新增延展灰度切换

+# crm and extstore nginx
+
+- hosts: crm-store-nginx
+  vars_prompt:
+    - name: "upstream_az"
+      prompt: "Choose which az's upstream: [store_gray_extstore_local|store_local_extstore_local|store_gray_extstore_gray|store_local_extstore_gray] "
+      default: 'local'
+      private: no
+  remote_user: root
+  roles:
+    - crm.store.nginx

+Openresty
+=========
+
+同步 `crm, 线下店 nginx` 的配置文件，并且`reload nginx`.
+
+Requirements
+------------
+
+ - 配置文件目录： `/usr/local/openresty/nginx/conf/nginx.conf`   `/usr/local/openresty/nginx/conf/vhosts/`
+ - `reload nginx`:  ` /usr/local/openresty/nginx/sbin/nginx -s reload` 
+
+依赖如下的hosts:
+ 
+
+
+Author Information
+------------------
+
+chunhua.zhang@yoho.cn

+---
+# defaults file for openresty
+ 
+path: "/usr/local/openresty"
++ 

+server {
+   listen 80;
+   server_name adminstore.yohobuy.com adminstore.yohoops.org;
+   access_log /Data/logs/nginx/access_adminstore.yobobuy.com.log fenxi;
+   location / {
+        proxy_redirect off;
+        proxy_pass http://yohobuy-adminstore/;
+        proxy_set_header   Host   "adminstore.yohobuy.com";
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   Accept-Encoding "gzip";
+        client_max_body_size 900m;
+        proxy_read_timeout 600s;
+        client_body_buffer_size 512k;
+   }
+}

+server{
+        listen 80;
+        server_name crmapi.yoho.cn;
+        access_log /Data/logs/nginx/access_crmapi.log fenxi;
+
+
+        location /crm/AiQiSMSReceiveController {
+		deny all;
+                proxy_redirect off;
+                proxy_pass http://crm_pools/crm/AiQiSMSReceiveController;
+                proxy_read_timeout 600s;
+                proxy_send_timeout 600s;
+                proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $http_x_forwarded_for;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header Accept-Encoding "gzip";
+        }
+
+
+     location /crm/MWSMSReceiveController {
+		allow 61.145.229.29;
+		allow 112.91.147.37;
+		allow 218.204.222.12;
+		allow 211.100.48.90;
+		allow 218.204.220.242;
+		deny all;
+
+		proxy_redirect off;
+		proxy_pass http://crm_pools/crm/MWSMSReceiveController;
+		proxy_read_timeout 600s;
+		proxy_send_timeout 600s;
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $http_x_forwarded_for;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Accept-Encoding "gzip";
+     }
+
+        #location / {
+        #        proxy_redirect off;
+        #        proxy_read_timeout 600s;
+        #        proxy_send_timeout 600s;
+        #        proxy_pass http://crm_pools/crm;
+        #        proxy_set_header Host $host;
+        #        proxy_set_header X-Real-IP $http_x_forwarded_for;
+        #        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        #        proxy_set_header Accept-Encoding "gzip";
+        #}
+
+
+}
+
+server{ 
+	listen 80; 
+
+	server_name crm.yoho.cn crm2.yoho.cn; 
+	access_log /Data/logs/nginx/access_crm.log fenxi; 
+
+
+	location /crm/ {
+		allow 106.39.86.227;
+        	allow 106.38.38.147;
+        	allow 106.38.38.146;
+        	allow 218.94.77.166;
+        	allow 218.94.75.50;
+        	allow 218.94.75.58;
+		allow 180.169.239.138;
+		deny all;
+                proxy_redirect off;
+                proxy_pass http://crm_pools/crm/;
+		proxy_read_timeout 600s;
+		proxy_send_timeout 600s;
+                proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $http_x_forwarded_for;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header Accept-Encoding "gzip";
+        }
+
+	location / { 
+		allow 106.39.86.227;
+                allow 106.38.38.147;
+                allow 106.38.38.146;
+                allow 218.94.77.166;
+                allow 218.94.75.50;
+                allow 218.94.75.58;
+		allow 180.169.239.138;
+		deny all;
+		proxy_redirect off; 
+		proxy_read_timeout 600s;
+		proxy_send_timeout 600s;
+		proxy_pass http://crm_pools/crm; 
+		proxy_set_header Host $host; 
+		proxy_set_header X-Real-IP $http_x_forwarded_for; 
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
+		proxy_set_header Accept-Encoding "gzip"; 
+	} 
+
+
+}
+

+server {
+    listen      80;
+    server_name extstore.yohobuy.com extstore.test.yohobuy.com;
+    #charset koi8-r;
+    access_log  /Data/logs/nginx/access_extstore.yohobuy.com.log  fenxi;
+
+    location / {
+        proxy_redirect off;
+        proxy_pass  http://extstore/extendstore/;
+        proxy_set_header   Host   "extstore.yohobuy.com";
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   Accept-Encoding "gzip";
+    }
+}

+server {
+    listen      80;
+    server_name  o.yohobuy.com;
+    #charset koi8-r;
+    access_log  /Data/logs/nginx/access_openstore.yohobuy.com.log  fenxi;
+
+    location / {
+        proxy_redirect off;
+        proxy_pass  http://portal-gateway/portal-gateway/qrcode/;
+        proxy_set_header   Host   "portal-gateway.yohobuy.com";
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   Accept-Encoding "gzip";
+    }
+}
+
+server {
+    listen      80;
+    server_name openstore.yohobuy.com ;
+    #charset koi8-r;
+    access_log  /Data/logs/nginx/access_openstore.yohobuy.com.log  fenxi;
+
+    location / {
+        proxy_redirect off;
+        proxy_pass  http://portal-gateway/portal-gateway/wechat/;
+        proxy_set_header   Host   "portal-gateway.yohobuy.com";
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   Accept-Encoding "gzip";
+    }
+}
+
+server {
+    listen      80;
+    server_name instore.yohobuy.com;
+    #charset koi8-r;
+    access_log  /Data/logs/nginx/access_instore.yohobuy.com.log  fenxi;
+
+    location / {
+        proxy_redirect off;
+        proxy_pass  http://portal-gateway/portal-gateway/api/;
+        proxy_set_header   Host   "instore.yohobuy.com";
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   Accept-Encoding "gzip";
+    }
+}
+
+server {
+    listen      80;
+    server_name api.store.yohoops.org;
+    #charset koi8-r;
+    access_log  /Data/logs/nginx/access_api.store.yohoops.org.log  fenxi;
+
+    location / {
+        proxy_redirect off;
+        proxy_pass  http://portal-gateway/portal-gateway/erp/;
+        #proxy_pass  http://yohobuy-platform-gray/platform/;
+        proxy_set_header   Host   "api.store.yohoops.org";
+        proxy_set_header   X-Real-IP  $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   Accept-Encoding "gzip";
+    }
+
+}
+

+---
+# handlers file for openresty
+
+- name: validate nginx configuration
+  command: "{{ path }}/nginx/sbin/nginx -t -c {{ path }}/nginx/nginx.conf"
+  changed_when: False
+
+- name: reload nginx
+  command: "{{ path }}/nginx/sbin/nginx -s reload"

+galaxy_info:
+  author: chunhua.zhang@yoho.cn
+  description: update java openresty config
+  company: yohobuy.com
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: license (GPLv2, CC-BY, etc)
+
+  min_ansible_version: 1.2
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  # Optionally specify the branch Galaxy will use when accessing the GitHub
+  # repo for this role. During role install, if no tags are available,
+  # Galaxy will use this branch. During import Galaxy will access files on
+  # this branch. If Travis integration is configured, only notifications for this
+  # branch will be accepted. Otherwise, in all cases, the repo's default branch
+  # (usually master) will be used.
+  #github_branch:
+
+  #
+  # platforms is a list of platforms, and each platform has a name and a list of versions.
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.

+---
+# tasks file for openresty
+
+# make sure path exist
+- stat:
+    path:  "{{ path }}"
+  register: stat_result
+- name: "make sure openresty path exist" 
+  fail:
+    msg: " openresty {{ path }} not exist!"
+  when:  stat_result.stat.exists == False
+
+
+
+#  make sure group exists
+- name: make sure groups exist in inventory file
+  fail:
+    msg: "group {{ item }} not exist!"
+  when: item not in groups
+  with_items:
+    - crm-store-nginx
+    - java-shops
+    - java-portal-gateway
+    - java-extendstore
+    - java-crm
+
+- name: copy vhosts conf files to openresty
+  copy:
+    src: vhosts/
+    dest: "{{ path }}/nginx/conf/vhosts"
+  notify:
+    - reload nginx
+
+
+- name: update nginx upstream for nginx.conf
+  template:
+    src: nginx.conf.j2
+    dest: "{{ path }}/nginx/conf/nginx.conf"
+  notify:
+    - reload nginx

+worker_processes 4;
+worker_cpu_affinity 00000001 00000010 00000100 00001000;
+ 
+pid /usr/local/openresty/nginx/logs/nginx.pid;
+error_log  /Data/logs/nginx/nginx_error.log;
+worker_rlimit_nofile 51200;
+ 
+events
+{
+       use epoll;
+       worker_connections 51200;
+}
+ 
+http
+{
+       include       /usr/local/openresty/nginx/conf/mime.types;
+       default_type  application/octet-stream;
+       #charset  gb2312,utf-8;
+       charset utf-8;
+
+
+       log_format fenxi '$remote_addr|$http_x_forwarded_for|[$time_local]|$http_host|$request|'
+                        '$status|$body_bytes_sent|$request_time|$upstream_response_time|$upstream_cache_status|$http_referer|'
+			'$upstream_addr|$http_user_agent';
+
+       #General Options
+       server_names_hash_bucket_size 128;
+       client_header_buffer_size 32k;
+       large_client_header_buffers 4 32k;
+       client_body_buffer_size    8m; #256k 
+       #server_tokens off;
+       #ignore_invalid_headers   on;
+       #recursive_error_pages    on;
+       server_name_in_redirect off;
+      
+       sendfile                 on;
+ 
+       #timeouts
+       keepalive_timeout 180;
+       keepalive_requests  1000;
+
+      
+       #TCP Options 
+       tcp_nopush  on;
+       tcp_nodelay on;
+
+       send_timeout 120s;
+
+       #fastcgi options 
+       fastcgi_connect_timeout 300;
+       fastcgi_send_timeout 300;
+       fastcgi_read_timeout 300;
+       fastcgi_buffer_size 64k;
+       fastcgi_buffers 8 128k;
+       fastcgi_busy_buffers_size 128k;
+       fastcgi_temp_file_write_size 128k;
+
+       #size limits
+       client_max_body_size       900m;
+
+       gzip on;
+       gzip_min_length  1k;
+       gzip_buffers     4 16k;
+       gzip_http_version 1.0;
+       gzip_comp_level 2;
+       gzip_types       text/plain application/x-javascript text/css application/xml;
+       gzip_vary on; 
+       
+        proxy_temp_path            /usr/local/openresty/nginx/ngx_temp_dir;
+        proxy_cache_path /usr/local/openresty/nginx/ngx_cache levels=1:2 keys_zone=cache_one:500m inactive=1d max_size=10g;
+        proxy_connect_timeout    120s;
+        proxy_read_timeout  300s;
+        proxy_buffer_size        16k;
+        proxy_buffers            4 64k;
+        proxy_busy_buffers_size 128k;
+        proxy_temp_file_write_size 128k;
+
+        fastcgi_temp_path          /dev/shm/fastcgi_temp;
+        client_body_temp_path      /dev/shm/client_body_temp; 
+		
+	upstream crm_pools {
+        {% for i in groups['java-crm'] %}
+         server {{ i }}:8093 max_fails=5 fail_timeout=30s;
+        {% endfor %}
+        }
+		
+	upstream portal-gateway {
+        {% if upstream_az == 'store_gray_extstore_local' %} 
+            server  10.66.101.10:8080 max_fails=5 fail_timeout=30s;
+        {% elif upstream_az == 'store_local_extstore_local' %}
+          {% for i in groups['java-portal-gateway'] %}
+            server {{ i }}:8080 max_fails=5 fail_timeout=30s;
+          {% endfor %}
+        {% elif upstream_az == 'store_gray_extstore_gray' %}
+          server  10.66.101.10:8080 max_fails=5 fail_timeout=30s;
+        {% else %}
+          {% for i in groups['java-portal-gateway'] %}
+            server {{ i }}:8080 max_fails=5 fail_timeout=30s;
+           {% endfor %}
+        {% endif %}
+        }
+
+     upstream yohobuy-adminstore {
+          {% for i in groups['java-shops'] %}
+              server {{ i }}:8098 max_fails=5 fail_timeout=30s;
+         {% endfor %}
+        }
+
+
+        upstream extstore {
+          {% if upstream_az == 'store_gray_extstore_local' %}
+            {% for i in groups['java-extendstore'] %}
+               server {{ i }}:8094 max_fails=5 fail_timeout=30s;
+            {% endfor %}
+          {% elif upstream_az == 'store_local_extstore_local' %}
+            {% for i in groups['java-extendstore'] %}
+               server {{ i }}:8094 max_fails=5 fail_timeout=30s;
+            {% endfor %}
+          {% elif upstream_az == 'store_gray_extstore_gray' %}
+             server 10.66.101.10:8094 max_fails=5 fail_timeout=30s;
+          {% else %}
+            server 10.66.101.10:8094 max_fails=5 fail_timeout=30s;
+          {% endif %}
+        }
+
+       include          vhosts/crm.conf;
+       include          vhosts/extstore.conf;
+       include          vhosts/shop.conf;
+       include          vhosts/adminstore.yohobuy.conf;
+}
+

+localhost
+

+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - openresty

+---
+# vars file for openresty