Linux下SaltStack案例—keepalived(六)——httpd+ningx+haproxy+keepalived(实现高可用,提供虚拟IP)
续我的上篇博文:https://mp.csdn.net/postedit/88982469。即ansible已经安装配置好
一、实验环境(rhel7.3版本)
1、selinux和firewalld状态为disabled
2、各主机信息如下:
| 主机 | ip |
|---|---|
| server1(master)—提供haproxy服务+keepalived服务 | 172.25.83.1 |
| server2(minion)—提供之前推送的httpd服务 | 172.25.83.2 |
| server3(minion)—提供之前推送的nginx服务 | 172.25.83.3 |
| server4(minion)—提供haproxy服务+keepalived服务 | 172.25.83.4 |
二、SaltStack部署及案例—keepalived
案例一:rpm部署安装keepalived
1.部署脚本
[[email protected] ~]# cd /srv/salt/
[[email protected] salt]# ls
_grains haproxy httpd nginx top.sls users
[[email protected] salt]# mkdir keepalived
[[email protected] salt]# cd keepalived/
[[email protected] keepalived]# vim install.sls
kp-install:
pkg.installed:
- pkgs:
- keepalived
2.执行推送
[[email protected] keepalived]# salt server4 state.sls keepalived.install
3.minion端(server4)查看,安装成功
[[email protected] ~]# rpm -q keepalived
案例二:安装&启动&配置keepalived
1.在keppalived中创建files目录用于存放keepalived配置文件
[[email protected] keepalived]# pwd
/srv/salt/keepalived
[[email protected] keepalived]# ls
install.sls
[[email protected] keepalived]# mkdir files #该目录的名字随意给。因为我这里是用来存放keepalived.conf文件的,所以这里创建的目录的名字是files
2.minion将配置文件传给master(因为master端没有keepalived的配置文件keppalived.conf,而server1端在案例一时装过keepalived服务,生成了keepalived.conf文件)
[[email protected] ~]# scp /etc/keepalived/keepalived.conf server1:/srv/salt/keepalived/files
3.编辑配置文件keepalived.conf
[[email protected] files]# vim keepalived.conf #整个配置文件的内容如下
1 ! Configuration File for keepalived
2
3 global_defs {
4 notification_email {
5 [email protected] #修改的内容
6 }
7 notification_email_from [email protected] #修改的内容:指定发件人
8 smtp_server 127.0.0.1 #修改的内容:指定smtp服务器地址
9 smtp_connect_timeout 30
10 router_id LVS_DEVEL
11 }
12
13 vrrp_instance VI_1 {
14 state {{ STATE }} #修改的内容:定义变量STATE,因为两个keepalived服务有一个是MASTER,另外一个是SLAVE
15 interface eth0
16 virtual_router_id {{ VRID }} #修改的内容:定义变量VRID。
17 priority {{ PRIORITY }} #修改的内容:定义变量PRIORITY,因为两个keepalived服务的值不一样,该数字越大,优先级越高
18 advert_int 1
19 authentication {
20 auth_type PASS
21 auth_pass 1111
22 }
23 virtual_ipaddress {
24 172.25.83.100 #修改的内容:设置虚拟IP
25 }
26 }
说明:
全局定义模块:global_defs
notification_email:指定当keepalived出现问题时,发送邮件给哪些用户。
notification_emai_from:发送邮件时,邮件的来源地址。
smtp_server <DOMAIN|IP> [<PORT>]:smtp服务器的地址或域名。默认端口为25.如:smtp_server smtp.felix.com 25
smtp_connect_timeout:指定smtp服务器连接的超时时间。单位是秒。
router_id:指定标识该机器的route_id。即负载均衡标识,在局域网内应该是唯一的。 如:route_id LVS_01
vrrp_instance模块
state MASTER|BACKUP:指定该keepalived节点的初始状态。
interface eth0:vrrp实例绑定的接口,用于发送VRRP包。
virtual_router_id 51:指定VRRP实例ID,范围是0-255。
priority 100:指定优先级,优先级高的将成为MASTER。
advert_int 1:指定发送VRRP通告的间隔。单位是秒。
authentication {
auth_type PASS|AH:指定认证方式。PASS简单密码认证(推荐),AH:IPSEC认证(不推荐)。
auth_pass 1234:指定认证所使用的密码。最多8位。
}
virtual_ipaddress {
172.25.83.100
}:指定VIP地址。
4.在server4端安装mailx服务,以便查看收到的email信息。
[[email protected] ~]# yum install mailx -y
5.部署脚本
[[email protected] keepalived]# pwd
/srv/salt/keepalived
[[email protected] keepalived]# ls
files install.sls
[[email protected] keepalived]# vim install.sls
kp-install:
pkg.installed:
- pkgs:
- keepalived
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://keepalived/files/keepalived.conf
- template: jinja
{% if grains['fqdn'] == 'server1' %}
STATE: MASTER
VRID: 51
PRIORITY: 100
{% elif grains['fqdn'] == 'server4' %}
STATE: BACKUP
VRID: 51
PRIORITY: 50
{% endif %}
service.running:
- name: keepalived
- reload: True
- watch:
- file: kp-install
6.执行推送
[[email protected] keepalived]# salt server4 state.sls keepalived.install
7.minion端查看,minion(server4)的ip地址中是否增加了虚拟IP172.25.83.100。(虽然部署的脚本中定义的server1是MSTER,server2是BACKUP,但是现在只有server4安装了keepalived,所以MASTER就是server4,即虚拟IP在server4端)
8.web界面输入172.25.83.100进行haproxy负载均衡的测试,并查看状态图:
- 可以看到server2和server3轮循出现,频率是1:1。
刷新一次网页
再次刷新网页
9.停掉server2的httpd服务或server3的nginx服务(我这里演示停掉server2的httpd服务),再次进行测试:
[[email protected] ~]# systemctl stop httpd- 可以看到只有server3出现,server2不再出现。
再次刷新网页
- 查看server4的状态图,可以看到server2对应的app1显示红色,即已经挂掉
10.重启server2端的httpd服务为,再次进行测试:
[[email protected] ~]# systemctl start httpd #或者再次高级推送:salt '*' state.highstate;或者给server2再次推送httpd服务:salt server2 state.sls httpd.service- 可以看到serve2和server3轮循出现,频率是1:1
刷新一次网页
再次刷新网页
至此keepalived的配置也就完成了。
11.编辑之前编写的top.sls文件,高级推送,即给server1推送haproxy服务+keepalived服务,server2推送httpd服务,server3推送nginx服务,server4推送haproxy服务+keepalived服务。(虽然之前有的已经推送过,但是也没有关系)
[[email protected] ~]# cd /srv/salt/
[[email protected] salt]# ls
_grains haproxy httpd keepalived nginx top.sls users
[[email protected] salt]# vim top.sls
base:
'server1':
- haproxy.install
- keepalived.install
'server4':
- haproxy.install
- keepalived.install
'server2':
- httpd.service
'server3':
- nginx.service
[[email protected] salt]# salt '*' state.highstate- 在server1查看haproxy服务对应的80端口是否已经打开,并查看虚拟IP172.25.83.100是否存在
- 在server2端查看httpd服务对应的8888端口是否已经打开
- 在server3端查看nginx服务对应的80端口是否已经打开
- 在server4端查看haproxy服务对应的80端口是否已经打开,并查看虚拟IP172.25.83.100是否已经消失(因为定义的server1是MASTER,server4是BACKUP)
12.在server1端安装mailx服务,以便查看收到的email信息。
[[email protected] ~]# yum install mailx -y
13.停掉server1的keepalived服务,再次进行测试:
[[email protected] salt]# systemctl stop keepalived- 此时发现,虚拟IP出现在server4端,server1端上已经没有虚拟IP172.25.83.100
- 此时web界面访问,发现没有受到任何影响
可以看到serve2和server3轮循出现,频率是1:1
刷新一次网页
再次刷新网页
14.重启server1端的keepalived服务,再次进行测试:
[[email protected] salt]# systemctl start keepalived #或者高级推送:salt '*' state.highstate,或者给server1端推送keepalived服务:salt server4 keepalived.install- 此时发现,虚拟IP又回到了server1端,server4端已经没有虚拟IP172.25.83.100了
- 此时web界面访问,发现没有受到任何影响
可以看到serve2和server3轮循出现,频率是1:1
刷新一次网页
再次刷新网页