ops / yoho-ansible-roles · Commits

Go to a project

Authored by root
Commit c413bdebab5e0fd04aa35a44a657a7a64a1b9d53 1 parent 992ce121

Init role filebeat

Inline Side-by-side
Showing 10 changed files with 332 additions and 0 deletions
Openresty
=========
同步 `java nginx` 的配置文件,并且`reload nginx`.
Requirements
------------
依赖如下的hosts:
- java-nginx
- java-gateway
- java-brower
- java-wechat
- java-activity
- java-erpgateway
- java-union
Author Information
------------------
chunhua.zhang@yoho.cn
\ No newline at end of file
... ...
---
# defaults file for filebeat
home: "/Data/local/ops/"
path: "/Data/local/ops/filebeat-5.6.4-linux-x86_64"
package: "/Data/local/ops/filebeat-5.6.4-linux-x86_64.tar.gz"
confirmation: ''
... ...
---
# handlers file for filebeat
- name: start filebeat
command: "nohup /Data/local/ops/filebeat-5.6.4-linux-x86_64/filebeat -e -c /Data/local/ops/filebeat-5.6.4-linux-x86_64/filebeat.yml &"
... ...
galaxy_info:
author: chunhua.zhang@yoho.cn
description: update java openresty config
company: yohobuy.com
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
# Some suggested licenses:
# - BSD (default)
# - MIT
# - GPLv2
# - GPLv3
# - Apache
# - CC-BY
license: license (GPLv2, CC-BY, etc)
min_ansible_version: 1.2
# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:
# Optionally specify the branch Galaxy will use when accessing the GitHub
# repo for this role. During role install, if no tags are available,
# Galaxy will use this branch. During import Galaxy will access files on
# this branch. If Travis integration is configured, only notifications for this
# branch will be accepted. Otherwise, in all cases, the repo's default branch
# (usually master) will be used.
#github_branch:
#
# platforms is a list of platforms, and each platform has a name and a list of versions.
#
# platforms:
# - name: Fedora
# versions:
# - all
# - 25
# - name: SomePlatform
# versions:
# - all
# - 1.0
# - 7
# - 99.99
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
\ No newline at end of file
... ...
---
# tasks file for filebeat
# make sure user type YES
- name: "make sure user type YES to confirm"
fail:
msg: "user do not type YES"
when: confirmation != 'YES'
# make sure path exist
- stat:
path: "{{ path }}"
register: stat_result
- name: "Init the filebeat if filebeat not exist"
copy:
src: filebeat-5.6.4-linux-x86_64.tar.gz
dest: "{{ package }}"
command: "tar -zxvf {{ package }} -C {{ home }}"
when: stat_result.stat.exists == False
# make sure group exists
- name: make sure groups exist in inventory file
fail:
msg: "group {{ item }} not exist!"
when: item not in groups
with_items:
- nameservers
- java-nginx
- java-gateway
- java-brower
- java-wechat
- java-activity
- java-erpgateway
- java-union
- name: update nginx upstream for file -nginx.conf
template:
src: nginx.conf.j2
dest: "{{ path }}/nginx/conf/nginx.conf"
notify:
- reload nginx
... ...
user www www;
worker_processes 8;
worker_cpu_affinity 00000001 00000010 00000100 00001000 00010000 00100000 01000000 10000000;
pid logs/nginx.pid;
# [ debug | info | notice | warn | error | crit ]
#error_log /Data/logs/nginx/nginx_error.log info;
error_log /Data/logs/nginx/nginx_error.log info;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
#maxclient = worker_processes * worker_connections / cpu_number
worker_connections 51200;
}
http
{
include mime.types;
default_type application/octet-stream;
#charset gb2312,utf-8;
charset utf-8;
log_format fenxi '$remote_addr|$http_x_forwarded_for|[$time_local]|$http_host|$request|'
'$status|$body_bytes_sent|$request_time|$upstream_response_time|$upstream_cache_status|$http_referer|'
'$http_user_agent|$upstream_addr';
# resolver: local dns servers
resolver {% for i in groups['nameservers'] %} {{ i }} {% endfor %};
#General Options
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_body_buffer_size 8m; #256k
#
#server_tokens off;
ignore_invalid_headers on;
recursive_error_pages on;
server_name_in_redirect off;
sendfile on;
#timeouts
keepalive_timeout 75s;
keepalive_requests 10000;
#test
#client_body_timeout 3m;
#client_header_timeout 3m;
#send_timeout 3m;
#TCP Options
tcp_nopush on;
tcp_nodelay on;
#fastcgi options
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
#hiden php version
fastcgi_hide_header X-Powered-By;
#size limits
client_max_body_size 50m;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
#gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml application/json;
gzip_vary on;
add_header x-yh-nginx-dc {{ dc }};
fastcgi_temp_path /dev/shm/fastcgi_temp;
client_body_temp_path /dev/shm/client_body_temp;
# where the lua package exists
lua_package_path "/Data/local/openresty-1.9.15.1/nginx/conf/lua/?.lua;;";
init_by_lua_file "conf/lua/init_lua.lua";
lua_shared_dict luacachedb 500m;
lua_shared_dict malips 10m;
lua_shared_dict ngxconf 20m;
init_worker_by_lua_file "conf/lua/init_config_worker.lua";
#brower service
upstream brower {
{% for i in groups['java-brower'] %}
server {{ i }}:8092;
{% endfor %}
keepalive 100;
}
#apigatewaystart
upstream apigateway {
{% for i in groups['java-gateway'] %}
server {{ i }}:8080 max_fails=5 fail_timeout=3s;
{% endfor %}
keepalive 32;
}
#apigatewayend
# activity
upstream activityApi{
{% for i in groups['java-activity'] %}
server {{ i }}:8090;
{% endfor %}
keepalive 100;
}
# wechat
upstream apiWechat {
{% for i in groups['java-wechat'] %}
server {{ i }}:8094;
{% endfor %}
keepalive 100;
}
# erp gateway
upstream erpgateway {
{% for i in groups['java-erpgateway'] %}
server {{ i }}:8089;
{% endfor %}
keepalive 100;
}
# union servers
upstream union_pools {
server 10.66.70.21:8088;
server 10.66.70.49:8088;
server 10.66.202.49:8088;
}
#upstream
fastcgi_next_upstream error timeout invalid_header http_500;
#limit_zone limit $binary_remote_addr 1m;
#fastcgi cache
#fastcgi_cache_path /nginxcache levels=1:2 keys_zone=two:10m inactive=1d max_size=3000m;
#for example just for study! have fun!
include vhosts/api.yoho.cn.conf;
include vhosts/api_single.yoho.cn.conf;
include vhosts/erp.yoho.yohoops.org.conf;
include vhosts/single.conf;
include vhosts/union.yoho.cn.conf;
}
... ...
---
- hosts: localhost
remote_user: root
roles:
- openresty
\ No newline at end of file
... ...
---
# vars file for openresty
\ No newline at end of file
... ...