09 saltstack生产实例--Haproxy+keepalived
1、如何理解haproxy+keepalived
https://www.cnblogs.com/zs-wei/p/9213961.html
HaProxy可以通过监听一个统一的端口对外提供能力,然后内部进行分发,相当于nginx
何保证前端程序使用单个ip又能保证后端的实际处理机器为多台,这就是KeepAlived的作用。
2、pkg、haproxy、keepalived的安装
视频配套的资源:https://github.com/unixhot/saltbook-code
1、pkg
init.sls依赖包安装
[root@linux-node1 /srv/salt/prod/modules]# cat pkg/init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
2、haproxy
安装文件 init.sls
[root@linux-node1 /srv/salt/prod/modules]# cat haproxy/init.sls
include:
- modules.pkg.init haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.5..tar.gz
- source: salt://modules/haproxy/files/haproxy-1.5.3.tar.gz
- mode:
- user: root
- group: root cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.5..tar.gz && cd haproxy-1.5. && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy
- require:
- pkg: pkg-init
- file: haproxy-install /etc/init.d/haproxy:
file.managed:
- source: salt://modules/haproxy/files/haproxy.init
- mode:
- user: root
- group: root
- require:
- cmd: haproxy-install net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- mode:
- user: root
- group: root haproxy-init:
cmd.run:
- name: chkconfig --add haproxy
- unless: chkconfig --list | grep haproxy
- require:
- file: /etc/init.d/haproxy
内核参数
默认不能监听不在本地的ipv4
file配置
3、keepalived
配置文件 init.sls
[root@linux-node1 /srv/salt/prod/modules]# cat keepalived/init.sls
include:
- modules.pkg.init keepalived-install:
file.managed:
- name: /usr/local/src/keepalived-1.2..tar.gz
- source: salt://modules/keepalived/files/keepalived-1.2.17.tar.gz
- mode:
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxf keepalived-1.2..tar.gz && cd keepalived-1.2. && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
- unless: test -d /usr/local/keepalived
- require:
- file: keepalived-install /etc/sysconfig/keepalived:
file.managed:
- source: salt://modules/keepalived/files/keepalived.sysconfig
- mode:
- user: root
- group: root /etc/init.d/keepalived:
file.managed:
- source: salt://modules/keepalived/files/keepalived.init
- mode:
- user: root
- group: root keepalived-init:
cmd.run:
- name: chkconfig --add keepalived
- unless: chkconfig --list | grep keepalived
- require:
- file: /etc/init.d/keepalived /etc/keepalived:
file.directory:
- user: root
- group: root
配置文件
4、test启动
修改index主页
# node1
[root@linux-node1 /srv/salt/prod]# cd /var/www/html/
[root@linux-node1 /var/www/html]# echo "linux node11111" > index.html # node2
[root@linux-node2 /etc/my.cnf.d]# cd /var/www/html/
[root@linux-node2 /var/www/html]# echo "linux node2222" > index.htm
[root@linux-node1 ~]# salt \* state.sls modules.haproxy.init saltenv=prod
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.sls modules.keepalived.init saltenv=prod
3、如何使用负载均衡
每个业务一个负载均衡
每个主机的负载均衡
负载均衡对内 对外
作业
- 管理 Haproy+Keepalive 配置文件
- 必须使用jianja模板,配置不一样
4、haproxy-outside的配置
1、git上面的源代码
2、服务 sls
加入到系统服务中
[root@linux-node1 /srv/salt/prod]# cat lb-outside/haproxy-outside.sls
include:
- modules.haproxy.init haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://lb-outside/files/haproxy-outside.cfg
- user: root
- group: root
- mode:
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-init
- watch:
- file: haproxy-service
3、配置file
[root@linux-node1 /srv/salt/prod]# cat lb-outside/files/haproxy-outside.cfg
global
maxconn
chroot /usr/local/haproxy
uid
gid
daemon
nbproc
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info defaults
option http-keep-alive
maxconn
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms listen stats
mode http
bind 0.0.0.0:
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack frontend frontend_www_example_com
bind 192.168.194.131:
mode http
option httplog
log global
default_backend backend_www_example_com backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.194.131: check inter rise fall
server web-node2 192.168.194.132: check inter rise fall
配置文件解释
# 全局
global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info # 默认配置
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms # 状态页面
listen stats
mode http
bind 0.0.0.0:8888 # 端口8888
stats enable
stats uri /haproxy-status # url
stats auth haproxy:saltstack # 用户名:密码 # 前端
frontend frontend_www_example_com
bind 192.168.194.131:80
mode http
option httplog
log global
default_backend backend_www_example_com # 前后端backend统一 backend_www_example_com
# 后端
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.194.131:8080 check inter 2000 rise 30 fall 15
server web-node2 192.168.194.132:8080 check inter 2000 rise 30 fall 15
4、test
[root@linux-node1 /srv/salt/prod/lb-outside]# salt \* state.sls lb-outside.haproxy-outside saltenv=prod
用户名haproxy
密码saltstack
5、haproxy-keepalived的配置
1、sls
使用jinja模板
[root@linux-node1 /srv/salt/prod/lb-outside]# cat haproxy-outside-keepalived.sls
include:
- modules.keepalived.init keepalived-server:
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://lb-outside/files/haproxy-outside-keepalived.conf
- mode: 644
- user: root
- group: root
- template: jinja
{% if grains['fqdn'] == 'linux-node1.example.com' %}
- ROUTEID: haproxy_ha
- STATEID: MASTER
- PRIORITYID: 150
{% elif grains['fqdn'] == 'linux-node2.example.com' %}
- ROUTEID: haproxy_ha
- STATEID: BACKUP
- PRIORITYID: 100
{% endif %} service.running:
- name: keepalived
- enable: True
- watch:
- file: keepalived-server
master,backup
优先级不同 150,100
2、file
[root@linux-node1 /srv/salt/prod/lb-outside]# vim files/haproxy-outside-keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
saltstack@example.com
}
notification_email_from keepalived@example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id {{ROUTEID}} # 环境有多个haproxy要有不同的route id
} vrrp_instance haproxy_ha {
state {{STATEID}}
interface eth0
virtual_router_id 36 # 虚拟id
priority {{PRIORITYID}} # 角色
advert_int 1 # 优先级id
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.194.131
}
}
网卡名称 eth0
虚拟ip
3、test启动
[root@linux-node1 /srv/salt/prod]# salt \* state.sls lb-outside.haproxy-outside-keepalived saltenv=prod
node1抢到144ip了
断开这个node1的keepalived,
node2抢到地址
4、top
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.highstate
redis,单独拿出来,多个业务都在用
之前配置过
https://www.cnblogs.com/venicid/p/11276232.html#_label7_0
master直接安装的
redis不对
redis路径
6、我们的课程体系
全运维自动化的课程:
OpenStack创建虚拟机
配置服务
zabbix去监控
saltstack部署这样的架构
代码自动化的布置上去
ELK日志的自动化收集
docker
09 saltstack生产实例--Haproxy+keepalived的更多相关文章
- 06 saltstack生产实例-需求
https://github.com/unixhot/saltbook-code .Cobbler 1.15 统一网卡名 .Zabbix 系统已经安装好了! base .手动实现 .需要使用salt的 ...
- 07 saltstack生产实例-mysql主从
1.服务部署 .服务部署 抽象:功能模块 redis 安装.配置.启动 mysql 安装.配置(my.cnf可以统一 目录默认配置可以统一) master: server_id slave: serv ...
- 08 saltstack生产实例-apahce+php+redis
1.apache+php 前几章的LAMP:https://www.cnblogs.com/venicid/p/11276232.html#_label2 Php放在apache 1.目录结构 2.p ...
- SaltStack生产案例-服务部署(redis,mysql,apache+php,haproxy+keepalived)
顺序代码资料链接 课上资料.zip 接上篇:SaltStack生产案例-系统初始化 1,redis 主从 2,mysql 主从 2.1 mysql-install.sls (安装 初始化) 2.2 ...
- saltstack SLS 安装haproxy+nginx实例分析学习
本文主要以实例的形式去熟悉sls的部署流程及相关模块的使用 文件下载:https://github.com/unixhot/saltbook-code 目录结构 [root@k8s_master sa ...
- saltstack 实现haproxy+keepalived
1.目录结构规划如下 mkdir -p /srv/salt/prod/haproxy mkdir -p /srv/salt/prod/keepalived mkdir -p /srv/salt/pro ...
- Haproxy+Keepalived负载均衡
Haproxy介绍 HAProxy是一个特别适用于高可用性环境的TCP/HTTP开源的反向代理和负载均衡软件.在7层负载均衡方面的功能很强大(支持cookie track, header rewrit ...
- haproxy+keepalived实现高可用负载均衡
软件负载均衡一般通过两种方式来实现:基于操作系统的软负载实现和基于第三方应用的软负载实现.LVS就是基于Linux操作系统实现的一种软负载,HAProxy就是开源的并且基于第三应用实现的软负载. HA ...
- Haproxy+Keepalived搭建Weblogic高可用负载均衡集群
配置环境说明: KVM虚拟机配置 用途 数量 IP地址 机器名 虚拟IP地址 硬件 内存3G 系统盘20G cpu 4核 Haproxy keepalived 2台 192.168.1.10 192 ...
随机推荐
- 【转帖】Webmin 安装 (centos7 rpm 方式)
https://www.cnblogs.com/osfipin/p/5948803.html 这两天公众号都在手这个小工具, 今天早上试了下 挺好用的 还看到了启动 samba 的方法. 一会儿 再学 ...
- Ubuntu18.04中安装Python3.7教程
Ubuntu18.04中安装Python3.7教程 链接https://blog.csdn.net/weixin_42056625/article/details/82970358
- spark调优篇-数据倾斜(汇总)
数据倾斜 为什么会数据倾斜 spark 中的数据倾斜并不是说原始数据存在倾斜,原始数据都是一个一个的 block,大小都一样,不存在数据倾斜: 而是指 shuffle 过程中产生的数据倾斜,由于不同的 ...
- Redis 使用指南:深度解析 info 命令
Redis 是一个使用 ANSI C 编写的开源.基于内存.可选持久性的键值对存储数据库,被广泛应用于大型电商网站.视频网站和游戏应用等场景,能够有效减少数据库磁盘 IO, 提高数据查询效率,减轻管 ...
- 5-MySQL DBA笔记-开发技巧
第5章 开发技巧 本章将介绍一些和数据库相关的开发技巧.由于开发领域很广,这里只选取部分比较常见的小技巧.5.1 存储树形数据 有时我们需要保存一些树形的数据结构,比如组织架构.话题讨论.知识管理.商 ...
- axios 跨域携带cookie设置
import axios from 'axios' // 创建axios实例 const service = axios.create({ baseURL: process.env.BASE_API, ...
- Css解决表格超出部分用省略号显示
小伙伴们有没有的遇到页面显示时,因为数据太长导致显示的表格某一列过长,从而导致页面的不美观,下面我们来看一看如何用Css样式解决表格超出部分用省略号显示的问题. 主要设置两个样式: table{ ta ...
- PBE加密 .net 实现
using System; using System.Security.Cryptography; using System.Text; namespace Demo { internal class ...
- [转载]Linux缓存机制
[转载]Linux缓存机制 来源:https://blog.csdn.net/weixin_38278334/article/details/96478405 linux下的缓存机制及清理buffer ...
- php实现拼图滑块验证的思考及部分实现
实现拼图滑块验证,我觉得其中比较关键的一点就是裁剪图片,最起码需要裁剪出下面两张图的样子 底图 滑块图 一张底图和一张滑块图,其中底图实现起来比较简单可以使用添加水印的方式直接将一张拼图形状的半透明图 ...