Saltstack安装nginx+haproxy
@font-face {font-family: "Times New Roman";}@font-face {font-family: "宋体";}@font-face {font-family: "Calibri";}p.MsoNormal { margin: 0 0 0; text-align: justify; font-family: Calibri; font-size: 14px; }span.msoIns { text-decoration: underline; color: blue; }span.msoDel { text-decoration: line-through; color: red; }div.Section0 { page: Section0; }四台虚拟机:
172.25.254.46faoundation46.ilt.example.com
172.25.254.131vm1.wang.comsalt-master
172.25.254.132vm2.wang.comsalt-minion、nginx
172.25.254.133vm3.wang.comsalt-minion、nginx
172.25.254.134vm4.wang.comsalt-minion、haproxy
# tree .
.
|-- haproxy
| |-- files
| | |-- haproxy-1.7.5.tar.gz
| | |-- haproxy.cfg
| | `-- haproxy.init
| |-- install.sls
| `-- service.sls
|-- httpd
| |-- apache.sls
| `-- files
| `-- httpd.conf
`-- nginx
|-- files
| |-- nginx
| |-- nginx-1.10.1.tar.gz
| `-- nginx.conf
|-- install.sls
`-- service.sls
6 directories, 12 files
# ls
filesinstall.slsservice.sls
# ls
nginxnginx-1.10.1.tar.gznginx.conf
# cat nginx##/etc/init.d/nginx启动文件
#!/bin/sh
#
# nginx Startup script for nginx
#
# chkconfig: - 85 15
# processname: nginx
# config: /etc/nginx/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/nginx.pid
# description: nginx is an HTTP and reverse proxy server
#
### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $local_fs $remote_fs $network
# Required-Stop: $local_fs $remote_fs $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop nginx
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
if [ -L $0 ]; then
initscript=`/bin/readlink -f $0`
else
initscript=$0
fi
#
#sysconfig=`/bin/basename $initscript`
#
#if [ -f /etc/sysconfig/$sysconfig ]; then
# . /etc/sysconfig/$sysconfig
#fi
nginx=${NGINX-/usr/local/nginx/sbin/nginx}
prog=`/bin/basename $nginx`
conffile=${CONFFILE-/usr/local/nginx/conf/nginx.conf}
lockfile=${LOCKFILE-/var/lock/subsys/nginx}
pidfile=${PIDFILE-/usr/local/nginx/logs/nginx.pid}
SLEEPMSEC=${SLEEPMSEC-200000}
UPGRADEWAITLOOPS=${UPGRADEWAITLOOPS-5}
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon --pidfile=${pidfile} ${nginx} -c ${conffile}
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} ${prog}
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
echo -n $"Reloading $prog: "
killproc -p ${pidfile} ${prog} -HUP
RETVAL=$?
echo
}
upgrade() {
oldbinpidfile=${pidfile}.oldbin
configtest -q || return
echo -n $"Starting new master $prog: "
killproc -p ${pidfile} ${prog} -USR2
echo
for i in `/usr/bin/seq $UPGRADEWAITLOOPS`; do
/bin/usleep $SLEEPMSEC
if [ -f ${oldbinpidfile} -a -f ${pidfile} ]; then
echo -n $"Graceful shutdown of old $prog: "
killproc -p ${oldbinpidfile} ${prog} -QUIT
RETVAL=$?
echo
return
fi
done
echo $"Upgrade failed!"
RETVAL=1
}
configtest() {
if [ "$#" -ne 0 ] ; then
case "$1" in
-q)
FLAG=$1
;;
*)
;;
esac
shift
fi
${nginx} -t -c ${conffile} $FLAG
RETVAL=$?
return $RETVAL
}
rh_status() {
status -p ${pidfile} ${nginx}
}
# See how we were called.
case "$1" in
start)
rh_status >/dev/null 2>&1 && exit 0
start
;;
stop)
stop
;;
status)
rh_status
RETVAL=$?
;;
restart)
configtest -q || exit $RETVAL
stop
start
;;
upgrade)
rh_status >/dev/null 2>&1 || exit 0
upgrade
;;
condrestart|try-restart)
if rh_status >/dev/null 2>&1; then
stop
start
fi
;;
force-reload|reload)
reload
;;
configtest)
configtest
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|upgrade|reload|status|help|configtest}"
RETVAL=2
esac
exit $RETVAL
# cat install.sls##安装
nginx-install:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
file.managed:
- name: /mnt/nginx-1.10.1.tar.gz
- source: salt://nginx/files/nginx-1.10.1.tar.gz
cmd.run:
- name: cd /mnt;tar zxf nginx-1.10.1.tar.gz;cd nginx-1.10.1;./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-file-aio --with-threads &> /dev/null && make&> /dev/null && make install&> /dev/null
- creates: /usr/local/nginx
# cat service.sls ##服务
include:
- nginx.install
nginx-config:
file.managed:
- name: /usr/local/nginx/conf/nginx.conf
- source: salt://nginx/files/nginx.conf
nginx-init:
file.managed:
- name: /etc/init.d/nginx
- source: salt://nginx/files/nginx
- mode: 755
cmd.run:
- name: chkconfig --add nginx
- unless: chkconfig --list nginx
- require:
- file: nginx-init
service.running:
- name: nginx
- enable: True
- reload: True
- watch:
- file: nginx-config
# salt 'vm2.wang.com' state.sls nginx.service
# salt 'vm3.wang.com' state.sls nginx.service
# cd haproxy/
# ls
haproxy-1.7.5.tar.gzhaproxy.cfghaproxy.init
# cat haproxy.cfg##haproxy配置文件
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
chroot /usr/share/haproxy
uid 99
gid 99
daemon
nbproc1
#debug
#quiet
defaults
log global
mode http
optionhttplog
optiondontlognull
retries 3
option redispatch # 自动重定向到健康机器
maxconn 2000
timeout check 2000ms # 检查超时
timeout connect 5000ms # 连接超时
timeout client 50000ms # 客户端连接超时
timeout server 50000ms # 服务端连接超时
listen westos
bind 0.0.0.0:80##这样写解决这个报错 105/010627 (10606) : parsing : 'listen' cannot handle unexpected argument ':80'.
mode http
balance roundrobin
stats uri /ha_status
option httpclose
option forwardfor
server web1 172.25.254.132:80 check weight 1 minconn 1 maxconn 3 check inter 40000
server web2 172.25.254.133:80 check weight 1 minconn 1 maxconn 3 check inter 40000
#配置控制台
listen payserver
bind 0.0.0.0:8080
mode http
transparent
stats uri / haproxy-stats
stats realm Haproxy \ statistic
stats auth admin:admin
# cat haproxy.init##/etc/init.d/启动文件
##sed -i 's/\/usr\/sbin\/'\$BASENAME'/\/usr\/local\/haproxy\/sbin\/'\$BASENAME'/g' haproxy.init##修改路径
#!/bin/sh
#
# chkconfig: - 85 15
# description: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited \
# for high availability environments.
# processname: haproxy
# config: /etc/haproxy/haproxy.cfg
# pidfile: /var/run/haproxy.pid
# Script Author: Simon Matter <simon.matter@invoca.ch>
# Version: 2004060600
# Source function library.
if [ -f /etc/init.d/functions ]; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 0
fi
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# This is our service name
BASENAME=`basename $0`
if [ -L $0 ]; then
BASENAME=`find $0 -name $BASENAME -printf %l`
BASENAME=`basename $BASENAME`
fi
BIN=/usr/local/haproxy/sbin/$BASENAME
CFG=/etc/$BASENAME/$BASENAME.cfg
[ -f $CFG ] || exit 1
PIDFILE=/var/run/$BASENAME.pid
LOCKFILE=/var/lock/subsys/$BASENAME
RETVAL=0
start() {
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
echo -n "Starting $BASENAME: "
daemon $BIN -D -f $CFG -p $PIDFILE
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $LOCKFILE
return $RETVAL
}
stop() {
echo -n "Shutting down $BASENAME: "
killproc $BASENAME -USR1
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $LOCKFILE
[ $RETVAL -eq 0 ] && rm -f $PIDFILE
return $RETVAL
}
restart() {
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
stop
start
}
reload() {
if ! [ -s $PIDFILE ]; then
return 0
fi
quiet_check
if [ $? -ne 0 ]; then
echo "Errors found in configuration file, check it with '$BASENAME check'."
return 1
fi
$BIN -D -f $CFG -p $PIDFILE -sf $(cat $PIDFILE)
}
check() {
$BIN -c -q -V -f $CFG
}
quiet_check() {
$BIN -c -q -f $CFG
}
rhstatus() {
status $BASENAME
}
condrestart() {
[ -e $LOCKFILE ] && restart || :
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
condrestart)
condrestart
;;
status)
rhstatus
;;
check)
check
;;
*)
echo $"Usage: $BASENAME {start|stop|restart|reload|condrestart|status|check}"
exit 1
esac
exit $?
# cat install.sls
haproxy-install:
pkg.installed:
- pkgs:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
file.managed:
- name:/usr/local/src/haproxy-1.7.5.tar.gz
- source: salt://haproxy/files/haproxy-1.7.5.tar.gz
# - mode: 755
# - user: root
# - group: root
cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.7.5.tar.gz && cd haproxy-1.7.5 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy && mkdir /etc/haproxy/ && mkdir /usr/share/haproxy
- create: /usr/local/haproxy
# cat service.sls
include:
- haproxy.install
haproxy-config:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://haproxy/files/haproxy.cfg
- mode: 644
haproxy-init:
file.managed:
- name: /etc/init.d/haproxy
- source: salt://haproxy/files/haproxy.init
- mode: 755
cmd.run:
- name: chkconfig -add haproxy
- unless: chkconfig --list haproxy
- require:
- file: haproxy-init
service.running:
- name: haproxy
- enable: True
- reload: True
- watch:
- file: haproxy-config
# salt 'vm4.wang.com' state.sls haproxy.service
vm4.wang.com:
----------
ID: haproxy-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 01:18:50.923249
Duration: 401.929 ms
Changes:
----------
ID: haproxy-install
Function: file.managed
Name: /usr/local/src/haproxy-1.7.5.tar.gz
Result: True
Comment: File /usr/local/src/haproxy-1.7.5.tar.gz is in the correct state
Started: 01:18:51.327769
Duration: 82.169 ms
Changes:
----------
ID: haproxy-install
Function: cmd.run
Name: cd /usr/local/src && tar zxf haproxy-1.7.5.tar.gz && cd haproxy-1.7.5 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy && mkdir /etc/haproxy/ && mkdir /usr/share/haproxy
Result: True
Comment: Command "cd /usr/local/src && tar zxf haproxy-1.7.5.tar.gz && cd haproxy-1.7.5 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy && mkdir /etc/haproxy/ && mkdir /usr/share/haproxy" run
Started: 01:18:51.410753
Duration: 27129.509 ms
Changes:
----------
pid:
11427
retcode:
0
stderr:
stdout:
......
install -m 644 doc/$x.txt "/usr/local/haproxy/doc/haproxy" ; \
done
----------
ID: haproxy-config
Function: file.managed
Name: /etc/haproxy/haproxy.cfg
Result: True
Comment: File /etc/haproxy/haproxy.cfg updated
Started: 01:19:18.540559
Duration: 349.761 ms
Changes:
----------
diff:
New file
mode:
0644
----------
ID: haproxy-init
Function: file.managed
Name: /etc/init.d/haproxy
Result: True
Comment: File /etc/init.d/haproxy is in the correct state
Started: 01:19:18.890455
Duration: 42.064 ms
Changes:
----------
ID: haproxy-init
Function: cmd.run
Name: chkconfig -add haproxy
Result: True
Comment: unless execution succeeded
Started: 01:19:18.933211
Duration: 7.042 ms
Changes:
----------
ID: haproxy-init
Function: service.running
Name: haproxy
Result: True
Comment: Service haproxy is already enabled, and is running
Started: 01:19:18.941783
Duration: 111.078 ms
Changes:
----------
haproxy:
True
Summary for vm4.wang.com
------------
Succeeded: 7 (changed=3)
Failed: 0
------------
Total states run: 7
Total run time:28.124 s##直接在vm4上启动HAPROXY
#/etc/init.d/haproxy status
haproxy (pid11766) 正在运行...
# vim /usr/local/nginx/conf/nginx.conf
45 indexhost.html index.html index.htm;
# cd /usr/local/nginx/html/
# vim host.html
vm2.wang.com
# /etc/init.d/nginx start
@font-face {font-family: "Times New Roman";}@font-face {font-family: "宋体";}@font-face {font-family: "Calibri";}p.MsoNormal { margin: 0 0 0; text-align: justify; font-family: Calibri; font-size: 14px; }span.msoIns { text-decoration: underline; color: blue; }span.msoDel { text-decoration: line-through; color: red; }div.Section0 { page: Section0; }
# vim /usr/local/nginx/conf/nginx.conf
45 indexhost.html index.html index.htm;
# cd /usr/local/nginx/html/
# vim host.html
Vm3.wang.com
# /etc/init.d/nginx start
@font-face {font-family: "Times New Roman";}@font-face {font-family: "宋体";}@font-face {font-family: "Calibri";}p.MsoNormal { margin: 0 0 0; text-align: justify; font-family: Calibri; font-size: 14px; }span.msoIns { text-decoration: underline; color: blue; }span.msoDel { text-decoration: line-through; color: red; }div.Section0 { page: Section0; }
测试:
# for i in {1..10};do curl 172.25.254.134;done
vm2.wang.com
vm3.wang.com
vm2.wang.com
vm3.wang.com
vm2.wang.com
vm3.wang.com
vm2.wang.com
vm3.wang.com
vm2.wang.com
vm3.wang.com
页:
[1]