09 saltstack生产实例--Haproxy+keepalived
1、如何理解haproxy+keepalived
https://www.cnblogs.com/zs-wei/p/9213961.html
HaProxy可以通过监听一个统一的端口对外提供能力,然后内部进行分发,相当于nginx
何保证前端程序使用单个ip又能保证后端的实际处理机器为多台,这就是KeepAlived的作用。
2、pkg、haproxy、keepalived的安装
视频配套的资源:https://github.com/unixhot/saltbook-code
1、pkg
init.sls依赖包安装
[root@linux-node1 /srv/salt/prod/modules]# cat pkg/init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
2、haproxy
安装文件 init.sls
[root@linux-node1 /srv/salt/prod/modules]# cat haproxy/init.sls
include:
- modules.pkg.init haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.5..tar.gz
- source: salt://modules/haproxy/files/haproxy-1.5.3.tar.gz
- mode:
- user: root
- group: root cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.5..tar.gz && cd haproxy-1.5. && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy
- require:
- pkg: pkg-init
- file: haproxy-install /etc/init.d/haproxy:
file.managed:
- source: salt://modules/haproxy/files/haproxy.init
- mode:
- user: root
- group: root
- require:
- cmd: haproxy-install net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- mode:
- user: root
- group: root haproxy-init:
cmd.run:
- name: chkconfig --add haproxy
- unless: chkconfig --list | grep haproxy
- require:
- file: /etc/init.d/haproxy
内核参数
默认不能监听不在本地的ipv4
file配置
3、keepalived
配置文件 init.sls
[root@linux-node1 /srv/salt/prod/modules]# cat keepalived/init.sls
include:
- modules.pkg.init keepalived-install:
file.managed:
- name: /usr/local/src/keepalived-1.2..tar.gz
- source: salt://modules/keepalived/files/keepalived-1.2.17.tar.gz
- mode:
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxf keepalived-1.2..tar.gz && cd keepalived-1.2. && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
- unless: test -d /usr/local/keepalived
- require:
- file: keepalived-install /etc/sysconfig/keepalived:
file.managed:
- source: salt://modules/keepalived/files/keepalived.sysconfig
- mode:
- user: root
- group: root /etc/init.d/keepalived:
file.managed:
- source: salt://modules/keepalived/files/keepalived.init
- mode:
- user: root
- group: root keepalived-init:
cmd.run:
- name: chkconfig --add keepalived
- unless: chkconfig --list | grep keepalived
- require:
- file: /etc/init.d/keepalived /etc/keepalived:
file.directory:
- user: root
- group: root
配置文件
4、test启动
修改index主页
# node1
[root@linux-node1 /srv/salt/prod]# cd /var/www/html/
[root@linux-node1 /var/www/html]# echo "linux node11111" > index.html # node2
[root@linux-node2 /etc/my.cnf.d]# cd /var/www/html/
[root@linux-node2 /var/www/html]# echo "linux node2222" > index.htm
[root@linux-node1 ~]# salt \* state.sls modules.haproxy.init saltenv=prod
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.sls modules.keepalived.init saltenv=prod
3、如何使用负载均衡
每个业务一个负载均衡
每个主机的负载均衡
负载均衡对内 对外
作业
- 管理 Haproy+Keepalive 配置文件
- 必须使用jianja模板,配置不一样
4、haproxy-outside的配置
1、git上面的源代码
2、服务 sls
加入到系统服务中
[root@linux-node1 /srv/salt/prod]# cat lb-outside/haproxy-outside.sls
include:
- modules.haproxy.init haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://lb-outside/files/haproxy-outside.cfg
- user: root
- group: root
- mode:
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-init
- watch:
- file: haproxy-service
3、配置file
[root@linux-node1 /srv/salt/prod]# cat lb-outside/files/haproxy-outside.cfg
global
maxconn
chroot /usr/local/haproxy
uid
gid
daemon
nbproc
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info defaults
option http-keep-alive
maxconn
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms listen stats
mode http
bind 0.0.0.0:
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack frontend frontend_www_example_com
bind 192.168.194.131:
mode http
option httplog
log global
default_backend backend_www_example_com backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.194.131: check inter rise fall
server web-node2 192.168.194.132: check inter rise fall
配置文件解释
# 全局
global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info # 默认配置
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms # 状态页面
listen stats
mode http
bind 0.0.0.0:8888 # 端口8888
stats enable
stats uri /haproxy-status # url
stats auth haproxy:saltstack # 用户名:密码 # 前端
frontend frontend_www_example_com
bind 192.168.194.131:80
mode http
option httplog
log global
default_backend backend_www_example_com # 前后端backend统一 backend_www_example_com
# 后端
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.194.131:8080 check inter 2000 rise 30 fall 15
server web-node2 192.168.194.132:8080 check inter 2000 rise 30 fall 15
4、test
[root@linux-node1 /srv/salt/prod/lb-outside]# salt \* state.sls lb-outside.haproxy-outside saltenv=prod
用户名haproxy
密码saltstack
5、haproxy-keepalived的配置
1、sls
使用jinja模板
[root@linux-node1 /srv/salt/prod/lb-outside]# cat haproxy-outside-keepalived.sls
include:
- modules.keepalived.init keepalived-server:
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://lb-outside/files/haproxy-outside-keepalived.conf
- mode: 644
- user: root
- group: root
- template: jinja
{% if grains['fqdn'] == 'linux-node1.example.com' %}
- ROUTEID: haproxy_ha
- STATEID: MASTER
- PRIORITYID: 150
{% elif grains['fqdn'] == 'linux-node2.example.com' %}
- ROUTEID: haproxy_ha
- STATEID: BACKUP
- PRIORITYID: 100
{% endif %} service.running:
- name: keepalived
- enable: True
- watch:
- file: keepalived-server
master,backup
优先级不同 150,100
2、file
[root@linux-node1 /srv/salt/prod/lb-outside]# vim files/haproxy-outside-keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
saltstack@example.com
}
notification_email_from keepalived@example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id {{ROUTEID}} # 环境有多个haproxy要有不同的route id
} vrrp_instance haproxy_ha {
state {{STATEID}}
interface eth0
virtual_router_id 36 # 虚拟id
priority {{PRIORITYID}} # 角色
advert_int 1 # 优先级id
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.194.131
}
}
网卡名称 eth0
虚拟ip
3、test启动
[root@linux-node1 /srv/salt/prod]# salt \* state.sls lb-outside.haproxy-outside-keepalived saltenv=prod
node1抢到144ip了
断开这个node1的keepalived,
node2抢到地址
4、top
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.highstate
redis,单独拿出来,多个业务都在用
之前配置过
https://www.cnblogs.com/venicid/p/11276232.html#_label7_0
master直接安装的
redis不对
redis路径
6、我们的课程体系
全运维自动化的课程:
OpenStack创建虚拟机
配置服务
zabbix去监控
saltstack部署这样的架构
代码自动化的布置上去
ELK日志的自动化收集
docker
09 saltstack生产实例--Haproxy+keepalived的更多相关文章
- 06 saltstack生产实例-需求
https://github.com/unixhot/saltbook-code .Cobbler 1.15 统一网卡名 .Zabbix 系统已经安装好了! base .手动实现 .需要使用salt的 ...
- 07 saltstack生产实例-mysql主从
1.服务部署 .服务部署 抽象:功能模块 redis 安装.配置.启动 mysql 安装.配置(my.cnf可以统一 目录默认配置可以统一) master: server_id slave: serv ...
- 08 saltstack生产实例-apahce+php+redis
1.apache+php 前几章的LAMP:https://www.cnblogs.com/venicid/p/11276232.html#_label2 Php放在apache 1.目录结构 2.p ...
- SaltStack生产案例-服务部署(redis,mysql,apache+php,haproxy+keepalived)
顺序代码资料链接 课上资料.zip 接上篇:SaltStack生产案例-系统初始化 1,redis 主从 2,mysql 主从 2.1 mysql-install.sls (安装 初始化) 2.2 ...
- saltstack SLS 安装haproxy+nginx实例分析学习
本文主要以实例的形式去熟悉sls的部署流程及相关模块的使用 文件下载:https://github.com/unixhot/saltbook-code 目录结构 [root@k8s_master sa ...
- saltstack 实现haproxy+keepalived
1.目录结构规划如下 mkdir -p /srv/salt/prod/haproxy mkdir -p /srv/salt/prod/keepalived mkdir -p /srv/salt/pro ...
- Haproxy+Keepalived负载均衡
Haproxy介绍 HAProxy是一个特别适用于高可用性环境的TCP/HTTP开源的反向代理和负载均衡软件.在7层负载均衡方面的功能很强大(支持cookie track, header rewrit ...
- haproxy+keepalived实现高可用负载均衡
软件负载均衡一般通过两种方式来实现:基于操作系统的软负载实现和基于第三方应用的软负载实现.LVS就是基于Linux操作系统实现的一种软负载,HAProxy就是开源的并且基于第三应用实现的软负载. HA ...
- Haproxy+Keepalived搭建Weblogic高可用负载均衡集群
配置环境说明: KVM虚拟机配置 用途 数量 IP地址 机器名 虚拟IP地址 硬件 内存3G 系统盘20G cpu 4核 Haproxy keepalived 2台 192.168.1.10 192 ...
随机推荐
- numpy数组常用计算
在说numpy库数组的计算之前先来看一下numpy数组形状的知识: 创建一个数组之后,可以用shape来查看其形状,返回一个元组 例如:a = np.array([[1, 2, 3], [4, 5, ...
- python如何切割字符串
python字符串的分割方法如下 str.split():字符串分割函数 通过指定分隔符对字符串进行切片,并返回分割后的字符串列表. 语法: str.split(s, num)[n] 参数说明: s: ...
- Python list,tuple,dict,set高级变量常用方法
list列表 增加 append 在列表中追加,一次只能加一个 insert 按索引插入,一次只能插一个 extend 迭代追加到列表中 list1 = [1, 2, 3] list2 = [4, 5 ...
- Numpy学习之——数组创建
Numpy学习之--数组创建 过程展示 import numpy as np a = np.array([2,3,9]) a array([2, 3, 9]) a.dtype dtype('int32 ...
- Java 判断字符是大写小写或者数字
使用character类 Character.isLowerCase(Schar.charAt(i)) //获取字符串Schar中的某一个字符然后借用character类的方法来判断是不是小写. 其他 ...
- 用shell脚本安装MySQL-5.7.22-官方版本多实例
Install_CentOS7_MySQL57_multi_instance.sh #!/bin/bash #请提前准备好参数文件my.cnf PORT=3307 InitMySQL() { mkdi ...
- Linux(CentOS7)系统中部署Django web框架
1. 概述 部署django和vue架在逻辑上可以分为web层与数据库层:web前端通过实现了WSGI协议的模块对python代码进行解析,而python代码中则通过特定于数据库的操作接口对数据库进行 ...
- javascript 仿jQuery的无new构造函数
/* 匿名函数 传入 window 值全局变量成为局部变量 */ (function(window,undefined) { /* 申明一个名为jQuery 的函数*/ function jQuery ...
- MySQL 子查询(一)
源自MySQL 5.7 官方手册 13.2.10 Subquery Syntax 〇.MySQL子查询介绍 子查询指的是嵌套在某个语句中的SELECT语句. MySQL支持标准SQL所要求的所有子查询 ...
- css鼠标悬浮控制元素隐藏与显示
在网页开发中经常有需求是鼠标移动到一个元素A身上时,另外一个元素B显示. 如下图 当鼠标移到图片上时,相关的描述从下方显示出来. css实现原理与情景: A 是 B 的父元素 B 默认隐藏 B{opa ...