使用ansible实现haproxy轮询

ansible实现haproxy轮询

项目环境：

主机名	IP地址	用户
ansible	192.168.100.141	greg
node1	192.168.100.142	root
node2	192.168.100.143	root
node3	192.168.100.140	root

实验步骤：

部署httpd

1. 配置主机清单

   [root@ansible /etc/ansible]#vim hosts
   [webservice]
   node1
   node2
   [haproxy]
   node3
   

2. 编写角色模板

   [root@ansible /etc/ansible/roles/httpd]#cat tasks/main.yml
   ---
   # tasks file for httpd
   - name: stop firewalld
     service:
   	name: firewalld
   	state: stopped
   	enabled: no
   - name: stop selinux
     lineinfile:
   	path: /etc/selinux/config
   	regexp: '^SELINUX='
   	line: SELINUX=disabled
   - name: stop selinux1
     shell:
   	cmd: setenforce 0
   - name: set yum
     script: yum.sh
   - name: install httpd
     yum:
   	name: httpd
   	state: present
   - name: index.html
     template:
   	src: index.html.j2
   	dest: /var/www/html/index.html
   - name: restart httpd
     service:
   	name: httpd
   	state: restarted
   	enabled: yes
   

3. 编写仓库替换脚本

   [root@ansible /etc/ansible/roles/httpd]#cat files/yum.sh
   #!/bin/bash
   rm -rf /etc/yum.repos.d/*
   /usr/bin/curl -o /etc/yum.repos.d/CentOS-Base.repo
   https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
   yum reinstall -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
   /usr/bin/sed -i
   's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|'
   /etc/yum.repos.d/epel*
   /usr/bin/sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
   

4. 编写模板

   [root@ansible /etc/ansible/roles/httpd]#cat templates/index.html.j2
   welcome to {{ ansible_fqdn }} of {{ ansible_default_ipv4.address }}
   

5. 编写主要playbook

   [root@ansible /etc/ansible]#cat httpd.yml
   ---
   - name: use httpd role
     hosts: node2
   	roles:
   	  - httpd
   

部署harpoxy

1. 编写角色模板

   [root@ansible /etc/ansible/roles/haproxy]#cat tasks/main.yml
   ---
   # tasks file for haproxy
   - name: stop firewalld
     service:
   	name: firewalld
   	state: stopped
   	enabled: no
   - name: stop selinux
     lineinfile:
   	path: /etc/selinux/config
   	regexp: '^SELINUX='
   	line: SELINUX=disabled
   - name: stop selinux1
     shell:
   	cmd: setenforce 0
   - name: set yum
     script: yum.sh
   - name: install haproxy
     yum:
   	name: haproxy
   	state: present
   - name: cp config
     template:
   	src: haproxy.cfg.j2
   	dest: /etc/haproxy/haproxy.cfg
   - name: restart haproxy
     service:
   	name: haproxy
   	state: restarted
   	enabled: yes
   
   

2. yum仓库替换脚本

   [root@ansible /etc/ansible/roles/haproxy]#cat files/yum.sh
   #!/bin/bash
   rm -rf /etc/yum.repos.d/*
   /usr/bin/curl -o /etc/yum.repos.d/CentOS-Base.repo
   https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
   yum install -y https://mirrors.aliyun.com/epel/epel-release-latest-8.noarch.rpm
   /usr/bin/sed -i
   's|^#baseurl=https://download.example/pub|baseurl=https://mirrors.aliyun.com|'
   /etc/yum.repos.d/epel*
   /usr/bin/sed -i 's|^metalink|#metalink|' /etc/yum.repos.d/epel*
   
   

3. 编写模板

   [root@ansible /etc/ansible/roles/haproxy]#cat templates/haproxy.cfg.j2
   {% for lx in groups.webservers %}
   server {{ hostvars[lx].ansible_fqdn }} {{
   hostvars[lx].ansible_default_ipv4.address }}:80 check
   {% endfor %}
   

4. 编写playbook

   [root@ansible /etc/ansible]#cat haproxy.yml
   ---
   - name: get webservers facts
     hosts: webservers
     
   - name: user haproxy
     hosts: node3
     roles:
   	- haproxy
   

5. 验证