http://www.cnblogs.com/caoxiaojian/p/5095653.html
配置管理
haproxy的安装部署
创建相关目录
# 创建配置目录[root@linux-node1 ~]# mkdir /srv/salt/prod/pkg/[root@linux-node1 ~]# mkdir /srv/salt/prod/haproxy/# 启动脚本、配置文件放在这里[root@linux-node1 ~]# mkdir /srv/salt/prod/haproxy/files
编写pkg-init文件
[root@linux-node1 ~]# cd /srv/salt/prod/pkg/[root@linux-node1 pkg]# vim pkg-init.slspkg-init: # ID describe pkg.installed: # pkg模块 installed方法 - names: - gcc - gcc-c++ - glibc - make - autoconf - openssl - openssl-devel
编写方法:
首先自己先安装一遍,然后将步骤移植到sls文件中。
[root@linux-node1 prod]# cd /srv/salt/prod/haproxy/files/[root@linux-node1 files]# ll-rw-r--r-- 1 root root 1538976 11月 7 09:04 haproxy-1.6.2.tar.gz [root@linux-node1 files]# cp haproxy-1.6.2.tar.gz /usr/local/src/[root@linux-node1 files]# cd /usr/local/src/[root@linux-node1 src]# tar zxf haproxy-1.6.2.tar.gz [root@linux-node1 src]# cd haproxy-1.6.2[root@linux-node1 haproxy-1.6.2]# make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
修改启动文件
[root@linux-node1 examples]# pwd/usr/local/src/haproxy-1.6.2/examples [root@linux-node1 examples]# vim haproxy.init BIN=/usr/local/haproxy/sbin/$BASENAME# 拷贝启动文件到salt目录[root@linux-node1 examples]# cp haproxy.init /srv/salt/prod/haproxy/files/
编写安装文件
[root@linux-node1 examples]# cd /srv/salt/prod/haproxy/[root@linux-node1 haproxy]# vim install.slsinclude: # 导入pkg目录下的pkg-init.sls文件 - pkg.pkg-init haproxy-install: # 定义声明一个ID file.managed: # file模块下的managed方法 - name: /usr/local/src/haproxy-1.6.2.tar.gz # 文件名:拷贝minion端这里,文件名是haproxy-1.6.2.tar.gz - source: salt://haproxy/files/haproxy-1.6.2.tar.gz # 从这里拷贝 - user: root # 用户 - group: root # 组 - mode: 755 # 权限 cmd.run: # 执行命令 - name: cd /usr/local/src/ && tar zxf haproxy-1.6.2.tar.gz && cd haproxy-1.6.2 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy - unless: test -d /usr/local/haproxy # 判断是否存在,unless返回值是false时,才执行命令 - require: # 依赖下面的内容 - pkg: pkg-init # pkg是模块 - file: haproxy-install # file也是模块haproxy-init: # 定义声明一个ID file.managed: - name: /etc/init.d/haproxy - source: salt://haproxy/files/haproxy.init - user: root - group: root - mode: 755 - require: - cmd: haproxy-install cmd.run: - name: chkconfig --add haproxy - unless: chkconfig --list |grep haproxy - require: - file: haproxy-init net.ipv4.ip_nonlocal_bind: # 定义声明一个ID sysctl.present: # 修改系统的kernel值 - value: 1 # 改值为1haproxy-config-dir: file.directory: - name: /etc/haproxy - user: root - group: root - mode: 755
查看安装文件并执行
[root@linux-node1 haproxy]# pwd/srv/salt/prod/haproxy [root@linux-node1 haproxy]# tree. ├── files │ ├── haproxy-1.6.2.tar.gz │ └── haproxy.init └── install.sls# 单个执行,另外需要指定环境是prod,不指定默认为base[root@linux-node1 haproxy]# salt 'linux-node1.*' state.sls haproxy.install env=prod
编辑配置文件
# 编辑top文件[root@linux-node1 cluster]# cd /srv/salt/base/[root@linux-node1 base]# vim top.sls base: '*': - init.env_init prod: 'linux-node1.example.com': - cluster.haproxy-outside 'linux-node2.example.com': - cluster.haproxy-outside
修改后端RS的端口
[root@linux-node1 base]# vim /etc/httpd/conf/httpd.conf # 端口改成8080,与上面haproxy的配置一样
测试通过后,执行高级状态
[root@linux-node1 base]# salt '*' state.highstate test=True[root@linux-node1 base]# salt '*' state.highstate
在RS上设置index.html
分别色设置,没有的话会报错403
[root@linux-node2 ~]# vim /var/www/html/index.html
访问haproxy的状态
# 用户名密码在haproxy-outside.cfg中配置
keepalived的安装部署
首先自己安装一次
[root@linux-node1 base]# cd /usr/local/src[root@linux-node1 src]# wget http://www.keepalived.org/software/keepalived-1.2.19.tar.gz[root@linux-node1 src]# tar zxf keepalived-1.2.19.tar.gz [root@linux-node1 src]# cd keepalived-1.2.19[root@linux-node1 keepalived-1.2.19]# ./configure --prefix=/usr/local/keepalived --disable-fwmark[root@linux-node1 keepalived-1.2.19]# make && make install
建立文件放置目录
[root@linux-node1 etc]# pwd/usr/local/src/keepalived-1.2.19/keepalived/etc [root@linux-node1 etc]# mkdir /srv/salt/prod/keepalived/[root@linux-node1 etc]# mkdir /srv/salt/prod/keepalived/files[root@linux-node1 etc]# cp init.d/keepalived.init /srv/salt/prod/keepalived/files/[root@linux-node1 etc]# cp keepalived/keepalived.conf /srv/salt/prod/keepalived/files/[root@linux-node1 etc]# cp /usr/local/src/keepalived-1.2.19.tar.gz /srv/salt/prod/keepalived/files/[root@linux-node1 init.d]# cp /usr/local/src/keepalived-1.2.19/keepalived/etc/init.d/keepalived.sysconfig /srv/salt/prod/keepalived/files/# files中的文件有[root@linux-node1 sysconfig]# cd /srv/salt/prod/keepalived/files/[root@linux-node1 files]# ll总用量 336 -rw-r--r-- 1 root root 330164 1月 2 23:47 keepalived-1.2.19.tar.gz-rw-r--r-- 1 root root 3562 1月 2 23:46 keepalived.conf-rwxr-xr-x 1 root root 1335 1月 2 23:51 keepalived.init-rw-r--r-- 1 root root 667 1月 3 00:13 keepalived.sysconfig
修改启动脚本
[root@linux-node1 files]# vim keepalived.init daemon /usr/local/keepalived/sbin/keepalived ${KEEPALIVED_OPTIONS}
编辑安装文件
[root@linux-node1 keepalived]# pwd/srv/salt/prod/keepalived [root@linux-node1 keepalived]# cat install.sls include: - pkg.pkg-init keepalived-install: file.managed: - name: /usr/local/src/keepalived-1.2.19.tar.gz - source: salt://keepalived/files/keepalived-1.2.19.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf keepalived-1.2.19.tar.gz && cd keepalived-1.2.19 && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install - unless: test -d /usr/local/keepalived - require: - pkg: pkg-init - file: keepalived-install keepalived-init: file.managed: - name: /etc/init.d/keepalived - source: salt://keepalived/files/keepalived.init - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add keepalived - unless: chkconfig --list | grep keepalived - require: - file: keepalived-init/etc/sysconfig/keepalived: file.managed: - source: salt://keepalived/files/keepalived.sysconfig - user: root - group: root - mode: 644 /etc/keepalived: file.directory: - user: root - group: root - mode: 755
执行安装
[root@linux-node1 keepalived]# salt '*' state.sls keepalived.install env=prod
业务模块
keepalived的配置文件
[root@linux-node1 ~]# cd /srv/salt/prod/cluster/files/[root@linux-node1 files]# vim haproxy-outside-keepalived.conf! Configuration File for keepalived
global_defs {
notification_email {
saltstack@example.com
}
notification_email_from keepalived@example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id `ROUTEID`
}
vrrp_instance haproxy_ha {
state `STATEID`
interface eth0
virtual_router_id 36priority `PRIORITYID`
advert_int 1authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { 10.0.0.11 # 这个VIP在haproxy的配置文件中也有 }
}
keepalived的启动文件
其中定义了上面需要的变量,用到了jinja模版
[root@linux-node1 cluster]# cd /srv/salt/prod/cluster/[root@linux-node1 cluster]# vim haproxy-outside-keepalived.slsinclude: - keepalived.install
keepalived-service:
file.managed: - name: /etc/keepalived/keepalived.conf - source: salt://cluster/files/haproxy-outside-keepalived.conf - user: root - group: root - mode: 644
- template: jinja
{% if grains['fqdn'] == 'linux-node1.example.com' %} - ROUTEID: haproxy_ha - STATEID: MASTER - PRIORITYID: 150
{% elif grains['fqdn'] == 'linux-node2.example.com' %} - ROUTEID: haproxy_ha - STATEID: BACKUP - PRIORITYID: 100
{% endif %}
service.running: - name: keepalived - enable: True - watch: - file: keepalived-service
编辑top文件
[root@linux-node1 base]# cd /srv/salt/base/[root@linux-node1 base]# cat top.sls base: '*': - init.env_init prod: 'linux-node1.example.com': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived 'linux-node2.example.com': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived
执行高级状态
先单独执行下,看有没有错误在执行高级状态
[root@linux-node1 cluster]# salt '*' state.sls cluster.haproxy-outside-keepalived env=prod[root@linux-node1 cluster]# salt '*' state.highstate
查看结果
[root@linux-node1 base]# ip a |grep eth02: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 10.0.0.7/24 brd 10.0.0.255 scope global eth0 inet 10.0.0.11/32 scope global eth0 当master的keepaliveddown掉后,VIP会飘到backup上
haproxy的调度设置
[root@linux-node1 base]# grep "balance" /srv/salt/prod/cluster/files/haproxy-outside.cfg balance roundrobin #轮询;source:固定不变可以在haproxy-status页面上查看到变化
如图
zabbix-agent的安装部署
开启pillar
[root@linux-node1 init]# vim /etc/salt/masterpillar_roots: base: - /srv/pillar/base [root@linux-node1 init]# mkdir /srv/pillar/base[root@linux-node1 init]# /etc/init.d/salt-master restartStopping salt-master daemon: [确定] Starting salt-master daemon: [确定]
结构
[root@nginx salt]# tree
.
├── base
│ ├── _modules
│ │ └── my_disk.py
│ └── top.sls
└── prod
├── cluster
│ ├── files
│ │ └── haproxy-outside-keepalived.conf
│ └── haproxy-outside-keepalived.sls
├── haproxy
│ ├── files
│ │ ├── haproxy-1.5.4.tar.gz
│ │ └── haproxy.init
│ └── install.sls
├── keepalived
│ ├── files
│ │ ├── keepalived-1.2.19.tar.gz
│ │ ├── keepalived.conf
│ │ ├── keepalived.init
│ │ └── keepalived.sysconfig
│ └── install.sls
└── pkg
└── pkg-init.sls
