使用yum源安装比较简单,可以自行修改repo为阿里云源,或者安装第三方源 epel-release 即可安装nginx,或者自己配置下源nginx Linux packages,但是epel-release不一定能满足我们的需求,所以后续介绍使用编译安装的方式。
[root@localhost salt]# tree
.
├── conpile_tools.sls
├── epel-release.sls
├── file
│ └── nginx.conf
├── nginx.sls
└── top.sls
base:
'*':
- epel-release #第三方源
- compile_tools #编译工具和依赖
- nginx
epel-release:
pkg:
- installed
compile_tools:
pkg.installed:
- names:
- gcc
- automake
- autoconf
- make
- gcc-c++
- libtool
- zlib
- zlib-devel
- openssl
- openssl-devel
- pcre
- pcre-devel
nginx:
pkg:
- installed
service.running:
- enable: True #支持开机自启
- reload: True #当检测到watch 的文件变化后重启nginx
- require:
- file: nginx_conf
- watch:
- file: /etc/nginx/config
nginx_conf: #传输nginx配置文件
file.managed:
- source: salt://nginx/file/nginx.conf
- name: /etc/nginx/nginx.conf
- mod: 644
- user: root
- group: root
到此,nginx已经开始运行了,可以查看下运行状态:
systemctl status nginx
#########################
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2019-05-18 11:20:05 EDT; 2h 19min ago
Main PID: 2925 (nginx)
CGroup: /system.slice/nginx.service
├─2925 nginx: master process /usr/local/nginx/nginx
└─2926 nginx: worker process
使用编译安装我们可以自定义比较多的地方,像添加一些额外的模块或者安装路径,开启组件功能等等。编译安装我们需要先下载对应的安装包放在master上,或者也可以使用网络路径。
写编译安装时的脚本,做了个流程图,比较直观显示部署的工作流程,写脚本的时候也能够避免遗漏的地方,导致再缝缝补补的。
[root@localhost salt] tree
.
├── compile_tools.sls
├── epel-release.sls
├── nginx
│ ├── conf
│ ├── file
│ │ ├── index.html
│ │ ├── nginx-1.16.0.tar.gz
│ │ ├── nginx.conf
│ │ ├── nginx.service
│ │ ├── openssl-1.0.2r.tar.gz
│ │ ├── pcre-8.43.tar.gz
│ │ └── zlib-1.2.11.tar.gz
│ └── init.sls
└── top.sls
base:
'centos7*':
- epel-release
- compile_tools
- nginx
epel-release:
pkg:
- installed
compile_tools:
pkg.installed:
- names:
- gcc
- automake
- autoconf
- make
- gcc-c++
- libtool
zlib_file:
file.managed:
- source: salt://nginx/file/zlib-1.2.11.tar.gz
- name: /usr/local/src/zlib-1.2.11.tar.gz
- user: root
- group: root
- mode: 644
zlib_unzip_file:
cmd.run:
- name: tar -zxvf /usr/local/src/zlib-1.2.11.tar.gz -C /usr/local/src/
- unless: test -d /usr/local/src/zlib-1.2.11
- require:
- file: /usr/local/src/zlib-1.2.11.tar.gz
zlib_install:
cmd.run:
- name: cd /usr/local/src/zlib-1.2.11 && ./configure && make && make install
- require:
- cmd: zlib_unzip_file
#安装zlib
pcre_file:
file.managed:
- source: salt://nginx/file/pcre-8.43.tar.gz
- name: /usr/local/src/pcre-8.43.tar.gz
- user: root
- group: root
- mode: 644
- require:
- cmd: zlib_install
pcre_unzip_file:
cmd.run:
- name: tar -zxvf /usr/local/src/pcre-8.43.tar.gz -C /usr/local/src/
- unless: test -d /usr/local/src/pcre-8.43
- require:
- file: /usr/local/src/pcre-8.43.tar.gz
pcre_install:
cmd.run:
- name: cd /usr/local/src/pcre-8.43 && ./configure && make && make install
- require:
- cmd: pcre_unzip_file
#安装pcre
openssl_file:
file.managed:
- source: salt://nginx/file/openssl-1.0.2r.tar.gz
- name: /usr/local/src/openssl-1.0.2r.tar.gz
- user: root
- group: root
- mode: 644
- require:
- cmd: pcre_install
openssl_unzip_file:
cmd.run:
- name: tar -zxvf /usr/local/src/openssl-1.0.2r.tar.gz -C /usr/local/src/
- unless: test -d /usr/local/src/openssl-1.0.2r
- require:
- file: /usr/local/src/openssl-1.0.2r.tar.gz
#解压openssl
nginx_file:
file.managed:
- source: salt://nginx/file/nginx-1.16.0.tar.gz
- name: /usr/local/src/nginx-1.16.0.tar.gz
- user: root
- group: root
- mode: 644
- require:
- cmd: openssl_unzip_file
nginx_unzip_file:
cmd.run:
- name: tar -zxvf /usr/local/src/nginx-1.16.0.tar.gz -C /usr/local/src/
- unless: test -d /usr/local/src/nginx-1.16.0
- require:
- file: /usr/local/src/nginx-1.16.0.tar.gz
nginx_install:
cmd.run:
- name: cd /usr/local/src/nginx-1.16.0 && ./configure --sbin-path=/usr/local/nginx/nginx --conf-path=/usr/local/nginx/nginx.conf --with-http_ssl_module --with-pcre=/usr/local/src/pcre-8.43 --with-zlib=/usr/local/src/zlib-1.2.11 --with-openssl=/usr/local/src/openssl-1.0.2r && make && make install
- require:
- cmd: nginx_unzip_file
#编译安装nginx
nginx_conf_file:
file.managed:
- source: salt://nginx/file/nginx.conf
- name: /usr/local/nginx/nginx.conf
- user: root
- group: root
- mode: 644
- require:
- cmd: nginx_install
#传nginx配置文件
/www/html:
file.directory:
- makedirs: True
- user: root
- group: root
- dir_mod: 755
- file_mod: 644
- recurse:
- user
- group
- mode
index_file:
file.managed:
- source: salt://nginx/file/index.html
- name: /www/html/index.html
- require:
- file: /www/html
#建立网站路径,传测试首页
useradd_www:
user.present:
- name: www
- require:
- file: index_file
#建立www用户
systemd_nginx_server:
file.managed:
- source: salt://nginx/file/nginx.service
- name: /usr/lib/systemd/system/nginx.service
- mode: 644
- user: root
- group: root
- require:
- file: nginx_conf_file
system_reload_nginx:
cmd.run:
- name: systemctl daemon-reload && systemctl restart nginx
- require:
- file: systemd_nginx_server
#配置systemd服务
nginx:
service.running:
- enable: True
- reload: True
- require:
- file: /usr/lib/systemd/system/nginx.service
- watch:
- file: /usr/local/nginx/nginx.conf
#配置开机自启及监控文件变化重启nginx服务
执行完毕后,查看执行结果
如果没有成功,根据错误检查看是哪个ID没有运行。编写脚本的时候,使用好require,会更加方便排查问题。