a22.ansible 生产实战案例 --haproxy playbook

企业开发 2022-03-23 12:15:48 阅读次数: 0

haproxy playbook

[root@ansible-server ansible]# mkdir -p playbook/haproxy
[root@ansible-server ansible]# cd playbook/haproxy/

[root@ansible-server haproxy]# mkdir files
[root@ansible-server haproxy]# wget http://www.lua.org/ftp/lua-5.4.3.tar.gz -P files/
[root@ansible-server haproxy]# wget https://www.haproxy.org/download/2.4/src/haproxy-2.4.10.tar.gz -P files/

[root@ansible-server haproxy]# vim files/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q
ExecStart=/usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
ExecReload=/bin/kill -USR2 $MAINPID

[Install]
WantedBy=multi-user.target

[root@ansible-server haproxy]# vim vars.yml
SRC_DIR: /usr/local/src
LUA_FILE: lua-5.4.3.tar.gz
HAPROXY_FILE: haproxy-2.4.10.tar.gz
HAPROXY_INSTALL_DIR: /apps/haproxy
STATS_AUTH_USER: admin
STATS_AUTH_PASSWORD: 123456

[root@ansible-server haproxy]# mkdir templates
[root@ansible-server haproxy]# vim templates/haproxy.cfg.j2
global
maxconn 100000
chroot {
    
    {
    
     HAPROXY_INSTALL_DIR }}
stats socket /var/lib/haproxy/haproxy.sock mode 600 level admin
uid 99
gid 99
daemon
#nbproc 4
#cpu-map 1 0
#cpu-map 2 1
#cpu-map 3 2
#cpu-map 4 3
pidfile /var/lib/haproxy/haproxy.pid
log 127.0.0.1 local3 info

defaults
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 300000ms
timeout client 300000ms
timeout server 300000ms

listen stats
    mode http
    bind 0.0.0.0:9999
    stats enable
    log global
    stats uri /haproxy-status
    stats auth {
    
    {
    
     STATS_AUTH_USER }}:{
    
    {
    
     STATS_AUTH_PASSWORD }}

[root@ansible-server haproxy]# vim install_haproxy.yml
---
- hosts: all
  vars_files:
    vars.yml

  tasks:
    - name: install CentOS or Rocky depend on the package
      yum:
        name: gcc,make,gcc-c++,glibc,glibc-devel,pcre,pcre-devel,openssl,openssl-devel,systemd-devel,libtermcap-devel,ncurses-devel,libevent-devel,readline-devel
      when:
        - (ansible_distribution=="CentOS" or ansible_distribution=="Rocky")
    - name: delete lock files
      file:
        path: "{
    
    { item }}"
        state: absent
      loop:
        - /var/lib/dpkg/lock
        - /var/lib/apt/lists/lock
        - /var/cache/apt/archives/lock
      when:
        - ansible_distribution=="Ubuntu"
    - name: apt update
      apt:
        update_cache: yes 
        force: yes 
      when:
        - ansible_distribution=="Ubuntu"
    - name: install Ubuntu depend on the package
      apt:
        name: gcc,make,openssl,libssl-dev,libpcre3,libpcre3-dev,zlib1g-dev,libreadline-dev,libsystemd-dev
        force: yes 
      when:
        - ansible_distribution=="Ubuntu"
    - name: unarchive lua package
      unarchive:
        src: "{
    
    { LUA_FILE }}"
        dest: "{
    
    { SRC_DIR }}"
    - name: get LUA_DIR directory
      shell:
        cmd: echo {
    
    {
    
     LUA_FILE }} | sed -nr 's/^(.*[0-9]).([[:lower:]]).*/\1/p'
      register: LUA_DIR
    - name: Build and install lua
      shell: 
        chdir: "{
    
    { SRC_DIR }}/{
    
    { LUA_DIR.stdout }}"
        cmd: make all test
    - name: unarchive haproxy package
      unarchive:
        src: "{
    
    { HAPROXY_FILE }}"
        dest: "{
    
    { SRC_DIR }}"
    - name: get HAPROXY_DIR directory
      shell:
        cmd: echo {
    
    {
    
     HAPROXY_FILE }} | sed -nr 's/^(.*[0-9]).([[:lower:]]).*/\1/p'
      register: HAPROXY_DIR
    - name: make Haproxy
      shell: 
        chdir: "{
    
    { SRC_DIR }}/{
    
    { HAPROXY_DIR.stdout }}"
        cmd: make -j {
    
    {
    
     ansible_processor_vcpus }} ARCH=x86_64 TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_SYSTEMD=1 USE_CPU_AFFINITY=1 USE_LUA=1 LUA_INC={
    
    {
    
     SRC_DIR }}/{
    
    {
    
     LUA_DIR.stdout }}/src/ LUA_LIB={
    
    {
    
     SRC_DIR }}/{
    
    {
    
     LUA_DIR.stdout }}/src/ PREFIX={
    
    {
    
     HAPROXY_INSTALL_DIR }}
    - name: make install Haproxy
      shell: 
        chdir: "{
    
    { SRC_DIR }}/{
    
    { HAPROXY_DIR.stdout }}"
        cmd: make install PREFIX={
    
    {
    
     HAPROXY_INSTALL_DIR }}
    - name: copy haproxy.service file
      copy:
        src: haproxy.service
        dest: /lib/systemd/system
    - name: create haproxy link
      file:
        src: "../..{
    
    { HAPROXY_INSTALL_DIR }}/sbin/{
    
    { item.src }}"
        dest: "/usr/sbin/{
    
    { item.src }}"
        state: link
        owner: root
        group: root
        mode: 755
        force: yes   
      with_items:
        - src: haproxy
    - name: create /etc/haproxy directory
      file:
        path: /etc/haproxy
        state: directory
    - name: create /var/lib/haproxy/ directory
      file:
        path: /var/lib/haproxy/
        state: directory
    - name: copy haproxy.cfg file
      template:
        src: haproxy.cfg.j2
        dest: /etc/haproxy/haproxy.cfg
    - name: Add the kernel
      sysctl:
        name: net.ipv4.ip_nonlocal_bind
        value: "1"
    - name: PATH variable
      copy:
        content: 'PATH={
    
    { HAPROXY_INSTALL_DIR }}/sbin:$PATH'
        dest: /etc/profile.d/haproxy.sh
    - name: PATH variable entry
      shell:
        cmd: . /etc/profile.d/haproxy.sh
    - name: start haproxy
      systemd:
        name: haproxy
        state: started
        enabled: yes
        daemon_reload: yes

[root@ansible-server haproxy]# cd ../../
[root@ansible-server ansible]# ansible-playbook playbook/haproxy/install_haproxy.yml 

PLAY [all] ************************************************************************************************************************************

TASK [Gathering Facts] ************************************************************************************************************************
ok: [172.31.0.103]
ok: [172.31.0.101]
ok: [172.31.0.102]
ok: [172.31.0.105]
ok: [172.31.0.104]

TASK [install CentOS or Rocky depend on the package] ******************************************************************************************
skipping: [172.31.0.104]
skipping: [172.31.0.105]
changed: [172.31.0.103]
changed: [172.31.0.102]
changed: [172.31.0.101]

TASK [delete lock files] **********************************************************************************************************************
skipping: [172.31.0.102] => (item=/var/lib/dpkg/lock) 
skipping: [172.31.0.102] => (item=/var/lib/apt/lists/lock) 
skipping: [172.31.0.102] => (item=/var/cache/apt/archives/lock) 
skipping: [172.31.0.101] => (item=/var/lib/dpkg/lock) 
skipping: [172.31.0.101] => (item=/var/lib/apt/lists/lock) 
skipping: [172.31.0.101] => (item=/var/cache/apt/archives/lock) 
skipping: [172.31.0.103] => (item=/var/lib/dpkg/lock) 
skipping: [172.31.0.103] => (item=/var/lib/apt/lists/lock) 
skipping: [172.31.0.103] => (item=/var/cache/apt/archives/lock) 
changed: [172.31.0.104] => (item=/var/lib/dpkg/lock)
changed: [172.31.0.105] => (item=/var/lib/dpkg/lock)
changed: [172.31.0.105] => (item=/var/lib/apt/lists/lock)
changed: [172.31.0.104] => (item=/var/lib/apt/lists/lock)
changed: [172.31.0.105] => (item=/var/cache/apt/archives/lock)
changed: [172.31.0.104] => (item=/var/cache/apt/archives/lock)

TASK [apt update] *****************************************************************************************************************************
skipping: [172.31.0.101]
skipping: [172.31.0.102]
skipping: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]

TASK [install Ubuntu depend on the package] ***************************************************************************************************
skipping: [172.31.0.101]
skipping: [172.31.0.102]
skipping: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]

TASK [unarchive lua package] ******************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]

TASK [get LUA_DIR directory] ******************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]

TASK [Build and install lua] ******************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]

TASK [unarchive haproxy package] **************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.105]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]

TASK [get HAPROXY_DIR directory] **************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.105]
changed: [172.31.0.101]
changed: [172.31.0.102]

TASK [make Haproxy] ***************************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]

TASK [make install Haproxy] *******************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
changed: [172.31.0.105]

TASK [copy haproxy.service file] **************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]

TASK [create haproxy link] ********************************************************************************************************************
changed: [172.31.0.103] => (item={
    
    'src': 'haproxy'})
changed: [172.31.0.104] => (item={
    
    'src': 'haproxy'})
changed: [172.31.0.102] => (item={
    
    'src': 'haproxy'})
changed: [172.31.0.101] => (item={
    
    'src': 'haproxy'})
changed: [172.31.0.105] => (item={
    
    'src': 'haproxy'})

TASK [create /etc/haproxy directory] **********************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
changed: [172.31.0.105]

TASK [create /var/lib/haproxy/ directory] *****************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]

TASK [copy haproxy.cfg file] ******************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
changed: [172.31.0.105]

TASK [Add the kernel] *************************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]

TASK [PATH variable] **************************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
changed: [172.31.0.105]

TASK [PATH variable entry] ********************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.101]
changed: [172.31.0.102]
changed: [172.31.0.105]

TASK [start haproxy] **************************************************************************************************************************
changed: [172.31.0.103]
changed: [172.31.0.104]
changed: [172.31.0.102]
changed: [172.31.0.101]
changed: [172.31.0.105]

PLAY RECAP ************************************************************************************************************************************
172.31.0.101               : ok=18   changed=17   unreachable=0    failed=0    skipped=3    rescued=0    ignored=0   
172.31.0.102               : ok=18   changed=17   unreachable=0    failed=0    skipped=3    rescued=0    ignored=0   
172.31.0.103               : ok=18   changed=17   unreachable=0    failed=0    skipped=3    rescued=0    ignored=0   
172.31.0.104               : ok=20   changed=19   unreachable=0    failed=0    skipped=1    rescued=0    ignored=0   
172.31.0.105               : ok=20   changed=19   unreachable=0    failed=0    skipped=1    rescued=0    ignored=0 

[root@rocky8-client ~]# systemctl status haproxy
● haproxy.service - HAProxy Load Balancer
   Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled; vendor preset: disabled)
   Active: active (running) since Fri 2021-12-31 22:23:01 CST; 29s ago
  Process: 12170 ExecStartPre=/usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c -q (code=exited, status=0/SUCCESS)
 Main PID: 12173 (haproxy)
    Tasks: 2 (limit: 4783)
   Memory: 35.8M
   CGroup: /system.slice/haproxy.service
           ├─12173 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid
           └─12175 /usr/sbin/haproxy -Ws -f /etc/haproxy/haproxy.cfg -p /var/lib/haproxy/haproxy.pid

Dec 31 22:23:01 rocky8-client.example.local systemd[1]: Starting HAProxy Load Balancer...
Dec 31 22:23:01 rocky8-client.example.local systemd[1]: Started HAProxy Load Balancer.
Dec 31 22:23:01 rocky8-client.example.local haproxy[12173]: [NOTICE]   (12173) : New worker #1 (12175) forked
[root@rocky8-client ~]# ss -ntl
State           Recv-Q           Send-Q                     Local Address:Port                     Peer Address:Port          Process          
LISTEN          0                128                              0.0.0.0:9999                          0.0.0.0:*                              
LISTEN          0                128                              0.0.0.0:22                            0.0.0.0:*                              
LISTEN          0                128                                 [::]:22                               [::]:*  

[root@rocky8-client ~]# ll /usr/sbin |grep haproxy
lrwxrwxrwx  1 root root      31 Dec 31 22:22 haproxy -> ../../apps/haproxy/sbin/haproxy

[root@rocky8-client ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1

在这里插入图片描述

猜你喜欢

转载自blog.csdn.net/qq_25599925/article/details/122267928
今日推荐
Linus “吃狗粮”最积极!
开源日报 | Winamp播放器即将开源;生成式AI之战升级第二轮;Linus“吃狗粮”最积极;AI进入泡沫前期;吴泳铭为阿里云带来了什么?
NetBSD 禁止提交由 AI 生成的代码
Apache Doris 2.0.10 版本正式发布!
开源日报 | 大模型开战;大模型独角兽被曝卖身;周鸿祎建议谷歌开源所有产品;最大开源AI社区提供1000万美元共享GPU
开源日报 | Chrome内置Gemini的意义不在于Gemini;中国AI追随之路的五大误区;ECharts创始人“下海”养鱼;谷歌I/O开发者大会什么都有,只是没有惊喜
微软回应中国区AI团队“打包赴美”传闻
周排行
SVN服务端安装在阿里云
实战 | 相机标定
webpack核心概念
note20——》只要肯低头吃苦,人生就会有救
PAT甲级 1062 Talent and Virtue (25 分)排序
NG Toolset开发笔记--5GNR Resource Grid(26)
如何对待上司
oracle命令
第9章 STL迭代器
logstash使用es映射模板
每日归档
更多
2024-05-20(36)
2024-05-19(0)
2024-05-18(4)
2024-05-17(34)
2024-05-16(6)
2024-05-15(24)
2024-05-14(0)
2024-05-13(18)
2024-05-12(0)
2024-05-11(38)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022