ops / yoho-ansible-roles · Commits

Go to a project

Authored by root
Commit f6a8feb6aeb26fea24ff0312a7c426bfafbead0e 1 parent 9c1b8ac8

新增延展灰度切换

Inline Side-by-side
Showing 14 changed files with 477 additions and 0 deletions
# crm and extstore nginx
- hosts: crm-store-nginx
vars_prompt:
- name: "upstream_az"
prompt: "Choose which az's upstream: [store_gray_extstore_local|store_local_extstore_local|store_gray_extstore_gray|store_local_extstore_gray] "
default: 'local'
private: no
remote_user: root
roles:
- crm.store.nginx
... ...
Openresty
=========
同步 `crm, 线下店 nginx` 的配置文件,并且`reload nginx`.
Requirements
------------
- 配置文件目录: `/usr/local/openresty/nginx/conf/nginx.conf` `/usr/local/openresty/nginx/conf/vhosts/`
- `reload nginx`: ` /usr/local/openresty/nginx/sbin/nginx -s reload`
依赖如下的hosts:
Author Information
------------------
chunhua.zhang@yoho.cn
\ No newline at end of file
... ...
---
# defaults file for openresty
path: "/usr/local/openresty"
\ No newline at end of file
... ...
server {
listen 80;
server_name adminstore.yohobuy.com adminstore.yohoops.org;
access_log /Data/logs/nginx/access_adminstore.yobobuy.com.log fenxi;
location / {
proxy_redirect off;
proxy_pass http://yohobuy-adminstore/;
proxy_set_header Host "adminstore.yohobuy.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
client_max_body_size 900m;
proxy_read_timeout 600s;
client_body_buffer_size 512k;
}
}
... ...
server{
listen 80;
server_name crmapi.yoho.cn;
access_log /Data/logs/nginx/access_crmapi.log fenxi;
location /crm/AiQiSMSReceiveController {
deny all;
proxy_redirect off;
proxy_pass http://crm_pools/crm/AiQiSMSReceiveController;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $http_x_forwarded_for;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
location /crm/MWSMSReceiveController {
allow 61.145.229.29;
allow 112.91.147.37;
allow 218.204.222.12;
allow 211.100.48.90;
allow 218.204.220.242;
deny all;
proxy_redirect off;
proxy_pass http://crm_pools/crm/MWSMSReceiveController;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $http_x_forwarded_for;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
#location / {
# proxy_redirect off;
# proxy_read_timeout 600s;
# proxy_send_timeout 600s;
# proxy_pass http://crm_pools/crm;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $http_x_forwarded_for;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header Accept-Encoding "gzip";
#}
}
server{
listen 80;
server_name crm.yoho.cn crm2.yoho.cn;
access_log /Data/logs/nginx/access_crm.log fenxi;
location /crm/ {
allow 106.39.86.227;
allow 106.38.38.147;
allow 106.38.38.146;
allow 218.94.77.166;
allow 218.94.75.50;
allow 218.94.75.58;
allow 180.169.239.138;
deny all;
proxy_redirect off;
proxy_pass http://crm_pools/crm/;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $http_x_forwarded_for;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
location / {
allow 106.39.86.227;
allow 106.38.38.147;
allow 106.38.38.146;
allow 218.94.77.166;
allow 218.94.75.50;
allow 218.94.75.58;
allow 180.169.239.138;
deny all;
proxy_redirect off;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_pass http://crm_pools/crm;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $http_x_forwarded_for;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
}
... ...
server {
listen 80;
server_name extstore.yohobuy.com extstore.test.yohobuy.com;
#charset koi8-r;
access_log /Data/logs/nginx/access_extstore.yohobuy.com.log fenxi;
location / {
proxy_redirect off;
proxy_pass http://extstore/extendstore/;
proxy_set_header Host "extstore.yohobuy.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
}
... ...
server {
listen 80;
server_name o.yohobuy.com;
#charset koi8-r;
access_log /Data/logs/nginx/access_openstore.yohobuy.com.log fenxi;
location / {
proxy_redirect off;
proxy_pass http://portal-gateway/portal-gateway/qrcode/;
proxy_set_header Host "portal-gateway.yohobuy.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
}
server {
listen 80;
server_name openstore.yohobuy.com ;
#charset koi8-r;
access_log /Data/logs/nginx/access_openstore.yohobuy.com.log fenxi;
location / {
proxy_redirect off;
proxy_pass http://portal-gateway/portal-gateway/wechat/;
proxy_set_header Host "portal-gateway.yohobuy.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
}
server {
listen 80;
server_name instore.yohobuy.com;
#charset koi8-r;
access_log /Data/logs/nginx/access_instore.yohobuy.com.log fenxi;
location / {
proxy_redirect off;
proxy_pass http://portal-gateway/portal-gateway/api/;
proxy_set_header Host "instore.yohobuy.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
}
server {
listen 80;
server_name api.store.yohoops.org;
#charset koi8-r;
access_log /Data/logs/nginx/access_api.store.yohoops.org.log fenxi;
location / {
proxy_redirect off;
proxy_pass http://portal-gateway/portal-gateway/erp/;
#proxy_pass http://yohobuy-platform-gray/platform/;
proxy_set_header Host "api.store.yohoops.org";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "gzip";
}
}
... ...
---
# handlers file for openresty
- name: validate nginx configuration
command: "{{ path }}/nginx/sbin/nginx -t -c {{ path }}/nginx/nginx.conf"
changed_when: False
- name: reload nginx
command: "{{ path }}/nginx/sbin/nginx -s reload"
\ No newline at end of file
... ...
galaxy_info:
author: chunhua.zhang@yoho.cn
description: update java openresty config
company: yohobuy.com
# If the issue tracker for your role is not on github, uncomment the
# next line and provide a value
# issue_tracker_url: http://example.com/issue/tracker
# Some suggested licenses:
# - BSD (default)
# - MIT
# - GPLv2
# - GPLv3
# - Apache
# - CC-BY
license: license (GPLv2, CC-BY, etc)
min_ansible_version: 1.2
# If this a Container Enabled role, provide the minimum Ansible Container version.
# min_ansible_container_version:
# Optionally specify the branch Galaxy will use when accessing the GitHub
# repo for this role. During role install, if no tags are available,
# Galaxy will use this branch. During import Galaxy will access files on
# this branch. If Travis integration is configured, only notifications for this
# branch will be accepted. Otherwise, in all cases, the repo's default branch
# (usually master) will be used.
#github_branch:
#
# platforms is a list of platforms, and each platform has a name and a list of versions.
#
# platforms:
# - name: Fedora
# versions:
# - all
# - 25
# - name: SomePlatform
# versions:
# - all
# - 1.0
# - 7
# - 99.99
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
dependencies: []
# List your role dependencies here, one per line. Be sure to remove the '[]' above,
# if you add dependencies to this list.
\ No newline at end of file
... ...
---
# tasks file for openresty
# make sure path exist
- stat:
path: "{{ path }}"
register: stat_result
- name: "make sure openresty path exist"
fail:
msg: " openresty {{ path }} not exist!"
when: stat_result.stat.exists == False
# make sure group exists
- name: make sure groups exist in inventory file
fail:
msg: "group {{ item }} not exist!"
when: item not in groups
with_items:
- crm-store-nginx
- java-shops
- java-portal-gateway
- java-extendstore
- java-crm
- name: copy vhosts conf files to openresty
copy:
src: vhosts/
dest: "{{ path }}/nginx/conf/vhosts"
notify:
- reload nginx
- name: update nginx upstream for nginx.conf
template:
src: nginx.conf.j2
dest: "{{ path }}/nginx/conf/nginx.conf"
notify:
- reload nginx
... ...
worker_processes 4;
worker_cpu_affinity 00000001 00000010 00000100 00001000;
pid /usr/local/openresty/nginx/logs/nginx.pid;
error_log /Data/logs/nginx/nginx_error.log;
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
}
http
{
include /usr/local/openresty/nginx/conf/mime.types;
default_type application/octet-stream;
#charset gb2312,utf-8;
charset utf-8;
log_format fenxi '$remote_addr|$http_x_forwarded_for|[$time_local]|$http_host|$request|'
'$status|$body_bytes_sent|$request_time|$upstream_response_time|$upstream_cache_status|$http_referer|'
'$upstream_addr|$http_user_agent';
#General Options
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_body_buffer_size 8m; #256k
#server_tokens off;
#ignore_invalid_headers on;
#recursive_error_pages on;
server_name_in_redirect off;
sendfile on;
#timeouts
keepalive_timeout 180;
keepalive_requests 1000;
#TCP Options
tcp_nopush on;
tcp_nodelay on;
send_timeout 120s;
#fastcgi options
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 8 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
#size limits
client_max_body_size 900m;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
proxy_temp_path /usr/local/openresty/nginx/ngx_temp_dir;
proxy_cache_path /usr/local/openresty/nginx/ngx_cache levels=1:2 keys_zone=cache_one:500m inactive=1d max_size=10g;
proxy_connect_timeout 120s;
proxy_read_timeout 300s;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
fastcgi_temp_path /dev/shm/fastcgi_temp;
client_body_temp_path /dev/shm/client_body_temp;
upstream crm_pools {
{% for i in groups['java-crm'] %}
server {{ i }}:8093 max_fails=5 fail_timeout=30s;
{% endfor %}
}
upstream portal-gateway {
{% if upstream_az == 'store_gray_extstore_local' %}
server 10.66.101.10:8080 max_fails=5 fail_timeout=30s;
{% elif upstream_az == 'store_local_extstore_local' %}
{% for i in groups['java-portal-gateway'] %}
server {{ i }}:8080 max_fails=5 fail_timeout=30s;
{% endfor %}
{% elif upstream_az == 'store_gray_extstore_gray' %}
server 10.66.101.10:8080 max_fails=5 fail_timeout=30s;
{% else %}
{% for i in groups['java-portal-gateway'] %}
server {{ i }}:8080 max_fails=5 fail_timeout=30s;
{% endfor %}
{% endif %}
}
upstream yohobuy-adminstore {
{% for i in groups['java-shops'] %}
server {{ i }}:8098 max_fails=5 fail_timeout=30s;
{% endfor %}
}
upstream extstore {
{% if upstream_az == 'store_gray_extstore_local' %}
{% for i in groups['java-extendstore'] %}
server {{ i }}:8094 max_fails=5 fail_timeout=30s;
{% endfor %}
{% elif upstream_az == 'store_local_extstore_local' %}
{% for i in groups['java-extendstore'] %}
server {{ i }}:8094 max_fails=5 fail_timeout=30s;
{% endfor %}
{% elif upstream_az == 'store_gray_extstore_gray' %}
server 10.66.101.10:8094 max_fails=5 fail_timeout=30s;
{% else %}
server 10.66.101.10:8094 max_fails=5 fail_timeout=30s;
{% endif %}
}
include vhosts/crm.conf;
include vhosts/extstore.conf;
include vhosts/shop.conf;
include vhosts/adminstore.yohobuy.conf;
}
... ...
---
- hosts: localhost
remote_user: root
roles:
- openresty
\ No newline at end of file
... ...
---
# vars file for openresty
\ No newline at end of file
... ...