准备环境
node1:192.168.217.149 (saltstack master)
node2:192.168.217.150(saltstack minion)
下载haproxy1.6.2.tar.gz
下载地址:http://www.haproxy.org/download/1.6/src/
在node1:192.168.217.149 (saltstack master)上操作配置模块
一、依赖安装模块
1、pkg.installed的路径相对于prod在/etc/salt/master中配置的相对路径
mkdir /srv/salt/prod/ mkdir /srv/salt/prod/haproxy/files -pv mkdir mkdir /srv/salt/prod/pkg/files -pv cd /srv/salt/prod/pkg
2、编写依赖包配置文件
vim pkg-init.sls
vim pkg-init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
二、编写HAproxy状态模块
如何配置状态模块
手动编译安装一遍haproxy,记录安装步骤
1、haproxy编译安装
yum install gcc gcc-c++ glibc make autoconf openssl openssl-devel cd /usr/local/src tar -zxf haproxy-1.6.2.tar.gz make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
2、将配置文件、启动文件复制到/srv/salt/prod/haproxy/files下
step1: mv haproxy-1.6.2.tar.gz /srv/salt/prod/haproxy/files/ cd /srv/salt/prod/haproxy/files/ tar zxf haproxy-1.6.2.tar.gz cd haproxy-1.6.2/examples/ vim haproxy.init BIN=/usr/local/haporxy/sbin/$BASENAME step2: cp haproxy.init /srv/salt/prod/haproxy/files/ step3: cd /srv/salt/prod/haproxy/files rm -rf haproxy-1.6.2
3、编写install.sls
此文件不写haproxy的配置文件,是为了解耦。因为安装和启动时原子操作,在哪都必须,但是配置文件,在不同环境下是不一样的
vim install.sls
include:
- pkg.pkg-init
haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.6.2.tar.gz
- source: salt://haproxy/files/haproxy-1.6.2.tar.gz
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.6.2.tar.gz && cd haproxy-1.6.2 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy
- require:
- pkg: pkg-init
- file: haproxy-install
haproxy-init:
file.managed:
- name: /etc/init.d/haproxy
- source: salt://haproxy/files/haproxy.init
- user: root
- group: root
- mode: 755
- require:
- cmd: haproxy-install
cmd.run:
- name: chkconfig --add haproxy
- unless: chkconfig --list | grep haproxy
- require:
- file: /etc/init.d/haproxy
net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: 1
haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- user: root
- group: root
- mode: 755
提示:
1、如果是拷贝配置文件,确保$符号和配置之间没有空格,不然执行会出错,vim下,使用set list命令可以查看
2、层级关系是2、4、6个空格
建议先执行测试然后再实际配置修改,命令如下:
# salt '*' state.sls haproxy.install env=prod test=True
三、编写业务引用
1、haproxy配置文件
mkdir -p /srv/salt/prod/cluster/files cd /srv/salt/prod/cluster/files/
vim /srv/salt/prod/cluster/files/haproxy-outside.cfg
global maxconn 100000 chroot /usr/local/haproxy uid 99 gid 99 daemon nbproc 1 pidfile /usr/local/haproxy/logs/haproxy.pid log 127.0.0.1 local3 info defaults option http-keep-alive maxconn 100000 mode http timeout connect 5000ms timeout client 50000ms timeout server 50000ms listen stats mode http bind 0.0.0.0:8888 stats enable stats uri /haproxy-status stats auth haproxy:saltstack frontend frontend_www_example_com bind 192.168.3.11:80 mode http option httplog log global default_backend backend_www_example_com backend backend_www_example_com option forwardfor header X-REAL-IP option httpchk HEAD / HTTP/1.0 balance source server web-node1 192.168.217.149:8080 check inter 2000 rise 30 fall 15 server web-node2 192.168.217.150:8080 check inter 2000 rise 30 fall 15
cd /srv/salt/prod/cluster/
vim /srv/salt/prod/cluster/haproxy-outside.sls
include:
- haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy-outside.cfg
- user: root
- group: root
- mode: 644
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-init
- watch:
- file: haproxy-service
2、编写top.sls
cd /srv/salt/base/
vim top.sls
base:
'*':
- init.env_init
prod:
"node1":
- cluster.haproxy-outside
"node2":
- cluster.haproxy-outside
三、执行安装配置
salt '*' state.highstate
四、Web查看服务状态
从web登陆192.168.217.149:8888/haproxy-status
用户名和密码在/srv/salt/prod/cluster/files/haproxy-outside.cfg中
grep 'auth' /srv/salt/prod/cluster/files/haproxy-outside.cfg stats auth haproxy:saltstack
界面如下:
