saltstack实现一键部署keepalived+haproxy的高可用负载均衡集群

本文主要是介绍saltstack实现一键部署keepalived+haproxy的高可用负载均衡集群，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

配置环境

主机名	ip	服务
server1	172.25.1.1	salt-master、salt-minion haproxy、keepalived
server2	172.25.1.2	salt-minion , httpd
server3	172.25.1.3	salt-minion , nginx
server4	172.25.1.4	salt-minion , haproxy、keepalived

---

此文章只针对keepalived的自动化部署
httpd，nginx部署参考
https://blog.csdn.net/u010489158/article/details/83757043
haproxy部署参考
https://blog.csdn.net/u010489158/article/details/83831040

---

keepalived的安装部署

创建salt脚本存放目录

[root@server1 salt]# cd /srv/salt
[root@server1 salt]# mkdir keepalived
[root@server1 keepalived]# mkdir file   #配置文件和软件包存放目录

编辑安装脚本

[root@server1 keepalived]# vim make.sls    #编辑安装脚本 
include:- haproxy.yum    #使用了haproxy中的yum源安装脚本/mnt/libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm:    #依赖性,镜像中没有,因此需要手动装file.managed:- source: salt://keepalived/file/libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm
keepalived-install:pkg.installed:   #依赖性- pkgs:- libnl-devel- openssl-devel- iptables-devel- gccfile.managed:    #keepalived的安装包- name: /mnt/keepalived-2.0.6.tar.gz- source: salt://keepalived/file/keepalived-2.0.6.tar.gzcmd.run:   #需要执行的shell命令- name: cd /mnt && yum install -y libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV && make && make install - create: /usr/local/keepalived    #如果此目录存在则不进行安装/etc/keepalived:    #修改文件权限file.directory:- mode: 755/etc/sysconfig/keepalived:    #创建文件软链接,将target中的目录链接到此位置file.symlink:- target: /usr/local/keepalived/etc/sysconfig/keepalived/sbin/keepalived:file.symlink:- target: /usr/local/keepalived/sbin/keepalived

keepalived服务的启动脚本

[root@server1 keepalived]# vim service.sls 
include:- keepalived.make    #包含了keepalived的安装脚本,实现一键部署
/etc/keepalived/keepalived.conf:file.managed:    #文件管理- source: salt://keepalived/file/keepalived.conf- template: jinja   #使用了jinja模块- context:STATE: {{ pillar['state'] }}    #使用了pillar定义变量PRIORITY: {{ pillar['priority'] }}
/opt/check_haproxy.sh:file.managed:- source: salt://keepalived/file/check_haproxy.sh- mode: 755
keepalived-service:file.managed:- name: /etc/init.d/keepalived- source: salt://keepalived/file/keepalived- mode: 755service.running:- enable: keepalived- name: keepalived- reload: True- watch: - file: /etc/keepalived/keepalived.conf

keepalived脚本中需要的file

[root@server1 file]# cd /srv/salt/keepalived/file
[root@server1 file]# ls
check_haproxy.sh         keepalived.conf
keepalived               libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm
keepalived-2.0.6.tar.gz

keepalived中对haproxy的健康检查脚本

[root@server1 file]# cat check_haproxy.sh  
#!bin/bash/etc/init.d/haproxy status &> /dev/null || /etc/init.d/haproxy restart &> /dev/null
# 如果haproxy的状态是打开的，不做任何事情，如果haproxy的状态是关闭的，那么重新打开haproxy
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop &> /dev/null
fi
# 如果重新打开haproxy的操作返回值非0，那么说明haproxy出现故障，此时由脚本关闭keepalived，将提供服务的节点转移

keepalived的配置文件

[root@server1 file]# cat keepalived.conf 
! Configuration File for keepalivedglobal_defs {notification_email {root@localhost}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 127.0.0.1smtp_connect_timeout 30router_id LVS_DEVELvrrp_skip_check_adv_addr#vrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_script check_haproxy {   script "/opt/check_haproxy.sh"interval 2 weight 2
}vrrp_instance VI_1 {state {{ STATE }}    #pillar值interface eth0virtual_router_id 51 priority {{ PRIORITY }}   #pillar值advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.25.1.100}track_script {   #需要写在vip的后面check_haproxy}
}}

keepalived的启动脚本

[root@server1 file]# cat keepalived
#!/bin/sh
#
# Startup script for the Keepalived daemon
#
# processname: keepalived
# pidfile: /var/run/keepalived.pid
# config: /etc/keepalived/keepalived.conf
# chkconfig: - 21 79
# description: Start and stop Keepalived# Source function library
. /etc/rc.d/init.d/functions# Source configuration file (we set KEEPALIVED_OPTIONS there)
. /etc/sysconfig/keepalivedRETVAL=0prog="keepalived"start() {echo -n $"Starting $prog: "daemon keepalived ${KEEPALIVED_OPTIONS}RETVAL=$?echo[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
}stop() {echo -n $"Stopping $prog: "killproc keepalivedRETVAL=$?echo[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
}reload() {echo -n $"Reloading $prog: "killproc keepalived -1RETVAL=$?echo
}# See how we were called.
case "$1" instart)start;;stop)stop;;reload)reload;;restart)stopstart;;condrestart)if [ -f /var/lock/subsys/$prog ]; thenstopstartfi;;status)status keepalivedRETVAL=$?;;*)echo "Usage: $0 {start|stop|reload|restart|condrestart|status}"RETVAL=1
esacexit $RETVAL

keepalived中需要用到的pillar定义

[root@server1 web]# vim /srv/pillar/web/install.sls
{% if grains['fqdn'] == 'server1' %}
state: MASTER
priority: 100
{% elif grains['fqdn'] == 'server4' %}
state: BACKUP
priority: 50
{% endif %}

[root@server1 pillar]# cd /srv/pillar
[root@server1 pillar]# vim top.sls 
base:'*':- web.install

全局推送脚本

[root@server1 salt]# vim /srv/salt/top.sls 
base:'server1':- haproxy.service- keepalived.service'server4':- haproxy.service- keepalived.service'server2':- apache.install'server3':- nginx.service[root@server1 salt]# salt '*' state.highstate 

---

测试

访问vip,实现了nginx和apache轮询访问

[root@foundation1 ~]# curl 172.25.1.100
this is nginx!!!!
[root@foundation1 ~]# curl 172.25.1.100
this is apache
[root@foundation1 ~]# curl 172.25.1.100
this is nginx!!!!
[root@foundation1 ~]# curl 172.25.1.100
this is apache
[root@foundation1 ~]# curl 172.25.1.100
this is nginx!!!!

vip添加到了master(server1)中

[root@server1 salt]# ip add show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 52:54:00:37:6b:32 brd ff:ff:ff:ff:ff:ffinet 172.25.1.1/24 brd 172.25.1.255 scope global eth0inet 172.25.1.100/32 scope global eth0inet6 fe80::5054:ff:fe37:6b32/64 scope link valid_lft forever preferred_lft forever

keepalived中对haproxy健康检查脚本

[root@server1 ~]# /etc/init.d/haproxy stop
Shutting down haproxy:                                     [确定]
[root@server1 ~]# /etc/init.d/haproxy status   #发现停掉haproxy以后,服务自动启动
haproxy (pid  13370) 正在运行...

使haproxy无法自动启动

[root@server1 init.d]# mv haproxy /mnt
[root@server1 mnt]# ./haproxy stop
Shutting down haproxy:                                     [确定]
[root@server1 mnt]# ./haproxy status
haproxy 已停
[root@server1 mnt]# ip add   #vip转移
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 52:54:00:37:6b:32 brd ff:ff:ff:ff:ff:ffinet 172.25.1.1/24 brd 172.25.1.255 scope global eth0inet6 fe80::5054:ff:fe37:6b32/64 scope link valid_lft forever preferred_lft forever##vip转移到server4中
[root@server4 rpmbuild]# ip add show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 52:54:00:59:6c:d8 brd ff:ff:ff:ff:ff:ffinet 172.25.1.4/24 brd 172.25.1.255 scope global eth0inet 172.25.1.100/32 scope global eth0inet6 fe80::5054:ff:fe59:6cd8/64 scope link valid_lft forever preferred_lft forever

这篇关于saltstack实现一键部署keepalived+haproxy的高可用负载均衡集群的文章就介绍到这儿，希望我们推荐的文章对编程师们有所帮助！

---