**结合之前的实验环境进行实验操作:
实验环境配置:https://blog.csdn.net/aaaaaab_/article/details/81750299
nginx搭建:https://blog.csdn.net/aaaaaab_/article/details/81775499
负载均衡:https://blog.csdn.net/aaaaaab_/article/details/81778687
自动化运维工具:https://blog.csdn.net/aaaaaab_/article/details/81780098**
实验环境:
serevr1:master,haproxy和keepalived服务 172.25.38.1
server2:minion,httpd服务 172.25.38.2
server3:minion,nginx服务 172.25.38.3
server4:minion 172.25.254.4配置一台新的server4进行配置salt-minion:
[root@server4 ~]# yum install salt-minion -y
[root@server4 ~]# cd /etc/salt/
[root@server4 salt]# ls
cloud cloud.maps.d master minion.d proxy.d
cloud.conf.d cloud.profiles.d master.d pki roster
cloud.deploy.d cloud.providers.d minion proxy
[root@server4 salt]# vim minion 填写master端的IP
[root@server4 salt]# /etc/init.d/salt-minion start 开启服务
Starting salt-minion:root:server4 daemon: OK
配置高可用模块keepalived:
[root@server1 ~]# cd /srv/salt/
[root@server1 salt]# ls
_grains haproxy httpd nginx pkgs top.sls users
[root@server1 salt]# mkdir keepalived
[root@server1 salt]# pwd
/srv/salt
[root@server1 salt]# ls
_grains haproxy httpd keepalived nginx pkgs top.sls users
[root@server1 salt]# cd keepalived/
[root@server1 keepalived]# ls
[root@server1 keepalived]# vim install.sls
[root@server1 keepalived]# cat install.sls
kp-install:
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
[root@server1 keepalived]# mkdir files
[root@server1 keepalived]# cd files/
[root@server1 files]# ls
[root@server1 files]# pwd
/srv/salt/keepalived/files
[root@server1 files]# ls
keepalived-2.0.6.tar.gz
[root@server1 files]# salt-key -A 添加公钥匹配
The following keys are going to be accepted:
Unaccepted Keys:
server4
Proceed? [n/Y] y
Key for minion server4 accepted.
[root@server1 files]# salt-key -L 查询添加成功
Accepted Keys:
server1
server2
server3
server4
Denied Keys:
Unaccepted Keys:
Rejected Keys:
[root@server1 files]# salt server4 state.sls keepalived.install 在server1推送测试keepalived的安装包推送,一步步测试为了避免直接写好脚本出错没有头绪
server4:
----------
ID: kp-install
Function: file.managed
Name: /mnt/keepalived-2.0.6.tar.gz
Result: True
Comment: File /mnt/keepalived-2.0.6.tar.gz updated
Started: 10:07:39.242065
Duration: 142.852 ms
Changes:
----------
diff:
New file
mode:
0644
Summary for server4
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
Total run time: 142.852 ms在server4的/mnt/目录下可以看到推送过来的安装包:
[root@server4 salt]# cd /mnt/
[root@server4 mnt]# ls
keepalived-2.0.6.tar.gz
在server4演示keepalived环境搭建,为了保证写入脚本的命令不出错:
[root@server4 salt]# cd /mnt/
[root@server4 mnt]# ls
keepalived-2.0.6.tar.gz
[root@server4 mnt]# tar zxf keepalived-2.0.6.tar.gz
[root@server4 mnt]# ls
keepalived-2.0.6 keepalived-2.0.6.tar.gz
[root@server4 mnt]# cd keepalived-2.0.6
[root@server4 keepalived-2.0.6]# ls
aclocal.m4 compile depcomp keepalived missing
ar-lib configure doc keepalived.spec.in README.md
AUTHOR configure.ac genhash lib snap
bin_install CONTRIBUTORS INSTALL Makefile.am TODO
ChangeLog COPYING install-sh Makefile.in
[root@server4 keepalived-2.0.6]# yum install gcc openssl-devel -y 安装依赖性
[root@server4 keepalived-2.0.6]# ./configure --prefix=/usr/local/keepalived --with-init=SYSV 进行源码编译成功
[root@server4 keepalived-2.0.6]# ls
aclocal.m4 config.log depcomp keepalived.spec missing
ar-lib config.status doc keepalived.spec.in README.md
AUTHOR configure genhash lib snap
bin_install configure.ac INSTALL Makefile TODO
ChangeLog CONTRIBUTORS install-sh Makefile.am
compile COPYING keepalived Makefile.in
[root@server4 keepalived-2.0.6]# cd ..
[root@server4 mnt]# ls
keepalived-2.0.6 keepalived-2.0.6.tar.gz
[root@server4 mnt]# rm -fr keepalived-2.0.6 删除演示环境
[root@server4 mnt]# ls
keepalived-2.0.6.tar.gz
在server1编写keepalived的安装脚本进行推送:
[root@server1 files]#
[root@server1 files]# cd ..
[root@server1 keepalived]# cd ..
[root@server1 salt]# ls
_grains haproxy httpd keepalived nginx pkgs top.sls users
[root@server1 salt]# cd pkgs/
[root@server1 pkgs]# ls
make.sls
[root@server1 pkgs]# cat make.sls 源码编译一些依赖性的软件包
make-gcc:
pkg.installed:
- pkgs:
- pcre-devel
- openssl-devel
- gcc
[root@server1 pkgs]# cd ..
[root@server1 salt]# cd keepalived/
[root@server1 keepalived]# ls
files install.sls
[root@server1 keepalived]# vim install.sls
[root@server1 keepalived]# cat install.sls
include:
- pkgs.make 导入工具包
kp-install:
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
cmd.run: 进行源码编译不显示过程信息
- name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/keepalived
[root@server1 keepalived]# salt server4 state.sls keepalived.install 进行推送在server4安装keepalived
server4:
----------
ID: make-gcc
Function: pkg.installed
Result: True
Comment: The following packages were installed/updated: pcre-devel
The following packages were already installed: gcc, openssl-devel
Started: 10:42:28.063573
Duration: 3904.952 ms
Changes:
----------
pcre-devel:
----------
new:
7.8-6.el6
old:
----------
ID: kp-install
Function: file.managed
Name: /mnt/keepalived-2.0.6.tar.gz
Result: True
Comment: File /mnt/keepalived-2.0.6.tar.gz is in the correct state
Started: 10:42:31.974232
Duration: 128.24 ms
Changes:
----------
ID: kp-install
Function: cmd.run
Name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
Result: True
Comment: Command "cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null" run
Started: 10:42:32.103213
Duration: 17051.119 ms
Changes:
----------
pid:
9622
retcode:
0
stderr:
stdout:
Summary for server4
------------
Succeeded: 3 (changed=2)
Failed: 0
------------
Total states run: 3
Total run time: 21.084 s
安装过程中在server4可以查看相应进程
[root@server4 mnt]# ps ax
在server4的对应安装位置上已经有了keepalived
[root@server4 mnt]# ls
keepalived-2.0.6 keepalived-2.0.6.tar.gz
[root@server4 mnt]# ll /usr/local/keepalived/
total 16
drwxr-xr-x 2 root root 4096 Aug 18 10:42 bin
drwxr-xr-x 5 root root 4096 Aug 18 10:42 etc
drwxr-xr-x 2 root root 4096 Aug 18 10:42 sbin
drwxr-xr-x 5 root root 4096 Aug 18 10:42 share
[root@server4 mnt]# ll -d /usr/local/keepalived/
drwxr-xr-x 6 root root 4096 Aug 18 10:42 /usr/local/keepalived/
[root@server4 mnt]# cd /usr/local/keepalived/
[root@server4 keepalived]# ls
bin etc sbin share
[root@server4 keepalived]# cd etc/
[root@server4 etc]# ls
keepalived rc.d sysconfig
[root@server4 etc]# cd rc.d/
[root@server4 rc.d]# ls
init.d
[root@server4 rc.d]# cd init.d/
[root@server4 init.d]# ls
keepalived
[root@server4 init.d]# scp keepalived server1:/srv/salt/keepalived/files 传递keepalived的调用脚本
The authenticity of host 'server1 (172.25.38.1)' can't be established.
RSA key fingerprint is 2f:cc:a7:97:6a:d8:41:5b:90:f3:91:b6:e8:87:4c:b3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'server1,172.25.38.1' (RSA) to the list of known hosts.
root@server1's password:
keepalived 100% 1308 1.3KB/s 00:00 
[root@server4 ~]# cd /usr/local/keepalived/
[root@server4 keepalived]# ls
bin etc sbin share
[root@server4 keepalived]# cd etc/
[root@server4 etc]# cd rc.d/
[root@server4 rc.d]# ls
init.d
[root@server4 rc.d]# cd ..
[root@server4 etc]# cd keepalived/
[root@server4 keepalived]# ls
keepalived.conf samples
[root@server4 keepalived]# scp keepalived.conf server1:/srv/salt/keepalived/files 传递keepalived的主配置文件在server4的对应安装位置上已经有了keepalived
root@server1's password:
keepalived.conf 100% 3550 3.5KB/s 00:00
[root@server4 keepalived]# 
[root@server4 keepalived]# ls
keepalived.conf samples
[root@server4 keepalived]# cd ..
[root@server4 etc]# cd keepalived/
[root@server4 keepalived]# ls
keepalived.conf samples
[root@server4 keepalived]# cd ..
[root@server4 etc]# cd ..
[root@server4 keepalived]# pwd
/usr/local/keepalived
[root@server4 keepalived]# cd sbin/
[root@server4 sbin]# ls
keepalived
[root@server4 sbin]# pwd
/usr/local/keepalived/sbin
[root@server4 sbin]# ls
keepalived
[root@server4 sbin]# ll /usr/local/keepalived/etc/sysconfig/keepalived
-rw-r--r-- 1 root root 667 Aug 18 10:42 /usr/local/keepalived/etc/sysconfig/keepalived
在server1配置安装脚本制作相应的软链接:
[root@server1 files]# pwd
/srv/salt/keepalived/files
[root@server1 files]# ls
keepalived keepalived-2.0.6.tar.gz keepalived.conf
[root@server1 files]# cd ..
[root@server1 keepalived]# ls
files install.sls
[root@server1 keepalived]# vim install.sls
[root@server1 keepalived]# cat install.sls
include:
- pkgs.make
kp-install:
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
cmd.run:
- name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/keepalived
/etc/keepalived:
file.directory:
- mode: 755 脚本的权限
/etc/sysconfig/keepalived: 制作软链接
file.symlink:
- target: /usr/local/keepalived/etc/sysconfig/keepalived
/sbin/keepalived: 制作软链接
file.symlink:
- target: /usr/local/keepalived/sbin/keepalived
[root@server1 keepalived]# salt server4 state.sls keepalived.install 进行推送
server4:
----------
ID: make-gcc
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 10:55:18.121906
Duration: 390.788 ms
Changes:
----------
ID: kp-install
Function: file.managed
Name: /mnt/keepalived-2.0.6.tar.gz
Result: True
Comment: File /mnt/keepalived-2.0.6.tar.gz is in the correct state
Started: 10:55:18.514396
Duration: 65.085 ms
Changes:
----------
ID: kp-install
Function: cmd.run
Name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
Result: True
Comment: /usr/local/keepalived exists
Started: 10:55:18.580199
Duration: 0.378 ms
Changes:
----------
ID: /etc/keepalived
Function: file.directory
Result: True
Comment: Directory /etc/keepalived updated
Started: 10:55:18.580671
Duration: 0.677 ms
Changes:
----------
/etc/keepalived:
New Dir
----------
ID: /etc/sysconfig/keepalived
Function: file.symlink
Result: True
Comment: Created new symlink /etc/sysconfig/keepalived -> /usr/local/keepalived/etc/sysconfig/keepalived
Started: 10:55:18.581438
Duration: 1.156 ms
Changes:
----------
new:
/etc/sysconfig/keepalived
----------
ID: /sbin/keepalived
Function: file.symlink
Result: True
Comment: Created new symlink /sbin/keepalived -> /usr/local/keepalived/sbin/keepalived
Started: 10:55:18.582682
Duration: 66.233 ms
Changes:
----------
new:
/sbin/keepalived
Summary for server4
------------
Succeeded: 6 (changed=3)
Failed: 0
------------
Total states run: 6
Total run time: 524.317 ms
在server4可以看到对应的软链接代表推送成功:
在serevr1安装打开keepalived服务的脚本:
[root@server1 keepalived]# pwd
/srv/salt/keepalived
[root@server1 keepalived]# vim service.sls
[root@server1 keepalived]# cat service.sls
include:
- keepalived.install 导入安装脚本
/etc/keepalived/keepalived.conf:
file.managed:
- source: salt://keepalived/files/keepalived.conf
kp-service:
file.managed:
- name: /etc/init.d/keepalived
- source: salt://keepalived/files/keepalived
- mode: 755
service.running:
- name: keepalived
- reload: True
- watch:
- file: /etc/keepalived/keepalived.conf
[root@server1 keepalived]# cd /srv/pillar/ 进去pillar模块
[root@server1 pillar]# ls
top.sls web
[root@server1 pillar]# cd web/
[root@server1 web]# ls
install.sls
[root@server1 web]# vim install.sls
[root@server1 web]# cat install.sls
{% if grains['fqdn'] == 'server2' %} 如果主机名字为server2
webserver: httpd
bind: 172.25.38.2
port: 80
{% elif grains['fqdn'] == 'server3' %}
webserver: nginx
{% endif %}
[root@server1 web]# cd ..
[root@server1 pillar]# ls
top.sls web
[root@server1 pillar]# mkdir keepalived
[root@server1 pillar]# cd keepalived/
[root@server1 keepalived]# ls
[root@server1 keepalived]# cp ../web/install.sls .
[root@server1 keepalived]# vim install.sls
[root@server1 keepalived]# cat install.sls
{% if grains['fqdn'] == 'server1' %}
state: MASTER 写入状态MASTER还是BACKUP测试高可用
vrid: 38
priority: 100 写入优先级
{% elif grains['fqdn'] == 'server4' %}
state: BACKUP
vrid: 38
priority: 50
{% endif %}
[root@server1 keepalived]# ls
install.sls
[root@server1 keepalived]# cd ..
[root@server1 pillar]# ls
keepalived top.sls web
[root@server1 pillar]# vim top.sls
[root@server1 pillar]# cat top.sls
base:
'*':
- web.install
- keepalived.install
[root@server1 pillar]# cd ..
[root@server1 srv]# cd salt/
[root@server1 salt]# ls
_grains haproxy httpd keepalived nginx pkgs top.sls users
[root@server1 salt]# cd keepalived/
[root@server1 keepalived]# ls
files install.sls service.sls
配置keppalived的一键安装并打开服务加入优先级:
[root@server1 keepalived]# vim service.sls
[root@server1 keepalived]# cat service.sls
include:
- keepalived.install
/etc/keepalived/keepalived.conf:
file.managed:
- source: salt://keepalived/files/keepalived.conf:
- template: jinja
- context:
STATE: {{ pillar['state'] }}
VRID: {{ pillar['vrid'] }}
PRIORITY: {{ pillar['priority'] }}
kp-service:
file.managed:
- name: /etc/init.d/keepalived
- source: salt://keepalived/files/keepalived
- mode: 755
service.running:
- name: keepalived
- reload: True
- watch:
- file: /etc/keepalived/keepalived.conf
[root@server1 keepalived]# vim files/keepalived
[root@server1 keepalived]# ls
files install.sls service.sls
[root@server1 keepalived]# cd files/
[root@server1 files]# ls
keepalived keepalived-2.0.6.tar.gz keepalived.conf
[root@server1 files]# vim keepalived.conf 编辑主配置文件写入虚拟IP
[root@server1 keepalived]# salt server4 state.sls keepalived.service 推送service服务:
server4:
----------
ID: make-gcc
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 12:04:10.737728
Duration: 397.968 ms
Changes:
----------
ID: kp-install
Function: file.managed
Name: /mnt/keepalived-2.0.6.tar.gz
Result: True
Comment: File /mnt/keepalived-2.0.6.tar.gz is in the correct state
Started: 12:04:11.138120
Duration: 67.759 ms
Changes:
----------
ID: kp-install
Function: cmd.run
Name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
Result: True
Comment: /usr/local/keepalived exists
Started: 12:04:11.206661
Duration: 0.415 ms
Changes:
----------
ID: /etc/keepalived
Function: file.directory
Result: True
Comment: Directory /etc/keepalived is in the correct state
Started: 12:04:11.207180
Duration: 0.536 ms
Changes:
----------
ID: /etc/sysconfig/keepalived
Function: file.symlink
Result: True
Comment: Symlink /etc/sysconfig/keepalived is present and owned by root:root
Started: 12:04:11.207825
Duration: 1.53 ms
Changes:
----------
ID: /sbin/keepalived
Function: file.symlink
Result: True
Comment: Symlink /sbin/keepalived is present and owned by root:root
Started: 12:04:11.209449
Duration: 1.327 ms
Changes:
----------
ID: /etc/keepalived/keepalived.conf
Function: file.managed
Result: True
Comment: File /etc/keepalived/keepalived.conf is in the correct state
Started: 12:04:11.210874
Duration: 33.686 ms
Changes:
----------
ID: kp-service
Function: file.managed
Name: /etc/init.d/keepalived
Result: True
Comment: File /etc/init.d/keepalived updated
Started: 12:04:11.244687
Duration: 31.693 ms
Changes:
----------
mode:
0755
----------
ID: kp-service
Function: service.running
Name: keepalived
Result: True
Comment: Started Service keepalived
Started: 12:04:11.277374
Duration: 188.686 ms
Changes:
----------
keepalived:
True
Summary for server4
------------
Succeeded: 9 (changed=2)
Failed: 0
------------
Total states run: 9
Total run time: 723.600 ms在server4可以看到对应的配置文件还有脚本查看有相应进程:
[root@server4 init.d]# cd /etc/keepalived/
[root@server4 keepalived]# ls
keepalived.conf
[root@server4 keepalived]# ll /etc/init.d/keepalived
-rwxr-xr-x 1 root root 1308 Aug 18 12:03 /etc/init.d/keepalived
[root@server4 keepalived]# ps ax
在server4查看已经接管虚拟IP:
[root@server4 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:52:c1:00 brd ff:ff:ff:ff:ff:ff
inet 172.25.38.4/24 brd 172.25.38.255 scope global eth0
inet 172.25.38.100/32 scope global eth0
inet6 fe80::5054:ff:fe52:c100/64 scope link
valid_lft forever preferred_lft forever
安装邮件工具:
在server1编写top,sls脚本在对应节点安装服务:
[root@server1 keepalived]# pwd
/srv/salt/keepalived
[root@server1 keepalived]# cd ..
[root@server1 salt]# ls
_grains haproxy httpd keepalived nginx pkgs top.sls users
[root@server1 salt]# vim top.sls
[root@server1 salt]# cat top.sls
base:
'server1':
- haproxy.install
- keepalived.service
'server4':
- haproxy.install
- keepalived.service
'roles:apache':
- match: grain
- httpd.apache
'roles:nginx':
- match: grain
- nginx.service
[root@server1 salt]# salt '*' state.highstate 进行推送state.highstate: 这个是全局的所有环境,
以及所有状态都生效。它会读取每一个环境的top.sls,并且对所有sls都生效。 过程太多不做内容演示
在server4查看已经有相应的haproxy和keepalived的进程:
[root@server4 keepalived]# ps ax
868 ? Sl 0:00 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
907 ? Ss 0:00 /usr/sbin/sshd
983 ? Ss 0:00 /usr/libexec/postfix/master
991 ? Ss 0:00 crond
998 ? S 0:00 qmgr -l -t fifo -u
1006 ? Ss 0:00 /usr/bin/rhsmcertd
1020 tty1 Ss+ 0:00 /sbin/mingetty /dev/tty1
1022 tty2 Ss+ 0:00 /sbin/mingetty /dev/tty2
1024 tty3 Ss+ 0:00 /sbin/mingetty /dev/tty3
1026 tty4 Ss+ 0:00 /sbin/mingetty /dev/tty4
1028 tty5 Ss+ 0:00 /sbin/mingetty /dev/tty5
1030 tty6 Ss+ 0:00 /sbin/mingetty /dev/tty6
1032 ? Ss 0:00 sshd: root@pts/0
1034 pts/0 Ss 0:00 -bash
2198 ? Sl 0:06 /usr/bin/python2.6 /usr/bin/salt-minion -c /etc/salt -d
2199 ? S 0:00 /usr/bin/python2.6 /usr/bin/salt-minion -c /etc/salt -d
14098 ? Ss 0:00 keepalived -D
14101 ? S 0:00 keepalived -D
14114 ? S 0:00 pickup -l -t fifo -u
14355 ? Ss 0:00 /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/hapr
14387 pts/0 R+ 0:00 ps ax
[root@server4 keepalived]# ip addr 虚拟IP已经转换到server1
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:52:c1:00 brd ff:ff:ff:ff:ff:ff
inet 172.25.38.4/24 brd 172.25.38.255 scope global eth0
inet6 fe80::5054:ff:fe52:c100/64 scope link
valid_lft forever preferred_lft forever
在网页测试后端可以负载均衡:
将server1的keepalived服务关闭:
[root@server1 salt]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@server1 salt]# 
在网页再次测试后端依旧可以负载均衡,由于高可用机制,后端是透明化的,不会管你的master主机是哪个:
server4接管虚拟IP成为新的master:
[root@server4 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:52:c1:00 brd ff:ff:ff:ff:ff:ff
inet 172.25.38.4/24 brd 172.25.38.255 scope global eth0
inet 172.25.38.100/32 scope global eth0
inet6 fe80::5054:ff:fe52:c100/64 scope link
valid_lft forever preferred_lft forever
server1再次打开keepalived会抢回来master的身份:
[root@server1 salt]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server1 salt]# ip addr 已经接管虚拟IP
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:58:4d:1f brd ff:ff:ff:ff:ff:ff
inet 172.25.38.1/24 brd 172.25.38.255 scope global eth0
inet 172.25.38.100/32 scope global eth0
inet6 fe80::5054:ff:fe58:4d1f/64 scope link
valid_lft forever preferred_lft forever
调用脚本控制高可用:
[root@server1 files]# cd /opt/
[root@server1 opt]# ls
[root@server1 opt]# vim check_haproxy.sh
[root@server1 opt]# cat check_haproxy.sh 脚本意思就是当haproxy服务出现故障时就停止keepalived
#!/bin/bash
/etc/init.d/haproxy status &> /dev/null || /etc/init.d/haproxy restart &> /dev/null
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop &> /dev/null
fi
[root@server1 opt]# chmod +x check_haproxy.sh 给脚本赋予执行权限
[root@server1 opt]# /etc/init.d/haproxy status
haproxy (pid 2877) is running...
[root@server1 opt]# echo $?
0
[root@server1 opt]# cd /etc/keepalived/
[root@server1 keepalived]# ls
keepalived.conf
[root@server1 opt]#scp check_haproxy.sh server4:/opt/ 将脚本传递到server4,必须添加可执行权限不然脚本没办法执行
[root@server1 keepalived]# vim keepalived.conf
[root@server1 keepalived]# cat keepalived.conf
! Configuration File for keepalived
vrrp_script check_haproxy {
script "/opt/check_haproxy.sh" 加入脚本的调用
interval 2
weight 2
}
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 38
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.38.100
}
track_script{
check_haproxy
}
}
[root@server1 keepalived]# vim /srv/salt/keepalived/files/keepalived.conf
[root@server1 keepalived]# cat /srv/salt/keepalived/files/keepalived.conf
! Configuration File for keepalived
vrrp_script check_haproxy {
script "/opt/check_haproxy.sh" 同样添加脚本的调用
interval 2
weight 2
}
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id {{ VRID }}
priority {{ PRIORITY }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.38.100
}
track_script{
check_haproxy
}
}进行推送测试:
[root@server1 keepalived]# salt server4 state.sls keepalived.service
server4:
----------
ID: make-gcc
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 14:29:07.710052
Duration: 427.692 ms
Changes:
----------
ID: kp-install
Function: file.managed
Name: /mnt/keepalived-2.0.6.tar.gz
Result: True
Comment: File /mnt/keepalived-2.0.6.tar.gz is in the correct state
Started: 14:29:08.140243
Duration: 68.891 ms
Changes:
----------
ID: kp-install
Function: cmd.run
Name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
Result: True
Comment: /usr/local/keepalived exists
Started: 14:29:08.209940
Duration: 0.436 ms
Changes:
----------
ID: /etc/keepalived
Function: file.directory
Result: True
Comment: Directory /etc/keepalived is in the correct state
Started: 14:29:08.210483
Duration: 0.557 ms
Changes:
----------
ID: /etc/sysconfig/keepalived
Function: file.symlink
Result: True
Comment: Symlink /etc/sysconfig/keepalived is present and owned by root:root
Started: 14:29:08.211131
Duration: 1.528 ms
Changes:
----------
ID: /sbin/keepalived
Function: file.symlink
Result: True
Comment: Symlink /sbin/keepalived is present and owned by root:root
Started: 14:29:08.212752
Duration: 1.417 ms
Changes:
----------
ID: /etc/keepalived/keepalived.conf
Function: file.managed
Result: True
Comment: File /etc/keepalived/keepalived.conf is in the correct state
Started: 14:29:08.214276
Duration: 46.787 ms
Changes:
----------
ID: kp-service
Function: file.managed
Name: /etc/init.d/keepalived
Result: True
Comment: File /etc/init.d/keepalived is in the correct state
Started: 14:29:08.261191
Duration: 32.721 ms
Changes:
----------
ID: kp-service
Function: service.running
Name: keepalived
Result: True
Comment: The service keepalived is already running
Started: 14:29:08.295385
Duration: 36.285 ms
Changes:
Summary for server4
------------
Succeeded: 9
Failed: 0
------------
Total states run: 9
Total run time: 616.314 ms在server1减去haproxy脚本的执行权限,脚本生效相应的keepalived服务会关闭:
[root@server1 ~]# cd /etc/init.d/
[root@server1 init.d]# ls
auditd halt keepalived netconsole rdisc rsyslog saslauthd
blk-availability haproxy killall netfs restorecond salt-master single
crond ip6tables lvm2-lvmetad network rhnsd salt-minion sshd
functions iptables lvm2-monitor postfix rhsmcertd sandbox udev-post
[root@server1 init.d]# chmod -x haproxy
[root@server1 init.d]# /etc/init.d/keepalived status
keepalived is stopped
MASTER会转换到serevr4,直接的效果就是server4接管虚拟IP
[root@server4 opt]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:52:c1:00 brd ff:ff:ff:ff:ff:ff
inet 172.25.38.4/24 brd 172.25.38.255 scope global eth0
inet 172.25.38.100/32 scope global eth0
inet6 fe80::5054:ff:fe52:c100/64 scope link
valid_lft forever preferred_lft forever
验证高可用:
[root@server1 init.d]# ls
auditd halt keepalived netconsole rdisc rsyslog saslauthd
blk-availability haproxy killall netfs restorecond salt-master single
crond ip6tables lvm2-lvmetad network rhnsd salt-minion sshd
functions iptables lvm2-monitor postfix rhsmcertd sandbox udev-post
[root@server1 init.d]# chmod +x haproxy 重新增加可执行权限
[root@server1 init.d]# ll haproxy
-rwxr-xr-x 1 root root 2298 Jul 10 2013 haproxy
[root@server1 init.d]# /etc/init.d/keepalived status
keepalived is stopped
[root@server1 init.d]# /etc/init.d/keepalived start 打开keepalived服务
Starting keepalived: [ OK ]
[root@server1 init.d]# ip addr server1依旧会抢回来MASTER的角色进行接管虚拟IP
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:58:4d:1f brd ff:ff:ff:ff:ff:ff
inet 172.25.38.1/24 brd 172.25.38.255 scope global eth0
inet 172.25.38.100/32 scope global eth0
inet6 fe80::5054:ff:fe58:4d1f/64 scope link
valid_lft forever preferred_lft forever
[root@server1 init.d]# salt server1 service.start keepalived 打开keepalived服务
server1:
True
[root@server1 init.d]# ls
auditd halt keepalived netconsole rdisc rsyslog saslauthd
blk-availability haproxy killall netfs restorecond salt-master single
crond ip6tables lvm2-lvmetad network rhnsd salt-minion sshd
functions iptables lvm2-monitor postfix rhsmcertd sandbox udev-post
[root@server1 init.d]# cd
[root@server1 ~]# salt-cp '*' /etc/passwd /tmp 将/etc/passwd文件同步到所有主机的/tmp目录下
server1:
----------
/tmp/passwd:
True
server2:
----------
/tmp/passwd:
True
server3:
----------
/tmp/passwd:
True
server4:
----------
/tmp/passwd:
True
在server2查看已经推送成功,拿server2举例子,不一一进行查看后端:
[root@server2 ~]# cd /tmp/
[root@server2 tmp]# ls
passwd yum.log yum_save_tx-2018-08-17-09-30GSgtBm.yumtx
[root@server1 ~]# salt '*' cmd.run 'rm -f /tmp/passwd' 调用salt命令删除传递过去的passwd文件
server4:
server2:
server3:
server1:
[root@server1 ~]# cd /tmp/ 在server1查看已经被删除
[root@server1 tmp]# ls
yum.log
在server2查看passwd文件已经被删除:
[root@server2 tmp]# ls
yum.log yum_save_tx-2018-08-17-09-30GSgtBm.yumtx
[root@server1 tmp]# salt server3 state.single pkg.installed httpd 直接调用模块命令安装阿帕其
server3:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: The following packages were installed/updated: httpd
Started: 14:57:43.162687
Duration: 10042.286 ms
Changes:
----------
apr:
----------
new:
1.3.9-5.el6_2
old:
apr-util:
----------
new:
1.3.9-3.el6_0.1
old:
apr-util-ldap:
----------
new:
1.3.9-3.el6_0.1
old:
httpd:
----------
new:
2.2.15-29.el6_4
old:
httpd-tools:
----------
new:
2.2.15-29.el6_4
old:
mailcap:
----------
new:
2.1.31-2.el6
old:
Summary for server3
------------
Succeeded: 1 (changed=1)
Failed: 0
------------
Total states run: 1
Total run time: 10.042 s在serevr3查看httpd已经被安装:
[root@server3 ~]# rpm -q httpd
httpd-2.2.15-29.el6_4.x86_64
扫一扫
364
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
