09 saltstack生产实例--Haproxy+keepalived
1、如何理解haproxy+keepalived
https://www.cnblogs.com/zs-wei/p/9213961.html
HaProxy可以通过监听一个统一的端口对外提供能力,然后内部进行分发,相当于nginx
何保证前端程序使用单个ip又能保证后端的实际处理机器为多台,这就是KeepAlived的作用。
2、pkg、haproxy、keepalived的安装
视频配套的资源:https://github.com/unixhot/saltbook-code
1、pkg
init.sls依赖包安装
- [root@linux-node1 /srv/salt/prod/modules]# cat pkg/init.sls
- pkg-init:
- pkg.installed:
- - names:
- - gcc
- - gcc-c++
- - glibc
- - make
- - autoconf
- - openssl
- - openssl-devel
2、haproxy
安装文件 init.sls
- [root@linux-node1 /srv/salt/prod/modules]# cat haproxy/init.sls
- include:
- - modules.pkg.init
- haproxy-install:
- file.managed:
- - name: /usr/local/src/haproxy-1.5..tar.gz
- - source: salt://modules/haproxy/files/haproxy-1.5.3.tar.gz
- - mode:
- - user: root
- - group: root
- cmd.run:
- - name: cd /usr/local/src && tar zxf haproxy-1.5..tar.gz && cd haproxy-1.5. && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
- - unless: test -d /usr/local/haproxy
- - require:
- - pkg: pkg-init
- - file: haproxy-install
- /etc/init.d/haproxy:
- file.managed:
- - source: salt://modules/haproxy/files/haproxy.init
- - mode:
- - user: root
- - group: root
- - require:
- - cmd: haproxy-install
- net.ipv4.ip_nonlocal_bind:
- sysctl.present:
- - value:
- haproxy-config-dir:
- file.directory:
- - name: /etc/haproxy
- - mode:
- - user: root
- - group: root
- haproxy-init:
- cmd.run:
- - name: chkconfig --add haproxy
- - unless: chkconfig --list | grep haproxy
- - require:
- - file: /etc/init.d/haproxy
内核参数
默认不能监听不在本地的ipv4
file配置
3、keepalived
配置文件 init.sls
- [root@linux-node1 /srv/salt/prod/modules]# cat keepalived/init.sls
- include:
- - modules.pkg.init
- keepalived-install:
- file.managed:
- - name: /usr/local/src/keepalived-1.2..tar.gz
- - source: salt://modules/keepalived/files/keepalived-1.2.17.tar.gz
- - mode:
- - user: root
- - group: root
- cmd.run:
- - name: cd /usr/local/src && tar zxf keepalived-1.2..tar.gz && cd keepalived-1.2. && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
- - unless: test -d /usr/local/keepalived
- - require:
- - file: keepalived-install
- /etc/sysconfig/keepalived:
- file.managed:
- - source: salt://modules/keepalived/files/keepalived.sysconfig
- - mode:
- - user: root
- - group: root
- /etc/init.d/keepalived:
- file.managed:
- - source: salt://modules/keepalived/files/keepalived.init
- - mode:
- - user: root
- - group: root
- keepalived-init:
- cmd.run:
- - name: chkconfig --add keepalived
- - unless: chkconfig --list | grep keepalived
- - require:
- - file: /etc/init.d/keepalived
- /etc/keepalived:
- file.directory:
- - user: root
- - group: root
配置文件
4、test启动
修改index主页
- # node1
- [root@linux-node1 /srv/salt/prod]# cd /var/www/html/
- [root@linux-node1 /var/www/html]# echo "linux node11111" > index.html
- # node2
- [root@linux-node2 /etc/my.cnf.d]# cd /var/www/html/
- [root@linux-node2 /var/www/html]# echo "linux node2222" > index.htm
[root@linux-node1 ~]# salt \* state.sls modules.haproxy.init saltenv=prod
[root@linux-node1 /srv/salt/prod/modules]# salt \* state.sls modules.keepalived.init saltenv=prod
3、如何使用负载均衡
每个业务一个负载均衡
每个主机的负载均衡
负载均衡对内 对外
作业
- 管理 Haproy+Keepalive 配置文件
- 必须使用jianja模板,配置不一样
4、haproxy-outside的配置
1、git上面的源代码
2、服务 sls
加入到系统服务中
- [root@linux-node1 /srv/salt/prod]# cat lb-outside/haproxy-outside.sls
- include:
- - modules.haproxy.init
- haproxy-service:
- file.managed:
- - name: /etc/haproxy/haproxy.cfg
- - source: salt://lb-outside/files/haproxy-outside.cfg
- - user: root
- - group: root
- - mode:
- service.running:
- - name: haproxy
- - enable: True
- - reload: True
- - require:
- - cmd: haproxy-init
- - watch:
- - file: haproxy-service
3、配置file
- [root@linux-node1 /srv/salt/prod]# cat lb-outside/files/haproxy-outside.cfg
- global
- maxconn
- chroot /usr/local/haproxy
- uid
- gid
- daemon
- nbproc
- pidfile /usr/local/haproxy/logs/haproxy.pid
- log 127.0.0.1 local3 info
- defaults
- option http-keep-alive
- maxconn
- mode http
- timeout connect 5000ms
- timeout client 50000ms
- timeout server 50000ms
- listen stats
- mode http
- bind 0.0.0.0:
- stats enable
- stats uri /haproxy-status
- stats auth haproxy:saltstack
- frontend frontend_www_example_com
- bind 192.168.194.131:
- mode http
- option httplog
- log global
- default_backend backend_www_example_com
- backend backend_www_example_com
- option forwardfor header X-REAL-IP
- option httpchk HEAD / HTTP/1.0
- balance source
- server web-node1 192.168.194.131: check inter rise fall
- server web-node2 192.168.194.132: check inter rise fall
配置文件解释
- # 全局
- global
- maxconn 100000
- chroot /usr/local/haproxy
- uid 99
- gid 99
- daemon
- nbproc 1
- pidfile /usr/local/haproxy/logs/haproxy.pid
- log 127.0.0.1 local3 info
- # 默认配置
- defaults
- option http-keep-alive
- maxconn 100000
- mode http
- timeout connect 5000ms
- timeout client 50000ms
- timeout server 50000ms
- # 状态页面
- listen stats
- mode http
- bind 0.0.0.0:8888 # 端口8888
- stats enable
- stats uri /haproxy-status # url
- stats auth haproxy:saltstack # 用户名:密码
- # 前端
- frontend frontend_www_example_com
- bind 192.168.194.131:80
- mode http
- option httplog
- log global
- default_backend backend_www_example_com
- # 前后端backend统一 backend_www_example_com
- # 后端
- backend backend_www_example_com
- option forwardfor header X-REAL-IP
- option httpchk HEAD / HTTP/1.0
- balance source
- server web-node1 192.168.194.131:8080 check inter 2000 rise 30 fall 15
- server web-node2 192.168.194.132:8080 check inter 2000 rise 30 fall 15
4、test
- [root@linux-node1 /srv/salt/prod/lb-outside]# salt \* state.sls lb-outside.haproxy-outside saltenv=prod
用户名haproxy
密码saltstack
5、haproxy-keepalived的配置
1、sls
使用jinja模板
- [root@linux-node1 /srv/salt/prod/lb-outside]# cat haproxy-outside-keepalived.sls
- include:
- - modules.keepalived.init
- keepalived-server:
- file.managed:
- - name: /etc/keepalived/keepalived.conf
- - source: salt://lb-outside/files/haproxy-outside-keepalived.conf
- - mode: 644
- - user: root
- - group: root
- - template: jinja
- {% if grains['fqdn'] == 'linux-node1.example.com' %}
- - ROUTEID: haproxy_ha
- - STATEID: MASTER
- - PRIORITYID: 150
- {% elif grains['fqdn'] == 'linux-node2.example.com' %}
- - ROUTEID: haproxy_ha
- - STATEID: BACKUP
- - PRIORITYID: 100
- {% endif %}
- service.running:
- - name: keepalived
- - enable: True
- - watch:
- - file: keepalived-server
master,backup
优先级不同 150,100
2、file
- [root@linux-node1 /srv/salt/prod/lb-outside]# vim files/haproxy-outside-keepalived.conf
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- saltstack@example.com
- }
- notification_email_from keepalived@example.com
- smtp_server 127.0.0.1
- smtp_connect_timeout 30
- router_id {{ROUTEID}} # 环境有多个haproxy要有不同的route id
- }
- vrrp_instance haproxy_ha {
- state {{STATEID}}
- interface eth0
- virtual_router_id 36 # 虚拟id
- priority {{PRIORITYID}} # 角色
- advert_int 1 # 优先级id
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.194.131
- }
- }
网卡名称 eth0
虚拟ip
3、test启动
[root@linux-node1 /srv/salt/prod]# salt \* state.sls lb-outside.haproxy-outside-keepalived saltenv=prod
node1抢到144ip了
断开这个node1的keepalived,
node2抢到地址
4、top
- [root@linux-node1 /srv/salt/prod/modules]# salt \* state.highstate
redis,单独拿出来,多个业务都在用
之前配置过
https://www.cnblogs.com/venicid/p/11276232.html#_label7_0
master直接安装的
redis不对
redis路径
6、我们的课程体系
全运维自动化的课程:
OpenStack创建虚拟机
配置服务
zabbix去监控
saltstack部署这样的架构
代码自动化的布置上去
ELK日志的自动化收集
docker
09 saltstack生产实例--Haproxy+keepalived的更多相关文章
- 06 saltstack生产实例-需求
https://github.com/unixhot/saltbook-code .Cobbler 1.15 统一网卡名 .Zabbix 系统已经安装好了! base .手动实现 .需要使用salt的 ...
- 07 saltstack生产实例-mysql主从
1.服务部署 .服务部署 抽象:功能模块 redis 安装.配置.启动 mysql 安装.配置(my.cnf可以统一 目录默认配置可以统一) master: server_id slave: serv ...
- 08 saltstack生产实例-apahce+php+redis
1.apache+php 前几章的LAMP:https://www.cnblogs.com/venicid/p/11276232.html#_label2 Php放在apache 1.目录结构 2.p ...
- SaltStack生产案例-服务部署(redis,mysql,apache+php,haproxy+keepalived)
顺序代码资料链接 课上资料.zip 接上篇:SaltStack生产案例-系统初始化 1,redis 主从 2,mysql 主从 2.1 mysql-install.sls (安装 初始化) 2.2 ...
- saltstack SLS 安装haproxy+nginx实例分析学习
本文主要以实例的形式去熟悉sls的部署流程及相关模块的使用 文件下载:https://github.com/unixhot/saltbook-code 目录结构 [root@k8s_master sa ...
- saltstack 实现haproxy+keepalived
1.目录结构规划如下 mkdir -p /srv/salt/prod/haproxy mkdir -p /srv/salt/prod/keepalived mkdir -p /srv/salt/pro ...
- Haproxy+Keepalived负载均衡
Haproxy介绍 HAProxy是一个特别适用于高可用性环境的TCP/HTTP开源的反向代理和负载均衡软件.在7层负载均衡方面的功能很强大(支持cookie track, header rewrit ...
- haproxy+keepalived实现高可用负载均衡
软件负载均衡一般通过两种方式来实现:基于操作系统的软负载实现和基于第三方应用的软负载实现.LVS就是基于Linux操作系统实现的一种软负载,HAProxy就是开源的并且基于第三应用实现的软负载. HA ...
- Haproxy+Keepalived搭建Weblogic高可用负载均衡集群
配置环境说明: KVM虚拟机配置 用途 数量 IP地址 机器名 虚拟IP地址 硬件 内存3G 系统盘20G cpu 4核 Haproxy keepalived 2台 192.168.1.10 192 ...
随机推荐
- studio git创建与删除标签(Tag)
代码托管平台 码云 git工具 Git git上的标签一般是用于标记版本, 当发布新版本后,便将该版本的代码打上Tag,用以区别及管理 使用标签前需要将代码提交到马云上 以上是提交git. 创建并提交 ...
- storm group 的介绍与使用
一.stream group分组介绍 Stream 的分组分为随机分组.字段分组.全部分组.全局分组.无分组.直接分组,自定义分组 二.group的介绍 1.Shuffle grouping:通过tu ...
- 【转帖】Samba AD DC(域控制器)的配置
Samba AD DC(域控制器)的配置 http://lihaitao.cn/?p=299 山东前辈写的blog 挺好的.. 改天做实验. 发表于2017年3月7日由李海涛 ■Samba AD DC ...
- [转帖]IIS7配置Gzip压缩
IIS7配置Gzip压缩 https://www.cnblogs.com/coce/p/6804373.html II7中自带了gzip功能,理论上应该比ii6配置起来应该简单一点,但是容易出的问 ...
- 【转帖】MBW内存测试
MBW内存测试 https://www.cnblogs.com/dongdongwq/p/5431561.html 在测试前,理应了解本机所具备的特点,比如CPU频率.内存频率.内存大小,等等信息. ...
- java微信token校验
1.微信验证接口 package com.park.utils.wechatUtil; import org.springframework.web.bind.annotation.RequestMa ...
- COGS 2633. [HZOI 2016] 数列操作e
[题目描述] 一个长度为n的序列,一开始序列数的权值都是0,有m次操作 支持两种操作, 1 L R x,给区间[L,R]内,第一个数加x,第二个数加2^2⋅x,第三个数加3^2⋅x...第R-L+1个 ...
- S02_CH02_MIO实验Enter a post title
S02_CH02_MIO实验 2.1 GPIO简介 Zynq7000系列芯片有54个MIO(multiuse I/O),它们分配在 GPIO 的Bank0 和Bank1隶属于PS部分,这些IO与PS直 ...
- regex 正则分割字符串
string _content=adak.sjdkajskj爱25教:师的656教案时; string en=@"\.|56|25";//单个[asj]分别以a,s,j为分隔符. ...
- 关键字:for_each
std::for_each 先贴cppreference中对for_each的概述: template< class InputIt, class UnaryFunction > //此处 ...