I-ProHoster > Π‘Π»ΠΎΠ³ > Ukuphatha > Sihlanganisa i-Nginx yethu ngemiyalo embalwa

Sihlanganisa i-Nginx yethu ngemiyalo embalwa

Sawubona!
Igama lami ngingu-Sergey, ngisebenza njengonjiniyela wengqalasizinda eqenjini le-API yesikhulumi se-tinkoff.ru.

Kulesi sihloko ngizokhuluma ngezinkinga iqembu lethu elibhekane nazo lapho lilungiselela abalinganisi ngokusekelwe kuzo Nginx kumaphrojekthi ahlukahlukene. Ngizophinde ngikutshele ngethuluzi elangivumela ukuba nginqobe iningi lazo.

I-Nginx iyiseva elibamba esebenza ngezindlela eziningi futhi ethuthukayo. Iqukethe inani elikhulu lamamojula, lolu akulona uhlu oluphelele. Iphrojekthi ngayinye ibeka izidingo ezithile ekusebenzeni kwesilinganisi kanye nenguqulo ye-Nginx (isibonelo, ukuba khona kwe-http/2 kanye ne-grpc proxying), kanye nokwakheka kwamamojula ayo.

Singathanda ukubona inguqulo entsha enesethi edingekayo yamamojula, esebenza ngaphansi kokusabalalisa kwe-Linux ethile. Esimweni sethu, lawa amasistimu asuselwa ku-deb- kanye ne-rpm. Inketho eneziqukathi ayicatshangelwa kulesi sihloko.

Sifuna ukushintsha ngokushesha ukusebenza kwababhalansi bethu. Futhi lapha umbuzo uvela ngokushesha: kanjani ukufeza lokhu ngenkathi usebenzisa izinsiza ezimbalwa ngangokunokwenzeka? Kungaba ngcono nakakhulu ukusetha inqubo ukuze sikwazi ukucacisa inombolo elinganiselwe yemingcele yokufaka, futhi ekuphumeni sithole i-artifact ewuhlobo lwephakheji ye-deb/rpm ye-OS esiyifunayo.

Ngenxa yalokho, izinkinga eziningi zingakhiwa:

  • Awekho amaphakheji ahlala enenguqulo yakamuva ye-Nginx.
  • Awekho amaphakheji anamamojula adingekayo.
  • Ukuhlanganisa nokwakha iphakheji mathupha kudla isikhathi futhi kuyakhathaza kakhulu.
  • Ayikho incazelo yokuthi lesi noma leso sibonelo se-Nginx sihlanganiswa kanjani.

Ukuze kuxazululwe lezi zinkinga, kuphakama isidingo sethuluzi elingathatha njengokufakiwe kwencazelo ngefomethi efundeka umuntu futhi lihlanganise iphakheji ye-Nginx ngokusebenza okudingekayo okusekelwe kuyo.

Ngokungatholi inketho efanelekile yethu ngobukhulu be-Github, sinqume ukudala ithuluzi lethu - nginx-umakhi.

Π‘ΠΏΠ΅Ρ†ΠΈΡ„ΠΈΠΊΠ°Ρ†ΠΈΠΈ

Ethuluzini lethu, besifuna ukudala incazelo yencazelo ngendlela yekhodi, engafakwa endaweni yokugcina ye-Git. Ukuze senze lokhu, sikhethe ifomethi ejwayelekile yezinto ezinjalo - yaml. Isibonelo sokucaciswa:

nginx_version: 1.14.1
output_package: deb
modules:
  - module:
      name: nginx-auth-ldap
      git_url: https://github.com/kvspb/nginx-auth-ldap.git
      git_branch: master
      dependencies:
        - libldap2-dev
  - module:
      name: ngx_http_substitutions_filter_module
      git_url: https://github.com/yaoweibin/ngx_http_substitutions_filter_module.git
  - module:
      name: headers-more-nginx-module
      web_url: https://github.com/openresty/headers-more-nginx-module/archive/v0.261.zip
  - module:
      name: nginx-module-vts
      git_url: https://github.com/vozlt/nginx-module-vts.git
      git_tag: v0.1.18
  - module:
      name: ngx_devel_kit
      git_url: https://github.com/simplresty/ngx_devel_kit.git
      git_tag: v0.3.0
  - module:
      name: ngx_cache_purge
      git_url: https://github.com/FRiCKLE/ngx_cache_purge.git
  - module:
      name: ngx_http_dyups_module
      git_url: https://github.com/yzprofile/ngx_http_dyups_module.git
  - module:
      name: nginx-brotli
      git_url: https://github.com/eustas/ngx_brotli.git
      git_tag: v0.1.2
  - module:
      name: nginx_upstream_check_module
      git_url: https://github.com/yaoweibin/nginx_upstream_check_module.git
  - module:
      name: njs
      git_url: https://github.com/nginx/njs.git
      git_tag: 0.2.5
      config_folder_path: nginx

Lapha sibonisa ukuthi sifuna ukubona iphakheji ye-deb enenguqulo ye-Nginx 1.14.2 enesethi edingekayo yamamojula. Isigaba esinamamojula singokuzithandela. Ngamunye wabo ungasetha:

  • Isihloko.
  • Ikheli lapho ungayithola khona:
    • Inqolobane ye-Git. Ungaphinda ucacise igatsha noma ithegi.
    • Faka kungobo yomlando isixhumanisi sewebhu.
    • Isixhumanisi sendawo sengobo yomlando.

Amanye amamojula adinga ukuncika okwengeziwe ukuze kufakwe, isibonelo i-nginx-auth-ldap idinga ukufakwa kwe-libldap2-dev. Ukuncika okudingekayo nakho kungacaciswa lapho kuchazwa imojuli.

Imvelo

Ethuluzini lethu ungathola ngokushesha indawo enezinsiza ezifakiwe zokuhlanganisa, ukuhlanganiswa kwephakheji kanye nenye isofthiwe eyisizayo. Isiqukathi se-Docker esinakho konke okudingayo silungile lapha (inqolobane isivele inezibonelo ezimbalwa zamafayela e-Docker obuntu nama-centos).

Ngemuva kokuthi imininingwane isidwetshiwe futhi imvelo isilungisiwe, sethula umakhi wethu, esefake ngaphambilini ukuncika kwakhe:

pip3 install -r requirements.txt
./main.py build -f [ΠΊΠΎΠ½Ρ„ΠΈΠ³_Ρ„Π°ΠΉΠ»].yaml -r [Π½ΠΎΠΌΠ΅Ρ€_Ρ€Π΅Π²ΠΈΠ·ΠΈΠΈ]

Inombolo yokubuyekeza lapha iyakhethwa futhi isetshenziselwa ukwenza izinguqulo. Ibhalwe emininingwaneni yemetha yephakheji, okwenza kube lula ukubuyekeza kumaseva.
Kusukela ezingodweni ungakwazi ukuqapha okwenzekayo. Nasi isibonelo samaphuzu asemqoka:

builder - INFO - Parse yaml file: example.config.yaml
builder - INFO - Download scripts for build deb package
builder - INFO - Downloading nginx src...
builder - INFO - --> http://nginx.org/download/nginx-1.14.1.tar.gz
builder - INFO - Downloading 3d-party modules...
builder - INFO - Module nginx-auth-ldap will download by branch
builder - INFO - -- Done: nginx-auth-ldap
builder - INFO - -- Done: ngx_http_substitutions_filter_module
builder - INFO - Module headers-more-nginx-module will downloading
builder - INFO - Module nginx-module-vts will download by tag
builder - INFO - -- Done: nginx-module-vts
builder - INFO - Module ngx_devel_kit will download by tag
builder - INFO - -- Done: ngx_devel_kit
builder - INFO - -- Done: ngx_cache_purge
builder - INFO - -- Done: ngx_http_dyups_module
builder - INFO - Downloading dependencies
builder - INFO - Building .deb package
builder - INFO - Running 'dh_make'...
builder - INFO - Running 'dpkg-buildpackage'...
dpkg-deb: building package 'nginx' in '../nginx_1.14.1-1_amd64.deb'.

Ngakho-ke, ngemiyalo embalwa nje, sakha imvelo kanye nomhlangano odingekayo we-Nginx, futhi iphakheji livela kunkomba lapho umbhalo wethulwa khona.

Ukushumeka

Futhi singahlanganisa ithuluzi lethu kuzinqubo ze-CI/CD. Noma yiziphi izinhlelo eziningi ze-CI ezikhona namuhla zingasiza kulokhu, isibonelo I-Teamcity noma I-Gitlab CI.

Ngenxa yalokho, ngaso sonke isikhathi lapho ukucaciswa kushintsha endaweni yokugcina ye-Git, ukwakhiwa kwe-artifact kwethulwa ngokuzenzakalelayo. Inombolo yokubuyekeza ixhunywe kwikhawunta yokuqalisa ukwakha.
Ngokuhamba kwesikhathi, ungalungiselela i-artifact ukuthi ithunyelwe endaweni yephakeji yakho yasendaweni, i-Nexus, i-Artifactory, njalo njalo.

Inzuzo eyengeziwe ukuthi ifayela lokucushwa le-yaml lingaxhunywa ku-Ansible noma olunye uhlelo lokumisa oluzenzakalelayo, futhi ukusuka lapho singathatha inombolo yenguqulo nohlobo lwephakheji esifuna ukuliphakela.

Yini elandelayo

Iphrojekthi ayikaqedwa. Nakhu esisebenzela kukho manje:

  • Sandisa amathuba okucushwa, kodwa ngesikhathi esifanayo sigcine kulula ngangokunokwenzeka. Awufuni ukuchaza amapharamitha ayinkulungwane uma udinga amabili kuphela, kanti amanye alingana ngokuzenzakalela. Lokhu kuhlanganisa amafulegi okuhlanganiswa (manje ungawashintsha kufayela lokucushwa langaphakathi elithi src/config.py), indlela yokufaka, futhi uqalise umsebenzisi.
  • Sengeza izinketho zokuthumela iphakheji ngokuzenzakalelayo kumakhosombe e-artifact ahlukahlukene.
  • Yenza umyalo wangokwezifiso lapho ulayisha imojuli (isibonelo, ukusebenzisa github.com/nginx-modules/nginx_upstream_check_module kufanele uqale ufake isiqeshana senguqulo ethile)
  • Ingeza izivivinyo:
    • Iphakheji ifakwe kahle.
    • I-Nginx inenguqulo edingekayo futhi yakhiwe ngamafulegi namamojula adingekayo.
    • Izindlela ezidingekayo, ama-akhawunti, nokunye kuyadalwa.

Kepha ungasebenzisa leli thuluzi manje, futhi uphakamise nentuthuko - github.com/TinkoffCreditSystems/Nginx-builder wamukelekile!

Source: www.habr.com

Engeza amazwana