller-repository.yml
│ ├── keys
│ │ ├── apk-key.yml
│ │ ├── apt-key.yml
│ │ └── rpm-key.yml
│ ├── main.yml
│ ├── modules
│ │ ├── install-geoip.yml
│ │ ├── install-image-filter.yml
│ │ ├── install-modules.yml
│ │ ├── install-njs.yml
│ │ ├── install-perl.yml
│ │ ├── install-rtmp.yml
│ │ ├── install-waf.yml
│ │ └── install-xslt.yml
│ ├── opensource
│ │ ├── install-oss-bsd.yml
│ │ ├── install-oss-linux.yml
│ │ ├── install-oss.yml
│ │ ├── setup-alpine.yml
│ │ ├── setup-debian.yml
│ │ ├── setup-redhat.yml
│ │ └── setup-suse.yml
│ ├── plus
│ │ ├── delete-license.yml
│ │ ├── install-plus-bsd.yml
│ │ ├── install-plus-linux.yml
│ │ ├── install-plus.yml
│ │ ├── setup-alpine.yml
│ │ ├── setup-bsd.yml
│ │ ├── setup-debian.yml
│ │ ├── setup-license.yml
│ │ ├── setup-redhat.yml
│ │ └── setup-suse.yml
│ ├── prerequisites
│ │ ├── install-prerequisites.yml
│ │ ├── setup-debian.yml
│ │ └── setup-freebsd.yml
│ └── unit
│ ├── install-modules.yml
│ ├── install-unit.yml
│ ├── setup-debian.yml
│ ├── setup-freebsd.yml
│ └── setup-redhat.yml
├── templates
│ ├── http
│ │ ├── api.conf.j2
│ │ └── default.conf.j2
│ ├── nginx.conf.j2
│ ├── stream
│ │ └── default.conf.j2
│ └── www
│ └── index.html.j2
└── vars
└── main.yml
- 查看defaults/main/main.yml中的参数定义,这些参数与后边定义yml文件相关。
more defaults/main/main.yml
---
# Install NGINX.
# Default is true.
nginx_enable: true
# Start NGINX service.
# Default is true.
nginx_start: true
# Print NGINX configuration file to terminal after executing playbook.
nginx_debug_output: false
# Specify which type of NGINX you want to install.
# Options are 'opensource' or 'plus'.
# Default is 'opensource'.
nginx_type: opensource
# Specify which version of NGINX you want to install.
# Default is empty.
# nginx_version: =19-1~bionic
# Specify whether you want to maintain your version of NGINX, upgrade to the latest version, or remove NGINX.
# Can be used with `nginx_version` to achieve fine tune control on which version of NGINX is installed/used on each playbook execution.
# Using 'present' will install the latest version (or 'nginx_version') of NGINX on a fresh install.
# Using 'latest' will upgrade NGINX to the latest version (that matches your 'nginx_version') of NGINX on every playbook execution.
# Using 'absent' will remove NGINX from your system.
# Default is present.
nginx_state: present
# Specify repository origin for NGINX Open Source.
# Options are 'nginx_repository' or 'os_repository'.
# Only works if 'nginx_type' is set to 'opensource'.
# Default is nginx_repository.
nginx_install_from: nginx_repository
# Choose where to fetch the NGINX signing key from.
# Default is the official NGINX signing key host.
# nginx_signing_key: http://nginx.org/keys/nginx_signing.key
# Specify source repository for NGINX Open Source.
# Only works if 'install_from' is set to 'nginx_repository'.
# Defaults are the official NGINX repositories.
# nginx_repository: deb https://nginx.org/packages/mainline/debian/ stretch nginx
# Specify which branch of NGINX Open Source you want to install.
# Options are 'mainline' or 'stable'.
# Only works if 'install_from' is set to 'nginx_repository'.
# Default is mainline.
nginx_branch: mainline
# Location of your NGINX Plus license in your local machine.
# Default is the files folder within the NGINX Ansible role.
nginx_license:
certificate: license/nginx-repo.crt
key: license/nginx-repo.key
# Remove NGINX Plus license and repository after installation for security purposes.
# Default is false.
nginx_delete_license: false
# Install NGINX JavaScript, Perl, ModSecurity WAF (NGINX Plus only), GeoIP, Image-Filter, RTMP Media Streaming (NGINX Plus only), and/or XSLT modules.
# Default is false.
nginx_modules:
njs: false
perl: false
waf: false
geoip: false
image_filter: false
rtmp: false
xslt: false
# Remove previously existing NGINX configuration files.
# Use a list of paths you wish to remove.
# Default is false.
nginx_cleanup_config: false
nginx_cleanup_config_path:
- /etc/nginx/conf.d
- 定义安装nginx-oss的yml文件并执行。 oss版本的nginx使用默认的参数,因此调用role即可
more install-oss.yml
---
- hosts: nginx
remote_user: root
roles:
- role: nginxinc.nginx
hosts文件中定义了10.1.10.150作为目标主机,可以定义更多的地址实现安装。生产环境中也可以通过变量的方式实现目标主机的定义。
⇒ more /etc/ansible/hosts
[nginx]
10.1.10.150
执行如下的命令执行安装动作。
⇒ ansible-playbook install-oss.yml
- 定义安装plus的yml文件。 默认设置安装的是oss版本,因此要调整nginx_type为plus,nginx plus license相关的证书和key默认在files/license下,如需自定义目录也需要进行指定。
⇒ more install-plus.yml
---
- hosts: nginx
remote_user: root
roles:
- role: nginxinc.nginx
vars:
nginx_type: plus
nginx_license:
certificate: /Users/xxxx/Documents/GitHub/cicdtest/nginx-playbook/nplus/nginx-repo.crt
key: /Users/xxxx/Documents/GitHub/cicdtest/nginx-playbook/nplus/nginx-repo.key
执行以下命令进行plus的安装。
⇒ ansible-playbook install-plus.yml
- 删除nginx/nginx plus的playbook如下, 注意vars中需要调整的参数。通过ansible-playbook调用即可。
more delete-oss.yml
---
- hosts: nginx
remote_user: root
roles:
- role: nginxinc.nginx
vars:
nginx_start: false
nginx_state: absent
nginx_cleanup_config: true
nginx_cleanup_config_path:
- /etc/nginx/conf.d
⇒ more delete-plus.yml
---
- hosts: nginx
remote_user: root
roles:
- role: nginxinc.nginx
vars:
nginx_start: false
nginx_type: plus
nginx_state: absent
nginx_delete_license: true
nginx_cleanup_config: true
nginx_cleanup_config_path:
- /etc/nginx/conf.d
发布评论 加入社群
闫海波
2020-04-07 12:31:22
2
报道点赞
相关文章
通过REST API获取连接表
Will Tang
2021-01-19 14:53:25 
983
Harbor部署和使用
晏顺
2020-03-26 20:18:52 1403
Harbor部署和使用
晏顺
2020-03-26 20:18:52 1343
回复评论
发布评论