SaltStack自动部署nginx、apache、实现haproxy负载均衡集群

最新推荐文章于 2019-10-24 15:53:44 发布

白小黑..

最新推荐文章于 2019-10-24 15:53:44 发布

阅读量305

点赞数 1

本文链接：https://blog.csdn.net/weixin_42711549/article/details/83478459

版权

一、Saltstack 自动化运维工具

什么是saltstack

• Saltstack是基于python开发的一套C/S架构配置管理工具

• 使用SSL证书签方的方式进行认证管理

• 底层使用ZeroMQ消息队列pub/sub方式通信
– 号称世界上最快的消息队列ZeroMQ能快速在成千上万台主机上进行各种操作
– 采用RSA Key方式确认身
主要功能

• Saltstack最主要的两个功能是:配置管理与远程执行

• Saltstack不只是一个配置管理工具,还是一个云计算与数据中心架构编排的利器

• Saltstack已经支持Docker相关模块

• 在友好地支持各大云平台之后,配合Saltstack的Mine实时发现功能可以实现各种云平台业务的自动扩展

SaltStack架构

• SaltStack基于C/S架构
– 服务器端称作Master
– 客户端称作Minion
• 可以实现传统处理方式,即:客户端发送请求给服务器,服务器收到请求后处理请求,再将结果返回
• 也可以使用消息队列中的发布与订阅(pub/sub)服务模式
在这里插入图片描述
实验环境：
rhel6.5
server1 salt-master salt-minion haproxy
server2 salt-minion httpd
server3 salt-minion nginx

二、SaltStack 源码编译nginx

1. 安装SaltStack

配置yum源

[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source baseurl=http://172.25.77.250/rhel6.5 
enabled=1 
gpgcheck=1 
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release 

[salt] 
name=saltstack 
baseurl=http://172.25.77.250/saltstack/rhel6 
enabled=1 
gpgcheck=0

serevr1上安装salt-master minion

yum list salt-*
[root@server1 salt]# yum install -y salt-minion
[root@server1 salt]# vim /etc/salt/minion
修改master
[root@server1 salt]# vim /etc/salt/master  //文件里面不能使用Tab，直接用空格键
 534 file_roots:
 535   base:
 536     - /srv/salt
 [root@server1 salt]#  mkdir /srv/salt
 [root@server1 salt]# /etc/init.d/salt-minion start
 [root@server1 salt]# /etc/init.d/salt-master start

server2,server3 安装minion
步骤同serevr1
测试公钥

[root@server1 salt]# salt-key -A
The following keys are going to be accepted:
Unaccepted Keys:
server1
Proceed? [n/Y] y
Key for minion server1 accepted.

[root@server1 salt]# salt-key -L
Accepted Keys:
server1
server2
server3
Denied Keys:
Unaccepted Keys:
Rejected Keys:

2.源码编译nginx

创建nginx用户

在/srv/salt/下建立users目录，在users目录下编写创建nginx用户的文件nginx.sls

[root@server1 master]# cd /srv/salt/
[root@server1 salt]# mkdir nginx
[root@server1 salt]# mkdir users  //存放nginx用户信息
[root@server1 salt]# cd users
[root@server1 users]# cat nginx.sls 
nginx-group:
  group.present:
    - name: nginx
    - gid: 800
nginx-user:
  user.present:
    - name: nginx
    - uid: 800 
    - gid: 800
    - shell: /sbin/nologin
    - createhome: False
    - home: /usr/local/nginx

编译nginx

[root@server1 salt]# cd nginx/
[root@server1 nginx]# ls
files  install.sls  
[root@server1 nginx]# cat install.sls 
nginx_install:
  pkg.installed:
     - pkgs:
       - gcc-c++
       - openssl-devel
       - pcre-devel
       - zlib-devel
  file.managed:
    - name: /root/nginx-1.14.0.tar.gz
    - source: salt://nginx/files/nginx-1.14.0.tar.gz
  cmd.run:
    - name: cd /root/ && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-file-aio --with-threads --with-http_ssl_module --with-http_stub_status_module &> /dev/null && make &>/dev/null && make install &>/dev/null 
    - creates: /usr/local/nginx
[root@server1 nginx]# salt server3 state.sls nginx.install 
推送给server3 进行编译安装nginx

在这里插入图片描述
推送编译安装成功
在server3处
1）将脚本发送到 server1 :/srv/salt/nginx/files/
2）将/usr/local/nginx/conf/nginx.conf 发送到server1 :/srv/salt/nginx/files/

nginx管理启动脚本

[root@server1 files]# ls
nginx  nginx-1.14.0.tar.gz  nginx.conf
[root@server1 nginx]# cat service.sls 
include:
  - nginx.install
nginx-service:
  file.managed:
    - name: /usr/local/nginx/conf/nginx.conf 
    - source: salt://nginx/files/nginx.conf
  service.running:
    - name: nginx
    - enable: True
    - reload: True
    - watch:
      - file: nginx-service
推送nginx启动脚本到server3 
salt server3 state.sls nginx.service

在server3 端查看nginx 是否开启
[root@server3 init.d]# netstat -antlp | grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 5156/nginx
[root@server3 init.d]#
到此nginx的自动编译安装开启完成
**
**

三、部署安装apache && 开启apache服务

[root@server1 master]# cd /srv/salt/
[root@server1 salt]# mkdir apache
[root@server1 salt]# cd apache
[root@server1 apache]# vim apache.sls //部署脚本，文件里面不能使用Tab，直接用空格键
[root@server1 apache]# cat install.sls 
apache-install:
  pkg.installed:
    - pkgs:
      - httpd
      - php
  file.managed:
    - name: /var/www/html/index.php
    - source: salt://apache/files/index.php
    - mode: 644
    - user: root
    - group: root

ap-service:
  file.managed:
    - name: /etc/httpd/conf/httpd.conf
    - source: salt://apache/files/httpd.conf
 
  service.running:
    - name: httpd
    - enable: True
    - reload: True
    - watch:
      - file: apache-service

[root@server1 apache]# cat service.sls 
include:
  - apache.install

apache-service:
  file.managed:
    - name: /etc/httpd/conf/httpd.conf
    - source: salt://apache/files/httpd.conf

  service.running:
    - name: httpd
    - enable: True
    - reload: True
    - watch:
      - file: apache-service

[root@server1 files]# ls
httpd.conf  index.php
[root@server1 files]# cat index.php 
<?php
phpinfo()
?>
推送给server2   salt server2 state.sls

四、saltstack多节点推送实现haproxy负载均衡集群

1.在server1上安装haproxy
完善yun源

[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source baseurl=http://172.25.77.250/rhel6.5 
enabled=1 
gpgcheck=1 
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release 

[salt] 
name=saltstack 
baseurl=http://172.25.77.250/saltstack/rhel6 
enabled=1 
gpgcheck=0

[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.77.250/rhel6.5/LoadBalancer
gpgcheck=0

[root@server1 haproxy]# vim install.sls  //编辑部署haproxy脚本
[root@server1 haproxy]# cat install.sls 
include:
  - pkgs.make

haproxy-install:
  file.managed:
    - name: /mnt/haproxy-1.6.11.tar.gz
    - source: salt://haproxy/files/haproxy-1.6.11.tar.gz

  cmd.run:
    - name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd  haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
    - creates: /usr/local/haproxy
   推送进行安装

[root@server1 haproxy]# cd /mnt/
[root@server1 mnt]# ls
haproxy-1.6.11  haproxy-1.6.11.tar.gz
[root@server1 mnt]# cd haproxy-1.6.11
[root@server1 haproxy-1.6.11]# find -name *init*
./examples/haproxy.init
./examples/init.haproxy
[root@server1 haproxy-1.6.11]# cd examples/
[root@server1 examples]# cp haproxy.init /srv/salt/haproxy/files/
[root@server1 examples]# cp content-sw-sample.cfg /srv/salt/haproxy/files/
[root@server1 /]# cd /srv/salt/haproxy/
[root@server1 haproxy]# cd files/
[root@server1 files]# ls
content-sw-sample.cfg  haproxy-1.6.11.tar.gz  haproxy.init
[root@server1 files]# mv content-sw-sample.cfg haproxy.cfg

在/srv/salt/下建立user目录，在user目录下创建haproxy用户的文件haproxy.sls

[root@server1 salt]# mkdir user
[root@server1 salt]# cd user
[root@server1 user]# vim haproxy.sls
haproxy:
  group.present:
    - name: haproxy
    - gid: 200
  user.present:
    - uid: 200
    - gid: 200
    - shell: /sbin/nologin
    - home: /usr/local/haproxy
    - createhome: False

在/srv/salt/下建立pkgs目录，在pkgs目录下编写安装依赖包的文件make.sls

[root@server1 salt]# cd pkgs
[root@server1 pkgs]# cat make.sls 
make-install:
  pkg.installed:
    - pkgs:
      - gcc
      - pcre-devel
      - openssl-devel
      - zlib-devel
[root@server1 haproxy]# vim install.sls
[root@server1 haproxy]# cat install.sls 
include:
  - pkgs.make
  - user.haproxy

haproxy-install:
  file.managed:
    - name: /mnt/haproxy-1.6.11.tar.gz
    - source: salt://haproxy/files/haproxy-1.6.11.tar.gz

  cmd.run:
    - name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd  haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
    - creates: /usr/local/haproxy
/etc/haproxy:
  file.directory:
    - mode: 755

/usr/sbin/haproxy:
  file.symlink:
    - target: /usr/local/haproxy/sbin/haproxy

[root@server1 files]# vim haproxy.cfg //修改配置文件
 63 frontend main *:80 
 64 default_backend app 
 65 
 66 backend app 
 67 balance roundrobin 
 68 server app1 172.25.77.2:80 check 
 69 server app2 172.25.77.3:80 check

[root@server1 haproxy]# vim service.sls
[root@server1 haproxy]# cat service.sls 
include:
  - haproxy.install

/etc/haproxy/haproxy.cfg:
  file.managed:
    - source: salt://haproxy/files/haproxy.cfg

/etc/init.d/haproxy:
  file.managed:
    - source: salt://haproxy/files/haproxy.init
    - mode: 755

haproxy-service:
  service.running:
    - name: haproxy
    - enable: True
    - reload: True
    - watch:
      - file: /etc/haproxy/haproxy.cfg
[root@server1 files]# salt server1 state.sls haproxy.service

2.在网页测试：不断刷新页面，实现负载均衡
在这里插入图片描述

3.多节点推送
在/srv/salt/目录下编写top.sls文件

[root@server1 salt]# cat top.sls 
base:   
  'server1':     
    - haproxy.service     
  'server2':
    - apache.service
  'server3':
    - nginx.service

在salt-master端给salt-minion端推top.sls文件，实现在minion端安装haproxy,apache,nginx

白小黑..

关注

1
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
SaltStack自动部署nginx、apache、实现haproxy负载均衡集群

一、Saltstack 自动化运维工具什么是saltstack• Saltstack是基于python开发的一套C/S架构配置管理工具• 使用SSL证书签方的方式进行认证管理• 底层使用ZeroMQ消息队列pub/sub方式通信– 号称世界上最快的消息队列ZeroMQ能快速在成千上万台主机上进行各种操作– 采用RSA Key方式确认身主要功能• Saltstack最主要的两个功...
复制链接

扫一扫