1.haproxy部署负载均衡的实现
实验说明
| server | 角色 | ip |
|---|---|---|
| server1 | salt-master | 172.25.3.1 |
| server2 | salt-minion(nginx) | 172.25.3.2 |
| server3 | salt-minion(apache) | 172.25.3.3 |
| server4 | salt-minion(haproxy) | 172.25.3.4 |
部署实现
(1) salt节点配置
- 在salt-minion端配置
[root@server4 apache]# vi /etc/salt/minion
master: 172.25.3.1
[root@server4 apache]# systemctl start salt-minion
- master授权
[root@server1 salt]# salt-key -a server4
(2)创建haproxy、nginx、apache角色,开始部署haproxy的负载均衡
haproxy:
- 创建haproxy角色
[root@server1 salt]# mkdir haproxy
[root@server1 salt]# cd haproxy
[root@server1 haproxy]# pwd
/srv/salt/haproxy
[root@server1 haproxy]# mkdir files
[root@server1 haproxy]# ls
files install.sls
- 编写安装haproxy的sls文件
[root@server1 haproxy]# vim install.sls ##安装haproxy
haproxy-install:
pkg.installed:
- name: haproxy
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://haproxy/files/haproxy.cfg
service.running:
- name: haproxy
- reload: true
- watch:
- file: haproxy-install
- haproxy配置文件准备
[root@server1 haproxy]# ls files
haproxy.cfg
nginx:
- 创建nginx角色
[root@server1 salt]# mkdir nginx
[root@server1 salt]# cd nginx
[root@server1 nginx]# pwd
/srv/salt/nginx
[root@server1 nginx]# mkdir files
[root@server1 nginx]# ls
files install.sls
- 编写install.sls nginx安装文件
[root@server1 nginx]# vi install.sls
nginx-install:
pkg.installed: ##nginx依赖包的安装
- pkgs:
- gcc
- openssl-devel
- pcre-devel
file.managed: ##安装包的获取
- name: /mnt/nginx-1.17.4.tar.gz
- source: salt://nginx/files/nginx-1.17.4.tar.gz
cmd.run: ##nginx的安装编译
- name: cd /mnt && tar zxf nginx-1.17.4.tar.gz && cd nginx-1.17.4 && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module &> /dev/null && make &> /dev/null && make install &> /dev/null && useradd -s /sbin/nologin nginx
- creates: /usr/local/nginx
- nginx的systemd设定 服务的配置(安装配置一体化)
[root@server1 nginx]# vi service.sls
include:
- nginx.install ##将安装文件导入
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
nginx-service:
file.managed:
- name: /usr/lib/systemd/system/nginx.service ##systemctl 设定
- source: salt://nginx/files/nginx.service
service.running:
- name: nginx
- reload: true
- watch:
- file: /usr/local/nginx/conf/nginx.conf
- nginx需要文件的准备
[root@server1 nginx]# ls
files install.sls service.sls
[root@server1 nginx]# cd files
[root@server1 files]# ls
nginx-1.17.4.tar.gz nginx.conf nginx.service
[root@server1 files]# pwd
/srv/salt/nginx/files
[root@server1 files]# vi nginx.service
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[root@server1 files]# vi nginx.conf ##配置文件修改
2 user nginx nginx;
3 worker_processes auto;
apache:
- apache角色的创建
[root@server1 salt]# mkdir apache
[root@server1 salt]# cd apache
[root@server1 apache]# pwd
/srv/salt/apache
[root@server1 apache]# mkdir files
[root@server1 apache]# ls
files install.sls
- apache部署文件(apache.sls)的编写
[root@server1 apache]# vi apache.sls
apache-install: ##唯一性声明
pkg.installed: ##调用模块
- pkgs:
- httpd
- httpd-tools
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
service.running:
- name: httpd
- reload: true
- watch: ##监控当apache配置文件发生改变,就reload重启服务
- file: apache-install
- apache 需要文件的配置
[root@server1 files]# pwd
/srv/salt/apache/files
[root@server1 files]# ls
httpd.conf
(3)编写角色执行顶级top.sls文件
[root@server1 salt]# pwd
/srv/salt
[root@server1 salt]# vim top.sls
base:
'server2':
- nginx.service
'server3':
- apache.apache
'server4':
- haproxy.install
(4)执行部署
[root@server1 salt]# salt '*' state.highstate
实现效果:
在浏览器访问haproxy 主机不断刷新 看到负载均衡效果实现
健康检查:
当server3上的apache服务宕机后,自动检测:
[root@server3 yum.repos.d]# systemctl stop httpd
2.haproxy+keepalived高可用的实现
实验说明:
| server | 角色 | ip |
|---|---|---|
| server1 | salt-master | 172.25.3.1 |
| server2 | salt-minion(nginx) | 172.25.3.2 |
| server3 | salt-minion(apache) | 172.25.3.3 |
| server4 | salt-minion(haproxy+keepalived-slave) | 172.25.3.4 |
| server5 | salt-minion(keepalived-master) | 172.25.3.5 |
部署实现:
基于haproxy部署实现
(1)salt节点部署
- 在server5加入salt-master
[root@server5 ~]# yum install -y salt-minion
[root@server5 ~]# vi /etc/salt/minion
16 master: 172.25.3.1
[root@server5 ~]# systemctl start salt-minion
- 在server1授权
[root@server1 files]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.3.2 server2
172.25.3.3 server3
172.25.3.1 server1
172.25.3.4 server4
172.25.3.5 server5
[root@server1 files]# salt-key -a server5
The following keys are going to be accepted:
Unaccepted Keys:
server5
Proceed? [n/Y] y
Key for minion server5 accepted.
(2)创建keepalived角色
[root@server1 salt]# pwd
/srv/salt
[root@server1 salt]# mkdir keepalived
[root@server1 salt]# ls
apache haproxy keepalived nginx top.sls
[root@server1 salt]# cd keepalived/
[root@server1 keepalived]# mkdir files
[root@server1 keepalived]# ls
files
(3)编写keepalived安装文件
[root@server1 keepalived]# vi install.sls
keepalived-install:
pkg.installed:
- pkgs:
- keepalived
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://keepalived/files/keepalived.conf
- template: jinja ##使用jinjia 模板
{% if grains['fqdn'] == 'server4' %}
- STATE: MASTER
- PRIORITY: 100
{% elif grains['fqdn'] == 'server5' %}
- STATE: BACKUP
- PRIORITY: 50
{% endif %}
service.running:
- name: keepalived
- reload: true
- watch:
- file: keepalived-install
(4)keepalived配置文件参数修改
[root@server1 files]# pwd
/srv/salt/keepalived/files
[root@server1 files]# vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script check_haproxy {
scripts "/opt/check_haproxy.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id 51
priority {{ PRIORITY }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.3.100
}
track_script {
check_haproxy
}
}
}
(5)编写顶级top.sls角色执行文件
[root@server1 salt]# vi top.sls
base:
'server2':
- nginx.service
'server3':
- apache.apache
'server4':
- haproxy.install
- keepalived.install
'server5':
- haproxy.install
- keepalived.install
(6)执行推送
[root@server1 salt]# salt '*' state.highstate
(7)实现效果
在keepalived-master上出现vip
在浏览器中访问vip:
刷新:
nginx端和apache端轮询调度
- 当keepalived-master宕机时,实现vip飘移
扫一扫
2741
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
