文章目錄
- 1.haproxy部署負載均衡的實作
- 2.haproxy+keepalived高可用的實作
1.haproxy部署負載均衡的實作
實驗說明
server | 角色 | ip |
---|---|---|
server1 | salt-master | 172.25.3.1 |
server2 | salt-minion(nginx) | 172.25.3.2 |
server3 | salt-minion(apache) | 172.25.3.3 |
server4 | salt-minion(haproxy) | 172.25.3.4 |
部署實作
(1) salt節點配置
- 在salt-minion端配置
[[email protected] apache]# vi /etc/salt/minion
master: 172.25.3.1
[[email protected] apache]# systemctl start salt-minion
- master授權
[[email protected] salt]# salt-key -a server4
(2)建立haproxy、nginx、apache角色,開始部署haproxy的負載均衡
haproxy:
- 建立haproxy角色
[[email protected] salt]# mkdir haproxy
[[email protected] salt]# cd haproxy
[[email protected] haproxy]# pwd
/srv/salt/haproxy
[[email protected] haproxy]# mkdir files
[[email protected] haproxy]# ls
files install.sls
- 編寫安裝haproxy的sls檔案
[[email protected] haproxy]# vim install.sls ##安裝haproxy
haproxy-install:
pkg.installed:
- name: haproxy
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://haproxy/files/haproxy.cfg
service.running:
- name: haproxy
- reload: true
- watch:
- file: haproxy-install
- haproxy配置檔案準備
[[email protected] haproxy]# ls files
haproxy.cfg
nginx:
- 建立nginx角色
[[email protected] salt]# mkdir nginx
[[email protected] salt]# cd nginx
[[email protected] nginx]# pwd
/srv/salt/nginx
[[email protected] nginx]# mkdir files
[[email protected] nginx]# ls
files install.sls
- 編寫install.sls nginx安裝檔案
[[email protected] nginx]# vi install.sls
nginx-install:
pkg.installed: ##nginx依賴包的安裝
- pkgs:
- gcc
- openssl-devel
- pcre-devel
file.managed: ##安裝包的擷取
- name: /mnt/nginx-1.17.4.tar.gz
- source: salt://nginx/files/nginx-1.17.4.tar.gz
cmd.run: ##nginx的安裝編譯
- name: cd /mnt && tar zxf nginx-1.17.4.tar.gz && cd nginx-1.17.4 && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module &> /dev/null && make &> /dev/null && make install &> /dev/null && useradd -s /sbin/nologin nginx
- creates: /usr/local/nginx
- nginx的systemd設定 服務的配置(安裝配置一體化)
[[email protected] nginx]# vi service.sls
include:
- nginx.install ##将安裝檔案導入
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
nginx-service:
file.managed:
- name: /usr/lib/systemd/system/nginx.service ##systemctl 設定
- source: salt://nginx/files/nginx.service
service.running:
- name: nginx
- reload: true
- watch:
- file: /usr/local/nginx/conf/nginx.conf
- nginx需要檔案的準備
[[email protected] nginx]# ls
files install.sls service.sls
[[email protected] nginx]# cd files
[[email protected] files]# ls
nginx-1.17.4.tar.gz nginx.conf nginx.service
[[email protected] files]# pwd
/srv/salt/nginx/files
[[email protected] files]# vi nginx.service
[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx -t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target
[[email protected] files]# vi nginx.conf ##配置檔案修改
2 user nginx nginx;
3 worker_processes auto;
apache:
- apache角色的建立
[[email protected] salt]# mkdir apache
[[email protected] salt]# cd apache
[[email protected] apache]# pwd
/srv/salt/apache
[[email protected] apache]# mkdir files
[[email protected] apache]# ls
files install.sls
- apache部署檔案(apache.sls)的編寫
[[email protected] apache]# vi apache.sls
apache-install: ##唯一性聲明
pkg.installed: ##調用子產品
- pkgs:
- httpd
- httpd-tools
file.managed:
- name: /etc/httpd/conf/httpd.conf
- source: salt://apache/files/httpd.conf
service.running:
- name: httpd
- reload: true
- watch: ##監控當apache配置檔案發生改變,就reload重新開機服務
- file: apache-install
- apache 需要檔案的配置
[[email protected] files]# pwd
/srv/salt/apache/files
[[email protected] files]# ls
httpd.conf
(3)編寫角色執行頂級top.sls檔案
[[email protected] salt]# pwd
/srv/salt
[[email protected] salt]# vim top.sls
base:
'server2':
- nginx.service
'server3':
- apache.apache
'server4':
- haproxy.install
(4)執行部署
[[email protected] salt]# salt '*' state.highstate
實作效果:
在浏覽器通路haproxy 主機不斷重新整理 看到負載均衡效果實作
健康檢查:
當server3上的apache服務當機後,自動檢測:
[[email protected] yum.repos.d]# systemctl stop httpd
2.haproxy+keepalived高可用的實作
實驗說明:
server | 角色 | ip |
---|---|---|
server1 | salt-master | 172.25.3.1 |
server2 | salt-minion(nginx) | 172.25.3.2 |
server3 | salt-minion(apache) | 172.25.3.3 |
server4 | salt-minion(haproxy+keepalived-slave) | 172.25.3.4 |
server5 | salt-minion(keepalived-master) | 172.25.3.5 |
部署實作:
基于haproxy部署實作
(1)salt節點部署
- 在server5加入salt-master
[[email protected] ~]# yum install -y salt-minion
[[email protected] ~]# vi /etc/salt/minion
16 master: 172.25.3.1
[[email protected] ~]# systemctl start salt-minion
- 在server1授權
[[email protected] files]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.3.2 server2
172.25.3.3 server3
172.25.3.1 server1
172.25.3.4 server4
172.25.3.5 server5
[[email protected] files]# salt-key -a server5
The following keys are going to be accepted:
Unaccepted Keys:
server5
Proceed? [n/Y] y
Key for minion server5 accepted.
(2)建立keepalived角色
[[email protected] salt]# pwd
/srv/salt
[[email protected] salt]# mkdir keepalived
[[email protected] salt]# ls
apache haproxy keepalived nginx top.sls
[[email protected] salt]# cd keepalived/
[[email protected] keepalived]# mkdir files
[[email protected] keepalived]# ls
files
(3)編寫keepalived安裝檔案
[[email protected] keepalived]# vi install.sls
keepalived-install:
pkg.installed:
- pkgs:
- keepalived
file.managed:
- name: /etc/keepalived/keepalived.conf
- source: salt://keepalived/files/keepalived.conf
- template: jinja ##使用jinjia 模闆
{% if grains['fqdn'] == 'server4' %}
- STATE: MASTER
- PRIORITY: 100
{% elif grains['fqdn'] == 'server5' %}
- STATE: BACKUP
- PRIORITY: 50
{% endif %}
service.running:
- name: keepalived
- reload: true
- watch:
- file: keepalived-install
(4)keepalived配置檔案參數修改
[[email protected] files]# pwd
/srv/salt/keepalived/files
[[email protected] files]# vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script check_haproxy {
scripts "/opt/check_haproxy.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id 51
priority {{ PRIORITY }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.3.100
}
track_script {
check_haproxy
}
}
}
(5)編寫頂級top.sls角色執行檔案
[[email protected] salt]# vi top.sls
base:
'server2':
- nginx.service
'server3':
- apache.apache
'server4':
- haproxy.install
- keepalived.install
'server5':
- haproxy.install
- keepalived.install
(6)執行推送
[[email protected] salt]# salt '*' state.highstate
(7)實作效果
在keepalived-master上出現vip
在浏覽器中通路vip:
重新整理:
nginx端和apache端輪詢排程
- 當keepalived-master當機時,實作vip飄移