Fork me on GitHub
Suzf  Blog

Puppet 之 Nginx 模块编写

搞puppet也有三几天了,一些概念还不是很清晰。很多时候实验未成功,都是概念没有理清楚、文档没有看全。别的就先不说了,先来安装一个nginx 来试一下吧。

1、编写nginx模块
接下来我们先采动创建模块信息来完成Nginx的部署:需要创建模块录,虚拟主机采件
的式进管理。创建模块的信息需要运如下知识点:
资源:yumrepo、package、file、service、cron。
模板:nginx.conf.erb。
创建模块时建议创建README件,接下来对模块的使与安装进详细说明。

2、创建模块录,代码如下:
1

#mkdir -p /etc/puppet/modules/nginx/{manifests,templates,files,tests}

3、创建模块主配置件,代码如下:

#cat /etc/puppet/modules/nginx/manifests/init.pp
# Class: nginx
#
#Install nginx.
#
#Parameters:
# * $nginx_user. Defaults to 'nginx'.
# * worker_processes. Defaults to < %= processorcount %>.
#
#Create config directories :
# * /etc/nginx/conf.d for sites includes
#
#Templates:
# - nginx.conf.erb => /etc/nginx/nginx.conf
#

class nginx {
$real_nginx_user = $nginx_user ? { '' => 'nginx', default => $nginx_user }
$nginx_conf = "/etc/nginx/conf.d"
$nginx_logrote = "/etc/nginx/conf.d/nginx_logrote.sh"
yumrepo { "nginx":
descr => "nginx repo",
baseurl => "http://nginx.org/packages/centos/\$releasever/\$basearch/",
gpgcheck => "0",
enabled => "1";
}
package { "nginx":
ensure => installed,
require => Yumrepo["nginx"],
allow_virtual => false;
}
service { 'nginx':
ensure => running,
enable => true,
hasrestart => true,
hasstatus => true,
subscribe => File["nginx.conf"],
}
file { 'nginx.conf':
ensure => present,
mode => 644,
owner => root,
group => root,
path => '/etc/nginx/nginx.conf',
content => template("nginx/nginx.conf.erb"),
notify => Exec["reload-nginx"],
require => Package["nginx"],
}
file { "$nginx_conf":
ensure => directory,
recurse => true,
force => true,
#purge => true,
source => "puppet:///modules/nginx/conf.d",
notify => Exec["reload-nginx"],
require => Package["nginx"],
}
file { "$nginx_logrote":
ensure => file,
mode => 755,
owner => root,
group => root,
source => "puppet:///modules/nginx/nginx_logrote.sh",
}
cron { 'nginx_logrote_cron':
command => "/bin/bash {$nginx_logrote} > /dev/null 2>&1",
user => root,
minute => '0',
hour => '0',
}
exec { 'reload-nginx':
command => "/etc/init.d/nginx reload",
refreshonly => true,
}
}

以上代码中定义了:
变量,将nginx户、虚拟主机录及志件定义为变量,便在该作域内引。
yumrepo资源,使yumrepo定义Nginx软件包来源,Puppet会在yum软件源中创建
nginx.repo件。
以上代码中定义了:
File资源,nginx.conf采模块的式实现,配置件中部分参数便使facts或变量进传递。志件与虚拟主机件采件同步的式实现,并保持录的致性,以避免虚拟主机删除后 不同步的问题。且还使notify属性触发exec进reload动作。
service资源,定义Nginx服务的状态,默认随开机启动,puppet agent运时每次检测Nginx服
务是否运等。该资源依赖package资源Nginx软件包的安装。
cron资源,定义志清除脚本定时运。每天零点采root进志切割。
exec资源,定义Nginx服务的reload命令为资源,便虚拟主机变更时进加载。

4、创建nginx主配置件:
我们定义节选核的nginx.conf配置件,其中的nginx进程个数由facts传递,与服务器线程数相
同。具体代码如下:

# cat /etc/puppet/modules/nginx/templates/nginx.conf.erb
user < %= real_nginx_user %>;
worker_processes < %= processorcount %>;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
use epoll;
worker_connections 51200;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
charset utf-8;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_body_buffer_size 8m; #256k
sendfile on;
#timeouts
keepalive_timeout 0;
#TCP Options
tcp_nopush on;
tcp_nodelay on;
client_max_body_size 50m;
include /etc/nginx/conf.d/*.conf;
}

4、创建虚拟主机录及件。
对所有的虚拟主机进录同步管理,创建agent.domain.com虚拟主机,定义其内容如下:

# mkdir -p /etc/puppet/files/nginx/conf.d # vim /etc/puppet/files/nginx/conf.d/agent1.jeffery.com.conf server {
listen 80;
server_name agent1.jeffery.com
root /var/www/html/agent1.jeffery.com;
location /nginx_status {
stub_status on;
access_log off;
}
}

5、创建志轮循脚本,具体如下:

# cat /etc/puppet/modules/nginx/files/nginx_logrote.sh
#!/bin/bash
# This script run at 00:00
# The Nginx logs path

logs_path="/var/log/nginx/"
PIDFILE=/var/run/nginx.pid
ACCESS_LOG="${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" ERROR_LOG="${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/error_$(date -d "yesterday" mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log $ACCESS_LOG
mv ${logs_path}error.log $ERROR_LOG
kill -USR1 `cat $PIDFILE`
#gzip
/bin/gzip -9 $ACCESS_LOG
/bin/gzip -9 $ERROR_LOG
#rm
find ${logs_path} -name "*.log.gz" -mtime +7|xargs rm –f

6、设置同步主机、模块

# cat /etc/puppet/manifests/site.pp
$fileserver = "master.jeffery.com"
import "nodes/cnc/*.pp"
#import '/etc/puppet/manifests/nodes/cnc/agent1.jeffery.com.pp'
# cat /etc/puppet/manifests/nodes/cnc/agent1.jeffery.com.pp
node 'agent1.jeffery.com' {
include nginx
#include httpd
#include memcached
}

7、在客户端运puppet命令可以看到Finished完成的提,具体如下:
notice: Finished catalog run in 18.76 seconds
这时我们可以看到/etc/nginx/conf.d录已经同步了志切割件与虚拟主机agent的配置件,并
且Nginx服务已启动。
到这我们已经完成了编写nginx模块,并在客户端成功进应。整个过程不是常复杂,
在编写时只需要知道每个步骤及其实现的功能就可以轻松完成。

二、接下来看如何利官Forge提供的nginx模块实现Nginx部署。
编写模块并不像我们想象中的那么复杂,并且灵活可定制。当然也可以使Puppetlabs官Forge上所提供的nginx模块来实现。使时只需要参考模块 录下的README件即可。

1、使命令puppet modules查找模块,代码如下:

#puppet module search nginx # puppet module search nginx
Notice: Searching https://forgeapi.puppetlabs.com ...
NAME DESCRIPTION AUTHOR KEYWORDS
jfryman-nginx Puppet NGINX management module @jfryman nginx http proxy rack
puppetlabs-nginx Puppet NGINX management module
...

2、可以看到许多通过官验证的模块,在这我们采官Puppetlabs的nginx模块进安装,代码
如下:

# puppet module install puppetlabs-nginx
Notice: Preparing to install into /etc/puppet/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Notice: Installing -- do not interrupt ...
/etc/puppet/modules
└─┬ puppetlabs-nginx (v99.99.99)
└── puppetlabs-stdlib (v4.3.2)

安装完成后,可以看到在modules录下多出两个模块:stdlib与nginx。

stdlib是puppet提供的函数 库。

nginx模块使了此函数库的函数。

查看nginx模块内容如下:

# ll -th modules/nginx
total 32K
-r--r--r-- 1 root root 2.6K May 2 02:36 metadata.json
-r--r--r-- 1 root root 369 May 2 02:35 Modulefile
drwxr-xr-x 4 root root 4.0K Apr 22 08:10 manifests
drwxr-xr-x 4 root root 4.0K Apr 22 08:10 templates
drwxr-xr-x 2 root root 4.0K Apr 22 08:10 tests
-r--r--r-- 1 root root 665 Sep 5 2013 README.markdown
-r--r--r-- 1 root root 2.5K Sep 5 2013 ChangeLog
-r--r--r-- 1 root root 0 Sep 5 2013 README
-r--r--r-- 1 root root 523 Sep 4 2013 LICENSE

# 查看安装模块

# puppet module list

#puppet 卸载模块

# puppet module install puppetlabs-nginx # 或直接将这个目录干掉

3、客户端安装同上,更多内容请查看 README 文档