Linux自动化工具之SaltStack 实战项目3(业务引用_haproxy)
2020-03-03Linux90root545°c
A+ A-1.创建集群目录,用来存放配置文件
[[email protected] ~]# mkdir /etc/salt/states/cluster/files -p [[email protected] ~]# cd /etc/salt/states/cluster/files [[email protected] files]# vim haproxy-outside.cfg #外网负载均衡的配置文件 global #全局配置 maxconn 100000 #最大连接数 chroot /usr/local/haproxy uid 99 gid 99 daemon #以后台形式运行haproxy nbproc 1 #启动1个haproxy实例 pidfile /usr/local/haproxy/logs/haproxy.pid #pid存放路径 log 127.0.0.1 local3 info #日志输出 #后端设置 defaults #默认配置 option http-keep-alive maxconn 100000 mode http #所处理的级别.默认采用http模式 timeout connect 5000ms timeout client 50000ms timeout server 50000ms #开启haproxy Status状态监控,增加验证 listen stats mode http bind 0.0.0.0:8888 stats enable stats uri /haproxy-status #监控页面url stats auth haproxy:saltstack #监控页面user:passwd #前端设置 frontend frontend_www_example_com bind 192.168.15.100:80 mode http option httplog log global default_backend backend_www_example_com #后端设置 backend backend_www_example_com option forwardfor header X-REAL-IP #获得客户端真实ip option httpchk HEAD / HTTP/1.0 balance roundrobin #轮训算法 server web-node1 192.168.15.12:8080 check inter 2000 rise 30 fall 15 server web-node2 192.168.15.13:8080 check inter 2000 rise 30 fall 15
2.编写haproxysls文件
[[email protected] files]# cd .. [[email protected] cluster]# vim haproxy-outside.sls include: - haproxy.install haproxy-service: file.managed: - name: /etc/haproxy/haproxy.cfg - source: salt://cluster/files/haproxy-outside.cfg - user: root - group: root - mode: 644 service.running: - name: haproxy - enable: True - reload: True - require: - cmd: haproxy-init - watch: - file: haproxy-service #关注某个状态 [[email protected] cluster]# cd /etc/salt/states/ [[email protected] states]# vim top.sls base: '*': - init.env_init - haproxy.install - cluster.haproxy-outside
3. 执行Haproxy状态
[[email protected] states]# salt '*' state.highstate test=True #模拟运行时Failed为0即可(无报错) [[email protected] states]# salt '*' state.highstate
4.手工启动salt客户端http,将端口80修改为8080
[[email protected] ~]# sed -i 's#Listen 80#Listen 8080#g' /etc/httpd/conf/httpd.conf [[email protected] ~]# sed -i 's#Listen 80#Listen 8080#g' /etc/httpd/conf/httpd.conf [[email protected] ~]# /etc/init.d/httpd start [[email protected] ~]# /etc/init.d/httpd start [[email protected] ~]# echo "node2.90root.com" > /var/www/html/index.html [[email protected] ~]# echo "node3.90root.com" > /var/www/html/index.html (这里操作是为了让haproxy健康检查通过)
上图为haproxy未通过
5.验证haproxy
浏览器访问192.168.15.12:8888/haproxy-status或者192.168.15.13:8888/haproxy-status(12和13是salt客户端,登陆密码见haproxy.cfg)