09 saltstack生产实例--Haproxy+keepalived
1、如何理解haproxy+keepalived
https://www.cnblogs.com/zs-wei/p/9213961.html
HaProxy可以通过监听一个统一的端口对外提供能力,然后内部进行分发,相当于nginx
何保证前端程序使用单个ip又能保证后端的实际处理机器为多台,这就是KeepAlived的作用。
2、pkg、haproxy、keepalived的安装
视频配套的资源:https://github.com/unixhot/saltbook-code
1、pkg
init.sls依赖包安装
[root@linux-node1 /srv/salt/prod/modules]# cat pkg/init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
2、haproxy
安装文件 init.sls
[root@linux-node1 /srv/salt/prod/modules]# cat haproxy/init.sls
include:
- modules.pkg.init haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.5..tar.gz
- source: salt://modules/haproxy/files/haproxy-1.5.3.tar.gz
- mode:
- user: root
- group: root cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.5..tar.gz && cd haproxy-1.5. && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy
- require:
- pkg: pkg-init
- file: haproxy-install /etc/init.d/haproxy:
file.managed:
- source: salt://modules/haproxy/files/haproxy.init
- mode:
- user: root
- group: root
- require:
- cmd: haproxy-install net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- mode:
- user: root
- group: root haproxy-init:
cmd.run:
- name: chkconfig --add haproxy
- unless: chkconfig --list | grep haproxy
- require:
- file: /etc/init.d/haproxy
内核参数
默认不能监听不在本地的ipv4
file配置
3、keepalived
配置文件 init.sls
[root@linux-node1 /srv/salt/prod/modules]# cat keepalived/init.sls
include:
- modules.pkg.init keepalived-install:
file.managed:
- name: /usr/local/src/keepalived-1.2..tar.gz
- source: salt://modules/keepalived/files/keepalived-1.2.17.tar.gz
- mode:
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxf keepalived-1.2..tar.gz && cd keepalived-1.2. && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
- unless: test -d /usr/local/keepalived
- require:
- file: keepalived-install /etc/sysconfig/keepalived:
file.managed:
- source: salt://modules/keepalived/files/keepalived.sysconfig
- mode:
- user: root
- group: root /etc/init.d/keepalived:
file.managed:
- source: salt://modules/keepalived/files/keepalived.init
- mode:
- user: root
- group: root keepalived-init:
cmd.run:
- name: chkconfig --add keepalived
- unless: chkconfig --list | grep keepalived
- require:
- file: /etc/init.d/keepalived /etc/keepalived:
file.directory:
- user: root
- group: root
配置文件
4、test启动
修改index主页
# node1
[root@linux-node1 /srv/salt/prod]# cd /var/www/html/
[root@linux-node1 /var/www/html]# echo "linux node11111" > index.html # node2
[root@linux-node2 /etc/my.cnf.d]# cd /var/www/html/
[root@linux-node2 /var/www/html]# echo "linux node2222" > index.htm
[root@linux-node1 ~]# salt \* state.sls modules.haproxy.init saltenv=prod
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.sls modules.keepalived.init saltenv=prod
3、如何使用负载均衡
每个业务一个负载均衡
每个主机的负载均衡
负载均衡对内 对外
作业
- 管理 Haproy+Keepalive 配置文件
- 必须使用jianja模板,配置不一样
4、haproxy-outside的配置
1、git上面的源代码
2、服务 sls
加入到系统服务中
[root@linux-node1 /srv/salt/prod]# cat lb-outside/haproxy-outside.sls
include:
- modules.haproxy.init haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://lb-outside/files/haproxy-outside.cfg
- user: root
- group: root
- mode:
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-init
- watch:
- file: haproxy-service
3、配置file
[root@linux-node1 /srv/salt/prod]# cat lb-outside/files/haproxy-outside.cfg
global
maxconn
chroot /usr/local/haproxy
uid
gid
daemon
nbproc
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info defaults
option http-keep-alive
maxconn
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms listen stats
mode http
bind 0.0.0.0:
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack frontend frontend_www_example_com
bind 192.168.194.131:
mode http
option httplog
log global
default_backend backend_www_example_com backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.194.131: check inter rise fall
server web-node2 192.168.194.132: check inter rise fall
配置文件解释
# 全局
global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info # 默认配置
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms # 状态页面
listen stats
mode http
bind 0.0.0.0:8888 # 端口8888
stats enable
stats uri /haproxy-status # url
stats auth haproxy:saltstack # 用户名:密码 # 前端
frontend frontend_www_example_com
bind 192.168.194.131:80
mode http
option httplog
log global
default_backend backend_www_example_com # 前后端backend统一 backend_www_example_com
# 后端
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.194.131:8080 check inter 2000 rise 30 fall 15
server web-node2 192.168.194.132:8080 check inter 2000 rise 30 fall 15
4、test
[root@linux-node1 /srv/salt/prod/lb-outside]# salt \* state.sls lb-outside.haproxy-outside saltenv=prod
用户名haproxy
密码saltstack
5、haproxy-keepalived的配置
1、sls
使用jinja模板
[root@linux-node1 /srv/salt/prod/lb-outside]# cat haproxy-outside-keepalived.sls
include:
- modules.keepalived.init keepalived-server:
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://lb-outside/files/haproxy-outside-keepalived.conf
- mode: 644
- user: root
- group: root
- template: jinja
{% if grains['fqdn'] == 'linux-node1.example.com' %}
- ROUTEID: haproxy_ha
- STATEID: MASTER
- PRIORITYID: 150
{% elif grains['fqdn'] == 'linux-node2.example.com' %}
- ROUTEID: haproxy_ha
- STATEID: BACKUP
- PRIORITYID: 100
{% endif %} service.running:
- name: keepalived
- enable: True
- watch:
- file: keepalived-server
master,backup
优先级不同 150,100
2、file
[root@linux-node1 /srv/salt/prod/lb-outside]# vim files/haproxy-outside-keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
saltstack@example.com
}
notification_email_from keepalived@example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id {{ROUTEID}} # 环境有多个haproxy要有不同的route id
} vrrp_instance haproxy_ha {
state {{STATEID}}
interface eth0
virtual_router_id 36 # 虚拟id
priority {{PRIORITYID}} # 角色
advert_int 1 # 优先级id
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.194.131
}
}
网卡名称 eth0
虚拟ip
3、test启动
[root@linux-node1 /srv/salt/prod]# salt \* state.sls lb-outside.haproxy-outside-keepalived saltenv=prod
node1抢到144ip了
断开这个node1的keepalived,
node2抢到地址
4、top
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.highstate
redis,单独拿出来,多个业务都在用
之前配置过
https://www.cnblogs.com/venicid/p/11276232.html#_label7_0
master直接安装的
redis不对
redis路径
6、我们的课程体系
全运维自动化的课程:
OpenStack创建虚拟机
配置服务
zabbix去监控
saltstack部署这样的架构
代码自动化的布置上去
ELK日志的自动化收集
docker
09 saltstack生产实例--Haproxy+keepalived的更多相关文章
- 06 saltstack生产实例-需求
https://github.com/unixhot/saltbook-code .Cobbler 1.15 统一网卡名 .Zabbix 系统已经安装好了! base .手动实现 .需要使用salt的 ...
- 07 saltstack生产实例-mysql主从
1.服务部署 .服务部署 抽象:功能模块 redis 安装.配置.启动 mysql 安装.配置(my.cnf可以统一 目录默认配置可以统一) master: server_id slave: serv ...
- 08 saltstack生产实例-apahce+php+redis
1.apache+php 前几章的LAMP:https://www.cnblogs.com/venicid/p/11276232.html#_label2 Php放在apache 1.目录结构 2.p ...
- SaltStack生产案例-服务部署(redis,mysql,apache+php,haproxy+keepalived)
顺序代码资料链接 课上资料.zip 接上篇:SaltStack生产案例-系统初始化 1,redis 主从 2,mysql 主从 2.1 mysql-install.sls (安装 初始化) 2.2 ...
- saltstack SLS 安装haproxy+nginx实例分析学习
本文主要以实例的形式去熟悉sls的部署流程及相关模块的使用 文件下载:https://github.com/unixhot/saltbook-code 目录结构 [root@k8s_master sa ...
- saltstack 实现haproxy+keepalived
1.目录结构规划如下 mkdir -p /srv/salt/prod/haproxy mkdir -p /srv/salt/prod/keepalived mkdir -p /srv/salt/pro ...
- Haproxy+Keepalived负载均衡
Haproxy介绍 HAProxy是一个特别适用于高可用性环境的TCP/HTTP开源的反向代理和负载均衡软件.在7层负载均衡方面的功能很强大(支持cookie track, header rewrit ...
- haproxy+keepalived实现高可用负载均衡
软件负载均衡一般通过两种方式来实现:基于操作系统的软负载实现和基于第三方应用的软负载实现.LVS就是基于Linux操作系统实现的一种软负载,HAProxy就是开源的并且基于第三应用实现的软负载. HA ...
- Haproxy+Keepalived搭建Weblogic高可用负载均衡集群
配置环境说明: KVM虚拟机配置 用途 数量 IP地址 机器名 虚拟IP地址 硬件 内存3G 系统盘20G cpu 4核 Haproxy keepalived 2台 192.168.1.10 192 ...
随机推荐
- GitHub项目管理维护实用教程
GitHub项目维护教程 1)注册GitHub账户并登陆: 2)在Windows cmd(或Ubuntu中的terminal)中cd到自己的工作目录,将仓库clone下来: 命令: git clo ...
- SQLSever语句(增、删、改、查)一、增:有4种方法1.使用insert插入单行数据
SQL语句(增.删.改.查) 一.增:有4种方法 1.使用insert插入单行数据: 语法:insert [into] <表名> [列名] values <列值> 例:inse ...
- 【LOJ】#3101. 「JSOI2019」精准预测
LOJ#3101. 「JSOI2019」精准预测 设0是生,1是死,按2-sat连边那么第一种情况是\((t,x,1) \rightarrow (t + 1,y,1)\),\((t + 1,y, 0) ...
- LC 416. Partition Equal Subset Sum
题目 Given a non-empty array containing only positive integers, find if the array can be partitioned i ...
- 网络流Dinic--模板
#define IOS ios_base::sync_with_stdio(0); cin.tie(0); #include <cstdio>//sprintf islower isupp ...
- 【数据结构】P1310 表达式的值
[题目链接] https://www.luogu.org/problem/P1310 题目描述 对于1 位二进制变量定义两种运算: 运算的优先级是: 先计算括号内的,再计算括号外的. “× ”运算优先 ...
- 【AC自动机】病毒
[题目链接] https://loj.ac/problem/10062 [题意] 寻找一个没有模式串为子串的无限01串.是否存在. [题解] 其实就是用dfs找一个环. 1.环需要从根结点出发找到这个 ...
- linux mysql 数据库操作导入导出 数据表导出导入
linux mysql 数据库操作导入导出 数据表导出导入 1,数据库导入 mysql -uroot -p show databases; create database newdb; use 数据库 ...
- vue 安装插件
import VueClipboard from 'vue-clipboard2' import MessagePlugin from '../message' import * as filters ...
- python简答
解释 GIL 全局解释器锁 def func(*args): for i in args: print(i) func(3,2,1,4,7) 在我们不知道该传递多少关键字参数时,使用**kwargs ...