09 saltstack生产实例--Haproxy+keepalived
1、如何理解haproxy+keepalived
https://www.cnblogs.com/zs-wei/p/9213961.html
HaProxy可以通过监听一个统一的端口对外提供能力,然后内部进行分发,相当于nginx
何保证前端程序使用单个ip又能保证后端的实际处理机器为多台,这就是KeepAlived的作用。
2、pkg、haproxy、keepalived的安装
视频配套的资源:https://github.com/unixhot/saltbook-code
1、pkg
init.sls依赖包安装
[root@linux-node1 /srv/salt/prod/modules]# cat pkg/init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
2、haproxy
安装文件 init.sls
[root@linux-node1 /srv/salt/prod/modules]# cat haproxy/init.sls
include:
- modules.pkg.init haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.5..tar.gz
- source: salt://modules/haproxy/files/haproxy-1.5.3.tar.gz
- mode:
- user: root
- group: root cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.5..tar.gz && cd haproxy-1.5. && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy
- require:
- pkg: pkg-init
- file: haproxy-install /etc/init.d/haproxy:
file.managed:
- source: salt://modules/haproxy/files/haproxy.init
- mode:
- user: root
- group: root
- require:
- cmd: haproxy-install net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- mode:
- user: root
- group: root haproxy-init:
cmd.run:
- name: chkconfig --add haproxy
- unless: chkconfig --list | grep haproxy
- require:
- file: /etc/init.d/haproxy
内核参数
默认不能监听不在本地的ipv4
file配置
3、keepalived
配置文件 init.sls
[root@linux-node1 /srv/salt/prod/modules]# cat keepalived/init.sls
include:
- modules.pkg.init keepalived-install:
file.managed:
- name: /usr/local/src/keepalived-1.2..tar.gz
- source: salt://modules/keepalived/files/keepalived-1.2.17.tar.gz
- mode:
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxf keepalived-1.2..tar.gz && cd keepalived-1.2. && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
- unless: test -d /usr/local/keepalived
- require:
- file: keepalived-install /etc/sysconfig/keepalived:
file.managed:
- source: salt://modules/keepalived/files/keepalived.sysconfig
- mode:
- user: root
- group: root /etc/init.d/keepalived:
file.managed:
- source: salt://modules/keepalived/files/keepalived.init
- mode:
- user: root
- group: root keepalived-init:
cmd.run:
- name: chkconfig --add keepalived
- unless: chkconfig --list | grep keepalived
- require:
- file: /etc/init.d/keepalived /etc/keepalived:
file.directory:
- user: root
- group: root
配置文件
4、test启动
修改index主页
# node1
[root@linux-node1 /srv/salt/prod]# cd /var/www/html/
[root@linux-node1 /var/www/html]# echo "linux node11111" > index.html # node2
[root@linux-node2 /etc/my.cnf.d]# cd /var/www/html/
[root@linux-node2 /var/www/html]# echo "linux node2222" > index.htm
[root@linux-node1 ~]# salt \* state.sls modules.haproxy.init saltenv=prod
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.sls modules.keepalived.init saltenv=prod
3、如何使用负载均衡
每个业务一个负载均衡
每个主机的负载均衡
负载均衡对内 对外
作业
- 管理 Haproy+Keepalive 配置文件
- 必须使用jianja模板,配置不一样
4、haproxy-outside的配置
1、git上面的源代码
2、服务 sls
加入到系统服务中
[root@linux-node1 /srv/salt/prod]# cat lb-outside/haproxy-outside.sls
include:
- modules.haproxy.init haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://lb-outside/files/haproxy-outside.cfg
- user: root
- group: root
- mode:
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-init
- watch:
- file: haproxy-service
3、配置file
[root@linux-node1 /srv/salt/prod]# cat lb-outside/files/haproxy-outside.cfg
global
maxconn
chroot /usr/local/haproxy
uid
gid
daemon
nbproc
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info defaults
option http-keep-alive
maxconn
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms listen stats
mode http
bind 0.0.0.0:
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack frontend frontend_www_example_com
bind 192.168.194.131:
mode http
option httplog
log global
default_backend backend_www_example_com backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.194.131: check inter rise fall
server web-node2 192.168.194.132: check inter rise fall
配置文件解释
# 全局
global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info # 默认配置
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms # 状态页面
listen stats
mode http
bind 0.0.0.0:8888 # 端口8888
stats enable
stats uri /haproxy-status # url
stats auth haproxy:saltstack # 用户名:密码 # 前端
frontend frontend_www_example_com
bind 192.168.194.131:80
mode http
option httplog
log global
default_backend backend_www_example_com # 前后端backend统一 backend_www_example_com
# 后端
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.194.131:8080 check inter 2000 rise 30 fall 15
server web-node2 192.168.194.132:8080 check inter 2000 rise 30 fall 15
4、test
[root@linux-node1 /srv/salt/prod/lb-outside]# salt \* state.sls lb-outside.haproxy-outside saltenv=prod
用户名haproxy
密码saltstack
5、haproxy-keepalived的配置
1、sls
使用jinja模板
[root@linux-node1 /srv/salt/prod/lb-outside]# cat haproxy-outside-keepalived.sls
include:
- modules.keepalived.init keepalived-server:
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://lb-outside/files/haproxy-outside-keepalived.conf
- mode: 644
- user: root
- group: root
- template: jinja
{% if grains['fqdn'] == 'linux-node1.example.com' %}
- ROUTEID: haproxy_ha
- STATEID: MASTER
- PRIORITYID: 150
{% elif grains['fqdn'] == 'linux-node2.example.com' %}
- ROUTEID: haproxy_ha
- STATEID: BACKUP
- PRIORITYID: 100
{% endif %} service.running:
- name: keepalived
- enable: True
- watch:
- file: keepalived-server
master,backup
优先级不同 150,100
2、file
[root@linux-node1 /srv/salt/prod/lb-outside]# vim files/haproxy-outside-keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
saltstack@example.com
}
notification_email_from keepalived@example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id {{ROUTEID}} # 环境有多个haproxy要有不同的route id
} vrrp_instance haproxy_ha {
state {{STATEID}}
interface eth0
virtual_router_id 36 # 虚拟id
priority {{PRIORITYID}} # 角色
advert_int 1 # 优先级id
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.194.131
}
}
网卡名称 eth0
虚拟ip
3、test启动
[root@linux-node1 /srv/salt/prod]# salt \* state.sls lb-outside.haproxy-outside-keepalived saltenv=prod
node1抢到144ip了
断开这个node1的keepalived,
node2抢到地址
4、top
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.highstate
redis,单独拿出来,多个业务都在用
之前配置过
https://www.cnblogs.com/venicid/p/11276232.html#_label7_0
master直接安装的
redis不对
redis路径
6、我们的课程体系
全运维自动化的课程:
OpenStack创建虚拟机
配置服务
zabbix去监控
saltstack部署这样的架构
代码自动化的布置上去
ELK日志的自动化收集
docker
09 saltstack生产实例--Haproxy+keepalived的更多相关文章
- 06 saltstack生产实例-需求
https://github.com/unixhot/saltbook-code .Cobbler 1.15 统一网卡名 .Zabbix 系统已经安装好了! base .手动实现 .需要使用salt的 ...
- 07 saltstack生产实例-mysql主从
1.服务部署 .服务部署 抽象:功能模块 redis 安装.配置.启动 mysql 安装.配置(my.cnf可以统一 目录默认配置可以统一) master: server_id slave: serv ...
- 08 saltstack生产实例-apahce+php+redis
1.apache+php 前几章的LAMP:https://www.cnblogs.com/venicid/p/11276232.html#_label2 Php放在apache 1.目录结构 2.p ...
- SaltStack生产案例-服务部署(redis,mysql,apache+php,haproxy+keepalived)
顺序代码资料链接 课上资料.zip 接上篇:SaltStack生产案例-系统初始化 1,redis 主从 2,mysql 主从 2.1 mysql-install.sls (安装 初始化) 2.2 ...
- saltstack SLS 安装haproxy+nginx实例分析学习
本文主要以实例的形式去熟悉sls的部署流程及相关模块的使用 文件下载:https://github.com/unixhot/saltbook-code 目录结构 [root@k8s_master sa ...
- saltstack 实现haproxy+keepalived
1.目录结构规划如下 mkdir -p /srv/salt/prod/haproxy mkdir -p /srv/salt/prod/keepalived mkdir -p /srv/salt/pro ...
- Haproxy+Keepalived负载均衡
Haproxy介绍 HAProxy是一个特别适用于高可用性环境的TCP/HTTP开源的反向代理和负载均衡软件.在7层负载均衡方面的功能很强大(支持cookie track, header rewrit ...
- haproxy+keepalived实现高可用负载均衡
软件负载均衡一般通过两种方式来实现:基于操作系统的软负载实现和基于第三方应用的软负载实现.LVS就是基于Linux操作系统实现的一种软负载,HAProxy就是开源的并且基于第三应用实现的软负载. HA ...
- Haproxy+Keepalived搭建Weblogic高可用负载均衡集群
配置环境说明: KVM虚拟机配置 用途 数量 IP地址 机器名 虚拟IP地址 硬件 内存3G 系统盘20G cpu 4核 Haproxy keepalived 2台 192.168.1.10 192 ...
随机推荐
- 【1.0】shell常用信息
[1]获取IP地址 /sbin/ifconfig|grep -A1 -E "^eth0|em2"|grep "inet addr"|awk -F':' '{pr ...
- 什么是文件存储NAS
阿里云文件存储(Network Attached Storage,简称 NAS)是面向阿里云 ECS 实例.E-HPC 和容器服务等计算节点的文件存储服务. 定义 阿里云文件存储 NAS 是一个可共享 ...
- 网络编程之异步IO
Linux的I/O模型有下面几种:1. 同步阻塞I/O: 用户进程进行I/O操作,一直阻塞到I/O操作完成为止.2. 同步非阻塞I/O: 用户程序可以通过设置文件描述符的属性O_NONBLOCK,I/ ...
- class CAdoInterface
AdoInterface.h #pragma once //#pragma warning (push) //以防会产生警告 C4018,但这个警告是没关系的,所以使用下一句代码屏蔽它 //#prag ...
- 怎样退出mysql命令行
使用: mysql -u root -p 进入 mysql 命令号以后, 如果想退出, 可以使用: quit 命令, 如下: mysql -u root -p quit;
- oracle基本查询01
/*数据库-----> 数据库实例----->表空间[逻辑单位]------>数据文件[物理单位] 通常情况下oracle数据库只会有一个实例ORCL 新建一个项目: MYSQL:创 ...
- 正则表达式 第五篇:C# 正则表达式
原文:正则表达式 第五篇:C# 正则表达式 本文整理C#正则表达式的元字符,正则表达式是由字符构成的表达式,每个字符代表一个规则,表达式中的字符分为两种类型:普通字符和元字符.普通字符是指字面含义不变 ...
- MyEclipse的Server标签出现:Could not create the view: An unexpected exception was thrown
删除工作空间下的.metadata\.plugins\org.eclipse.core.runtime\.settings\com.genuitec.eclipse.ast.deploy.core.p ...
- C# list to dictionary
示例: 新建一个类: public class Lang { public string En; public string Ch; } 实例化并转为字典: List<Lang> lang ...
- Maven错误:警告Classpath entry org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER will not be exported or published
该错误是在我将一个普通的由maven管理的java项目变为javaweb项目后出现的,由警告可以看出是说maven的类路径容器不会被导出或发布(即通过maven管理的依赖不会被导出或发布),那么我们用 ...