Linux自动化工具之SaltStack 实战项目3(业务引用_haproxy)

1.创建集群目录,用来存放配置文件

[[email protected] ~]# mkdir /etc/salt/states/cluster/files -p 
[[email protected] ~]# cd /etc/salt/states/cluster/files 
[[email protected] files]# vim haproxy-outside.cfg         #外网负载均衡的配置文件 
global                      #全局配置            
maxconn 100000                     #最大连接数 
chroot /usr/local/haproxy 
uid 99 
gid 99 
daemon                      #以后台形式运行haproxy 
nbproc 1                     #启动1个haproxy实例 
pidfile /usr/local/haproxy/logs/haproxy.pid     #pid存放路径 
log 127.0.0.1 local3 info   #日志输出 
 
#后端设置 
defaults                    #默认配置 
option http-keep-alive 
maxconn 100000 
mode http                   #所处理的级别.默认采用http模式 
timeout connect 5000ms 
timeout client 50000ms 
timeout server 50000ms 
 
#开启haproxy Status状态监控,增加验证 
listen stats 
mode http 
bind 0.0.0.0:8888 
stats enable 
stats uri       /haproxy-status     #监控页面url 
stats auth      haproxy:saltstack   #监控页面user:passwd 
 
#前端设置 
frontend frontend_www_example_com 
bind 192.168.15.100:80 
mode http 
option httplog 
log global 
    default_backend backend_www_example_com 
     
#后端设置 
backend backend_www_example_com 
option forwardfor header X-REAL-IP  #获得客户端真实ip 
option httpchk HEAD / HTTP/1.0 
balance roundrobin                  #轮训算法
server web-node1 192.168.15.12:8080 check inter 2000 rise 30 fall 15 
server web-node2 192.168.15.13:8080 check inter 2000 rise 30 fall 15

2.编写haproxysls文件

[[email protected] files]# cd .. 
[[email protected] cluster]# vim haproxy-outside.sls 
include: 
   - haproxy.install 
 
haproxy-service: 
  file.managed: 
    - name: /etc/haproxy/haproxy.cfg 
    - source: salt://cluster/files/haproxy-outside.cfg 
    - user: root 
    - group: root 
    - mode: 644 
  service.running: 
    - name: haproxy 
    - enable: True 
    - reload: True 
    - require: 
      - cmd: haproxy-init 
    - watch: 
      - file: haproxy-service       #关注某个状态 
[[email protected] cluster]# cd /etc/salt/states/ 
[[email protected] states]# vim top.sls
base: 
  '*': 
    - init.env_init
    - haproxy.install
    - cluster.haproxy-outside

3. 执行Haproxy状态

[[email protected] states]# salt '*' state.highstate test=True     #模拟运行时Failed为0即可(无报错)
[[email protected] states]# salt '*' state.highstate

4.手工启动salt客户端http,将端口80修改为8080

[[email protected] ~]# sed -i 's#Listen 80#Listen 8080#g' /etc/httpd/conf/httpd.conf
[[email protected] ~]# sed -i 's#Listen 80#Listen 8080#g' /etc/httpd/conf/httpd.conf
[[email protected] ~]# /etc/init.d/httpd start
[[email protected] ~]# /etc/init.d/httpd start
[[email protected] ~]# echo "node2.90root.com" > /var/www/html/index.html
[[email protected] ~]# echo "node3.90root.com" > /var/www/html/index.html
(这里操作是为了让haproxy健康检查通过)

上图为haproxy未通过 

5.验证haproxy

浏览器访问192.168.15.12:8888/haproxy-status或者192.168.15.13:8888/haproxy-status(12和13是salt客户端,登陆密码见haproxy.cfg)