使用playbook实现一键部署负载均衡

环境

主机名 安装服务 wan lan
lb01 nginx+keepalived(抢占式) 10.0.0.5(master) 172.16.1.5
lb02 nginx+keepalived(抢占式) 10.0.0.6(backup) 172.16.1.6
10.0.0.3(虚拟ip) ---

流程分析

1.安装ansible
2.优化ansible
3.推送公钥
4.开启防火墙
5.开启80 443 873 nfs等端口和服务白名单
6.关闭selinux
7.创建同一的用户
	1.安装nginx
	2.拷贝nginx配置文件和 server
	3.写入include文件(proxy_params)
	4.安装keepalived
	5.优化keepalived(启动脚本)
	6.拷贝keepalived配置文件,配置master
	7.拷贝keepalived配置文件,配置backup
	8.启动nginx keepalived

主机清单

mkdir /root/ansible/lb -p && \
vim /root/ansible/lb/hosts

[lb_group]
172.16.1.5 ansible_ssh_port=22 asible_ssh_user=root
172.16.1.6 ansible_ssh_port=22 asible_ssh_user=root

负载均衡server

mkdir /root/ansible/lb/conf.d && \
vim /root/ansible/lb/conf.d/wp.zh.conf

upstream backend {
    server 10.0.0.7;
    server 10.0.0.8;
    server 10.0.0.9;
}
server {
	listen 80;
	server_name cs.wp.com cs.zh.com;

    location / {
        proxy_pass http://backend;    
        include proxy_params;
    }
}

nginx配置文件

vim /root/ansible/lb/nginx.conf 

user  www;
worker_processes  auto;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

编辑params

vim /root/ansible/lb/proxy_params

# 客户端的请求头部信息,带着域名来找我,我也带着域名去找下一级(代理机或者代理服务器)
proxy_set_header Host $host;
# 显示客户端的真实ip(和代理的所有IP)
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	
#nginx代理与后端服务器连接超时时间(代理连接超时)
proxy_connect_timeout 60s;
#nginx代理等待后端服务器的响应时间
proxy_read_timeout 60s;
	#后端服务器数据回传给nginx代理超时时间
proxy_send_timeout 60s;
	
#nignx会把后端返回的内容先放到缓冲区当中,然后再返回给客户端,边收边传, 不是全部接收完再传给客户端
proxy_buffering on;
#设置nginx代理保存用户头信息的缓冲区大小
proxy_buffer_size 4k;
#proxy_buffer_size 8k;
#proxy_buffers 缓冲区
proxy_buffers 8 4k;
#proxy_buffers 8 8k;
#使用http 1.1协议版本
proxy_http_version 1.1;

#错误页面重定向
proxy_next_upstream error timeout http_500 http_502 http_503 http_504 http_404;

优化keepalived

vim /root/ansible/lb/keepalived.service 

[Unit]
Description=LVS and VRRP High Availability Monitor
After=syslog.target network-online.target

[Service]
Type=forking
PIDFile=/var/run/keepalived.pid
#KillMode=process
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

keepalived抢占式(master)配置文件

vim /root/ansible/lb/keepalived.master.conf
global_defs {                   #全局配置
    router_id lb01              #标识身份->名称(随意写)
}

vrrp_instance VI_1 {		  #标识身份->名称(随意)
    state MASTER                #标识角色状态(随意)
    interface eth0              #网卡绑定接口(错绑后修改后需要重启服务器生效)
    virtual_router_id 50        #虚拟路由id(1-254),多个节点的设置必须一样(注释),不同高可用的keepaliced virtual_router_id不能相同
    priority 150                #优先级(主高备低)(修改后,重启服务器才能生效)
    advert_int 1                #监测间隔时间(不同的节点设置必须相同)(检测同一路由id的keepalived,检测nginx是否存活)
    authentication {            #认证(节点设置必须相同)
        auth_type PASS          #认证方式(相同节点的话,相同)
        auth_pass 1111          #认证密码
    }
    virtual_ipaddress {         
        10.0.0.3                #虚拟的VIP地址,(节点设置必须相同,最好是公网ip),可多设,每行一个,vip必须是公网ip,两个负载的eth0网卡也必须是公网ip
    }
}

keepalived抢占式(backup)配置文件

vim /root/ansible/lb/keepalived.backup.conf
global_defs {
    router_id lb02
}

vrrp_instance VI_1 {
    state BACKUP        
    interface eth0
    virtual_router_id 50
    priority 100
    advert_int 1
    authentication {    
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.3
    }
}

yml

vim /root/ansible/lb/lb.yml

- hosts: all
  tasks:
    - name: jieya nginx_php.tar.gz
      unarchive:
        src: /root/nginx_php.tar.gz
        dest: /root

    - name: install nginx keepalived
      shell: "{{ item }}"
      with_items:
        - "yum localinstall -y /root/rpm/nginx*"
        - "yum install -y keepalived"
      when: ansible_hostname is match "lb*"
      
    - name: config nginx keepalived.server
      copy:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
      with_items:
        - { src: "/root/ansible/lb/nginx.conf",dest: "/etc/nginx/"}
        - { src: "/root/ansible/lb/conf.d/wp.zh.conf",dest: "/etc/nginx/conf.d/"}
        - { src: "/root/ansible/lb/proxy_params",dest: "/etc/nginx/"}
        - { src: "/root/ansible/lb/keepalived.service",dest: "/usr/lib/systemd/system/"}
        
    - name: config master   
      copy:
        src: "/root/ansible/lb/keepalived.master.conf"
        dest: "/etc/keepalived/keepalived.conf"
      when: ansible_hostname is match "lb01"
      
    - name: config backup   
      copy:
        src: "/root/ansible/lb/keepalived.backup.conf"
        dest: "/etc/keepalived/keepalived.conf"
      when: ansible_hostname is match "lb02"   
      
    - name: start nginx keepalived
      systemd:
        name: "{{ item }}"
        state: started
        enabled: yes
      with_items:
        - nginx
        - keepalived
        

执行

1.执行base.yml
[root@m01 ~]# ansible-playbook /root/ansible/base.yml -i /root/ansible/lb/hosts

2.执行lb.yml
[root@m01 ~]# ansible-playbook /root/ansible/lb/lb.yml -i /root/ansible/lb/hosts

QQ截图20200613222432.png

问题描述:没有执行base.yml,没有创建www用户,导致nginx无法启动(nginx -sreload发现)

posted @ 2020-06-13 23:25  看萝卜在飘  阅读(269)  评论(0编辑  收藏  举报