zoukankan      html  css  js  c++  java

  • SaltStack 架构自动部署 03

    架构图

    模块化部署

    系统模块:系统优化,内核参数,网络参数

    功能模块:如:nginx,tomcat,

    业务模块:

    1.在salt-master端修改配置文件

    [root@01 salt]# vim /etc/salt/master


file_roots:
  base:  #初始环境
    - /srv/salt/base
  prod:  #生产环境
    - /srv/salt/prod
  test:   #测试环境
    - /srv/salt/test

      

    [root@01 salt]# tree
.
├── base
│   ├── init
│   │   ├── audit.sls
│   │   ├── dns.sls
│   │   ├── env_init.sls
│   │   ├── files
│   │   │   └── resolv.conf
│   │   ├── history.sls
│   │   └── sysctl.sls
│   └── top.sls
├── base.tar.gz
├── prod
│   ├── cluster
│   │   ├── files
│   │   │   └── haproxy-outside.cfg
│   │   └── haproxy-outside.sls
│   ├── haproxy
│   │   ├── files
│   │   │   ├── haproxy-1.6.9.tar.gz
│   │   │   └── haproxy.init
│   │   └── install.sls
│   └── pkg
│       └── pkg-init.sls
└── test

10 directories, 14 files

      

    2.创建目录

    mkdir /srv/salt/prod/pkg    ##生产上一些包放在这
mkdir /srv/salt/prod/haproxy
mkdir /srv/salt/prod/haproxy/files #haproxy 包文件
    mkdir /srv/salt/prod/cluster #安装前端后端
    mkdir /srv/salt/prod/cluster/files  #haproxy配置文件



    3.配置salt系统环境
    [root@01 base]# pwd
/srv/salt/base
[root@01 base]# cat top.sls 
base:
  '*':
    - init.env_init      #初始环境
    
prod:  #生产环境
  'wawa01':   #主机名称
    - cluster.haproxy-outside   
  'www.wawa8888.com':
    - cluster.haproxy-outside

     

    haproxy依赖的包,这里单独写在一个sls,有条理点

    [root@01 ~]# cd /srv/salt/prod/pkg/
[root@01 pkg]# ls
pkg-init.sls
[root@01 pkg]# cat pkg-init.sls 
pkg-init:
  pkg.installed:
    - names:
      - gcc
      - gcc-c++
      - glibc
      - make
      - autoconf
      - openssl
      - openssl-devel

      

    4.写haproxy状态文件

    [root@01 haproxy]# cd /srv/salt/prod/haproxy
[root@01 haproxy]# ls
files  install.sls
[root@01 haproxy]# cat install.sls 
include:
  - pkg.pkg-init

haproxy-install:    
  file.managed:    #两个空格
    - name: /usr/local/src/haproxy-1.6.9.tar.gz #四个空格右边一个空格
    - source: salt://haproxy/files/haproxy-1.6.9.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:        
    - name: cd /usr/local/src && tar zxf haproxy-1.6.9.tar.gz && cd haproxy-1.6.9 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
    - unless: test -d /usr/local/haproxy   
    - require:    
      - pkg: pkg-init
      - file: haproxy-install  
/etc/init.d/haproxy:  
  file.managed:
    - source: salt://haproxy/files/haproxy.init
    - user: root
    - group: root
    - mode: 755
    - require:
      - cmd: haproxy-install
  cmd.run:
    - name: chkconfig --add haproxy
    - unless: chkconfig --list | grep haproxy
    - require:
      - file: /etc/init.d/haproxy

net.ipv4.ip_nonlocal_bind:
  sysctl.present:
    - value: 1

haproxy-config-dir:
  file.directory:
    - name: /etc/haproxy
    - user: root
    - group: root
    - mode: 755

      

    5.初始文件修改,

    haproxy-1.6.9.tar.gz  #提前放好包
    [root@01 files]# ls
haproxy-1.6.9.tar.gz  haproxy.init
[root@01 files]# 
[root@01 files]# 
[root@01 files]# grep "BIN=" haproxy.init 
BIN=/usr/local/haproxy/sbin/$BASENAME

      

    [root@01 cluster]# cd /srv/salt/prod/cluster
[root@01 cluster]# ls
files  haproxy-outside.sls
[root@01 cluster]# cat haproxy-outside.sls 
include:
  - haproxy.install

haproxy-service:
  file.managed:
    - name: /etc/haproxy/haproxy.cfg
    - source: salt://cluster/files/haproxy-outside.cfg
    - user: root
    - group: root
    - mode: 644
  service.running:
    - name: haproxy
    - enable: True
    - reload: True
    - require: 
      - cmd: /etc/init.d/haproxy
    - watch:
      - file: haproxy-service

      

     

    cd /srv/salt/prod/cluster/files

    [root@01 files]# ls
    haproxy-outside.cfg

    [root@01 files]# cat haproxy-outside.cfg
    global
    maxconn 100000
    chroot /usr/local/haproxy
    uid 99
    gid 99
    daemon
    nbproc 1
    pidfile /usr/local/haproxy/logs/haproxy.pid
    log 127.0.0.1 local3 info

    defaults
    option http-keep-alive
    maxconn 100000
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

    listen stats
    mode http
    bind 0.0.0.0:6666
    stats enable
    stats uri /haproxy-status
    stats auth haproxy:saltstack

    frontend frontend_www_example_com
    bind 192.168.1.66:80
    mode http
    option httplog
    log global
    default_backend backend_www_example_com

    backend backend_www_example_com
    option forwardfor header X-REAL-IP
    option httpchk HEAD / HTTP/1.0
    balance source
    server web-node1 192.168.1.100:2222 check inter 2000 rise 30 fall 15
    server web-node2 192.168.1.111:3333 check inter 2000 rise 30 fall 15

      

     重启 systemctl restart salt-master

       测试 salt '*' state.highstate test=True
       高级模式执行 salt '*' state.highstate 

     
    东方
  • 相关阅读:
    IfcControlExtension (控件扩展)
    IfcKernel (内核)
    IFC4x0核心层
    IfcSharedMgmtElements (共享管理元素)
    IfcSharedFacilitiesElements (共享设施元素)
    IfcSharedComponentElements (共享组件元素)
    IfcSharedBldgServiceElements (共享建筑服务要素)
    IfcSharedBldgElements (共享建筑元素)
    IFC4x0共享层
    IfcStructuralElementsDomain (结构元素领域)
  • 原文地址:https://www.cnblogs.com/chenshengqun/p/6830827.html
Copyright © 2011-2022 走看看