SaltStack自动部署之安装配置Haproxy+Keepalived

# 环境搭建（rhel6.5）：
Server5(master)   172.25.44.5  haproxy
Server6(minion)   172.25.44.6  httpd
Server7(minion)   172.25.44.7  nginx 
Server8(minion)   172.25.44.8  keepalived

# Server6，Server7，Server8都要进行以下操作
[root@server8 salt]# vim /etc/yum.repos.d/rhel-source.repo #配置yum源

        [rhel-source]
        name=Red Hat Enterprise Linux $releasever - $basearch - Source
        baseurl=http://172.25.44.250/rhel6.5
        enabled=1
        gpgcheck=1
        gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release


        [salt]
        name=saltstack
        baseurl=http://172.25.44.250/rhel6
        enabled=1
        gpgcheck=0

        [LoadBalancer]
        name=LoadBalancer
        baseurl=http://172.25.44.250/rhel6.5/LoadBalancer
        gpgcheck=0

[root@server8 salt]# yum install -y salt-minion
[root@server8 salt]# cd /etc/salt/
[root@server8 salt]# vim minion
        16 master: 172.25.44.5

[root@server5 httpd]# salt-key -L  ##查看节点
        Accepted Keys:
        server5
        server6
        server7
        Denied Keys:
        Unaccepted Keys:
        server8
        Rejected Keys:
[root@server5 httpd]# salt-key -a server8     #接受某个minion-key即将server8添加到master集群中          
        The following keys are going to be accepted:
        Unaccepted Keys:
        server8
        Proceed? [n/Y] Y
        Key for minion server8 accepted.
[root@server5 httpd]# salt-key -L 
        Accepted Keys:
        server5
        server6
        server7
        server8
        Denied Keys:
        Unaccepted Keys:
        Rejected Keys:

通过salt批量部署

1.keepalived高可用

# 源码安装keepalive
[root@server5 ~]# cd /srv/salt/
[root@server5 salt]# mkdir keepalived
[root@server5 salt]# pwd
        /srv/salt
[root@server5 salt]# cd keepalived/
[root@server5 keepalived]# ls
[root@server5 keepalived]# mkdir files
[root@server5 keepalived]# cd files/
[root@server5 files]# ls
        keepalived-2.0.6.tar.gz
[root@server5 files]# cd ..
[root@server5 keepalived]# vim install.sls
      1 kp-install:
      2   file.managed:
      3     - name: /mnt/keepalived-2.0.6.tar.gz
      4     - source: salt://keepalived/files/keepalived-2.0.6.tar.gz

  [root@server5 keepalived]# salt server8 state.sls keepalived.install

# 在minion端查看，成功推送
[root@server8 salt]# cd /mnt
[root@server8 mnt]# ls
keepalived-2.0.6.tar.gz

[root@server5 keepalived]# cd ..
[root@server5 salt]# ls
        _grains  haproxy  httpd  keepalived  nginx  pkgs  top.sls  users
[root@server5 salt]# cd pkgs/
[root@server5 pkgs]# ls
        make.sls
[root@server5 pkgs]# vim make.sls  #源码编译一些依赖性的软件包

      1 make-gcc:
      2   pkg.installed:
      3     - pkgs:
      4       - pcre-devel
      5       - openssl-devel
      6       - gcc
[root@server5 keepalived]# vim install.sls

[root@server5 keepalived]# salt server8 state.sls keepalived.install

# 检测：
[root@server8 mnt]# ps ax

[root@server8 mnt]# ll -d /usr/local/keepalived/   #配置文件生成，表示成功推送
        drwxr-xr-x 6 root root 4096 8月  18 10:14 /usr/local/keepalived/
[root@server8 mnt]# cd /usr/local/keepalived/
[root@server8 keepalived]# ls
        bin  etc  sbin  share
[root@server8 keepalived]# cd etc/rc.d/
[root@server8 rc.d]# ls
        init.d
[root@server8 rc.d]# cd init.d/
[root@server8 init.d]# ls
        keepalived
[root@server8 init.d]# scp keepalived  [email protected]:/srv/salt/keepalived/files/
[root@server8 init.d]# cd /etc/keepalived
[root@server8 keepalived]# ls
        keepalived.conf  samples
[root@server8 keepalived]# scp keepalived.conf 172.25.44.5:/srv/salt/keepalived/files/


[root@server5 keepalived]# vim install.sls   #添加软连接

[root@server5 keepalived]# salt server8 state.sls keepalived.install     #推送

[root@server5 keepalived]# vim service.sls

[root@server5 keepalived]# salt server8 state.sls keepalived.service

# 用pillar设置变量：
[root@server5 keepalived]# cd /srv/pillar/
[root@server5 pillar]# ls
        top.sls  web
[root@server5 pillar]# mkdir keepalived
[root@server5 pillar]# cd keepalived/
[root@server5 keepalived]# vim install.sls  

[root@server5 keepalived]# cd ..
[root@server5 pillar]# vim top.sls  #指定minion应用相应的状态文件
      1 base:
      2   '*':
      3     - web.install
      4     - keepalived.install

[root@server5 pillar]# cd /srv/salt/keepalived/
[root@server5 keepalived]# ls
            files  install.sls  service.sls
[root@server5 keepalived]# vim service.sls 

[root@server5 keepalived]# vim files/keepalived.conf #设置vip

[root@server5 pillar]# salt server8 state.sls keepalived.service

#

#检测  (虚拟ip添加成功)

top 部署haproxy；keepalived高可用负载均衡平台：

2.实现负载均衡

[root@server8 keepalived]# yum install -y mailx  #安装邮件工具

[root@server5 pillar]# yum install -y mailx
[root@server5 pillar]# cd /srv/salt/
[root@server5 salt]# ls
_grains  haproxy  httpd  keepalived  nginx  pkgs  top.sls  users
[root@server5 salt]# vim top.sls 

[root@server5 salt]# salt '*' state.highstate  #高级推送，这个是全局的所有环境，以及所有状态都生效，它会读取每一个环境的top.sls，并且对所有sls都生效

测试是否实现负载均衡

3.实现更高级的负载均衡

[root@server5 salt]# cd /opt/
[root@server5 opt]# ls
[root@server5 opt]# vim check_haproxy.sh  # 当haproxy服务出现故障时就停止keepalived

[root@server5 opt]# chmod +x check_haproxy.sh  #给脚本添加可执行权限
[root@server5 keepalived]# scp /opt/check_haproxy.sh  [email protected]:/opt/
[email protected]'s password: 
        check_haproxy.sh                               100%  164     0.2KB/s   00:00    


[root@server5 keepalived]# vim /srv/salt/keepalived/files/keepalived.conf 
  1 ! Configuration File for keepalived
  2 vrrp_script check_haproxy{
  3         script "/opt/check_haproxy.sh"
  4         interval 2
  5         weight 2
  6 }
  7 global_defs {
  8    notification_email {
  9         root@localhost
 10    }
 11    notification_email_from keepalived@localhost
 12    smtp_server 127.0.0.1
 13    smtp_connect_timeout 30
 14    router_id LVS_DEVEL
 15    vrrp_skip_check_adv_addr
 16    #vrrp_strict
 17    vrrp_garp_interval 0
 18    vrrp_gna_interval 0
 19 }
 20 
 21 vrrp_instance VI_1 {
 22     state MASTER
 23     interface eth0
 24     virtual_router_id 44
 25     priority 100
 26     advert_int 1
 27     authentication {
 28         auth_type PASS
 29         auth_pass 1111
 30     }
 31     virtual_ipaddress {
 32         172.25.44.100
 33     }
 34     track_script{
 35         check_haproxy
 36     }
 37 }

检测(实现了负载均衡，vip可以随时切换)：

[root@server5 keepalived]# /etc/init.d/keepalived stop
        Stopping keepalived:                                       [  OK  ]
[root@server5 keepalived]# ip addr

[root@server5 ~]# cd /etc/init.d
[root@server5 init.d]# chmod  -x haproxy  #如果脚本没有可执行权限，判断脚本生效，使得keepalived服务会关闭
[root@server5 init.d]# ip addr
        2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 52:54:00:7a:4e:0c brd ff:ff:ff:ff:ff:ff
            inet 172.25.44.5/24 brd 172.25.44.255 scope global eth0
            inet 172.25.254.88/32 scope global eth0
            inet6 fe80::5054:ff:fe7a:4e0c/64 scope link 
               valid_lft forever preferred_lft forever

[root@server5 init.d]# chmod  -x  haproxy
[root@server5 init.d]# ip addr  #MASTER会转换到serevr8，server8接管虚拟IP
        2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 52:54:00:7a:4e:0c brd ff:ff:ff:ff:ff:ff
            inet 172.25.44.5/24 brd 172.25.44.255 scope global eth0
            inet 172.25.254.88/32 scope global eth0
            inet6 fe80::5054:ff:fe7a:4e0c/64 scope link 
               valid_lft forever preferred_lft forever



# 加回脚本权限,vip又会自动接回
[root@server5 init.d]# chmod  +x  haproxy
[root@server5 init.d]# /etc/init.d/keepalived start
Starting keepalived:                                       [  OK  ]
[root@server5 init.d]# ip addr
        2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
            link/ether 52:54:00:7a:4e:0c brd ff:ff:ff:ff:ff:ff
            inet 172.25.44.5/24 brd 172.25.44.255 scope global eth0
            inet 172.25.254.88/32 scope global eth0
            inet 172.25.44.100/32 scope global eth0
            inet6 fe80::5054:ff:fe7a:4e0c/64 scope link 
               valid_lft forever preferred_lft forever