Saltstack部署Nginx,Haproxy實現負載均衡
阿新 • • 發佈:2018-12-21
1.nginx原始碼編譯安裝
[[email protected] salt]# mkdir nginx //在檔案系統中建立nginx目錄
[[email protected] salt]# cd nginx/
[[email protected] nginx]# mkdir files //用於儲存安裝包
[[email protected] nginx]# cd files/
[[email protected] files]# ls
nginx-1.14.0.tar.gz
[[email protected]
nginx]# vim install.sls nginx-install: pkg.installed: - pkgs: - gcc - openssl-devel - pcre-devel file.managed: - source: salt://nginx/files/nginx-1.14.0.tar.gz //源地址 - name: /mnt/nginx-1.14.0.tar.gz //tar包儲存地址 cmd.run: // 編譯安裝,每個動作中間用&&來連線 - name: cd /mnt/ && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-threads --with-http_ssl_module --with-http_stub_status_module --with-file-aio && make &> /dev/null && make install &> /dev/null - creates: /usr/local/nginx //檔案檢測,若目的機中已存在這個目錄,則說明已安裝好,就不用再進行編譯
推送:[[email protected] nginx]# salt server8 state.sls nginx.install
server8: ---------- ID: nginx-install Function: pkg.installed Result: True Comment: All specified packages are already installed Started: 11:08:44.255343 Duration: 354.052 ms Changes: ---------- ID: nginx-install Function: file.managed Name: /mnt/nginx-1.14.0.tar.gz Result: True Comment: File /mnt/nginx-1.14.0.tar.gz is in the correct state Started: 11:08:44.610847 Duration: 52.621 ms Changes: ---------- ID: nginx-install Function: cmd.run Name: cd /mnt/ && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-threads --with-http_ssl_module --with-http_stub_status_module --with-file-aio && make &> /dev/null && make install &> /dev/null Result: True Comment: /usr/local/nginx exists Started: 11:08:44.664052 Duration: 0.34 ms Changes: Summary for server8 ------------ Succeeded: 3 Failed: 0 ------------ Total states run: 3 Total run time: 407.013 ms
2,nginx管理指令碼,檔案分離 1).再建立一個目錄用於儲存建立使用者的sls檔案。 [[email protected] salt]# mkdir users [[email protected] salt]# cd users/ [[email protected] users]# vim user.sls
nginx-group:
group.present:
- name: nginx
- gid: 800
nginx-user:
user.present:
- name: nginx
- uid: 800
- gid: 800
- shell: /sbin/nologin //不允許互動
- createhome: False //不自動建立家目錄
- home: /usr/local/nginx //指定家目錄
[[email protected] nginx]# vim service.sls
include:
- users.user
- nginx.install
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
nginx-service:
file.managed:
- source: salt://nginx/files/nginx
- name: /etc/init.d/nginx //啟動檔案地址
- mode: 755
service.running:
- name: nginx
- reload: True
- watch:
- file: /usr/local/nginx/conf/nginx.conf
[[email protected] files]# ls // 將nginx配置檔案放置過來,並新增nginx啟動指令碼
nginx nginx-1.14.0.tar.gz nginx.conf
[[email protected] files]# vim nginx.conf
user nginx nginx;
推送:[[email protected] nginx]# salt server8 state.sls nginx.service
server8:
----------
ID: nginx-group
Function: group.present
Name: nginx
Result: True
Comment: Group nginx is present and up to date
Started: 11:10:05.696440
Duration: 1.548 ms
Changes:
----------
ID: nginx-user
Function: user.present
Name: nginx
Result: True
Comment: User nginx is present and up to date
Started: 11:10:05.698421
Duration: 15.069 ms
Changes:
----------
ID: nginx-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 11:10:06.067583
Duration: 357.7 ms
Changes:
----------
ID: nginx-install
Function: file.managed
Name: /mnt/nginx-1.14.0.tar.gz
Result: True
Comment: File /mnt/nginx-1.14.0.tar.gz is in the correct state
Started: 11:10:06.426721
Duration: 51.284 ms
Changes:
----------
ID: nginx-install
Function: cmd.run
Name: cd /mnt/ && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-threads --with-http_ssl_module --with-http_stub_status_module --with-file-aio && make &> /dev/null && make install &> /dev/null
Result: True
Comment: /usr/local/nginx exists
Started: 11:10:06.478582
Duration: 0.328 ms
Changes:
----------
ID: /usr/local/nginx/conf/nginx.conf
Function: file.managed
Result: True
Comment: File /usr/local/nginx/conf/nginx.conf is in the correct state
Started: 11:10:06.478989
Duration: 22.518 ms
Changes:
----------
ID: nginx-service
Function: file.managed
Name: /etc/init.d/nginx
Result: True
Comment: File /etc/init.d/nginx is in the correct state
Started: 11:10:06.501606
Duration: 212.775 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: The service nginx is already running
Started: 11:10:06.715162
Duration: 25.261 ms
Changes:
Summary for server8
------------
Succeeded: 8
Failed: 0
------------
Total states run: 8
Total run time: 686.483 ms
server8檢視埠:
2.Haproxy原始碼安裝 1).新增負載均衡yum源
[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.0.16/rhel6.5/LoadBalancer
gpgcheck=0
[[email protected] salt]# mkdir haproxy
[[email protected] salt]# cd haproxy/
[[email protected] haproxy]# mkdir files //儲存原始檔
[[email protected] files]# ls
haproxy-1.6.11.tar.gz
2).編寫安裝指令碼檔案
[[email protected] haproxy]# vim install.sls
haproxy-install:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
file.managed:
- name: /mnt/haproxy-1.6.11.tar.gz
- source: salt://haproxy/files/haproxy-1.6.11.tar.gz
cmd.run:
- name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
- creates: /usr/local/haproxy
推送到server6
server6:
----------
ID: haproxy-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 11:50:05.452291
Duration: 366.061 ms
Changes:
----------
ID: haproxy-install
Function: file.managed
Name: /mnt/haproxy-1.6.11.tar.gz
Result: True
Comment: File /mnt/haproxy-1.6.11.tar.gz is in the correct state
Started: 11:50:05.819780
Duration: 66.385 ms
Changes:
----------
ID: haproxy-install
Function: cmd.run
Name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
Result: True
Comment: /usr/local/haproxy exists
Started: 11:50:05.886743
Duration: 0.326 ms
Changes:
Summary for server6
------------
Succeeded: 3
Failed: 0
------------
Total states run: 3
Total run time: 432.772 ms
3)將haproxy的啟動指令碼及配置檔案傳到fiels目錄中
[[email protected] haproxy]# cd /mnt/haproxy-1.6.11/examples/
[[email protected] examples]# cp haproxy.init /srv/salt/haproxy/files/
[[email protected] examples]# cp content-sw-sample.cfg /srv/salt/haproxy/files/
[[email protected] files]# vim content-sw-sample.cfg
global
maxconn 10000
stats socket /var/run/haproxy.stat mode 600 level admin
log 127.0.0.1 local0
uid 200
gid 200
chroot /var/empty
daemon
defaults
mode http
log global
option dontlognull
monitor-uri /monitoruri
maxconn 8000
timeout client 30s
retries 2
option redispatch
timeout connect 5s
timeout server 30s
timeout queue 30s
fullconn 4000
stats uri /admin/stats
# The public 'www' address in the DMZ
frontend public
bind *:80 name clear
#bind 192.168.1.10:443 ssl crt /etc/haproxy/haproxy.pem
default_backend dynamic
backend dynamic
balance roundrobin
fullconn 4000
server dynsrv1 172.25.0.123:80 check inter 1000
server dynsrv2 172.25.0.124:80 check inter 1000
4)建立使用者:
[[email protected] users]# vim haproxy.sls
haproxy-group:
group.present:
- name: haproxy
- gid: 200
haproxy-user:
user.present:
- name: haproxy
- uid: 200
- gid: 200
- home: /usr/local/haproxy
- shell: /sbin/nologin
- createhome: False
推送
server6:
----------
ID: haproxy-group
Function: group.present
Name: haproxy
Result: True
Comment: New group haproxy created
Started: 12:09:33.112772
Duration: 714.504 ms
Changes:
----------
gid:
200
members:
name:
haproxy
passwd:
x
----------
ID: haproxy-user
Function: user.present
Name: haproxy
Result: True
Comment: New user haproxy created
Started: 12:09:33.827833
Duration: 763.474 ms
Changes:
----------
fullname:
gid:
200
groups:
- haproxy
home:
homephone:
name:
haproxy
passwd:
x
roomnumber:
shell:
/sbin/nologin
uid:
200
workphone:
Summary for server6
------------
Succeeded: 2 (changed=2)
Failed: 0
------------
Total states run: 2
Total run time: 1.478 s
[[email protected] users]# id haproxy
uid=200(haproxy) gid=200(haproxy) groups=200(haproxy)
5).編寫指令碼推送啟動服務
[[email protected] haproxy]# vim service.sls
include:
- haproxy.install
- users.haproxy
/etc/haproxy/haproxy.cfg:
file.managed:
- source: salt://haproxy/files/haproxy.cfg
harpoxy-service:
file.managed:
- name: /etc/init.d/haproxy
- source: salt://haproxy/files/haproxy.init
- mode: 755
service.running:
- name: haproxy
- enable: True
- reload: True
- watch:
- file: /etc/haproxy/haproxy.cfg
再次編輯安裝指令碼
[[email protected] haproxy]# vim install.sls
haproxy-install:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
file.managed:
- name: /mnt/haproxy-1.6.11.tar.gz
- source: salt://haproxy/files/haproxy-1.6.11.tar.gz
cmd.run:
- name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
- creates: /usr/local/haproxy
/etc/haproxy:
file.directory: //建立目錄
- mode: 755
/usr/sbin/haproxy:
file.symlink: //軟連結
- target: /usr/local/haproxy/sbin/haproxy
6)推送並測試
[[email protected] haproxy]# salt server6 state.sls haproxy.service
server6:
----------
ID: haproxy-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 13:37:25.381372
Duration: 363.378 ms
Changes:
----------
ID: haproxy-install
Function: file.managed
Name: /mnt/haproxy-1.6.11.tar.gz
Result: True
Comment: File /mnt/haproxy-1.6.11.tar.gz is in the correct state
Started: 13:37:25.746278
Duration: 66.097 ms
Changes:
----------
ID: haproxy-install
Function: cmd.run
Name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
Result: True
Comment: /usr/local/haproxy exists
Started: 13:37:25.812970
Duration: 0.324 ms
Changes:
----------
ID: /etc/haproxy
Function: file.directory
Result: True
Comment: Directory /etc/haproxy is in the correct state
Started: 13:37:25.813372
Duration: 0.392 ms
Changes:
----------
ID: /usr/sbin/haproxy
Function: file.symlink
Result: True
Comment: Symlink /usr/sbin/haproxy is present and owned by root:root
Started: 13:37:25.813841
Duration: 1.024 ms
Changes:
----------
ID: haproxy-group
Function: group.present
Name: haproxy
Result: True
Comment: Group haproxy is present and up to date
Started: 13:37:25.815168
Duration: 0.28 ms
Changes:
----------
ID: haproxy-user
Function: user.present
Name: haproxy
Result: True
Comment: User haproxy is present and up to date
Started: 13:37:25.815890
Duration: 0.684 ms
Changes:
----------
ID: /etc/haproxy/haproxy.cfg
Function: file.managed
Result: True
Comment: File /etc/haproxy/haproxy.cfg is in the correct state
Started: 13:37:25.816650
Duration: 24.5 ms
Changes:
----------
ID: harpoxy-service
Function: file.managed
Name: /etc/init.d/haproxy
Result: True
Comment: File /etc/init.d/haproxy is in the correct state
Started: 13:37:25.841263
Duration: 24.395 ms
Changes:
----------
ID: harpoxy-service
Function: service.running
Name: haproxy
Result: True
Comment: The service haproxy is already running
Started: 13:37:25.866334
Duration: 21.532 ms
Changes:
Summary for server6
-------------
Succeeded: 10
Failed: 0
-------------
Total states run: 10
Total run time: 502.606 ms
[[email protected] salt]# vim top.sls
base:
'server6':
- haproxy.service
'server7':
- httpd.service
'server8':
- nginx.service
[[email protected] salt]# salt '*' state.highstate
server7:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed
Started: 13:51:03.510399
Duration: 416.677 ms
Changes:
----------
ID: php
Function: pkg.installed
Result: True
Comment: Package php is already installed
Started: 13:51:03.927230
Duration: 0.461 ms
Changes:
----------
ID: /etc/httpd/conf/httpd.conf
Function: file.managed
Result: True
Comment: File /etc/httpd/conf/httpd.conf is in the correct state
Started: 13:51:03.929816
Duration: 33.847 ms
Changes:
----------
ID: apache-service
Function: service.running
Name: httpd
Result: True
Comment: The service httpd is already running
Started: 13:51:03.963828
Duration: 22.168 ms
Changes:
Summary for server7
------------
Succeeded: 4
Failed: 0
------------
Total states run: 4
Total run time: 473.153 ms
server6:
----------
ID: haproxy-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 13:51:03.679766
Duration: 505.727 ms
Changes:
----------
ID: haproxy-install
Function: file.managed
Name: /mnt/haproxy-1.6.11.tar.gz
Result: True
Comment: File /mnt/haproxy-1.6.11.tar.gz is in the correct state
Started: 13:51:04.187029
Duration: 71.075 ms
Changes:
----------
ID: haproxy-install
Function: cmd.run
Name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
Result: True
Comment: /usr/local/haproxy exists
Started: 13:51:04.258786
Duration: 0.351 ms
Changes:
----------
ID: /etc/haproxy
Function: file.directory
Result: True
Comment: Directory /etc/haproxy is in the correct state
Started: 13:51:04.259244
Duration: 0.557 ms
Changes:
----------
ID: /usr/sbin/haproxy
Function: file.symlink
Result: True
Comment: Symlink /usr/sbin/haproxy is present and owned by root:root
Started: 13:51:04.259886
Duration: 1.293 ms
Changes:
----------
ID: haproxy-group
Function: group.present
Name: haproxy
Result: True
Comment: Group haproxy is present and up to date
Started: 13:51:04.261537
Duration: 0.312 ms
Changes:
----------
ID: haproxy-user
Function: user.present
Name: haproxy
Result: True
Comment: User haproxy is present and up to date
Started: 13:51:04.262380
Duration: 0.75 ms
Changes:
----------
ID: /etc/haproxy/haproxy.cfg
Function: file.managed
Result: True
Comment: File /etc/haproxy/haproxy.cfg is in the correct state
Started: 13:51:04.263223
Duration: 26.876 ms
Changes:
----------
ID: harpoxy-service
Function: file.managed
Name: /etc/init.d/haproxy
Result: True
Comment: File /etc/init.d/haproxy is in the correct state
Started: 13:51:04.290243
Duration: 41.293 ms
Changes:
----------
ID: harpoxy-service
Function: service.running
Name: haproxy
Result: True
Comment: The service haproxy is already running
Started: 13:51:04.332396
Duration: 25.958 ms
Changes:
Summary for server6
-------------
Succeeded: 10
Failed: 0
-------------
Total states run: 10
Total run time: 674.192 ms
server8:
----------
ID: nginx-group
Function: group.present
Name: nginx
Result: True
Comment: Group nginx is present and up to date
Started: 13:51:03.562579
Duration: 5.914 ms
Changes:
----------
ID: nginx-user
Function: user.present
Name: nginx
Result: True
Comment: User nginx is present and up to date
Started: 13:51:03.573122
Duration: 62.844 ms
Changes:
----------
ID: nginx-install
Function: pkg.installed
Result: True
Comment: All specified packages are already installed
Started: 13:51:04.421423
Duration: 378.146 ms
Changes:
----------
ID: nginx-install
Function: file.managed
Name: /mnt/nginx-1.14.0.tar.gz
Result: True
Comment: File /mnt/nginx-1.14.0.tar.gz is in the correct state
Started: 13:51:04.801104
Duration: 60.205 ms
Changes:
----------
ID: nginx-install
Function: cmd.run
Name: cd /mnt/ && tar zxf nginx-1.14.0.tar.gz && cd nginx-1.14.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-threads --with-http_ssl_module --with-http_stub_status_module --with-file-aio && make &> /dev/null && make install &> /dev/null
Result: True
Comment: /usr/local/nginx exists
Started: 13:51:04.862040
Duration: 0.362 ms
Changes:
----------
ID: /usr/local/nginx/conf/nginx.conf
Function: file.managed
Result: True
Comment: File /usr/local/nginx/conf/nginx.conf is in the correct state
Started: 13:51:04.862495
Duration: 27.228 ms
Changes:
----------
ID: nginx-service
Function: file.managed
Name: /etc/init.d/nginx
Result: True
Comment: File /etc/init.d/nginx is in the correct state
Started: 13:51:04.889842
Duration: 26.279 ms
Changes:
----------
ID: nginx-service
Function: service.running
Name: nginx
Result: True
Comment: The service nginx is already running
Started: 13:51:04.916874
Duration: 25.496 ms
Changes:
Summary for server8
------------
Succeeded: 8
Failed: 0
------------
Total states run: 8
Total run time: 586.474 ms
推送完成。