ProHoster > Блог > Gudanarwa > Muna haɗa Nginx ɗinmu tare da umarni guda biyu

Muna haɗa Nginx ɗinmu tare da umarni guda biyu

Sannu!
Sunana Sergey, Ina aiki a matsayin injiniyan ababen more rayuwa a cikin ƙungiyar API na dandalin tinkoff.ru.

A cikin wannan labarin zan yi magana game da matsalolin da ƙungiyarmu ta fuskanta lokacin shirya ma'auni bisa ga Nginx don ayyuka daban-daban. Zan kuma gaya muku game da kayan aikin da ya ba ni damar shawo kan yawancin su.

Nginx mai aiki da yawa ne kuma mai haɓaka uwar garken wakili. Ya ƙunshi babban adadin modules, wannan ba cikakken lissafi ba ne. Kowane aikin yana ƙaddamar da wasu buƙatu akan ayyukan ma'auni da sigar Nginx (misali, kasancewar http/2 da grpc proxying), da abun da ke tattare da tsarin sa.

Muna son ganin sabon siga tare da saitin kayayyaki da ake buƙata, yana gudana ƙarƙashin takamaiman rarraba Linux. A cikin yanayinmu, waɗannan su ne tsarin deb- da rpm. Ba a la'akari da zaɓi tare da kwantena a cikin wannan labarin.

Muna so mu canza ayyukan masu daidaita mu da sauri. Kuma a nan tambaya ta taso nan da nan: yadda za a cimma wannan yayin da ake kashe ƙananan albarkatun da zai yiwu? Zai fi kyau a kafa tsarin don mu iya ƙididdige adadin adadin abubuwan shigarwa, kuma a wurin fitarwa karbi kayan tarihi a cikin nau'i na deb/rpm na OS da ake so.

A sakamakon haka, ana iya tsara matsaloli masu yawa:

  • Ba koyaushe ake samun fakiti tare da sabon sigar Nginx ba.
  • Babu fakiti tare da samfuran da ake buƙata.
  • Haɗawa da gina fakiti da hannu yana ɗaukar lokaci kuma yana da wahala sosai.
  • Babu bayanin yadda aka haɗa wannan ko wancan misalin Nginx.

Don magance waɗannan matsalolin, buƙatar ta taso don kayan aiki wanda zai ɗauka azaman shigar da ƙayyadaddun ƙayyadaddun ƙayyadaddun tsarin da mutum zai iya karantawa kuma ya haɗa kunshin Nginx tare da aikin da ya dace akan shi.

Ba mu sami zaɓin da ya dace a gare mu akan girman Github ba, mun yanke shawarar ƙirƙirar kayan aikin mu - nginx-gina.

Спецификации

A cikin kayan aikin mu, muna so mu ƙirƙiri bayanin ƙayyadaddun ƙayyadaddun ƙayyadaddun bayanai a cikin nau'in lamba, wanda za'a iya sanya shi cikin ma'ajin Git. Don yin wannan, mun zaɓi tsarin da aka saba da irin waɗannan abubuwa - yaml. Misali na musamman:

nginx_version: 1.14.1
output_package: deb
modules:
  - module:
      name: nginx-auth-ldap
      git_url: https://github.com/kvspb/nginx-auth-ldap.git
      git_branch: master
      dependencies:
        - libldap2-dev
  - module:
      name: ngx_http_substitutions_filter_module
      git_url: https://github.com/yaoweibin/ngx_http_substitutions_filter_module.git
  - module:
      name: headers-more-nginx-module
      web_url: https://github.com/openresty/headers-more-nginx-module/archive/v0.261.zip
  - module:
      name: nginx-module-vts
      git_url: https://github.com/vozlt/nginx-module-vts.git
      git_tag: v0.1.18
  - module:
      name: ngx_devel_kit
      git_url: https://github.com/simplresty/ngx_devel_kit.git
      git_tag: v0.3.0
  - module:
      name: ngx_cache_purge
      git_url: https://github.com/FRiCKLE/ngx_cache_purge.git
  - module:
      name: ngx_http_dyups_module
      git_url: https://github.com/yzprofile/ngx_http_dyups_module.git
  - module:
      name: nginx-brotli
      git_url: https://github.com/eustas/ngx_brotli.git
      git_tag: v0.1.2
  - module:
      name: nginx_upstream_check_module
      git_url: https://github.com/yaoweibin/nginx_upstream_check_module.git
  - module:
      name: njs
      git_url: https://github.com/nginx/njs.git
      git_tag: 0.2.5
      config_folder_path: nginx

Anan muna nuna cewa muna son ganin fakitin bashi tare da sigar Nginx 1.14.2 tare da saitin kayayyaki da ake buƙata. Sashin tare da kayayyaki na zaɓi ne. Ga kowane ɗayansu zaka iya saita:

  • Suna.
  • Adireshin inda zaku samu:
    • Wurin ajiya na Git. Hakanan zaka iya saka reshe ko alama.
    • Ajiye mahaɗin yanar gizo.
    • Mahaɗin gida zuwa rumbun adana bayanai.

Wasu kayayyaki suna buƙatar ƙarin abin dogaro don shigar, misali nginx-auth-ldap yana buƙatar shigar da libldap2-dev. Hakanan za'a iya ƙayyadaddun abubuwan dogaro masu mahimmanci lokacin da aka kwatanta tsarin.

Muhalli

A cikin kayan aikin mu zaku iya samun yanayi da sauri tare da shigar kayan aiki don haɗawa, hada fakiti da sauran software na taimako. Akwatin Docker tare da duk abin da kuke buƙata yana da kyau anan (majiyarmu ta riga tana da misalan misalan fayilolin Docker don ubuntu da centos).

Bayan an zana ƙayyadaddun ƙayyadaddun bayanai kuma an shirya yanayin, za mu ƙaddamar da magininmu, bayan shigar da abubuwan dogaronsa a baya:

pip3 install -r requirements.txt
./main.py build -f [конфиг_файл].yaml -r [номер_ревизии]

Lambar bita anan zaɓin zaɓi ne kuma ana amfani dashi don sigar majalisu. An rubuta shi cikin bayanan meta na kunshin, yana sauƙaƙa sabuntawa akan sabobin.
Daga cikin rajistan ayyukan za ku iya sa ido kan abin da ke faruwa. Ga misalin manyan batutuwa:

builder - INFO - Parse yaml file: example.config.yaml
builder - INFO - Download scripts for build deb package
builder - INFO - Downloading nginx src...
builder - INFO - --> http://nginx.org/download/nginx-1.14.1.tar.gz
builder - INFO - Downloading 3d-party modules...
builder - INFO - Module nginx-auth-ldap will download by branch
builder - INFO - -- Done: nginx-auth-ldap
builder - INFO - -- Done: ngx_http_substitutions_filter_module
builder - INFO - Module headers-more-nginx-module will downloading
builder - INFO - Module nginx-module-vts will download by tag
builder - INFO - -- Done: nginx-module-vts
builder - INFO - Module ngx_devel_kit will download by tag
builder - INFO - -- Done: ngx_devel_kit
builder - INFO - -- Done: ngx_cache_purge
builder - INFO - -- Done: ngx_http_dyups_module
builder - INFO - Downloading dependencies
builder - INFO - Building .deb package
builder - INFO - Running 'dh_make'...
builder - INFO - Running 'dpkg-buildpackage'...
dpkg-deb: building package 'nginx' in '../nginx_1.14.1-1_amd64.deb'.

Don haka, tare da umarni guda biyu kawai, muna ƙirƙirar yanayi da taron Nginx da ake buƙata, kuma kunshin ya bayyana a cikin directory daga inda aka ƙaddamar da rubutun.

Saka

Hakanan zamu iya haɗa kayan aikin mu cikin tsarin CI/CD. Duk wani tsarin CI da yawa da ke wanzu a yau zai iya taimakawa da wannan, alal misali Ƙungiya ko Gitlab CI.

Sakamakon haka, duk lokacin da ƙayyadaddun ƙayyadaddun ya canza a cikin ma'ajin Git, ana ƙaddamar da ginin kayan aikin ta atomatik. An haɗa lambar bita zuwa ma'aunin ƙaddamar da ginin.
Tare da ɗan ɗan lokaci kaɗan, zaku iya saita kayan aikin da za'a aika zuwa ma'ajiyar kunshin ku na gida, Nexus, Artifatory, da sauransu.

Wani ƙarin fa'ida shine cewa fayil ɗin daidaitawar yaml yana iya haɗawa da Asible ko wani tsarin daidaitawa ta atomatik, kuma daga nan zamu iya ɗaukar lambar sigar da nau'in fakitin da muke son turawa.

Menene gaba

Har yanzu dai ba a kammala aikin ba. Ga abin da muke aiki a kai yanzu:

  • Muna fadada yiwuwar daidaitawa, amma a lokaci guda kiyaye shi a matsayin mai sauƙi kamar yadda zai yiwu. Ba kwa son ayyana sigogi dubu idan kuna buƙatar biyu kawai, sauran kuma sun dace ta tsohuwa. Wannan ya haɗa da tarin tutoci (yanzu zaku iya canza su a cikin fayil ɗin sanyi na ciki src/config.py), hanyar shigarwa, da ƙaddamar da mai amfani.
  • Muna ƙara zaɓuɓɓuka don aika fakiti ta atomatik zuwa ma'ajiyar kayan tarihi daban-daban.
  • Aiwatar da umarni na al'ada lokacin loda module (misali, don amfani github.com/nginx-modules/nginx_upstream_check_module dole ne ka fara amfani da facin takamaiman sigar)
  • Ƙara gwaje-gwaje:
    • An shigar da kunshin daidai.
    • Nginx yana da sigar da ake buƙata kuma an gina shi tare da tutoci da kayayyaki da ake buƙata.
    • Hanyoyin da ake buƙata, asusun ajiya, da sauransu an ƙirƙira su.

Amma zaka iya amfani da wannan kayan aiki a yanzu, kuma ka ba da shawarar ingantawa - github.com/TinkoffCreditSystems/Nginx-builder sannu!

source: www.habr.com

Add a comment