使用playbook實現一鍵部署負載均衡

環境

主機名	安裝服務	wan	lan
lb01	nginx+keepalived（搶佔式）	10.0.0.5(master)	172.16.1.5
lb02	nginx+keepalived（搶佔式）	10.0.0.6(backup)	172.16.1.6
		10.0.0.3（虛擬ip）	---

流程分析

1.安裝ansible
2.優化ansible
3.推送公鑰
4.開啓防火牆
5.開啓80 443 873 nfs等端口和服務白名單
6.關閉selinux
7.建立同一的用戶
	1.安裝nginx
	2.拷貝nginx配置文件和 server
	3.寫入include文件（proxy_params）
	4.安裝keepalived
	5.優化keepalived（啓動腳本）
	6.拷貝keepalived配置文件，配置master
	7.拷貝keepalived配置文件，配置backup
	8.啓動nginx keepalived

主機清單

mkdir /root/ansible/lb -p && \
vim /root/ansible/lb/hosts

[lb_group]
172.16.1.5 ansible_ssh_port=22 asible_ssh_user=root
172.16.1.6 ansible_ssh_port=22 asible_ssh_user=root

負載均衡server

mkdir /root/ansible/lb/conf.d && \
vim /root/ansible/lb/conf.d/wp.zh.conf

upstream backend {
    server 10.0.0.7;
    server 10.0.0.8;
    server 10.0.0.9;
}
server {
	listen 80;
	server_name cs.wp.com cs.zh.com;

    location / {
        proxy_pass http://backend;    
        include proxy_params;
    }
}

nginx配置文件

vim /root/ansible/lb/nginx.conf 

user  www;
worker_processes  auto;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

編輯params

vim /root/ansible/lb/proxy_params

# 客戶端的請求頭部信息，帶着域名來找我，我也帶着域名去找下一級（代理機或者代理服務器）
proxy_set_header Host $host;
# 顯示客戶端的真實ip（和代理的全部IP）
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	
#nginx代理與後端服務器鏈接超時時間(代理鏈接超時)
proxy_connect_timeout 60s;
#nginx代理等待後端服務器的響應時間
proxy_read_timeout 60s;
	#後端服務器數據回傳給nginx代理超時時間
proxy_send_timeout 60s;
	
#nignx會把後端返回的內容先放到緩衝區當中，而後再返回給客戶端,邊收邊傳, 不是所有接收完再傳給客戶端
proxy_buffering on;
#設置nginx代理保存用戶頭信息的緩衝區大小
proxy_buffer_size 4k;
#proxy_buffer_size 8k;
#proxy_buffers 緩衝區
proxy_buffers 8 4k;
#proxy_buffers 8 8k;
#使用http 1.1協議版本
proxy_http_version 1.1;

#錯誤頁面重定向
proxy_next_upstream error timeout http_500 http_502 http_503 http_504 http_404;

優化keepalived

vim /root/ansible/lb/keepalived.service 

[Unit]
Description=LVS and VRRP High Availability Monitor
After=syslog.target network-online.target

[Service]
Type=forking
PIDFile=/var/run/keepalived.pid
#KillMode=process
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

keepalived搶佔式（master）配置文件

vim /root/ansible/lb/keepalived.master.conf
global_defs {                   #全局配置
    router_id lb01              #標識身份->名稱（隨意寫）
}

vrrp_instance VI_1 {		  #標識身份->名稱（隨意）
    state MASTER                #標識角色狀態（隨意）
    interface eth0              #網卡綁定接口（錯綁後修改後須要重啓服務器生效）
    virtual_router_id 50        #虛擬路由id（1-254）,多個節點的設置必須同樣（註釋），不一樣高可用的keepaliced virtual_router_id不能相同
    priority 150                #優先級（主高備低）（修改後，重啓服務器才能生效）
    advert_int 1                #監測間隔時間（不一樣的節點設置必須相同）（檢測同一路由id的keepalived，檢測nginx是否存活）
    authentication {            #認證（節點設置必須相同）
        auth_type PASS          #認證方式（相同節點的話，相同）
        auth_pass 1111          #認證密碼
    }
    virtual_ipaddress {         
        10.0.0.3                #虛擬的VIP地址，（節點設置必須相同，最好是公網ip），可多設，每行一個，vip必須是公網ip，兩個負載的eth0網卡也必須是公網ip
    }
}

keepalived搶佔式（backup）配置文件

vim /root/ansible/lb/keepalived.backup.conf
global_defs {
    router_id lb02
}

vrrp_instance VI_1 {
    state BACKUP        
    interface eth0
    virtual_router_id 50
    priority 100
    advert_int 1
    authentication {    
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.3
    }
}

yml

vim /root/ansible/lb/lb.yml

- hosts: all
  tasks:
    - name: jieya nginx_php.tar.gz
      unarchive:
        src: /root/nginx_php.tar.gz
        dest: /root

    - name: install nginx keepalived
      shell: "{{ item }}"
      with_items:
        - "yum localinstall -y /root/rpm/nginx*"
        - "yum install -y keepalived"
      when: ansible_hostname is match "lb*"
      
    - name: config nginx keepalived.server
      copy:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
      with_items:
        - { src: "/root/ansible/lb/nginx.conf",dest: "/etc/nginx/"}
        - { src: "/root/ansible/lb/conf.d/wp.zh.conf",dest: "/etc/nginx/conf.d/"}
        - { src: "/root/ansible/lb/proxy_params",dest: "/etc/nginx/"}
        - { src: "/root/ansible/lb/keepalived.service",dest: "/usr/lib/systemd/system/"}
        
    - name: config master   
      copy:
        src: "/root/ansible/lb/keepalived.master.conf"
        dest: "/etc/keepalived/keepalived.conf"
      when: ansible_hostname is match "lb01"
      
    - name: config backup   
      copy:
        src: "/root/ansible/lb/keepalived.backup.conf"
        dest: "/etc/keepalived/keepalived.conf"
      when: ansible_hostname is match "lb02"   
      
    - name: start nginx keepalived
      systemd:
        name: "{{ item }}"
        state: started
        enabled: yes
      with_items:
        - nginx
        - keepalived

執行

1.執行base.yml
[root@m01 ~]# ansible-playbook /root/ansible/base.yml -i /root/ansible/lb/hosts

2.執行lb.yml
[root@m01 ~]# ansible-playbook /root/ansible/lb/lb.yml -i /root/ansible/lb/hosts

問題描述：沒有執行base.yml,沒有建立www用戶，致使nginx沒法啓動（nginx -sreload發現）