博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
Centos 7 Saltstack自动化部署Haproxy+Keepalived
阅读量:6280 次
发布时间:2019-06-22

本文共 12772 字,大约阅读时间需要 42 分钟。

master   node   10.10.10.1 

minion   node   10.10.10.2

# cat /etc/salt/master |grep -v "#" |grep -v "^ *$"

interface: 10.10.10.1

state_top: top.sls

file_roots:

  base:

    - /etc/salt/base

  prod:

    - /etc/salt/prod

pillar_roots:

  base:

    - /etc/salt/pillar/base

  prod:

    - /etc/salt/pillar/prod

# cat /etc/redhat-release

CentOS Linux release 7.2.1511 (Core)

[root@app-LT-177 etc]# cat /etc/salt/minion |grep -v "#" |grep -v "^ *$"

master: 10.10.10.1

id: 10.10.10.2

mkdir -p /etc/salt/base   创建file目录base 存放集群top.sls文件   

mkdir -p /etc/salt/base/init   存放初始化系统sls文件(dns等)

mkdir -p /etc/salt/prod   创建file目录prod

mkdir -p /etc/salt/prod/cluster/       定义集群启动和配置文件拉取

mkdir -p /etc/salt/prod/cluster/files/ 存放keepalived.conf和haproxy.cfg文件

mkdir -p /etc/salt/prod/haproxy/   存放haproxy安装sls

mkdir -p /etc/salt/prod/haproxy/files  存放haproxy安装包等

mkdir -p /etc/salt/prod/keepalived  存放keepalived安装sls

mkdir -p /etc/salt/prod/keepalived/files 存放keepalived安装包等

mkdir -p /etc/salt/prod/pkg/      存放集群相关的安装包

mkdir -p /etc/salt/pillar/     创建存放pillar目录

mkdir -p /etc/salt/pillar/base/  创建pillar目录base  存放pillar的top.sls文件

mkdir -p /etc/salt/pillar/base/webservice/  存放集群pillar的sls文件

mkdir -p /etc/salt/pillar/prod/   创建pillar目录prod

##########################################

注意格式              一定要注意格式

##########################################

#tree base/

base/

├── init

│   ├── dns.sls            ----------1

│   ├── env_init.sls     ----------2

│   ├── epel.sls           ----------3

│   ├── files           

│   │   └── resolv.conf----------4

│   ├── history.sls       ----------5

│   └── pkg

│       └── epel-release-latest-7.noarch.rpm----6

└── top.sls                  ----------7

1.dns.sls

/etc/resolv.conf:

  file.managed:

    - source: salt://init/files/resolv.conf

    - user: root

    - group: root

    - mode: 644

2.env_init.sls

include:

  - init.dns

  - init.history

  - init.epel

3.epel.sls 

epel-7:

  file.managed:

    - name: /etc/salt/epel-release-latest-7.noarch.rpm

    - source: salt://init/pkg/epel-release-latest-7.noarch.rpm

    - mode: 755

    - user: root

    - group: root

  cmd.run:

    - name:  rpm -ivh /etc/salt/epel-release-latest-7.noarch.rpm --nodeps --force && rpm -qa |grep epel-release-7-11.noarch

4.resolv.conf

nameserver 114.114.114.114

5.   history.sls

/etc/profile:

  file.append:

    - text:

      - export HISTTIMEFORMAT="%F %T `who`"

6.epel-release-latest-7.noarch.rpm

epel 7  rpm包

7.top.sls

base:

  '*':

    - init.env_init

prod:

  '*':

    - cluster.haproxy

    - cluster.keepalived-out

######################################

# tree prod/

prod/

├── cluster

│   ├── files                                  

│   │   ├── haproxy.cfg                    --------1

│   │   └── keepalived-out.conf       --------2

│   ├── haproxy.sls                           --------3

│   └── keepalived-out.sls               --------4

├── haproxy

│   ├── files                                     

│   │   ├── haproxy-1.7.9.tar.gz       --------5

│   │   └── haproxy.init                    --------6

│   └── install.sls                              --------7

├── keepalived

│   ├── files

│   │   ├── chk_haproxy.sh              --------8

│   │   ├── keepalived-1.2.1.tar.gz  --------9

│   │   ├── keepalived.init               --------10

│   │   ├── keepalived.rh.init           --------11

│   │   └── keepalived.sysconfig     --------12

│   └── install.sls                              --------13

└── pkg

    └── pkg-init.sls                            --------14

1.haproxy.cfg

global

    log 127.0.0.1 local3 info       

    maxconn 4096               

    uid 501                   

    gid 501                   

    daemon                       

    nbproc 1                       

defaults

    log    global

    mode    http           

    maxconn 4096       

    retries 3           

    option    redispatch   

    stats    uri  /haproxy   

    timeout connect 5000ms

    timeout client 50000ms

    timeout server 50000ms

    balance leastconn

    balance source

    option abortonclose

listen stats 

    bind 0.0.0.0:1080 

    mode http   

    option httplog   

    maxconn 10 

    stats uri /admin 

    stats auth admin:Pa$$w0rd   

    stats hide-version   

    stats admin if TRUE

frontend http-in

    bind *:8001

    mode http

    log  global

    option httplog

    option httpclose   

backend apache-server

    mode http

    balance roundrobin

    option httpchk GET /index.html

    cookie SERVERID insert indirect nocache

    server html-A ip:80 weight 1 cookie 3  check inter 2000 rise 2 fall 3

    server html-B ip:80 weight 1 cookie 4  check inter 2000 rise 2 fall 3

2.   keepalived-out.conf 

global_defs {                   

    notification_email {

        root@localhost

        }

    notification_email_from root@localhost

    smtp_server 127.0.0.1

    smtp_connect_timeout 30

    router_id haproxy1

    }

vrrp_script chk_haproxy {                         

    script "/etc/keepalived/chk_haproxy.sh"       

    interval 2                                    

    }

vrrp_instance VI_1 {               

    state ` state `               

    interface eth0               

    virtual_router_id 100           

    priority ` priority `               

    advert_int 1   

    authentication {

        auth_type PASS

        auth_pass 1111

        }

    track_script {                                

        chk_haproxy                               

        }   

    virtual_ipaddress {

        192.168.90.185

        }

    }

3.haproxy.sls

include:

  - haproxy.install

haproxy-service:

  file.managed:

    - name: /etc/haproxy/haproxy.cfg

    - source: salt://cluster/files/haproxy.cfg

    - user: root

    - group: root

    - mode: 644

  service.running:

    - name: haproxy

    - enable: True

    - reload: True

    - require:

      - cmd: haproxy-init

    - watch:

      - file: haproxy-service

4.keepalived-out.sls

include:

  - keepalived.install

keepalived-service:

  file.managed:

    - name: /etc/keepalived/keepalived.conf

    - source: salt://cluster/files/keepalived-out.conf

    - user: root

    - group: root

    - mode: 644

    - template: jinja

    - defaults:

        state: {

{ pillar['state'] }}

        priority: {

{ pillar['priority'] }}

  service.running:

    - name: keepalived

    - reload: True

    - enable: True

    - watch:

      - file: keepalived-service

5.haproxy-1.7.9.tar.gz  源码包

6.haproxy.init

#!/bin/sh

#

# chkconfig: - 85 15

# description: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited \

#              for high availability environments.

# processname: haproxy

# config: /etc/haproxy/haproxy.cfg

# pidfile: /var/run/haproxy.pid

# Script Author: Simon Matter <simon.matter@invoca.ch>

# Version: 2004060600

# Source function library.

if [ -f /etc/init.d/functions ]; then

  . /etc/init.d/functions

elif [ -f /etc/rc.d/init.d/functions ] ; then

  . /etc/rc.d/init.d/functions

else

  exit 0

fi

# Source networking configuration.

. /etc/sysconfig/network

# Check that networking is up.

[ ${NETWORKING} = "no" ] && exit 0

# This is our service name

BASENAME=`basename $0`

if [ -L $0 ]; then

  BASENAME=`find $0 -name $BASENAME -printf %l`

  BASENAME=`basename $BASENAME`

fi

BIN=/usr/local/haproxy/sbin/$BASENAME

CFG=/etc/$BASENAME/$BASENAME.cfg

[ -f $CFG ] || exit 1

PIDFILE=/var/run/$BASENAME.pid

LOCKFILE=/var/lock/subsys/$BASENAME

RETVAL=0

start() {

  quiet_check

  if [ $? -ne 0 ]; then

    echo "Errors found in configuration file, check it with '$BASENAME check'."

    return 1

  fi

  echo -n "Starting $BASENAME: "

  daemon $BIN -D -f $CFG -p $PIDFILE

  RETVAL=$?

  echo

  [ $RETVAL -eq 0 ] && touch $LOCKFILE

  return $RETVAL

}

stop() {

  echo -n "Shutting down $BASENAME: "

  killproc $BASENAME -USR1

  RETVAL=$?

  echo

  [ $RETVAL -eq 0 ] && rm -f $LOCKFILE

  [ $RETVAL -eq 0 ] && rm -f $PIDFILE

  return $RETVAL

}

restart() {

  quiet_check

  if [ $? -ne 0 ]; then

    echo "Errors found in configuration file, check it with '$BASENAME check'."

    return 1

  fi

  stop

  start

}

reload() {

  if ! [ -s $PIDFILE ]; then

    return 0

  fi

  quiet_check

  if [ $? -ne 0 ]; then

    echo "Errors found in configuration file, check it with '$BASENAME check'."

    return 1

  fi

  $BIN -D -f $CFG -p $PIDFILE -sf $(cat $PIDFILE)

}

check() {

  $BIN -c -q -V -f $CFG

}

quiet_check() {

  $BIN -c -q -f $CFG

}

rhstatus() {

  status $BASENAME

}

condrestart() {

  [ -e $LOCKFILE ] && restart || :

}

# See how we were called.

case "$1" in

  start)

    start

    ;;

  stop)

    stop

    ;;

  restart)

    restart

    ;;

  reload)

    reload

    ;;

  condrestart)

    condrestart

    ;;

  status)

    rhstatus

    ;;

  check)

    check

    ;;

  *)

    echo $"Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}"

    exit 1

esac

 

exit $?

7.install.sls

include:

  - pkg.pkg-init

haproxy-install:

  file.managed:

    - name: /usr/local/src/haproxy-1.7.9.tar.gz

    - source: salt://haproxy/files/haproxy-1.7.9.tar.gz

    - mode: 755

    - user: root

    - group: root

  cmd.run:

    - name: cd /usr/local/src && tar zxvf haproxy-1.7.9.tar.gz && cd haproxy-1.7.9 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy && mkdir -p /etc/haproxy

    - unless: test -d /usr/local/haproxy

    - require:

      - pkg: pkg-init

      - file: haproxy-install 

/etc/init.d/haproxy:

  file.managed:

    - source: salt://haproxy/files/haproxy.init

    - mode: 755

    - user: root

    - group: root

    - require:

      - cmd: haproxy-install

haproxy-init:

  cmd.run:

    - name: chkconfig --add haproxy

    - unless: chkconfig --list |grep haproxy

    - require:

      - file: /etc/init.d/haproxy

8.chk_haproxy.sh

#!/bin/bash

A=`ps -C haproxy --no-header | wc -l`

if [ $A -eq 0 ]

    then  /etc/init.d/haproxy start

        sleep 3

        if [ `ps -C haproxy --no-header | wc -l `  -eq 0 ]

        then  /etc/init.d/keepalived stop

        fi

fi

9.keepalived-1.2.1.tar.gz 源码包

10. keepalived.init 

#!/bin/sh

#

# Startup script for the Keepalived daemon

#

# processname: keepalived

# pidfile: /var/run/keepalived.pid

# config: /etc/keepalived/keepalived.conf

# chkconfig: - 21 79

# description: Start and stop Keepalived

# Source function library

. /etc/rc.d/init.d/functions

# Source configuration file (we set KEEPALIVED_OPTIONS there)

. /etc/sysconfig/keepalived

RETVAL=0

prog="keepalived"

start() {

    echo -n $"Starting $prog: "

    daemon /usr/local/keepalived/sbin/keepalived  ${KEEPALIVED_OPTIONS}

    RETVAL=$?

    echo

    [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog

}

stop() {

    echo -n $"Stopping $prog: "

    killproc keepalived

    RETVAL=$?

    echo

    [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog

}

reload() {

    echo -n $"Reloading $prog: "

    killproc keepalived -1

    RETVAL=$?

    echo

}

# See how we were called.

case "$1" in

    start)

        start

        ;;

    stop)

        stop

        ;;

    reload)

        reload

        ;;

    restart)

        stop

        start

        ;;

    condrestart)

        if [ -f /var/lock/subsys/$prog ]; then

            stop

            start

        fi

        ;;

    status)

        status keepalived

        ;;

    *)

        echo "Usage: $0 {start|stop|reload|restart|condrestart|status}"

        exit 1

esac

exit $RETVAL

11.keepalived.rh.init          

#!/bin/sh

#

# Startup script for the Keepalived daemon

#

# processname: keepalived

# pidfile: /var/run/keepalived.pid

# config: /etc/keepalived/keepalived.conf

# chkconfig: 35 21 79

# description: Start and stop Keepalived

# Global definitions

PID_FILE="/var/run/keepalived.pid"

# source function library

. /etc/init.d/functions

RETVAL=0

start() {

echo -n "Starting Keepalived for LVS: "

daemon /usr/local/keepalived/sbin/keepalived -D

RETVAL=$?

        echo

        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/keepalived

        return $RETVAL

}

stop() {

echo -n "Shutting down Keepalived for LVS: "

killproc keepalived

RETVAL=0

        echo

        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/keepalived

        return $RETVAL

}

reload() {

echo -n "Reloading Keepalived config: "

killproc keepalived -1

RETVAL=$?

        echo

        return $RETVAL

}

# See how we were called.

case "$1" in

  start)

        start

        ;;

  stop)

        stop

        ;;

  restart)

        stop

        start

        ;;

  reload)

        reload

        ;;

  status)

        status keepalived

        ;;

  condrestart)

        [ -f /var/lock/subsys/keepalived ] && $0 restart || :

        ;;

  *)

echo "Usage: $0 {start|stop|restart|reload|condrestart|status}"

exit 1

esac

exit 0

12.keepalived.sysconfig 

# Options for keepalived. See `keepalived --help' output and keepalived(8) and

# keepalived.conf(5) man pages for a list of all options. Here are the most

# common ones :

#

# --vrrp               -P    Only run with VRRP subsystem.

# --check              -C    Only run with Health-checker subsystem.

# --dont-release-vrrp  -V    Dont remove VRRP VIPs & VROUTEs on daemon stop.

# --dont-release-ipvs  -I    Dont remove IPVS topology on daemon stop.

# --dump-conf          -d    Dump the configuration data.

# --log-detail         -D    Detailed log messages.

# --log-facility       -S    0-7 Set local syslog facility (default=LOG_DAEMON)

#

KEEPALIVED_OPTIONS="-D"

13.install.sls               

keepalived-install:

  file.managed:

    - name: /usr/local/src/keepalived-1.2.1.tar.gz

    - source: salt://keepalived/files/keepalived-1.2.1.tar.gz

    - mode: 755

    - user: root

    - group: root

  cmd.run:

    - name: cd /usr/local/src && tar zxf keepalived-1.2.1.tar.gz && cd keepalived-1.2.1 && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install PREFIX=/usr/local/keepalived && mkdir -p /etc/keepalived

    - unless: test -d /usr/local/keepalived

    - require:

      - pkg: pkg-init

      - file: keepalived-install

/etc/sysconfig/keepalived:

  file.managed:

    - source: salt://keepalived/files/keepalived.sysconfig

    - mode: 644

    - user: root

    - group: root

/etc/keepalived/chk_haproxy.sh:

  file.managed:

    - source: salt://keepalived/files/chk_haproxy.sh

    - mode: 755

    - user: root

    - group: root

/etc/init.d/keepalived:

  file.managed:

    - source: salt://keepalived/files/keepalived.rh.init

    - mode: 755

    - user: root

    - group: root

    - require:

      - cmd: keepalived-install

keepalived-init:

  cmd.run:

    - name: chkconfig --add keepalived

    - unless: chkconfig --list |grep keepalived

    - require:

      - file: /etc/init.d/keepalived

/etc/keepalived:

  file.directory:

    - user: root

    - group: root

14. pkg-init.sls                       

pkg-init:

  pkg.installed:

    - names:

      - gcc

      - gcc-c++

      - glibc

      - make

      - autoconf

      - httpd

      - httpd-devel

#########################################

# tree pillar/

pillar/

├── base

│   ├── top.sls        -----------1

│   └── webservice

│       └── web.sls    ----------2

└── prod

  1. top.sls 

base:

  '10.10.10.1':          minion  ip

    - webservice.web

  '10.10.10.2':

    - webservice.web

2.web.sls

{% if grains['host'] == 'app-LT-1' %}    主机名

state: MASTER

priority: 100

{% elif grains['host'] == 'app-LT-2' %}

state: BACKUP

priority: 50

{% endif %}

#salt '*' state.highstate test=True

#salt '*' state.highstate

      本文转自潘阔 51CTO博客,原文链接:http://blog.51cto.com/pankuo/1982628,如需转载请自行联系原作者

你可能感兴趣的文章
监控mysql主从的脚本
查看>>
用phpmyadimn来连接管理多个数据库
查看>>
linux java 定时任务
查看>>
Linux守护进程(init.d和xinetd)
查看>>
bootstrap-进度条
查看>>
并发学习心得
查看>>
find、xargs命令使用及方法详解
查看>>
系统提示硬盘不够用的处理方法
查看>>
curl工具post用法
查看>>
我的友情链接
查看>>
lvs+keepalived实现web负载及高可用
查看>>
C# 分享几个ip的方法吧,包括正则验证ip
查看>>
sudo apt-get 与 yum安装有啥区别
查看>>
在 jQuery Repeater 进行验证更新等操作时提示消息
查看>>
2018-2019-2 20162329 《网络对抗技术》Exp7: 网络欺诈防范
查看>>
iPhone NSBundle的使用
查看>>
Memory Cache(内存缓存)
查看>>
Java技术相关
查看>>
操作系统概述总结
查看>>
北京程序员 VS 硅谷程序员(转)
查看>>