SaltStack自动化安装配置haproxy
准备环境
node1:192.168.217.149 (saltstack master)
node2:192.168.217.150(saltstack minion)
下载haproxy1.6.2.tar.gz
下载地址:http://www.haproxy.org/download/1.6/src/
在node1:192.168.217.149 (saltstack master)上操作配置模块
一、依赖安装模块
1、pkg.installed的路径相对于prod在/etc/salt/master中配置的相对路径
mkdir /srv/salt/prod/ mkdir /srv/salt/prod/haproxy/files -pv mkdir mkdir /srv/salt/prod/pkg/files -pv cd /srv/salt/prod/pkg
2、编写依赖包配置文件
vim pkg-init.sls
vim pkg-init.sls pkg-init: pkg.installed: - names: - gcc - gcc-c++ - glibc - make - autoconf - openssl - openssl-devel
二、编写HAproxy状态模块
如何配置状态模块
手动编译安装一遍haproxy,记录安装步骤
1、haproxy编译安装
yum install gcc gcc-c++ glibc make autoconf openssl openssl-devel cd /usr/local/src tar -zxf haproxy-1.6.2.tar.gz make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
2、将配置文件、启动文件复制到/srv/salt/prod/haproxy/files下
step1: mv haproxy-1.6.2.tar.gz /srv/salt/prod/haproxy/files/ cd /srv/salt/prod/haproxy/files/ tar zxf haproxy-1.6.2.tar.gz cd haproxy-1.6.2/examples/ vim haproxy.init BIN=/usr/local/haporxy/sbin/$BASENAME step2: cp haproxy.init /srv/salt/prod/haproxy/files/ step3: cd /srv/salt/prod/haproxy/files rm -rf haproxy-1.6.2
3、编写install.sls
此文件不写haproxy的配置文件,是为了解耦。因为安装和启动时原子操作,在哪都必须,但是配置文件,在不同环境下是不一样的
vim install.sls
include: - pkg.pkg-init haproxy-install: file.managed: - name: /usr/local/src/haproxy-1.6.2.tar.gz - source: salt://haproxy/files/haproxy-1.6.2.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src && tar zxf haproxy-1.6.2.tar.gz && cd haproxy-1.6.2 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy - unless: test -d /usr/local/haproxy - require: - pkg: pkg-init - file: haproxy-install haproxy-init: file.managed: - name: /etc/init.d/haproxy - source: salt://haproxy/files/haproxy.init - user: root - group: root - mode: 755 - require: - cmd: haproxy-install cmd.run: - name: chkconfig --add haproxy - unless: chkconfig --list | grep haproxy - require: - file: /etc/init.d/haproxy net.ipv4.ip_nonlocal_bind: sysctl.present: - value: 1 haproxy-config-dir: file.directory: - name: /etc/haproxy - user: root - group: root - mode: 755
提示:
1、如果是拷贝配置文件,确保$符号和配置之间没有空格,不然执行会出错,vim下,使用set list命令可以查看
2、层级关系是2、4、6个空格
建议先执行测试然后再实际配置修改,命令如下:
# salt '*' state.sls haproxy.install env=prod test=True
三、编写业务引用
1、haproxy配置文件
mkdir -p /srv/salt/prod/cluster/files cd /srv/salt/prod/cluster/files/
vim /srv/salt/prod/cluster/files/haproxy-outside.cfg
global maxconn 100000 chroot /usr/local/haproxy uid 99 gid 99 daemon nbproc 1 pidfile /usr/local/haproxy/logs/haproxy.pid log 127.0.0.1 local3 info defaults option http-keep-alive maxconn 100000 mode http timeout connect 5000ms timeout client 50000ms timeout server 50000ms listen stats mode http bind 0.0.0.0:8888 stats enable stats uri /haproxy-status stats auth haproxy:saltstack frontend frontend_www_example_com bind 192.168.3.11:80 mode http option httplog log global default_backend backend_www_example_com backend backend_www_example_com option forwardfor header X-REAL-IP option httpchk HEAD / HTTP/1.0 balance source server web-node1 192.168.217.149:8080 check inter 2000 rise 30 fall 15 server web-node2 192.168.217.150:8080 check inter 2000 rise 30 fall 15
cd /srv/salt/prod/cluster/
vim /srv/salt/prod/cluster/haproxy-outside.sls
include: - haproxy.install haproxy-service: file.managed: - name: /etc/haproxy/haproxy.cfg - source: salt://cluster/files/haproxy-outside.cfg - user: root - group: root - mode: 644 service.running: - name: haproxy - enable: True - reload: True - require: - cmd: haproxy-init - watch: - file: haproxy-service
2、编写top.sls
cd /srv/salt/base/
vim top.sls
base: '*': - init.env_init prod: "node1": - cluster.haproxy-outside "node2": - cluster.haproxy-outside
三、执行安装配置
salt '*' state.highstate
四、Web查看服务状态
从web登陆192.168.217.149:8888/haproxy-status
用户名和密码在/srv/salt/prod/cluster/files/haproxy-outside.cfg中
grep 'auth' /srv/salt/prod/cluster/files/haproxy-outside.cfg stats auth haproxy:saltstack
界面如下: