bjghzly 发表于 2018-1-3 20:50:47

saltstack自动化运维系列⑥SaltStack实践安装配置HAproxy

  saltstack自动化运维系列⑥SaltStack实践安装配置HAproxy
  下载haproxy1.6.2.tar.gz
  下载地址:http://www.haproxy.org/download/1.6/src/

1、编写功能模块
  ①首先编写依赖安装模块
  pkg.installed这个路径是相对于prod即在配置/etc/salt/master的file_roots路径的相对路径
  同理如果在test环境下也是相对/srv/salt/test路径
  

# mkdir -p /srv/salt/prod/pkg /srv/salt/prod/haproxy /srv/salt/prod/haproxy/files  
#
cd /srv/salt/prod/pkg  

  
# cat pkg-init.sls
  
pkg-init:
  
pkg.installed:
  
- names:
  
- gcc
  
- gcc-c++
  
- glibc
  
- make
  
- autoconf
  
- openssl
  
- openssl-devel
  

  ②编写HAproxy状态模块
  如何写状态模块?
  安装一遍,记录安装步骤
  手动安装步骤:
  ①安装依赖
  # yum install gcc gcc-c++ glibc make autoconf openssl openssl-devel
  cd /usr/local/
  tar -zxf haproxy-1.6.2.tar.gz
  cd /usr/local/haproxy-1.6.2

2、将配置文件,启动文件等拷贝到/srv/salt/prod/haproxy/files下
  ①获取启动脚本,并copy到/srv/salt/prod/haproxy/files/
  

# mv haproxy-1.6.2.tar.gz /srv/salt/prod/haproxy/files/  
#
cd /srv/salt/prod/haproxy/files/  
#
tar zxf haproxy-1.6.2.tar.gz  
#
cd haproxy-1.6.2/examples/  
#
vim haproxy.init  
BIN=/usr/local/haporxy/sbin/$BASENAME
  

  
# cp haproxy.init /srv/salt/prod/haproxy/files/
  

  
# cd /srv/salt/prod/haproxy/files
  
# rm -rf haproxy-1.6.2
  

  ②编写install.sls
  不在这里写配置文件,是为了解耦。因为安装和启动时原子操作,在哪都必须,但是配置文件,在不同环境下是不一样的
  

# cd /srv/salt/prod/haproxy/  
#
vim install.sls  

  
include:
  
- pkg.pkg-init
  
haproxy-install:
  
file.managed:
  
- name: /usr/local/src/haproxy-1.6.2.tar.gz
  
- source: salt://haproxy/files/haproxy-1.6.2.tar.gz
  
- user: root
  
- group: root
  
- mode: 755
  
cmd.run:
  
- name: cd /usr/local/src && tar zxf haproxy-1.6.2.tar.gz && cd haproxy-1.6.2 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
  
- unless: test -d /usr/local/haproxy
  
- require:
  
- pkg: pkg-init
  
- file: haproxy-install
  
haproxy-init:
  
file.managed:
  
- name: /etc/init.d/haproxy
  
- source: salt://haproxy/files/haproxy.init
  
- user: root
  
- group: root
  
- mode: 755
  
- require:
  
- cmd: haproxy-install
  
cmd.run:
  
- name: chkconfig --add haproxy
  
- unless: chkconfig --list | grep haproxy
  
- require:
  
- file: /etc/init.d/haproxy
  
net.ipv4.ip_nonlocal_bind:
  
sysctl.present:
  
- value: 1
  
haproxy-config-dir:
  
file.directory:
  
- name: /etc/haproxy
  
- user: root
  
- group: root
  
- mode: 755
  

  # salt '*' state.sls haproxy.install env=prod
  注:
  直接拷贝上面的配置文件执行可能会出错,建议进入vim状态后,使用set list命令,确保$符号和配置之间没有空格
  并且层级关系是2、4、6个空格
  建议先执行测试然后再实际配置修改
  # salt '*' state.sls haproxy.install env=prod test=True

3、编写业务引用
  ①HAproxy配置文件
  

# mkdir -p /srv/salt/prod/cluster/files  
#
cd /srv/salt/prod/cluster/files/  
#
vim /srv/salt/prod/cluster/files/haproxy-outside.cfg  
global
  
maxconn 100000
  
chroot /usr/local/haproxy
  
uid 99
  
gid 99
  
daemon
  
nbproc 1
  
pidfile /usr/local/haproxy/logs/haproxy.pid
  
log 127.0.0.1 local3 info
  
defaults
  
option http-keep-alive
  
maxconn 100000
  
mode http
  
timeout connect 5000ms
  
timeout client 50000ms
  
timeout server 50000ms
  
listen stats
  
mode http
  
bind 0.0.0.0:8888
  
stats enable
  
stats uri /haproxy-status
  
stats auth haproxy:saltstack
  
frontend frontend_www_example_com
  
bind 192.168.3.11:80
  
mode http
  
option httplog
  
log global
  
default_backend backend_www_example_com
  
backend backend_www_example_com
  
option forwardfor header X-REAL-IP
  
option httpchk HEAD / HTTP/1.0
  
balance source
  
server web-node1 192.168.3.12:8080 check inter 2000 rise 30 fall 15
  
server web-node2 192.168.3.19:8080 check inter 2000 rise 30 fall 15
  

  
# cd ..
  
# vim /srv/salt/prod/cluster/haproxy-outside.sls
  
include:
  
- haproxy.install
  
haproxy-service:
  
file.managed:
  
- name: /etc/haproxy/haproxy.cfg
  
- source: salt://cluster/files/haproxy-outside.cfg
  
- user: root
  
- group: root
  
- mode: 644
  
service.running:
  
- name: haproxy
  
- enable: True

  
->  
- require:
  
- cmd: haproxy-init
  
- watch:
  
- file: haproxy-service
  

  
# cd /srv/salt/base/
  
# vim top.sls
  
base:
  
'*':
  
- init.env_init
  
prod:
  
'*':
  
- cluster.haproxy-outside
  

  执行安装配置
  # salt '*' state.highstate

4、Web查看服务状态
  从web登陆192.168.3.12:8888/haproxy-status
  用户名和密码在/srv/salt/prod/cluster/files/haproxy-outside.cfg中
  # grep 'auth' /srv/salt/prod/cluster/files/haproxy-outside.cfg
  stats auth    haproxy:saltstack
  至此haproxy的配置完成
页: [1]
查看完整版本: saltstack自动化运维系列⑥SaltStack实践安装配置HAproxy