一、目錄結構規劃以下node
mkdir -p /srv/salt/prod/haproxylinux
mkdir -p /srv/salt/prod/keepalivedc++
mkdir -p /srv/salt/prod/pkgweb
mkdir -p /srv/salt/prod/clusterless
mkdir -p /srv/salt/prod/haproxy/files/frontend
mkdir -p /srv/salt/prod/cluster/fileside
二、依賴包安裝測試
[root@zabbix files]# cat /srv/salt/prod/pkg/pkg-init.sls pkg-init: pkg.installed: - names: - gcc - gcc-c++ - glibc - make - autoconf - openssl - openssl-devel - pcre - pcre-devel
三、手動安裝一遍,一遍得到須要的文件ui
cd /usr/local/src spa
tar xvf haproxy-1.6.3.tar.gz
cd haproxy-1.6.3/
make TARGET=linux31 PREFIX=/usr/local/haproxy-1.6.3
make install PREFIX=/usr/local/haproxy-1.6.3
ln -s /usr/local/haproxy-1.6.3 /usr/local/haproxy
修改啓動腳本
vi /usr/local/src/haproxy-1.6.3/examples/haproxy.init
BIN=/usr/local/haproxy/sbin/$BASENAME
cp /usr/local/src/haproxy-1.6.3/examples/haproxy.init /srv/salt/prod/haproxy/files/
haproxy-1.6.3.tar.gz安裝包放入/srv/salt/prod/modules/haproxy/files/目錄下
四、編寫haproxy狀態 文件 安裝haproxy
[root@zabbix files]# cat /srv/salt/prod/haproxy/install.sls include: - pkg.pkg-init haproxy-install: file.managed: - name: /usr/local/src/haproxy-1.6.3.tar.gz - source: salt://haproxy/files/haproxy-1.6.3.tar.gz - user: root - group: root - mode: 755 cmd.run: - name: cd /usr/local/src/&&tar xf haproxy-1.6.3.tar.gz&&cd haproxy-1.6.3&& make TARGET=linux31 PREFIX=/usr/local/haproxy&& make install PREFIX=/usr/local/haproxy - unless: test -d /usr/local/haproxy - require: - pkg: pkg-init - file: haproxy-install /etc/init.d/haproxy: file.managed: - source: salt://haproxy/files/haproxy.init - user: root - group: root - mode: 755 - require: - cmd: haproxy-install haproxy-init: cmd.run: - name: /etc/init.d/haproxy - unless: chkconfig --list|grep haproxy - require: - file: /etc/init.d/haproxy net.ipv4.ip_nonlocal_bind: sysctl.present: - value: 1 haproxy-config-dir: file.directory: - name: /etc/haproxy - user: root - group: root - mode: 755
五、編寫haproxy配置文件
[root@zabbix files]# cat /srv/salt/prod/cluster/files/haproxy-outside.cfg global maxconn 100000 chroot /usr/local/haproxy uid 100 gid 100 daemon nbproc 1 pidfile /usr/local/haproxy/logs/haproxy.pid log 127.0.0.1 local3 info defaults option http-keep-alive maxconn 100000 mode http timeout connect 5000ms timeout client 50000ms timeout server 50000ms listen stats mode http bind 0.0.0.0:8888 stats enable stats uri /haproxy-status stats auth haproxy:saltstack frontend frontend_www_example_com bind 172.16.80.199:80 mode http option httplog log global default_backend backend_www_example_com backend backend_www_example_com option forwardfor header X-REAL-IP option httpchk HEAD / HTTP/1.0 balance roundrobin server web-node1 172.16.80.5:8080 check inter 2000 rise 30 fall 15 server web-node2 172.16.80.6:8080 check inter 2000 rise 30 fall 15
六、編寫haproxy配置狀態文件
[root@zabbix files]# cat /srv/salt/prod/cluster/haproxy-outside.sls include: - haproxy.install haproxy-service: file.managed: - name: /etc/haproxy/haproxy.cfg - source: salt://cluster/files/haproxy-outside.cfg - user: root - group: root - mode: 644 service.running: - name: haproxy - enable: True - reload: True - require: - cmd: haproxy-init - watch: - file: haproxy-service
七、配置top 文件
[root@zabbix files]# cat /srv/salt/base/top.sls base: '*': - init.env_init prod: '*': - cluster.haproxy-outside
八、執行
[root@zabbix files]# salt "*" state.highstate test=True #先測試
[root@zabbix files]# salt "*" state.highstate
九、驗證
keepalived
Keepalived 自安裝 [root@zabbix src]# tar xf keepalived-1.3.7.tar.gz [root@zabbix src]# cd keepalived-1.3.7/ [root@zabbix keepalived-1.3.0]# ./configure --prefix=/usr/local/keepalived [root@zabbix keepalived-1.3.0]#make && make install [root@zabbix ~]# mkdir /srv/salt/prod/keepalived [root@zabbix ~]# mkdir /srv/salt/prod/keepalived/files [root@zabbix keepalived-1.3.7]# cp /usr/local/src/keepalived-1.3.7/keepalived/etc/init.d/keepalived /srv/salt/prod/keepalived/files/ [root@zabbix keepalived-1.3.7]# cp /usr/local/src/keepalived-1.3.7/keepalived/etc/keepalived/keepalived.conf /srv/salt/prod/keepalived/files/
[root@zabbix ~]# cp /usr/local/src/keepalived-1.3.7/keepalived/etc/sysconfig/keepalived /srv/salt/prod/keepalived/files/keepalived.sysconfig
[root@zabbix ~]# cp /usr/local/src/keepalived-1.3.7.tar.gz /srv/salt/prod/keepalived/files
改腳本
daemon keepalived ${KEEPALIVED_OPTIONS}
改成 daemon /usr/local/keepalived/sbin/keepalived ${KEEPALIVED_OPTIONS}
編寫keepaliv[root@zabbix ~]# cat /srv/salt/prod/keepalived/install.sls include:
- pkg.pkg-init keepalived-install: file.managed: - name: /usr/local/src/keepalived-1.3.7.tar.gz - source: salt://keepalived/files/keepalived-1.3.7.tar.gz - user: root - group: root - mode: 755 cmd.run: - name : cd /usr/local/src/&& tar xf keepalived-1.3.7.tar.gz&&cd keepalived-1.3.7&&./configure --prefix=/usr/local/keepalived&&make&&make install - unless: test -d /usr/local/keepalived - require: - file: keepalived-install /etc/sysconfig/keepalived: file.managed: - source: salt://keepalived/files/keepalived.sysconfig - mode: 644 - user: root - group: root /etc/init.d/keepalived: file.managed: - source: salt://keepalived/files/keepalived - mode: 755 - user: root - group: root keepalived-init: cmd.run: - name: chkconfig --add keepalived - unless: chkconfig --list | grep keepalived - require: - file: /etc/init.d/keepalived /etc/keepalived: file.directory: - user: root - group: root
建立keepalived配置文件
[root@zabbix ~]# cat /srv/salt/prod/cluster/files/haproxy-outside-keepalived.conf ! Configuration File for keepalived global_defs { notification_email { saltstack@example.com } notification_email_from keepalived@example.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id {{ ROUTEID }} } vrrp_instance haproxy_ha { state {{ STATEID }} interface eth0 virtual_router_id 36 priority {{ PRIORITYID }} advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.16.80.199 } }
建立keepalived狀態文件
[root@zabbix ~]# cat /srv/salt/prod/cluster/haproxy-outside-keepalived.sls include: - keepalived.install keepalived-server: file.managed: - name: /etc/keepalived/keepalived.conf - source: salt://cluster/files/haproxy-outside-keepalived.conf - mode: 644 - user: root - group: root - template: jinja {% if grains['fqdn'] == 'zabbix' %} - ROUTEID: haproxy_ha - STATEID: MASTER - PRIORITYID: 150 {% elif grains['fqdn'] == 'k8s-node1' %} - ROUTEID: haproxy_ha - STATEID: BACKUP - PRIORITYID: 100 {% endif %} service.running: - name: keepalived - enable: True - watch: - file: keepalived-server
[root@zabbix ~]# salt '*' state.sls cluster.haproxy-outside-keepalived saltenv=prod test=True
[root@zabbix ~]# cat /srv/salt/base/top.sls
[root@zabbix ~]# cat /srv/salt/base/top.sls base: '*': - init.env_init prod: '*': - cluster.haproxy-outside - cluster.haproxy-outside-keepalived
[root@zabbix ~]# salt '*' state.highstate