saltstack自动化运维系列⑥SaltStack实践安装配置HAproxy的Keepalived
saltstack自动化运维系列⑥SaltStack实践安装配置HAproxy的Keepalived
安装配置Keepalived
1、编写功能模块
#创建keepalived目录
# mkdir -p /srv/salt/prod/keepalived/files
# cd /srv/salt/prod/keepalived/files
#获取并解压keepalived
# wget http://www.keepalived.org/software/keepalived-1.2.19.tar.gz
# tar xf keepalived-1.2.19.tar.gz
# cd keepalived-1.2.19
#从源码包拷贝启动脚本、配置文件到files目录
# cp keepalived/etc/init.d/keepalived.init /srv/salt/prod/keepalived/files/
# cp keepalived/etc/init.d/keepalived.sysconfig /srv/salt/prod/keepalived/files/
# cp keepalived/etc/keepalived/keepalived.conf /srv/salt/prod/keepalived/files/
修改启动脚本:
vim prod/keepalived/files/keepalived.init
23 daemon /usr/local/keepalived/sbin/keepalived ${KEEPALIVED_OPTIONS}
#编写install.sls文件
# cd /srv/salt/prod/keepalived/
# vim install.sls
include: - pkg.pkg-init keepalived-install: file.managed: - name: /usr/local/src/keepalived-1.2.19.tar.gz - source: salt://keepalived/files/keepalived-1.2.19.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar xf keepalived-1.2.19.tar.gz && cd keepalived-1.2.19 && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install - unless: test -d /usr/local/keepalived - require: - pkg: pkg-init - file: keepalived-install keepalived-init: file.managed: - name: /etc/init.d/keepalived - source: salt://keepalived/files/keepalived.init - user: root - group: root - mode: 755 cmd.run: - name: chkconfig --add keepalived - unless: chkconfig --list |grep keepalived - require: - file: keepalived-init /etc/sysconfig/keepalived: file.managed: - source: salt://keepalived/files/keepalived.sysconfig - user: root - group: root - mode: 644 /etc/keepalived: file.directory: - user: root - group: root - mode: 755
测试
# salt '*' state.sls keepalived.install env=prod test=True
2、编写业务模块
# cd /srv/salt/prod/cluster
#编写keepalived配置文件
# cd files/
# vim haproxy-outside-keepalived.conf
! Configuration File for keepalived global_defs { notification_email { saltstack@example.com } notification_email_from keepalived@example.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id {{ROUTEID}} # jinja模板变量 } vrrp_instance haproxy_ha { state {{STATEID}} # jinja模板变量 interface eth0 virtual_router_id 36 priority {{PRIORITYID}} # jinja模板变量 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.3.11 } }
#编写用于管理keepalived配置文件的SLS
# cd /srv/salt/prod/cluster
# vim haproxy-outside-keepalived.sls
include: - keepalived.install keepalived-serivce: file.managed: - name: /etc/keepalived/keepalived.conf - source: salt://cluster/files/haproxy-outside-keepalived.conf - user: root - group: root - mode: 644 - template: jinja {% if grains['fqdn'] == 'mini1' %} - ROUTEID: haproxy_ha - STATEID: MASTER - PRIORITYID: 150 {% elif grains['fqdn'] == 'node2.chinasoft.com' %} - ROUTEID: haproxy_ha - STATEID: BACKUP - PRIORITYID: 100 {% endif %} service.running: - name: keepalived - enable: True - watch: - file: keepalived-serivce
测试
# salt '*' state.sls cluster.haproxy-outside-keepalived env=prod test=True
#在top.sls中加入keepalived
# cd /srv/salt/base
# vim top.sls
base:
'*':
- init.env_init
prod:
'*':
- cluster.haproxy-outside
- cluster.haproxy-outside-keepalived
#执行安装和配置keepalived
# salt '*' state.highstate
查看mini1主机的IP地址,可以看到vip 192.168.3.11已经在Mini1上
# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:f3:33:f8 brd ff:ff:ff:ff:ff:ff inet 192.168.3.12/24 brd 192.168.3.255 scope global eth0 inet 192.168.3.11/32 scope global eth0 inet6 fe80::20c:29ff:fef3:33f8/64 scope link valid_lft forever preferred_lft forever
访问:http://192.168.3.11:8888/haproxy-status Ok
测试vip的漂移:
min1停用keepalived服务:
# /etc/init.d/keepalived stop
node2.chinasoft.com查看vip就到了node2.chinasoft.com机器上
# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:55:2e:82 brd ff:ff:ff:ff:ff:ff inet 192.168.3.19/24 brd 192.168.3.255 scope global eth0 inet 192.168.3.11/32 scope global eth0 inet6 fe80::20c:29ff:fe55:2e82/64 scope link valid_lft forever preferred_lft forever
重新启动mini1的keepalived服务,vip又回到了mini1上
修改haproxy配置,可以实现算法轮询等高级功能vim /srv/salt/prod/cluster/files/haproxy-outside.cfg
