4.2 salt haproxy jinja模版
http://www.cnblogs.com/caoxiaojian/p/5095653.html
配置管理
haproxy的安装部署
创建相关目录
# 创建配置目录[[email protected] ~]# mkdir /srv/salt/prod/pkg/[[email protected]ode1 ~]# mkdir /srv/salt/prod/haproxy/# 启动脚本、配置文件放在这里[[email protected] ~]# mkdir /srv/salt/prod/haproxy/files
编写pkg-init文件
[[email protected] ~]# cd /srv/salt/prod/pkg/[[email protected] pkg]# vim pkg-init.slspkg-init: # ID describe pkg.installed: # pkg模块 installed方法 - names: - gcc - gcc-c++ - glibc - make - autoconf - openssl - openssl-devel
编写方法:
首先自己先安装一遍,然后将步骤移植到sls文件中。
[[email protected] prod]# cd /srv/salt/prod/haproxy/files/[[email protected] files]# ll-rw-r--r-- 1 root root 1538976 11月 7 09:04 haproxy-1.6.2.tar.gz [[email protected] files]# cp haproxy-1.6.2.tar.gz /usr/local/src/[[email protected] files]# cd /usr/local/src/[[email protected] src]# tar zxf haproxy-1.6.2.tar.gz [[email protected] src]# cd haproxy-1.6.2[[email protected] haproxy-1.6.2]# make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
修改启动文件
[[email protected] examples]# pwd/usr/local/src/haproxy-1.6.2/examples [[email protected] examples]# vim haproxy.init BIN=/usr/local/haproxy/sbin/$BASENAME# 拷贝启动文件到salt目录[[email protected] examples]# cp haproxy.init /srv/salt/prod/haproxy/files/
编写安装文件
[[email protected] examples]# cd /srv/salt/prod/haproxy/[[email protected] haproxy]# vim install.slsinclude: # 导入pkg目录下的pkg-init.sls文件 - pkg.pkg-init haproxy-install: # 定义声明一个ID file.managed: # file模块下的managed方法 - name: /usr/local/src/haproxy-1.6.2.tar.gz # 文件名:拷贝minion端这里,文件名是haproxy-1.6.2.tar.gz - source: salt://haproxy/files/haproxy-1.6.2.tar.gz # 从这里拷贝 - user: root # 用户 - group: root # 组 - mode: 755 # 权限 cmd.run: # 执行命令 - name: cd /usr/local/src/ && tar zxf haproxy-1.6.2.tar.gz && cd haproxy-1.6.2 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy - unless: test -d /usr/local/haproxy # 判断是否存在,unless返回值是false时,才执行命令 - require: # 依赖下面的内容 - pkg: pkg-init # pkg是模块 - file: haproxy-install # file也是模块haproxy-init: # 定义声明一个ID file.managed: - name: /etc/init.d/haproxy - source: salt://haproxy/files/haproxy.init - user: root - group: root - mode: 755 - require: - cmd: haproxy-install cmd.run: - name: chkconfig --add haproxy - unless: chkconfig --list |grep haproxy - require: - file: haproxy-init net.ipv4.ip_nonlocal_bind: # 定义声明一个ID sysctl.present: # 修改系统的kernel值 - value: 1 # 改值为1haproxy-config-dir: file.directory: - name: /etc/haproxy - user: root - group: root - mode: 755
查看安装文件并执行
[[email protected] haproxy]# pwd/srv/salt/prod/haproxy [[email protected] haproxy]# tree. ├── files │ ├── haproxy-1.6.2.tar.gz │ └── haproxy.init └── install.sls# 单个执行,另外需要指定环境是prod,不指定默认为base[[email protected] haproxy]# salt 'linux-node1.*' state.sls haproxy.install env=prod
编辑配置文件
# 编辑top文件[[email protected] cluster]# cd /srv/salt/base/[[email protected] base]# vim top.sls base: '*': - init.env_init prod: 'linux-node1.example.com': - cluster.haproxy-outside 'linux-node2.example.com': - cluster.haproxy-outside
修改后端RS的端口
[[email protected] base]# vim /etc/httpd/conf/httpd.conf # 端口改成8080,与上面haproxy的配置一样
测试通过后,执行高级状态
[[email protected] base]# salt '*' state.highstate test=True[[email protected] base]# salt '*' state.highstate
在RS上设置index.html
分别色设置,没有的话会报错403
[[email protected] ~]# vim /var/www/html/index.html
访问haproxy的状态
# 用户名密码在haproxy-outside.cfg中配置
keepalived的安装部署
首先自己安装一次
[[email protected] base]# cd /usr/local/src[[email protected] src]# wget http://www.keepalived.org/software/keepalived-1.2.19.tar.gz[[email protected] src]# tar zxf keepalived-1.2.19.tar.gz [[email protected] src]# cd keepalived-1.2.19[[email protected] keepalived-1.2.19]# ./configure --prefix=/usr/local/keepalived --disable-fwmark[[email protected] keepalived-1.2.19]# make && make install
建立文件放置目录
[[email protected] etc]# pwd/usr/local/src/keepalived-1.2.19/keepalived/etc [[email protected] etc]# mkdir /srv/salt/prod/keepalived/[[email protected] etc]# mkdir /srv/salt/prod/keepalived/files[[email protected] etc]# cp init.d/keepalived.init /srv/salt/prod/keepalived/files/[[email protected] etc]# cp keepalived/keepalived.conf /srv/salt/prod/keepalived/files/[[email protected] etc]# cp /usr/local/src/keepalived-1.2.19.tar.gz /srv/salt/prod/keepalived/files/[[email protected] init.d]# cp /usr/local/src/keepalived-1.2.19/keepalived/etc/init.d/keepalived.sysconfig /srv/salt/prod/keepalived/files/# files中的文件有[[email protected] sysconfig]# cd /srv/salt/prod/keepalived/files/[[email protected] files]# ll总用量 336 -rw-r--r-- 1 root root 330164 1月 2 23:47 keepalived-1.2.19.tar.gz-rw-r--r-- 1 root root 3562 1月 2 23:46 keepalived.conf-rwxr-xr-x 1 root root 1335 1月 2 23:51 keepalived.init-rw-r--r-- 1 root root 667 1月 3 00:13 keepalived.sysconfig
修改启动脚本
[[email protected] files]# vim keepalived.init daemon /usr/local/keepalived/sbin/keepalived ${KEEPALIVED_OPTIONS}
编辑安装文件
[[email protected] keepalived]# pwd/srv/salt/prod/keepalived [[email protected] keepalived]# cat install.sls include: - pkg.pkg-init keepalived-install: file.managed: - name: /usr/local/src/keepalived-1.2.19.tar.gz - source: salt://keepalived/files/keepalived-1.2.19.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf keepalived-1.2.19.tar.gz && cd keepalived-1.2.19 && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install - unless: test -d /usr/local/keepalived - require: - pkg: pkg-init - file: keepalived-install keepalived-init: file.managed: - name: /etc/init.d/keepalived - source: salt://keepalived/files/keepalived.init - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add keepalived - unless: chkconfig --list | grep keepalived - require: - file: keepalived-init/etc/sysconfig/keepalived: file.managed: - source: salt://keepalived/files/keepalived.sysconfig - user: root - group: root - mode: 644 /etc/keepalived: file.directory: - user: root - group: root - mode: 755
执行安装
[[email protected] keepalived]# salt '*' state.sls keepalived.install env=prod
业务模块
keepalived的配置文件
[[email protected] ~]# cd /srv/salt/prod/cluster/files/[[email protected] files]# vim haproxy-outside-keepalived.conf! Configuration File for keepalived global_defs { notification_email { [email protected] } notification_email_from [email protected] smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id `ROUTEID` } vrrp_instance haproxy_ha { state `STATEID` interface eth0 virtual_router_id 36priority `PRIORITYID` advert_int 1authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.0.0.11 # 这个VIP在haproxy的配置文件中也有 } }
keepalived的启动文件
其中定义了上面需要的变量,用到了jinja模版
[[email protected] cluster]# cd /srv/salt/prod/cluster/[[email protected] cluster]# vim haproxy-outside-keepalived.slsinclude: - keepalived.install keepalived-service: file.managed: - name: /etc/keepalived/keepalived.conf - source: salt://cluster/files/haproxy-outside-keepalived.conf - user: root - group: root - mode: 644 - template: jinja {% if grains['fqdn'] == 'linux-node1.example.com' %} - ROUTEID: haproxy_ha - STATEID: MASTER - PRIORITYID: 150 {% elif grains['fqdn'] == 'linux-node2.example.com' %} - ROUTEID: haproxy_ha - STATEID: BACKUP - PRIORITYID: 100 {% endif %} service.running: - name: keepalived - enable: True - watch: - file: keepalived-service
编辑top文件
[[email protected] base]# cd /srv/salt/base/[[email protected] base]# cat top.sls base: '*': - init.env_init prod: 'linux-node1.example.com': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived 'linux-node2.example.com': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived
执行高级状态
先单独执行下,看有没有错误在执行高级状态
[[email protected] cluster]# salt '*' state.sls cluster.haproxy-outside-keepalived env=prod[[email protected] cluster]# salt '*' state.highstate
查看结果
[[email protected] base]# ip a |grep eth02: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 inet 10.0.0.7/24 brd 10.0.0.255 scope global eth0 inet 10.0.0.11/32 scope global eth0 当master的keepaliveddown掉后,VIP会飘到backup上
haproxy的调度设置
[[email protected] base]# grep "balance" /srv/salt/prod/cluster/files/haproxy-outside.cfg balance roundrobin #轮询;source:固定不变可以在haproxy-status页面上查看到变化
如图
zabbix-agent的安装部署
开启pillar
[[email protected] init]# vim /etc/salt/masterpillar_roots: base: - /srv/pillar/base [[email protected] init]# mkdir /srv/pillar/base[[email protected] init]# /etc/init.d/salt-master restartStopping salt-master daemon: [确定] Starting salt-master daemon: [确定]
结构
[[email protected] salt]# tree
.
├── base
│ ├── _modules
│ │ └── my_disk.py
│ └── top.sls
└── prod
├── cluster
│ ├── files
│ │ └── haproxy-outside-keepalived.conf
│ └── haproxy-outside-keepalived.sls
├── haproxy
│ ├── files
│ │ ├── haproxy-1.5.4.tar.gz
│ │ └── haproxy.init
│ └── install.sls
├── keepalived
│ ├── files
│ │ ├── keepalived-1.2.19.tar.gz
│ │ ├── keepalived.conf
│ │ ├── keepalived.init
│ │ └── keepalived.sysconfig
│ └── install.sls
└── pkg
└── pkg-init.sls