您现在的位置是:首页 > 文章详情

Saltstack自动部署Haproxy+keepalived+nginx+memcache+php(fastcgi)

日期:2017-03-30点击:497

一系列:

部署Haproxy总的目录结构

[root@NEI-pudong-idc2E-wdjky.me srv]# tree salt/ salt/ ├── base │   ├── init │   │   ├── audit.sls │   │   ├── dns.sls │   │   ├── env_init.sls │   │   ├── epel.sls │   │   ├── files │   │   │   └── resolv.conf │   │   ├── history.sls │   │   └── sysctl.sls │   └── top.sls └── prod     ├── cluster     │   ├── files     │   │   ├── haproxy-outside.cfg     │   │   └── haproxy-outside.cfg.bak     │   └── haproxy-outside.sls     ├── haproxy     │   ├── files     │   │   ├── haproxy-1.4.24.tar.gz     │   │   └── haproxy.init     │   └── install.sls     ├── keepalived     │   └── files     └── pkg         └── pkg-init.sls


1.salt master 服务器上对 /etc/salt/master 配置文件进行多环境配置

file_roots:   base:     - /srv/salt/base   prod:     - /srv/salt/prod      pillar_roots:   base:     - /srv/salt/pillar   prod:     - /srv/salt/pillar

2.创建目录结构

[root@NEI-pudong-idc2E-wdjky.me srv]# pwd /srv [root@NEI-pudong-idc2E-wdjky.me srv]# tree  . ├── pillar │   ├── base │   └── prod └── salt     ├── base     └── prod

3.重启salt-master

/etc/init.d/salt-master restart


4.系统初始化

4.1.DNS配置

[root@NEI-pudong-idc2E-wdjky.me srv]# cat /srv/salt/base/init/dns.sls  /etc/resolv.conf:   file.managed:     - source: salt://init/files/resolv.conf     - user: root     - group: root     - mode: 644

4.2.History记录时间

[root@NEI-pudong-idc2E-wdjky.me srv]# cat /srv/salt/base/init/history.sls  /etc/profile:   file.managed:     - text:       - export HISTTIMEFORMAT="%F %T(`whoami`)"

4.3.命令操作审计

[root@NEI-pudong-idc2E-wdjky.me srv]# cat /srv/salt/base/init/audit.sls  /etc/bashrc:   file.append:     - text:       - export PROMPT_COMMAND='{ msg=$(history 1 | { read x y; echo $y; });logger "[euid=$(whoami)]":$(who am i):['pwd']"$msg"; }'

4.4.epel仓库

[root@NEI-pudong-idc2E-wdjky.me srv]# cat /srv/salt/base/init/epel.sls  yum_rep_release:   pkg.installed:     - sources:       - epel-release: http://mirrors.aliyun.com/epel/6/x86_64/epel-release-6-8.noarch.rpm   - unless: rpm -qa|grep epel-release-6-8

4.5.初始化环境引用

[root@NEI-pudong-idc2E-wdjky.me srv]# cat /srv/salt/base/init/env_init.sls  include:   - init.dns   - init.history   - init.audit


5.Haproxy配置管理

5.1.pkg模块用来安装源码编译依赖包

[root@NEI-pudong-idc2E-wdjky.me prod]# cat /srv/salt/prod/pkg/pkg-init.sls  pkg-init:   pkg.installed:     - names:       - gcc       - gcc-c++       - glibc       - make       - autoconf       - openssl       - openssl-devel

5.2.Haproxy服务配置

cd /usr/local/src/ cp haproxy-1.4.24.tar.gz /srv/salt/prod/haproxy/files tar xf  haproxy-1.4.24.tar.gz cd /usr/local/src/haproxy-1.4.24/examples/ sed -i 's/\/usr\/sbin\/'\$BASENAME'/\/usr\/local\/haproxy\/sbin\/'\$BASENAME'/g' haproxy.init cp haproxy.init /srv/salt/prod/haproxy/files

5.3.编写Haproxy安装sls

[root@NEI-pudong-idc2E-wdjky.me haproxy]# cat /srv/salt/prod/haproxy/install.sls  include:   - pkg.pkg-init
haproxy-install:   file.managed:     - name: /usr/local/src/haproxy-1.4.24.tar.gz     - source: salt://haproxy/files/haproxy-1.4.24.tar.gz     - mode: 755     - user: root     - group: root   cmd.run:     - name: cd /usr/local/src && tar xf haproxy-1.4.24.tar.gz && cd haproxy-1.4.24 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy     - unless: test -d /usr/local/haproxy     - require:       - pkg: pkg-init       - file: haproxy-install /etc/init.d/haproxy:
file.managed:     - source: salt://haproxy/files/haproxy.init     - mode: 755     - user: root     - group: root     - require:       - cmd: haproxy-install haproxy-config-dir:     file.directory:     - name: /etc/haproxy     - mode: 755     - user: root     - group: root haproxy-init:   cmd.run:     - name: chkconfig --add haproxy     - unless: chkconfig --list|grep  haproxy     - require:       - file: /etc/init.d/haproxy

5.4.Haproxy业务应用

[root@NEI-pudong-idc2E-wdjky.me haproxy]# cat /srv/salt/prod/cluster/haproxy-outside.sls  include:   - haproxy.install haproxy-service:   file.managed:     - name: /etc/haproxy/haproxy.cfg     - source: salt://cluster/files/haproxy-outside.cfg     - user: root     - group: root     - mode: 644   service.running:     - name: haproxy     - enable: True     - reload: True     - require:       - cmd: haproxy-init     - watch:       - file: haproxy-service
[root@NEI-pudong-idc2E-wdjky.me haproxy]# cat /srv/salt/prod/cluster/files/haproxy-outside.cfg global          log 127.0.0.1:514 local0 warning          chroot /usr/local/haproxy                 group haproxy                       user haproxy                        daemon                              nbproc 8                            pidfile  /usr/local/haproxy/logs/haproxy.pid            maxconn 20000                         spread-checks 3
defaults          log global                             mode http          #option httplog                         #option httpclose                       #option dontlognull                     #option forwardfor                      option redispatch                      #option abortonclose                    retries 3                              #balance roundrobin                     #balance source                         #balance leastconn                      contimeout 5000                        clitimeout 50000                       srvtimeout 50000                        #timeout check 2000

                    

listen randolph_status                             bind *:80          mode http                         stats enable              stats uri /admin?status                #stats realm haproxty\ haproxy          stats auth salt:randolph              #stats auth admin1:admin1               stats hide-version                     #stats admin if TRUE                    #listen  webserver          #option httpchk HEAD /checkstatus.html HTTP/1.0            option httpclose          option forwardfor          balance roundrobin         cookie SERVERID insert indirect          timeout server  15s          timeout connect 15s          server web01 192.168.21.161:8082  check port 80 inter 5000 fall 5          server web02 192.168.21.163:8082  check port 80 inter 5000 fall 5

5.5.编写Haproxy安装sls

[root@NEI-pudong-idc2E-wdjky.me haproxy]# cat /srv/salt/prod/cluster/haproxy-outside.sls  include:   - haproxy.install haproxy-service:   file.managed:     - name: /etc/haproxy/haproxy.cfg     - source: salt://cluster/files/haproxy-outside.cfg     - user: root     - group: root     - mode: 644   service.running:     - name: haproxy     - enable: True     - reload: True     - require:       - cmd: haproxy-init     - watch:       - file: haproxy-service

6.执行Haproxy状态

[root@NEI-pudong-idc2E-wdjky.me base]# cat top.sls  base:   jenkins.saltstack.me:     - init.env_init prod:   jenkins.saltstack.me:     - cluster.haproxy-outside

wKioL1jcxmjhUAWeAAA0aL4HC2Y251.png


持续更新 ......


原文链接:https://blog.51cto.com/zhagyilig/1911816
关注公众号

低调大师中文资讯倾力打造互联网数据资讯、行业资源、电子商务、移动互联网、网络营销平台。

持续更新报道IT业界、互联网、市场资讯、驱动更新,是最及时权威的产业资讯及硬件资讯报道平台。

转载内容版权归作者及来源网站所有,本站原创内容转载请注明来源。

文章评论

共有0条评论来说两句吧...

文章二维码

扫描即可查看该文章

点击排行

推荐阅读

最新文章