SaltStack自动化安装配置haproxy

准备环境
node1:192.168.217.149 (saltstack master)
node2:192.168.217.150(saltstack minion)
下载haproxy1.6.2.tar.gz
下载地址:http://www.haproxy.org/download/1.6/src/

在node1:192.168.217.149 (saltstack master)上操作配置模块

一、依赖安装模块
1、pkg.installed的路径相对于prod在/etc/salt/master中配置的相对路径

mkdir /srv/salt/prod/
mkdir /srv/salt/prod/haproxy/files -pv
mkdir mkdir /srv/salt/prod/pkg/files -pv
cd /srv/salt/prod/pkg

2、编写依赖包配置文件

vim pkg-init.sls

vim pkg-init.sls
pkg-init:
  pkg.installed:
    - names:
      - gcc
      - gcc-c++
      - glibc
      - make
      - autoconf
      - openssl
      - openssl-devel

二、编写HAproxy状态模块 

如何配置状态模块
手动编译安装一遍haproxy,记录安装步骤
1、haproxy编译安装

yum install gcc gcc-c++ glibc make autoconf openssl openssl-devel
cd /usr/local/src
tar -zxf haproxy-1.6.2.tar.gz
make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy

2、将配置文件、启动文件复制到/srv/salt/prod/haproxy/files下

step1:
mv haproxy-1.6.2.tar.gz /srv/salt/prod/haproxy/files/
cd /srv/salt/prod/haproxy/files/
tar zxf haproxy-1.6.2.tar.gz
cd haproxy-1.6.2/examples/
vim haproxy.init
BIN=/usr/local/haporxy/sbin/$BASENAME
step2:
cp haproxy.init /srv/salt/prod/haproxy/files/
step3:
cd /srv/salt/prod/haproxy/files
rm -rf haproxy-1.6.2

3、编写install.sls
此文件不写haproxy的配置文件,是为了解耦。因为安装和启动时原子操作,在哪都必须,但是配置文件,在不同环境下是不一样的

vim install.sls

include:
  - pkg.pkg-init

haproxy-install:
  file.managed:
    - name: /usr/local/src/haproxy-1.6.2.tar.gz
    - source: salt://haproxy/files/haproxy-1.6.2.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && tar zxf haproxy-1.6.2.tar.gz && cd haproxy-1.6.2 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
    - unless: test -d /usr/local/haproxy
    - require:
      - pkg: pkg-init
      - file: haproxy-install

haproxy-init:
  file.managed:
    - name: /etc/init.d/haproxy
    - source: salt://haproxy/files/haproxy.init
    - user: root
    - group: root
    - mode: 755
    - require:
      - cmd: haproxy-install
  cmd.run:
    - name: chkconfig --add haproxy
    - unless: chkconfig --list | grep haproxy
    - require:
      - file: /etc/init.d/haproxy

net.ipv4.ip_nonlocal_bind:
  sysctl.present:
    - value: 1

haproxy-config-dir:
  file.directory:
    - name: /etc/haproxy
    - user: root
    - group: root
    - mode: 755

提示:
1、如果是拷贝配置文件,确保$符号和配置之间没有空格,不然执行会出错,vim下,使用set list命令可以查看
2、层级关系是2、4、6个空格
建议先执行测试然后再实际配置修改,命令如下:
# salt '*' state.sls haproxy.install env=prod test=True

三、编写业务引用

1、haproxy配置文件

mkdir -p /srv/salt/prod/cluster/files
cd /srv/salt/prod/cluster/files/ 

vim /srv/salt/prod/cluster/files/haproxy-outside.cfg

global
maxconn 100000
chroot /usr/local/haproxy
uid 99 
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
listen stats
mode http
bind 0.0.0.0:8888
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack
frontend frontend_www_example_com
bind 192.168.3.11:80
mode http
option httplog
log global
default_backend backend_www_example_com
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.217.149:8080 check inter 2000 rise 30 fall 15
server web-node2 192.168.217.150:8080 check inter 2000 rise 30 fall 15

cd /srv/salt/prod/cluster/
vim /srv/salt/prod/cluster/haproxy-outside.sls

include:
  - haproxy.install
 
haproxy-service:
  file.managed:
    - name: /etc/haproxy/haproxy.cfg
    - source: salt://cluster/files/haproxy-outside.cfg
    - user: root
    - group: root
    - mode: 644
  service.running:
    - name: haproxy
    - enable: True
    - reload: True
    - require:
      - cmd: haproxy-init
    - watch:
      - file: haproxy-service

2、编写top.sls

cd /srv/salt/base/
vim top.sls

base:
  '*':
    - init.env_init
prod:
  "node1":
    - cluster.haproxy-outside
  "node2":
    - cluster.haproxy-outside

三、执行安装配置

salt '*' state.highstate

四、Web查看服务状态
从web登陆192.168.217.149:8888/haproxy-status

用户名和密码在/srv/salt/prod/cluster/files/haproxy-outside.cfg中

grep 'auth' /srv/salt/prod/cluster/files/haproxy-outside.cfg
stats auth haproxy:saltstack

界面如下:

  

posted @ 2018-02-28 16:43  wclwcw  阅读(255)  评论(0编辑  收藏  举报