master node 10.10.10.1
minion node 10.10.10.2
# cat /etc/salt/master |grep -v "#" |grep -v "^ *$"
interface: 10.10.10.1
state_top: top.sls
file_roots:
base:
- /etc/salt/base
prod:
- /etc/salt/prod
pillar_roots:
base:
- /etc/salt/pillar/base
prod:
- /etc/salt/pillar/prod
# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
[root@app-LT-177 etc]# cat /etc/salt/minion |grep -v "#" |grep -v "^ *$"
master: 10.10.10.1
id: 10.10.10.2
mkdir -p /etc/salt/base 创建file目录base 存放集群top.sls文件
mkdir -p /etc/salt/base/init 存放初始化系统sls文件(dns等)
mkdir -p /etc/salt/prod 创建file目录prod
mkdir -p /etc/salt/prod/cluster/ 定义集群启动和配置文件拉取
mkdir -p /etc/salt/prod/cluster/files/ 存放keepalived.conf和haproxy.cfg文件
mkdir -p /etc/salt/prod/haproxy/ 存放haproxy安装sls
mkdir -p /etc/salt/prod/haproxy/files 存放haproxy安装包等
mkdir -p /etc/salt/prod/keepalived 存放keepalived安装sls
mkdir -p /etc/salt/prod/keepalived/files 存放keepalived安装包等
mkdir -p /etc/salt/prod/pkg/ 存放集群相关的安装包
mkdir -p /etc/salt/pillar/ 创建存放pillar目录
mkdir -p /etc/salt/pillar/base/ 创建pillar目录base 存放pillar的top.sls文件
mkdir -p /etc/salt/pillar/base/webservice/ 存放集群pillar的sls文件
mkdir -p /etc/salt/pillar/prod/ 创建pillar目录prod
##########################################
注意格式 一定要注意格式
##########################################
#tree base/
base/
├── init
│ ├── dns.sls ----------1
│ ├── env_init.sls ----------2
│ ├── epel.sls ----------3
│ ├── files
│ │ └── resolv.conf----------4
│ ├── history.sls ----------5
│ └── pkg
│ └── epel-release-latest-7.noarch.rpm----6
└── top.sls ----------7
1.dns.sls
/etc/resolv.conf:
file.managed:
- source: salt://init/files/resolv.conf
- user: root
- group: root
- mode: 644
2.env_init.sls
include:
- init.dns
- init.history
- init.epel
3.epel.sls
epel-7:
file.managed:
- name: /etc/salt/epel-release-latest-7.noarch.rpm
- source: salt://init/pkg/epel-release-latest-7.noarch.rpm
- mode: 755
- user: root
- group: root
cmd.run:
- name: rpm -ivh /etc/salt/epel-release-latest-7.noarch.rpm --nodeps --force && rpm -qa |grep epel-release-7-11.noarch
4.resolv.conf
nameserver 114.114.114.114
5. history.sls
/etc/profile:
file.append:
- text:
- export HISTTIMEFORMAT="%F %T `who`"
6.epel-release-latest-7.noarch.rpm
epel 7 rpm包
7.top.sls
base:
'*':
- init.env_init
prod:
'*':
- cluster.haproxy
- cluster.keepalived-out
######################################
# tree prod/
prod/
├── cluster
│ ├── files
│ │ ├── haproxy.cfg --------1
│ │ └── keepalived-out.conf --------2
│ ├── haproxy.sls --------3
│ └── keepalived-out.sls --------4
├── haproxy
│ ├── files
│ │ ├── haproxy-1.7.9.tar.gz --------5
│ │ └── haproxy.init --------6
│ └── install.sls --------7
├── keepalived
│ ├── files
│ │ ├── chk_haproxy.sh --------8
│ │ ├── keepalived-1.2.1.tar.gz --------9
│ │ ├── keepalived.init --------10
│ │ ├── keepalived.rh.init --------11
│ │ └── keepalived.sysconfig --------12
│ └── install.sls --------13
└── pkg
└── pkg-init.sls --------14
1.haproxy.cfg
global
log 127.0.0.1 local3 info
maxconn 4096
uid 501
gid 501
daemon
nbproc 1
defaults
log global
mode http
maxconn 4096
retries 3
option redispatch
stats uri /haproxy
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
balance leastconn
balance source
option abortonclose
listen stats
bind 0.0.0.0:1080
mode http
option httplog
maxconn 10
stats uri /admin
stats auth admin:Pa$$w0rd
stats hide-version
stats admin if TRUE
frontend http-in
bind *:8001
mode http
log global
option httplog
option httpclose
backend apache-server
mode http
balance roundrobin
option httpchk GET /index.html
cookie SERVERID insert indirect nocache
server html-A ip:80 weight 1 cookie 3 check inter 2000 rise 2 fall 3
server html-B ip:80 weight 1 cookie 4 check inter 2000 rise 2 fall 3
2. keepalived-out.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id haproxy1
}
vrrp_script chk_haproxy {
script "/etc/keepalived/chk_haproxy.sh"
interval 2
}
vrrp_instance VI_1 {
state ` state `
interface eth0
virtual_router_id 100
priority ` priority `
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_haproxy
}
virtual_ipaddress {
192.168.90.185
}
}
3.haproxy.sls
include:
- haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy.cfg
- user: root
- group: root
- mode: 644
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-init
- watch:
- file: haproxy-service
4.keepalived-out.sls
include:
- keepalived.install
keepalived-service:
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://cluster/files/keepalived-out.conf
- user: root
- group: root
- mode: 644
- template: jinja
- defaults:
state: {{ pillar['state'] }}
priority: {{ pillar['priority'] }}
service.running:
- name: keepalived
- reload: True
- enable: True
- watch:
- file: keepalived-service
5.haproxy-1.7.9.tar.gz 源码包
6.haproxy.init
#!/bin/sh
#
# chkconfig: - 85 15
# description: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited \
# for high availability environments.
# processname: haproxy
# config: /etc/haproxy/haproxy.cfg
# pidfile: /var/run/haproxy.pid
# Script Author: Simon Matter <simon.matter@invoca.ch>
# Version: 2004060600
# Source function library.
if [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 0
fi
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# This is our service name
BASENAME=`basename $0`
if [ -L $0 ]; then
BASENAME=`find $0 -name $BASENAME -printf %l`
BASENAME=`basename $BASENAME`
fi
BIN=/usr/local/haproxy/sbin/$BASENAME
CFG=/etc/$BASENAME/$BASENAME.cfg
[ -f $CFG ] || exit 1
PIDFILE=/var/run/$BASENAME.pid
LOCKFILE=/var/lock/subsys/$BASENAME
RETVAL=0
start() {
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
echo -n "Starting $BASENAME: "
daemon $BIN -D -f $CFG -p $PIDFILE
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $LOCKFILE
return $RETVAL
}
stop() {
echo -n "Shutting down $BASENAME: "
killproc $BASENAME -USR1
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $LOCKFILE
[ $RETVAL -eq 0 ] && rm -f $PIDFILE
return $RETVAL
}
restart() {
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
stop
start
}
reload() {
if ! [ -s $PIDFILE ]; then
return 0
fi
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
$BIN -D -f $CFG -p $PIDFILE -sf $(cat $PIDFILE)
}
check() {
$BIN -c -q -V -f $CFG
}
quiet_check() {
$BIN -c -q -f $CFG
}
rhstatus() {
status $BASENAME
}
condrestart() {
[ -e $LOCKFILE ] && restart || :
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
condrestart)
condrestart
;;
status)
rhstatus
;;
check)
check
;;
*)
echo $"Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}"
exit 1
esac
exit $?
7.install.sls
include:
- pkg.pkg-init
haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.7.9.tar.gz
- source: salt://haproxy/files/haproxy-1.7.9.tar.gz
- mode: 755
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxvf haproxy-1.7.9.tar.gz && cd haproxy-1.7.9 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy && mkdir -p /etc/haproxy
- unless: test -d /usr/local/haproxy
- require:
- pkg: pkg-init
- file: haproxy-install
/etc/init.d/haproxy:
file.managed:
- source: salt://haproxy/files/haproxy.init
- mode: 755
- user: root
- group: root
- require:
- cmd: haproxy-install
haproxy-init:
cmd.run:
- name: chkconfig --add haproxy
- unless: chkconfig --list |grep haproxy
- require:
- file: /etc/init.d/haproxy
8.chk_haproxy.sh
#!/bin/bash
A=`ps -C haproxy --no-header | wc -l`
if [ $A -eq 0 ]
then /etc/init.d/haproxy start
sleep 3
if [ `ps -C haproxy --no-header | wc -l ` -eq 0 ]
then /etc/init.d/keepalived stop
fi
fi
9.keepalived-1.2.1.tar.gz 源码包
10. keepalived.init
#!/bin/sh
#
# Startup script for the Keepalived daemon
#
# processname: keepalived
# pidfile: /var/run/keepalived.pid
# config: /etc/keepalived/keepalived.conf
# chkconfig: - 21 79
# description: Start and stop Keepalived
# Source function library
. /etc/rc.d/init.d/functions
# Source configuration file (we set KEEPALIVED_OPTIONS there)
. /etc/sysconfig/keepalived
RETVAL=0
prog="keepalived"
start() {
echo -n $"Starting $prog: "
daemon /usr/local/keepalived/sbin/keepalived ${KEEPALIVED_OPTIONS}
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
}
stop() {
echo -n $"Stopping $prog: "
killproc keepalived
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
}
reload() {
echo -n $"Reloading $prog: "
killproc keepalived -1
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/$prog ]; then
stop
start
fi
;;
status)
status keepalived
;;
*)
echo "Usage: $0 {start|stop|reload|restart|condrestart|status}"
exit 1
esac
exit $RETVAL
11.keepalived.rh.init
#!/bin/sh
#
# Startup script for the Keepalived daemon
#
# processname: keepalived
# pidfile: /var/run/keepalived.pid
# config: /etc/keepalived/keepalived.conf
# chkconfig: 35 21 79
# description: Start and stop Keepalived
# Global definitions
PID_FILE="/var/run/keepalived.pid"
# source function library
. /etc/init.d/functions
RETVAL=0
start() {
echo -n "Starting Keepalived for LVS: "
daemon /usr/local/keepalived/sbin/keepalived -D
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/keepalived
return $RETVAL
}
stop() {
echo -n "Shutting down Keepalived for LVS: "
killproc keepalived
RETVAL=0
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/keepalived
return $RETVAL
}
reload() {
echo -n "Reloading Keepalived config: "
killproc keepalived -1
RETVAL=$?
echo
return $RETVAL
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
status)
status keepalived
;;
condrestart)
[ -f /var/lock/subsys/keepalived ] && $0 restart || :
;;
*)
echo "Usage: $0 {start|stop|restart|reload|condrestart|status}"
exit 1
esac
exit 0
12.keepalived.sysconfig
# Options for keepalived. See `keepalived --help' output and keepalived(8) and
# keepalived.conf(5) man pages for a list of all options. Here are the most
# common ones :
#
# --vrrp -P Only run with VRRP subsystem.
# --check -C Only run with Health-checker subsystem.
# --dont-release-vrrp -V Dont remove VRRP VIPs & VROUTEs on daemon stop.
# --dont-release-ipvs -I Dont remove IPVS topology on daemon stop.
# --dump-conf -d Dump the configuration data.
# --log-detail -D Detailed log messages.
# --log-facility -S 0-7 Set local syslog facility (default=LOG_DAEMON)
#
KEEPALIVED_OPTIONS="-D"
13.install.sls
keepalived-install:
file.managed:
- name: /usr/local/src/keepalived-1.2.1.tar.gz
- source: salt://keepalived/files/keepalived-1.2.1.tar.gz
- mode: 755
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxf keepalived-1.2.1.tar.gz && cd keepalived-1.2.1 && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install PREFIX=/usr/local/keepalived && mkdir -p /etc/keepalived
- unless: test -d /usr/local/keepalived
- require:
- pkg: pkg-init
- file: keepalived-install
/etc/sysconfig/keepalived:
file.managed:
- source: salt://keepalived/files/keepalived.sysconfig
- mode: 644
- user: root
- group: root
/etc/keepalived/chk_haproxy.sh:
file.managed:
- source: salt://keepalived/files/chk_haproxy.sh
- mode: 755
- user: root
- group: root
/etc/init.d/keepalived:
file.managed:
- source: salt://keepalived/files/keepalived.rh.init
- mode: 755
- user: root
- group: root
- require:
- cmd: keepalived-install
keepalived-init:
cmd.run:
- name: chkconfig --add keepalived
- unless: chkconfig --list |grep keepalived
- require:
- file: /etc/init.d/keepalived
/etc/keepalived:
file.directory:
- user: root
- group: root
14. pkg-init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- httpd
- httpd-devel
#########################################
# tree pillar/
pillar/
├── base
│ ├── top.sls -----------1
│ └── webservice
│ └── web.sls ----------2
└── prod
-
top.sls
base:
'10.10.10.1': minion ip
- webservice.web
'10.10.10.2':
- webservice.web
2.web.sls
{% if grains['host'] == 'app-LT-1' %} 主机名
state: MASTER
priority: 100
{% elif grains['host'] == 'app-LT-2' %}
state: BACKUP
priority: 50
{% endif %}
#salt '*' state.highstate test=True
#salt '*' state.highstate
本文转自潘阔 51CTO博客,原文链接:http://blog.51cto.com/pankuo/1982628,如需转载请自行联系原作者