网易校招面试题 – 如何给 10 台机器安装 Nginx

文章目录

0. centos7.9 停止维护更新 yum 源0. 备份1. 配置阿里云的 yum 源
1. 确定要安装的主机2. 了解 /etc/ansible/roles 的目录文件3. 编辑yml文件4. 执行剧本

这种批量的重复工作,一般就是通过 ansible 或者 saltstack 来进行操作,roles 是 ansible 中 playbooks 的目录组织接口,并且在模块化以后,易读,代码可重用,层次清晰


视频教程哔哩哔哩

0. centos7.9 停止维护更新 yum 源

以阿里云为例,其他国内开源镜像站类似。此处主要以 Centos 7.9为例。

0. 备份

cd /etc/yum.repos.d
 
mkdir backup
 
mv *.repo backup

12345

1. 配置阿里云的 yum 源

cat > CentOS-aliyun-lhr.repo << 'EOF'
[base]
name=CentOS-$releasever - Base - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/os/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#released updates 
[updates]
name=CentOS-$releasever - Updates - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/updates/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/extras/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/centosplus/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/centosplus/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
 
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - mirrors.aliyun.com
failovermethod=priority
baseurl=http://mirrors.aliyun.com/centos/$releasever/contrib/$basearch/
        http://mirrors.aliyuncs.com/centos/$releasever/contrib/$basearch/
        http://mirrors.cloud.aliyuncs.com/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
EOF

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152
cat > epel-aliyun.repo <<'EOF'
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://mirrors.aliyun.com/epel/7/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
 
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://mirrors.aliyun.com/epel/7/$basearch/debug
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
 
[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://mirrors.aliyun.com/epel/7/SRPMS
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
EOF

12345678910111213141516171819202122232425

检查验证

yum  clean all

yum makecache fast
 
yum install vim lrzsz wget curl net-tools 

12345

1. 确定要安装的主机

[root@k8s-master roles]# cat /etc/ansible/hosts |tail -n15
## db-[99:101]-node.example.com
[allnode]
192.168.1.201
192.168.1.202
[node1]
192.168.1.201
[node2]
192.168.1.202
[node1]
host3
124.221.111.224

[root@k8s-master roles]# 

1234567891011121314

2. 了解 /etc/ansible/roles 的目录文件

[root@ansible-server roles]# tree
.
├── nginx
│   ├── files
│   │   └── index.html
│   ├── handlers
│   │   └── main.yml
│   ├── tasks
│   │   └── main.yml
│   ├── templates
│   │   └── nginx.conf.j2
│   └── vars
│       └── main.yml
└── site.yml

6 directories, 6 files
============================================================================================================
详解:
role_name/     ---角色名称=目录
    files/:存储一些可以用copy调用的静态文件。
    tasks/: 存储任务的目录,此目录中至少应该有一个名为main.yml的文件,用于定义各task;其它的文件需要由main.yml进行“包含”调用; 
    handlers/:此目录中至少应该有一个名为main.yml的文件,用于定义各handler;其它的文件需要由(与notify:名字相同,方便notify通知执行下一条命令)通过main.yml进行“包含”调用; 
    vars/:此目录中至少应该有一个名为main.yml的文件,用于定义各variable;其它的文件需要由main.yml进行“包含”调用; 
    templates/:存储由template模块调用的模板文本; (也可以调用变量)
    site.yml:定义哪个主机应用哪个角色

12345678910111213141516171819202122232425

3. 编辑yml文件

[root@k8s-master roles]# cat nginx/*/*
index.html 
<h1>hello nginx <h1>

tasks/main.yml
---
 - name: start nginx
   service: name=nginx state=started
---
 - name: install nginx
   yum: name=nginx state=latest
 - name: copy nginx_conf
   template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf
 - name: copy index
   copy: src=/etc/ansible/roles/nginx/files/index.html dest=/usr/share/nginx/html/index.html
   notify: start nginx 

templates/nginx.conf.j2
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections {{ worker_connections  }};
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80;
        listen       [::]:80;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        error_page 404 /404.html;
        location = /404.html {
        }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        }
    }

# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2;
#        listen       [::]:443 ssl http2;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }

}
vars/main.yml
worker_connections: 2048

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103

4. 执行剧本

[root@k8s-master roles]# ansible-playbook main.yml --syntax-check

playbook: main.yml
[root@k8s-master roles]# ansible-playbook main.yml

PLAY [allnode] ****************************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************************
ok: [192.168.1.202]
ok: [192.168.1.201]

TASK [install nginx] **********************************************************************************************************************************************************************
ok: [192.168.1.202]
ok: [192.168.1.201]

TASK [copy nginx_conf] ********************************************************************************************************************************************************************
ok: [192.168.1.202]
ok: [192.168.1.201]

TASK [nginx : copy index] *****************************************************************************************************************************************************************
ok: [192.168.1.202]
ok: [192.168.1.201]

PLAY RECAP ********************************************************************************************************************************************************************************
192.168.1.201              : ok=4    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   
192.168.1.202              : ok=4    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   

[root@k8s-master roles]# ansible allnode -m shell -a 'ss -tlnp |grep nginx'
192.168.1.201 | CHANGED | rc=0 >>
LISTEN     0      128          *:80                       *:*                   users:(("nginx",pid=128790,fd=6),("nginx",pid=128789,fd=6),("nginx",pid=128788,fd=6),("nginx",pid=128787,fd=6),("nginx",pid=128786,fd=6))
LISTEN     0      128       [::]:80                    [::]:*                   users:(("nginx",pid=128790,fd=7),("nginx",pid=128789,fd=7),("nginx",pid=128788,fd=7),("nginx",pid=128787,fd=7),("nginx",pid=128786,fd=7))
192.168.1.202 | CHANGED | rc=0 >>
LISTEN     0      128          *:80                       *:*                   users:(("nginx",pid=80192,fd=6),("nginx",pid=80191,fd=6),("nginx",pid=80190,fd=6),("nginx",pid=80189,fd=6),("nginx",pid=80188,fd=6))
LISTEN     0      128       [::]:80                    [::]:*                   users:(("nginx",pid=80192,fd=7),("nginx",pid=80191,fd=7),("nginx",pid=80190,fd=7),("nginx",pid=80189,fd=7),("nginx",pid=80188,fd=7))
[root@k8s-master roles]# 

1234567891011121314151617181920212223242526272829303132333435
© 版权声明

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...