# 环境搭建(rhel6.5):
Server5(master) 172.25.44.5 haproxy
Server6(minion) 172.25.44.6 httpd
Server7(minion) 172.25.44.7 nginx
Server8(minion) 172.25.44.8 keepalived
# Server6,Server7,Server8都要进行以下操作
[root@server8 salt]# vim /etc/yum.repos.d/rhel-source.repo #配置yum源
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.44.250/rhel6.5
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[salt]
name=saltstack
baseurl=http://172.25.44.250/rhel6
enabled=1
gpgcheck=0
[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.44.250/rhel6.5/LoadBalancer
gpgcheck=0
[root@server8 salt]# yum install -y salt-minion
[root@server8 salt]# cd /etc/salt/
[root@server8 salt]# vim minion
16 master: 172.25.44.5
[root@server5 httpd]# salt-key -L ##查看节点
Accepted Keys:
server5
server6
server7
Denied Keys:
Unaccepted Keys:
server8
Rejected Keys:
[root@server5 httpd]# salt-key -a server8 #接受某个minion-key即将server8添加到master集群中
The following keys are going to be accepted:
Unaccepted Keys:
server8
Proceed? [n/Y] Y
Key for minion server8 accepted.
[root@server5 httpd]# salt-key -L
Accepted Keys:
server5
server6
server7
server8
Denied Keys:
Unaccepted Keys:
Rejected Keys:
通过salt批量部署
1.keepalived高可用
# 源码安装keepalive
[root@server5 ~]# cd /srv/salt/
[root@server5 salt]# mkdir keepalived
[root@server5 salt]# pwd
/srv/salt
[root@server5 salt]# cd keepalived/
[root@server5 keepalived]# ls
[root@server5 keepalived]# mkdir files
[root@server5 keepalived]# cd files/
[root@server5 files]# ls
keepalived-2.0.6.tar.gz
[root@server5 files]# cd ..
[root@server5 keepalived]# vim install.sls
1 kp-install:
2 file.managed:
3 - name: /mnt/keepalived-2.0.6.tar.gz
4 - source: salt://keepalived/files/keepalived-2.0.6.tar.gz
[root@server5 keepalived]# salt server8 state.sls keepalived.install
# 在minion端查看,成功推送
[root@server8 salt]# cd /mnt
[root@server8 mnt]# ls
keepalived-2.0.6.tar.gz
[root@server5 keepalived]# cd ..
[root@server5 salt]# ls
_grains haproxy httpd keepalived nginx pkgs top.sls users
[root@server5 salt]# cd pkgs/
[root@server5 pkgs]# ls
make.sls
[root@server5 pkgs]# vim make.sls #源码编译一些依赖性的软件包
1 make-gcc:
2 pkg.installed:
3 - pkgs:
4 - pcre-devel
5 - openssl-devel
6 - gcc
[root@server5 keepalived]# vim install.sls
[root@server5 keepalived]# salt server8 state.sls keepalived.install
# 检测:
[root@server8 mnt]# ps ax
[root@server8 mnt]# ll -d /usr/local/keepalived/ #配置文件生成,表示成功推送
drwxr-xr-x 6 root root 4096 8月 18 10:14 /usr/local/keepalived/
[root@server8 mnt]# cd /usr/local/keepalived/
[root@server8 keepalived]# ls
bin etc sbin share
[root@server8 keepalived]# cd etc/rc.d/
[root@server8 rc.d]# ls
init.d
[root@server8 rc.d]# cd init.d/
[root@server8 init.d]# ls
keepalived
[root@server8 init.d]# scp keepalived [email protected]:/srv/salt/keepalived/files/
[root@server8 init.d]# cd /etc/keepalived
[root@server8 keepalived]# ls
keepalived.conf samples
[root@server8 keepalived]# scp keepalived.conf 172.25.44.5:/srv/salt/keepalived/files/
[root@server5 keepalived]# vim install.sls #添加软连接
[root@server5 keepalived]# salt server8 state.sls keepalived.install #推送
[root@server5 keepalived]# vim service.sls
[root@server5 keepalived]# salt server8 state.sls keepalived.service
# 用pillar设置变量:
[root@server5 keepalived]# cd /srv/pillar/
[root@server5 pillar]# ls
top.sls web
[root@server5 pillar]# mkdir keepalived
[root@server5 pillar]# cd keepalived/
[root@server5 keepalived]# vim install.sls
[root@server5 keepalived]# cd ..
[root@server5 pillar]# vim top.sls #指定minion应用相应的状态文件
1 base:
2 '*':
3 - web.install
4 - keepalived.install
[root@server5 pillar]# cd /srv/salt/keepalived/
[root@server5 keepalived]# ls
files install.sls service.sls
[root@server5 keepalived]# vim service.sls
[root@server5 keepalived]# vim files/keepalived.conf #设置vip
[root@server5 pillar]# salt server8 state.sls keepalived.service
#
#检测 (虚拟ip添加成功)
top 部署haproxy;keepalived高可用负载均衡平台:
2.实现负载均衡
[root@server8 keepalived]# yum install -y mailx #安装邮件工具
[root@server5 pillar]# yum install -y mailx
[root@server5 pillar]# cd /srv/salt/
[root@server5 salt]# ls
_grains haproxy httpd keepalived nginx pkgs top.sls users
[root@server5 salt]# vim top.sls
[root@server5 salt]# salt '*' state.highstate #高级推送,这个是全局的所有环境,以及所有状态都生效,它会读取每一个环境的top.sls,并且对所有sls都生效
测试是否实现负载均衡
3.实现更高级的负载均衡
[root@server5 salt]# cd /opt/
[root@server5 opt]# ls
[root@server5 opt]# vim check_haproxy.sh # 当haproxy服务出现故障时就停止keepalived
[root@server5 opt]# chmod +x check_haproxy.sh #给脚本添加可执行权限
[root@server5 keepalived]# scp /opt/check_haproxy.sh [email protected]:/opt/
[email protected]'s password:
check_haproxy.sh 100% 164 0.2KB/s 00:00
[root@server5 keepalived]# vim /srv/salt/keepalived/files/keepalived.conf
1 ! Configuration File for keepalived
2 vrrp_script check_haproxy{
3 script "/opt/check_haproxy.sh"
4 interval 2
5 weight 2
6 }
7 global_defs {
8 notification_email {
9 root@localhost
10 }
11 notification_email_from keepalived@localhost
12 smtp_server 127.0.0.1
13 smtp_connect_timeout 30
14 router_id LVS_DEVEL
15 vrrp_skip_check_adv_addr
16 #vrrp_strict
17 vrrp_garp_interval 0
18 vrrp_gna_interval 0
19 }
20
21 vrrp_instance VI_1 {
22 state MASTER
23 interface eth0
24 virtual_router_id 44
25 priority 100
26 advert_int 1
27 authentication {
28 auth_type PASS
29 auth_pass 1111
30 }
31 virtual_ipaddress {
32 172.25.44.100
33 }
34 track_script{
35 check_haproxy
36 }
37 }
检测(实现了负载均衡,vip可以随时切换):
[root@server5 keepalived]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@server5 keepalived]# ip addr
[root@server5 ~]# cd /etc/init.d
[root@server5 init.d]# chmod -x haproxy #如果脚本没有可执行权限,判断脚本生效,使得keepalived服务会关闭
[root@server5 init.d]# ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:7a:4e:0c brd ff:ff:ff:ff:ff:ff
inet 172.25.44.5/24 brd 172.25.44.255 scope global eth0
inet 172.25.254.88/32 scope global eth0
inet6 fe80::5054:ff:fe7a:4e0c/64 scope link
valid_lft forever preferred_lft forever
[root@server5 init.d]# chmod -x haproxy
[root@server5 init.d]# ip addr #MASTER会转换到serevr8,server8接管虚拟IP
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:7a:4e:0c brd ff:ff:ff:ff:ff:ff
inet 172.25.44.5/24 brd 172.25.44.255 scope global eth0
inet 172.25.254.88/32 scope global eth0
inet6 fe80::5054:ff:fe7a:4e0c/64 scope link
valid_lft forever preferred_lft forever
# 加回脚本权限,vip又会自动接回
[root@server5 init.d]# chmod +x haproxy
[root@server5 init.d]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server5 init.d]# ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:7a:4e:0c brd ff:ff:ff:ff:ff:ff
inet 172.25.44.5/24 brd 172.25.44.255 scope global eth0
inet 172.25.254.88/32 scope global eth0
inet 172.25.44.100/32 scope global eth0
inet6 fe80::5054:ff:fe7a:4e0c/64 scope link
valid_lft forever preferred_lft forever