设为首页收藏本站

追梦Linux

 找回密码
 立即注册

QQ登录

只需一步,快速开始

查看: 100|回复: 0

【Saltstack系列】15、Saltstack实践--Haproxy+Keepalived

[复制链接]

482

主题

485

帖子

16万

积分

CEO

Rank: 9Rank: 9Rank: 9

积分
167821

最佳新人活跃会员热心会员推广达人宣传达人灌水之王突出贡献优秀版主荣誉管理论坛元老

QQ
发表于 2016-6-7 16:09:20 | 显示全部楼层 |阅读模式

[AppleScript] 纯文本查看 复制代码
创建相关目录
mkdir -p /srv/salt/prod/haproxy/files
mkdir -p  /srv/salt/prod/keepalived/files
mkdir -p  /srv/salt/prod/pkg

配置haproxy
编写需要安装的依赖包 /srv/salt/prod/pkg/pkg-init.sls

pkg-init:
  pkg.installed:
    - names:
      - gcc
      - gcc-c++
      - glibc
      - make
      - autoconf
      - openssl
      - openssl-devel

下载haproxy的源码包到/srv/salt/prod/haproxy/files
先手动解压一下haproxy-1.5.3.tar.gz包,拷贝里面的启动脚本到files目录中
cp /srv/salt/prod/haproxy/files/haproxy-1.5.3.tar.gz  /usr/local/src
tar xf haproxy-1.5.3.tar.gz &&   cp haproxy-1.5.3/examples/haproxy.init   /srv/salt/prod/haproxy/files
修改启动脚本的路径 
sed -i 's/\/usr/sbin\/'$BASENAME'/\/usr\/local\/haproxy\/sbin\/'$BASENAME'/g'  haproxy.init

编写haproxy编译模块/srv/salt/prod/haproxy/install.sls

include:
  - pkg.pkg-init

haproxy-install:
  file.managed:
    - name: /usr/local/src/haproxy-1.5.3.tar.gz
    - source: salt://haproxy/files/haproxy-1.5.3.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tar xf haproxy-1.5.3.tar.gz && cd haproxy-1.5.3 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
    - unless: test -d /usr/local/haproxy
    - require:
      - pkg: pkg-init
      - file: haproxy-install

/etc/init.d/haproxy:
  file.managed:
    - source: salt://haproxy/files/haproxy.init
    - mode: 755
    - user: root
    - group: root

haproxy-init:
  cmd.run:
    - name: chkconfig -add haproxy
    - unless: chkconfig --list|grep haproxy

net.ipv4.ip_nonlocal_bind:
  sysctl.present:
    - value: 1

haproxy-config-dir:
  file.directory:
    - name: /etc/haproxy
    - mode: 755
    - user: root
    - group: root


再创建mkdir -p /srv/salt/prod/cluster/files  目录存放其他配置文件
拷贝源码包中的配置文件
cd /usr/local/src
cp haproxy-1.5.3/examples/haproxy.cfg   /srv/salt/prod/cluster/files/haproxy-outside.cfg
修改配置文件为如下
global 
    maxconn 100000
    chroot /usr/local/haproxy
    uid 99   
    gid 99 
    daemon 
    nbproc 1 
    pidfile /usr/local/haproxy/logs/haproxy.pid 
    log 127.0.0.1 local3 info

defaults 
    option http-keep-alive
    maxconn 100000
    mode http
    timeout connect 5000ms
    timeout client      50000ms
    timeout server      50000ms

listen stats
    mode http
    bind 0.0.0.0:8888
    stats enable
    stats uri     /haproxy-status 
    stats auth    haproxy:saltstack

frontend frontend_www_example_com
    bind 192.168.1.230:80
    mode http
    option httplog
    log global
    default_backend backend_www_example_com

backend backend_www_example_com
    option forwardfor header X-REAL-IP
    option httpchk HEAD / HTTP/1.0
    balance source
    server web-node1  192.168.1.216:8080 check inter 2000 rise 30 fall 15
    server web-node2  192.168.1.217:8080 check inter 2000 rise 30 fall 15

编辑负载均衡配置文件/srv/salt/prod/cluster/ haproxy-outside.sls
include:
  - haproxy.install

haproxy-service:
  file.managed:
    - name: /etc/haproxy/haproxy.cfg
    - source: salt://cluster/files/haproxy-outside.cfg
    - user: root
    - group: root
    - mode: 644
  service.running:
    - name: haproxy
    - enable: True
    - reload: True
    - require:
      - cmd: haproxy-install
      - cmd: haproxy-init
    - watch:
      - file: haproxy-service

在/srv/salt/top.sls中添加
prod:
  '*':
    - cluster.haproxy-outside
执行salt '*' state.highstate,一段时间发现haproxy已经安装且已经启动

浏览器访问[url=http://192.168.1.216:8888/haproxy-status]http://192.168.1.216:8888/haproxy-status[/url] 可查看状态


[AppleScript] 纯文本查看 复制代码
配置Keepalived
下载keeplived包到/srv/salt/prod/keepalived/files
wget [url=http://www.keepalived.org/software/keepalived-1.2.17.tar.gz]http://www.keepalived.org/software/keepalived-1.2.17.tar.gz[/url]
解压进入到keepalived-1.2.17/keepalived/etc目录中,复制配置文件
cp init.d/keepalived.init  /srv/salt/prod/keepalived/files/
cp init.d/keepalived.sysconfig  /srv/salt/prod/keepalived/file

修改模版中的keepalived.init 第23行修改为如下:
 daemon /usr/local/keepalived/sbin/keepalived ${KEEPALIVED_OPTIONS}

编写keepalived安装文件/srv/salt/prod/keepalived/install.sls

include:
  - pkg.pkg-init

keepalived-install:
  file.managed:
    - name: /usr/local/src/keepalived-1.2.17.tar.gz
    - source: salt://keepalived/files/keepalived-1.2.17.tar.gz
    - user: root
    - group: root
    - mode: 755

cmd.run:
  - name: cd /usr/local/src && tar xf keepalived-1.2.17.tar.gz  && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
  - unless: test -d /usr/local/keepalived
  - require:
    - pkg: pkg-init
    - file: keepalived-install

/etc/sysconfig/keepalived:
  file.managed:
    - source: salt://keepalived/keepalived.sysconfig
    - mode: 644
    - user: root
    - group: root

/etc/init.d/keepalived:
  file.managed:
    - source: salt://keepalived/keepalived.init
    - user: root
    - group: root
    - mode: 755

keepalived-init:
  cmd.run:
    - name: chkconfig --add keepalived
    - unless: chkconfig --list|grep keepalived
    - require:
      - file: /etc/init.d/keepalived

/etc/keepalived:
  file.directory:
    - user: root
    - group: root
    - mode: 755

让haproxy与keepalived结合,需使用jinja模版

创建一个模版/srv/salt/prod/cluster/files/haproxy-outside-keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
     [url=mailto:saltstack@example.com]saltstack@example.com[/url]
   }
   notification_email_from [url=mailto:keepalived@example.com]keepalived@example.com[/url]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id {{ROUTEID}}
}

vrrp_instance haproxy_ha {
    state {{STATEID}}
    interface eth0
    virtual_router_id 36
    priority {{PRIORITYID}}
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.230
    }
}


编写配置文件/srv/salt/prod/cluster/haproxy-outside-keepalived.sls

include:
  - keepalived.install

keepalived-service:
  file.managed:
    - name: /etc/keepalived/keepalived.conf
    - source: salt://cluster/files/haproxy-outside-keepalived.conf
    - mode: 644
    - user: root
    - group: root
    - template: jinja
    { % if grains['fqdn'] == 'p2' % }
    - ROUTEID: haproxy_ha
    - STATEID: MASTER
    - PRIORITYID: 150
    { elif grains['fqdn'] == 'p2' %}
    - ROUTEID: haproxy_ha
    - STATEID: BACKUP
    - PRIORITYID: 100
    {% endif %}
  service.running:
    - name: keepalived
    - enable: True
    - require:
      - cmd: keepalived-install
    - watch:
      - file: keepalived-service

在/srv/salt/top.sls中添加
prod:
  '*':
    - cluster.haproxy-outside
    - cluster.haproxy-outside-keepalived


然后执行salt '*' state.highstate,返回success
使用ip ad li 查看ip,发现192.168.1.230已经加载到p2的机器上了
测试停p2的keepalived发现VIP已经到p3了,在此启动p2发现VIP已经回来




本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?立即注册

x

QQ|小黑屋|手机版|Archiver|追梦Linux ( 粤ICP备14096197号  点击这里给我发消息

GMT+8, 2018-10-21 13:24 , Processed in 0.347014 second(s), 31 queries .

Powered by 追梦Linux! X3.3 Licensed

© 2015-2017 追梦Linux!.

快速回复 返回顶部 返回列表