saltstack一键部署高可用
一健推送apache
[root@server1 minions]# cd /etc/salt/
[root@server1 salt]# vim master
[root@server1 salt]# mkdir /srv/salt
[root@server1 salt]# cd /srv/salt/
[root@server1 salt]# mkdir apache
[root@server1 salt]# cd apache/
[root@server1 apache]# vim install.sls
apache-install:
pkg.installed:
- pkgs:
- httpd
- php
file.managed:
- name: /var/www/html/index.php
- source: salt://apache/files/index.php
- mode: 644
- user: root
- group: root
[root@server1 httpd]# salt server2 state.sls apache.install
[root@server1 apache]# vim service.sls
include:
- apache.install
apache-service:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: apache-service
[root@server1 apache]# cd files/
[root@server1 files]# ls
httpd.conf(从server2(apache端)scp过来) index.php
[root@server1 apache]# salt server2 state.sls apache.service
一健部署nginx
[root@server1 salt]# mkdir nginx
[root@server1 salt]# cd nginx
[root@server1 nginx]# mkdir files
[root@server1 nginx]# cd files
[root@server1 files]# ls
nginx-1.14.0.tar.gz nginx(可以从网上找一个启动脚本) nginx.conf(从server3scp)
[root@server1 files]# cd ..
[root@server1 nginx]# vim install.sls
include:
- pkgs.make
nginx-install:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
file.managed:
- name: /mnt/nginx-1.14.0.tar.gz
- source: salt://nginx/files/nginx-1.14.0.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-threads --with-file-aio &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/nginx
[root@server1 nginx]# salt server3 state.sls nginx.install
[root@server1 nginx]# vim service.sls
include:
- nginx.install
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
nginx-service:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx
- mode: 755
service.running:
- name: nginx
- enable: True
- reload: True
- watch:
- file: /usr/local/nginx/conf/nginx.conf
[root@server1 nginx]# salt server3 state.sls nginx.service
[root@server1 nginx]# cd ..
[root@server1 salt]# mkdir pkgs
[root@server1 salt]# cd pkgs/
[root@server1 pkgs]# vim make.sls
gcc:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
一健推送haproxy,实现负载均衡
[root@server1 salt]# mkdir haproxy
[root@server1 haproxy]# mkdir files
[root@server1 haproxy]# cd files/
[root@server1 files]# ls
haproxy-1.6.11.tar.gz haproxy.cfg haproxy.init
[root@server1 files]# cd ..
[root@server1 haproxy]# cd ..
[root@server1 salt]# mkdir users
[root@server1 salt]# cd users/
[root@server1 users]# vim haproxy.sls
haproxy-group:
group.present:
- name: haproxy
- gid: 200
haproxy:
user.present:
- uid: 200
- gid: 200
- home: /usr/local/haproxy
- createhome: False
- shell: /sbin/nologin
[root@server1 salt]# cd /srv/salt/haproxy/
[root@server1 haproxy]# vim install.sls
include:
- pkgs.make
- users.haproxy
haproxy-install:
file.managed:
- name: /mnt/haproxy-1.6.11.tar.gz
- source: salt://haproxy/files/haproxy-1.6.11.tar.gz
cmd.run:
- name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux2628 UES_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux2628 UES_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
- creates: usr/local/haproxy
/etc/haproxy:
file.directory:
- mode: 755
/usr/sbin/haproxy:
file.symlink:
- target: /usr/local/haproxy/sbin/haproxy
[root@server1 haproxy]# salt server1 state.sls haproxy.install
没有报错即成功
[root@server1 mnt]# cd haproxy-1.6.11/examples
[root@server1 examples]# cp haproxy.init /srv/salt/haproxy/files
[root@server1 examples]# cp content-sw-sample.cfg /srv/salt/haproxy/files
[root@server1 haproxy]# cd /srv/salt/haproxy/files/
[root@server1 files]# ls
[root@server1 files]# mv content-sw-sample.cfg haproxy.cfg
[root@server1 files]# vim haproxy.cfg
global
maxconn 10000
stats socket /var/run/haproxy.stat mode 600 level admin
log 127.0.0.1 local0
uid 200
gid 200
chroot /var/empty
daemon
defaults
mode http
log global
option httplog
option dontlognull
monitor-uri /monitoruri
maxconn 8000
timeout client 30s
stats uri /admin/stats
retries 2
option redispatch
timeout connect 5s
timeout server 5s
timeout queue 30s
# The public 'www' address in the DMZ
frontend public
bind *:80 name clear
#bind 192.168.1.10:443 ssl crt /etc/haproxy/haproxy.pem
#use_backend static if { hdr_beg(host) -i img }
#use_backend static if { path_beg /img /css }
default_backend static
# The static backend backend for 'Host: img', /img and /css.
backend static
balance roundrobin
#option httpchk HEAD /favicon.ico
server statsrv1 172.25.8.2:80 check inter 1000
server statsrv2 172.25.8.3:80 check inter 1000
[root@server1 files]# cd ..
[root@server1 haproxy]# vim service.sls
include:
- haproxy.install
/etc/haproxy/haproxy.cfg:
file.managed:
- source: salt://haproxy/files/haproxy.cfg
haproxy-service:
file.managed:
- name: /etc/init.d/haproxy
- source: salt://haproxy/files/haproxy.init
- mode: 755
service.running:
- name: haproxy
- enable: True
- reload: True
- watch:
- file: /etc/haproxy/haproxy.cfg
[root@server1 haproxy]# salt server1 state.sls haproxy.service
无报错即可
一键全推送
[root@server1 haproxy]# cd ..
[root@server1 salt]# vim top.sls
base:
'server2':
- apache.service
'server3':
- nginx.service
'server1':
- haproxy.service
ot@server1 salt]# salt '*' state.highstate
一键推送高可用
[root@server1 salt]# vim /etc/salt/master
取消注释
pillar_roots:
base:
- /srv/pillar
[root@server1 salt]# /etc/init.d/salt-master restart
[root@server1 srv]# cd ..
[root@server1 srv]# mkdir pillar
[root@server1 srv]# cd pillar/
[root@server1 pillar]# vim top.sls
base:
'*':
- web.install
- keepalived.install
[root@server1 pillar]# cd /srv/salt/apache/
[root@server1 apache]# vim service.sls
include:
- apache.install
apache-service:
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
- template: jinja
- context:
port: {{ pillar['port'] }}
bind: {{ pillar['bind'] }}
service.running:
- name: httpd
- enable: True
- reload: True
- watch:
- file: apache-service
[root@server1 apache]# vim /srv/pillar/web/install.sls (web目录自己创建)
{% if grains['fqdn'] == 'server2' %}
webserver: httpd
bind: 172.25.8.2
port: 80
{% elif grains['fqdn'] == 'server3' %}
webserver: nginx
{% elif grains['fqdn'] == 'server1' %}
webserver: haproxy
{% endif %}
[root@server1 apache]# vim files/httpd.conf
Listen {{ bind }}:{{ port }}
推送keepalived
server4:
[root@server1 apache]# cd ..
[root@server1 salt]# mkdir keepalived
[root@server1 salt]# cd keepalived/
[root@server1 keepalived]# mkdir files
[root@server1 keepalived]# cd files/
[root@server1 files]# ls
keepalived-2.0.6.tar.gz
[root@server1 files]# cd ..
[root@server1 keepalived]# vim install.sls
include:
- pkgs.make
kp-install:
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
cmd.run:
- name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/keepalived
tu
[root@server1 keepalived]# salt server4 state.sls keepalived.install
[root@server1 keepalived]# cd files/
[root@server1 files]# ls
keepalived keepalived-2.0.6.tar.gz keepalived.conf
[root@server1 files]# cd ..
vim service.sls
[root@server1 keepalived]# cd files/
[root@server1 files]# vim keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id {{ VRID }}
priority {{ PRIORITY }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.8.100
}
}
[root@server1 salt]# cd ..
[root@server1 keepalived]# vim service.sls
[root@server1 keepalived]# cd ..
[root@server1 salt]# cd ..
[root@server1 srv]# cd pillar/
[root@server1 pillar]# mkdir keepalived
[root@server1 pillar]# cd keepalived/
[root@server1 keepalived]# vim install.sls
{% if grains['fqdn'] == 'server1' %}
state: MASTER
vrid: 88
priority: 100
{% elif grains['fqdn'] == 'server4' %}
state: MASTER
vrid: 88
priority: 1
{% endif %}
tu
[root@server1 keepalived]# cd ..
[root@server1 salt]# vim top.sls
base:
'server4':
- haproxy.service
- keepalived.service
'server2':
- apache.service
'server3':
- nginx.service
'server1':
- haproxy.service
- keepalived.service
[root@server1 salt]# salt '*' state.highstate
saltstack一键部署高可用的更多相关文章
- 基于saltstack自动化部署高可用kubernetes集群
SaltStack自动化部署HA-Kubernetes 本项目在GitHub上,会不定期更新,大家也可以提交ISSUE,地址为:https://github.com/skymyyang/salt-k8 ...
- kubernetes实战(二十):k8s一键部署高可用Prometheus并实现邮件告警
1.基本概念 本次部署使用的是CoreOS的prometheus-operator. 本次部署包含监控etcd集群. 本次部署适用于二进制和kubeadm安装方式. 本次部署适用于k8s v1.10版 ...
- kubernetes kubeadm部署高可用集群
k8s kubeadm部署高可用集群 kubeadm是官方推出的部署工具,旨在降低kubernetes使用门槛与提高集群部署的便捷性. 同时越来越多的官方文档,围绕kubernetes容器化部署为环境 ...
- kubernetes部署高可用Harbor
前言 本文Harbor高可用依照Harbor官网部署,主要思路如下,大家可以根据具体情况选择搭建. 部署Postgresql高可用集群.(本文选用Stolon进行管理,请查看文章<kuberne ...
- k8s部署高可用Ingress
部署高可用Ingress 官网地址https://kubernetes.github.io/ingress-nginx/deploy/ 获取ingress的编排文件 wget https://raw. ...
- 附012.Kubeadm部署高可用Kubernetes
一 kubeadm介绍 1.1 概述 参考<附003.Kubeadm部署Kubernetes>. 1.2 kubeadm功能 参考<附003.Kubeadm部署Kubernetes& ...
- Quartz学习笔记:集群部署&高可用
Quartz学习笔记:集群部署&高可用 集群部署 一个Quartz集群中的每个节点是一个独立的Quartz应用,它又管理着其他的节点.这就意味着你必须对每个节点分别启动或停止.Quartz集群 ...
- 企业运维实践-还不会部署高可用的kubernetes集群?使用kubeadm方式安装高可用k8s集群v1.23.7
关注「WeiyiGeek」公众号 设为「特别关注」每天带你玩转网络安全运维.应用开发.物联网IOT学习! 希望各位看友[关注.点赞.评论.收藏.投币],助力每一个梦想. 文章目录: 0x00 前言简述 ...
- SaltStack一键部署负载均衡和高可用
一.负载均衡的部署 server1 haproxy (调度器) server2 apache server3 nginx 1)在server1上首先安装salt-minion服务.并 ...
随机推荐
- IDEA创建MAVEN 无骨架WEB 项目
Idea创建maven带有骨架的web项目的时候,会缺少必要文件夹,而且会多出来一些我们不需要的东西 详见:IDEA创建Maven Web项目 所以我们也可以创建无骨架项目: 创建maven项目 不选 ...
- java格式化数字、货币、金钱
网上摘来的,以后可能会用到 java开发中经常会有数字.货币金钱等格式化需求,货币保留几位小数,货币前端需要加上货币符号等.可以用java.text.NumberFormat和java.text.De ...
- 怎么把网页保存为pdf文件
不就是用chrome浏览器打印功能,然后保存为pdf就可以了吗? 对于一些结构简单的比如,RFC文档这样操作一般没什么问题,对于一些有浮动元素的网页就不好说了,必须先用chrome的审查元素把一些不必 ...
- 12. git常用语法总结
git介绍与安装这里不再多说,再说也不如廖雪峰大佬总结的优秀: https://www.liaoxuefeng.com/wiki/0013739516305929606dd18361248578c67 ...
- java全栈day13----Eclipse项目的jar包导出与使用jar包
01eclipse快捷键 Ctrl+T:查看所选中类的继承树 例如,在下面代码中,选中Teacher类名,然后按Ctrl+T,就会显示出Teacher类的继承关系 * B: 查看所选中方法的源代码 ...
- Ubuntu学习小结(二)PostgreSQL的使用,进程的查看关闭,编辑器之神Vim入门
距离上次发布文章已经过去了很久.在过去的半年中,虽然写的代码不多,但是在接触了计算机一些其他的知识,包括数据库.网络之后,感觉能够融会贯通,写代码水平又有了一定的提高.接下来,将会发表几篇文章,简单介 ...
- 后台调js方法
Page.ClientScript.RegisterStartupScript(Page.GetType(), "", "<script>btnSearch( ...
- Algorithms - Merging Sort
印象 图1 使用合并排序为一列数字进行排序的过程 思想 归并排序是典型的分治算法,它不断地将某个数组分为两个部分,分别对左子数组与右子数组进行排序,然后将两个数组合并为新的有序数组. 分析 稳定: 是 ...
- c# 捕获非托管异常
在.NET 4.0之后,CLR将会区别出一些异常(都是SEH异常),将这些异常标识为破坏性异常(Corrupted State Exception).针对这些异常,CLR的catch块不会捕捉这些异常 ...
- HBase - 安装过程中的问题
问题1:启动时start-hbase.sh 报 权限不够 原因:在移动文件时,使用root用户在/usr/local下创建的hbase,所以hbase文件夹的使用者为root,其他人没权限 解决方案: ...