$ppclass php,Puppet模块(八)：keepalived模块

一、模块说明

keepalived是为了实现nginx的高可用性，在安装了nginx的两台机子上分别部署keepalived-master和keepalived-slave，会给两台机子的eth0增加两个虚拟ip(10.188.1.51,10.188.1.52)，将网站域名的DNS指向这两个VIP，或者是出口路由器端口映射向这两个VIP

当任一台机子故障或chk_nginx.sh检测到其主机上的nginx故障时，VIP都会自动漫游到另一台正常的机子，可以扩展到更多台机子。

二、目录结构

三、代码展示

1、files目录

chk_nginx.sh     #检查nginx服务状态的脚本#!/bin/sh

# check nginx server status

A=`ps -C nginx -no-header |wc -l`

if [ $A -eq 0 ];then

/usr/sbin/nginx

sleep 3

if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then

killall keepalived

fi

fi

2、manifests目录

init.ppclass keepalived {

include keepalived::install,keepalived::config,keepalived::service

}

install.ppclass keepalived::install {

Exec{  path => ['/usr/bin','/usr/sbin','/bin'] }

package { ['openssl-devel','popt-devel']:

ensure => installed,

before => Exec['install'],

}

file { '/etc/keepalived':

ensure  => directory,

}

file { 'keepalived':

name    => '/usr/local/src/keepalived-1.2.7.tar.gz',

ensure  => file,

source  => 'puppet:///modules/keepalived/keepalived-1.2.7.tar.gz',

owner   => root,

group   => root,

mode    => '0640',

require => Package[['openssl-devel','popt-devel']],

}

exec { 'tar':

command     => 'tar -zxf keepalived-1.2.7.tar.gz',

cwd         => '/usr/local/src',

refreshonly => true,

subscribe   => File['keepalived'],

before      => Exec['install'],

}

exec { 'install':

command     => '/bin/bash configure && make && make install',

cwd         => '/usr/local/src/keepalived-1.2.7',

creates     => '/usr/local/sbin/keepalived',

}

}

config.pp    # $keepalived_conf参数可在foreamen的主机属性里设置，或节点site.pp里设置class keepalived::config {

case $keepalived_conf  {

master: {

file { '/etc/keepalived/keepalived.conf':

ensure  => file,

owner   => root,

group   => root,

mode    => 400,

content => template("keepalived/keepalived-master.conf.erb"),

notify  => Class['keepalived::service'],

require => Class['keepalived::install'],

}

}

slave: {

file { '/etc/keepalived/keepalived.conf':

ensure  => file,

owner   => root,

group   => root,

mode    => 400,

content => template("keepalived/keepalived-slave.conf.erb"),

notify  => Class['keepalived::service'],

require => Class['keepalived::install'],

}

}

}

file { "/usr/sbin/keepalived":

ensure  => link,

target  => "/usr/local/sbin/keepalived",

owner   => root,

group   => root,

mode    => 755,

require => Class['keepalived::install'],

}

file { "/etc/rc.d/init.d/keepalived":

ensure  => link,

target  => "/usr/local/etc/rc.d/init.d/keepalived",

owner   => root,

group   => root,

mode    => 755,

require => Class['keepalived::install'],

}

file { "/etc/sysconfig/keepalived":

ensure  => link,

target  => "/usr/local/etc/sysconfig/keepalived",

owner   => root,

group   => root,

mode    => 755,

require => Class['keepalived::install'],

}

file { '/usr/local/nginx':

ensure  => directory,

before  => File['/usr/local/nginx/chk_nginx.sh'],

}

file { '/usr/local/nginx/chk_nginx.sh':

ensure  => file,

owner   => root,

group   => root,

mode    => 755,

source  => "puppet:///modules/keepalived/chk_nginx.sh",

require => Class['keepalived::install'],

}

}

service.ppclass keepalived::service {

service { 'keepalived':

ensure     => 'running',

enable     => 'true',

hasrestart => 'true',

hasstatus  => 'true',

require    => Class["keepalived::install"],

}

}

3、templates目录

keepalived-master.conf.erb    #根据情况修改邮箱、密码、IP! Configuration File for keepalived

global_defs {

notification_email {

yourmail@ewin.com

}

notification_email_from keepalived@ewin.com

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_script chk_nginx {

script "/usr/local/nginx/chk_nginx.sh"

interval 2

weight 2

}

track_script {

chk_nginx

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 51

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass mypassword

}

virtual_ipaddress {

10.188.1.51

}

}

vrrp_instance VI_2 {

state BECKUP

interface eth0

virtual_router_id 52

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass mypassword

}

virtual_ipaddress {

10.188.1.52

}

}

keepalived-slave.conf.erb! Configuration File for keepalived

global_defs {

notification_email {

yourmail@ewin.com

}

notification_email_from keepalived@ewin.com

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_script chk_nginx {

script "/usr/local/nginx/chk_nginx.sh"

interval 2

weight 2

}

track_script {

chk_nginx

}

vrrp_instance VI_1 {

state BECKUP

interface eth0

virtual_router_id 51

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass mypassword

}

virtual_ipaddress {

10.188.1.51

}

}

vrrp_instance VI_2 {

state MASTER

interface eth0

virtual_router_id 52

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass mypassword

}

virtual_ipaddress {

10.188.1.52

}

}

四、Foreman配置

导入模块

我这里在配置－配置组中将nginx和keepalived放在了一个组里，然后编辑主机，给其分配该组：

给主机添加一个参数，指定其使用哪个配置文件：

搜索添加了模块的nginx主机，手动运行Puppet：

五、查看结果

在客户端主机上查看VIP[root@com-nginx-master-33 ~]# ip addr

1: lo:  mtu16436 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen1000

link/ether 72:cc:7f:ea:b9:97 brd ff:ff:ff:ff:ff:ff

inet 10.188.1.32/8 brd 10.255.255.255 scope global eth0

inet 10.188.1.51/32 scope global eth0

inet 10.188.1.52/32 scope global eth0

inet6 fe80::70cc:7fff:feea:b997/64 scope link

valid_lft forever preferred_lft forever

可以看到eth0接口上多了两个VIP，接下来可以实验停止某台nginx或关机，观察VIP的变化。