内容简介:Server1 172.25.254.1 maseter/minion keepalived/haproxyServer2 172.25.254.2 minion httpdServer3 172.25.254.3 minion nginx
实验环境:
在server4查看已经接管虚拟IP:
Server1 172.25.254.1 maseter/minion keepalived/haproxy
Server2 172.25.254.2 minion httpd
Server3 172.25.254.3 minion nginx
Server4 172.25.254.4 minion keepalived/haproxy
配置一台新的server4进行配置salt-minion:
[root@server4 ~]# yum install salt-minion -y ## 配置完整yum源 [root@server4 ~]# cd /etc/salt/ [root@server4 salt]# ls cloud cloud.maps.d master minion.d proxy.d cloud.conf.d cloud.profiles.d master.d pki roster cloud.deploy.d cloud.providers.d minion proxy [root@server4 salt]# vim minion 填写master端的IP master: 172.25.254.1 [root@server4 salt]# /etc/init.d/salt-minion start 开启服务 Starting salt-minion:root:server4 daemon: OK
交换公钥,添加server4到server1master端
[root@server1 files]# salt-key -A 添加公钥匹配 The following keys are going to be accepted: Unaccepted Keys: server4 Proceed? [n/Y] y Key for minion server4 accepted. [root@server1 files]# salt-key -L 查询添加成功 Accepted Keys: server1 server2 server3 server4 Denied Keys: Unaccepted Keys: Rejected Keys:
配置高可用模块keepalived:
[root@server1 ~]# cd /srv/salt/
[root@server1 salt]# ls
_grains haproxy httpd nginx pkgs top.sls users
[root@server1 salt]# mkdir keepalived
[root@server1 salt]# cd keepalived/
[root@server1 keepalived]# ls
[root@server1 keepalived]# vim install.sls
[root@server1 keepalived]# cat install.sls
kp-install:
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
[root@server1 keepalived]# mkdir files
[root@server1 keepalived]# cd files/
[root@server1 files]# ls
[root@server1 files]# pwd
/srv/salt/keepalived/files
[root@server1 files]# ls
keepalived-2.0.6.tar.gz
在server1上推送keepalived
[root@server1 files]# salt server4 state.sls keepalived.install
推送成功结果:在server4的/mnt/目录下可以看到推送过来的安装包
[root@server4 salt]# cd /mnt/ [root@server4 mnt]# ls keepalived-2.0.6.tar.gz
在server1完善keepalived的安装脚本进行推送:
[root@server1 keepalived]# cd ..
[root@server1 salt]# ls
_grains haproxy httpd keepalived nginx pkgs top.sls users
[root@server1 salt]# cd pkgs/
[root@server1 pkgs]# ls
make.sls
[root@server1 pkgs]# cat make.sls ## 源码编译一些依赖性的软件包
make-gcc:
pkg.installed:
- pkgs:
- pcre-devel
- openssl-devel
- gcc
[root@server1 pkgs]# cd ..
[root@server1 salt]# cd keepalived/
[root@server1 keepalived]# ls
files install.sls
[root@server1 keepalived]# vim install.sls
[root@server1 keepalived]# cat install.sls
include:
- pkgs.make 导入 工具 包
kp-install:
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
cmd.run: 进行源码编译不显示过程信息
- name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/keepalived
[root@server1 keepalived]# salt server4 state.sls keepalived.install 进行推送在server4安装keepalived
安装过程中在server4可以查看相应进程
[root@server4 mnt]# ps ax
在server4的对应安装位置上已经有了keepalived
[root@server4 mnt]# ls keepalived-2.0.6 keepalived-2.0.6.tar.gz [root@server4 mnt]# ll /usr/local/keepalived/ total 16 drwxr-xr-x 2 root root 4096 Aug 18 10:42 bin drwxr-xr-x 5 root root 4096 Aug 18 10:42 etc drwxr-xr-x 2 root root 4096 Aug 18 10:42 sbin drwxr-xr-x 5 root root 4096 Aug 18 10:42 share配置Keepalived的高可用
将server4的keepalived的配置文件/usr/local/keepalived/etc/keepalived/keepalived.conf和启动脚本/usr/local/keepalived/etc/rc.d/init.d/keepalived发送到server1的/srv/salt/keepalived/files目录下
[root@server4 mnt]# cd /usr/local/keepalived/etc/rc.d/init.d/ [root@server4 init.d]# scp keepalived server1:/srv/salt/keepalived/files ## keepalived的启动脚本 [root@server4 ~]# cd /usr/local/keepalived/etc/keepalived/ [root@server4 keepalived]# ls keepalived.conf samples [root@server4 keepalived]# scp keepalived.conf server1:/srv/salt/keepalived/files ## 配置文件
在server1配置安装脚本制作相应的软链接:
[root@server1 ~ ]# cd /srv/salt/keepalived
[root@server1 keepalived]# ls
files install.sls
[root@server1 keepalived]# vim install.sls
[root@server1 keepalived]# cat install.sls
include:
- pkgs.make
kp-install:
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
cmd.run:
- name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/keepalived
/etc/keepalived:
file.directory:
- mode: 755 脚本的权限
/etc/sysconfig/keepalived: 制作软链接
file.symlink:
- target: /usr/local/keepalived/etc/sysconfig/keepalived
/sbin/keepalived: 制作软链接
file.symlink:
- target: /usr/local/keepalived/sbin/keepalived
[root@server1 keepalived]# salt server4 state.sls keepalived.install 进行推送
在server4可以看到对应的软链接代表推送成功:
在serevr1安装打开keepalived服务的脚本:
[root@server1 keepalived]# pwd
/srv/salt/keepalived
[root@server1 keepalived]# vim service.sls
[root@server1 keepalived]# cat service.sls
include:
- keepalived.install 导入安装脚本
/etc/keepalived/keepalived.conf:
file.managed:
- source: salt://keepalived/files/keepalived.conf
kp-service:
file.managed:
- name: /etc/init.d/keepalived
- source: salt://keepalived/files/keepalived
- mode: 755
service.running:
- name: keepalived
- reload: True
- watch:
- file: /etc/keepalived/keepalived.conf
[root@server1 keepalived]# cd /srv/pillar/ 进去pillar模块
[root@server1 pillar]# ls
top.sls web
[root@server1 pillar]# cd web/
[root@server1 web]# ls
install.sls
[root@server1 web]# vim install.sls
[root@server1 web]# cat install.sls
{% if grains['fqdn'] == 'server2' %} 如果主机名字为server2
webserver: httpd
bind: 172.25.254.2
port: 80
{% elif grains['fqdn'] == 'server3' %}
webserver: nginx
{% endif %}
[root@server1 web]# cd ..
[root@server1 pillar]# ls
top.sls web
[root@server1 pillar]# mkdir keepalived
[root@server1 pillar]# cd keepalived/
[root@server1 keepalived]# ls
[root@server1 keepalived]# cp ../web/install.sls .
[root@server1 keepalived]# vim install.sls
[root@server1 keepalived]# cat install.sls
{% if grains['fqdn'] == 'server1' %}
state: MASTER 写入状态MASTER还是BACKUP测试高可用
vrid: 38
priority: 100 写入优先级
{% elif grains['fqdn'] == 'server4' %}
state: BACKUP
vrid: 38
priority: 50
{% endif %}
[root@server1 keepalived]# ls
install.sls
[root@server1 keepalived]# cd ..
[root@server1 pillar]# ls
keepalived top.sls web
[root@server1 pillar]# vim top.sls
[root@server1 pillar]# cat top.sls
base:
'*':
- web.install
- keepalived.install
[root@server1 pillar]# cd ..
[root@server1 srv]# cd salt/
[root@server1 salt]# ls
_grains haproxy apache keepalived nginx pkgs top.sls users
[root@server1 salt]# cd keepalived/
[root@server1 keepalived]# ls
files install.sls service.sls
配置keppalived的一键安装并打开服务加入优先级:
[root@server1 keepalived]# vim service.sls
[root@server1 keepalived]# cat service.sls
include:
- keepalived.install
/etc/keepalived/keepalived.conf:
file.managed:
- source: salt://keepalived/files/keepalived.conf:
- template: jinja
- context:
STATE: {{ pillar['state'] }}
VRID: {{ pillar['vrid'] }}
PRIORITY: {{ pillar['priority'] }}
kp-service:
file.managed:
- name: /etc/init.d/keepalived
- source: salt://keepalived/files/keepalived
- mode: 755
service.running:
- name: keepalived
- reload: True
- watch:
- file: /etc/keepalived/keepalived.conf
[root@server1 keepalived]# vim files/keepalived
[root@server1 keepalived]# ls
files install.sls service.sls
[root@server1 keepalived]# cd files/
[root@server1 files]# ls
keepalived keepalived-2.0.6.tar.gz keepalived.conf
[root@server1 files]# vim keepalived.conf 编辑主配置文件写入虚拟IP
[root@server1 keepalived]# salt server4 state.sls keepalived.service 推送service服务:
在server4可以看到对应的配置文件还有脚本查看有相应进程:
[root@server4 keepalived]# ip addr
2: eth0:
inet 172.25.254.4/24 brd 172.25.254.255 scope global eth0
inet 172.25.254.100/32 scope global eth0
在server1编写top.sls脚本在对应节点安装服务:
[root@server1 keepalived]# pwd
/srv/salt/keepalived
[root@server1 keepalived]# cd ..
[root@server1 salt]# ls
_grains haproxy apache keepalived nginx pkgs top.sls users
[root@server1 salt]# vim top.sls
[root@server1 salt]# cat top.sls
base:
'server1':
- haproxy.install
- keepalived.service
'server4':
- haproxy.install
- keepalived.service
'roles:apache':
- match: grain
- apache.service
'roles:nginx':
- match: grain
- nginx.service
[root@server1 salt]# salt '*' state.highstate
在server4查看已经有相应的haproxy和keepalived的进程:
[root@server4 keepalived]# ps ax
[root@server4 keepalived]# ip addr 虚拟IP已经转换到server1
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:52:c1:00 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.4/24 brd 172.25.254.255 scope global eth0
inet6 fe80::5054:ff:fe52:c100/64 scope link
valid_lft forever preferred_lft forever
在网页测试后端可以负载均衡:
将server1的keepalived服务关闭:
[root@server1 salt]# /etc/init.d/keepalived stop Stopping keepalived: [ OK ]
在网页再次测试后端依旧可以负载均衡
server4接管虚拟IP成为新的master:
[root@server4 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:52:c1:00 brd ff:ff:ff:ff:ff:ff
inet 172.25.254.4/24 brd 172.25.254.255 scope global eth0
inet 172.25.254.100/32 scope global eth0
inet6 fe80::5054:ff:fe52:c100/64 scope link
valid_lft forever preferred_lft forever
server1再次打开keepalived会抢回来master的身份:
[root@server1 salt]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server1 salt]# ip addr 已经接管虚拟IP
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:58:4d:1f brd ff:ff:ff:ff:ff:ff
inet 172.25.38.1/24 brd 172.25.38.255 scope global eth0
inet 172.25.38.100/32 scope global eth0
inet6 fe80::5054:ff:fe58:4d1f/64 scope link
valid_lft forever preferred_lft forever
调用脚本控制高可用
[root@server1 files]# cd /opt/ [root@server1 opt]# ls [root@server1 opt]# vim check_haproxy.sh [root@server1 opt]# cat check_haproxy.sh 脚本意思就是当haproxy服务出现故障时就停止keepalived #!/bin/bash /etc/init.d/haproxy status &> /dev/null || /etc/init.d/haproxy restart &> /dev/null if [ $? -ne 0 ];then /etc/init.d/keepalived stop &> /dev/null fi [root@server1 opt]# chmod +x check_haproxy.sh 给脚本赋予执行权限 [root@server1 opt]# /etc/init.d/haproxy status haproxy (pid 2877) is running... [root@server1 opt]# echo $? 0 [root@server1 opt]# cd /etc/keepalived/ [root@server1 keepalived]# ls keepalived.conf [root@server1 opt]#scp check_haproxy.sh server4:/opt/ 将脚本传递到server4,必须添加可执行权限不然脚本没办法执行
[root@server1 keepalived]# vim /srv/salt/keepalived/files/keepalived.conf
[root@server1 keepalived]# cat /srv/salt/keepalived/files/keepalived.conf
! Configuration File for keepalived
vrrp_script check_haproxy {
script "/opt/check_haproxy.sh" 同样添加脚本的调用
interval 2
weight 2
}
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id {{ VRID }}
priority {{ PRIORITY }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100
}
track_script{
check_haproxy
}
}
进行推送测试:
[root@server1 keepalived]# salt server4 state.sls keepalived.service
在server1减去haproxy脚本的执行权限,脚本生效相应的keepalived服务会关闭:
[root@server1 ~]# cd /etc/init.d/ [root@server1 init.d]# ls auditd halt keepalived netconsole rdisc rsyslog saslauthd blk-availability haproxy killall netfs restorecond salt-master single crond ip6tables lvm2-lvmetad network rhnsd salt-minion sshd functions iptables lvm2-monitor postfix rhsmcertd sandbox udev-post [root@server1 init.d]# chmod -x haproxy [root@server1 init.d]# /etc/init.d/keepalived status keepalived is stopped
MASTER会转换到serevr4,直接的效果就是server4接管虚拟IP
[root@server4 opt]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:52:c1:00 brd ff:ff:ff:ff:ff:ff
inet 172.25..254.4/24 brd 172.25.254.255 scope global eth0
inet 172.25.254.100/32 scope global eth0
inet6 fe80::5054:ff:fe52:c100/64 scope link
valid_lft forever preferred_lft forever
验证高可用
[root@server1 init.d]# ls auditd halt keepalived netconsole rdisc rsyslog saslauthd blk-availability haproxy killall netfs restorecond salt-master single crond ip6tables lvm2-lvmetad network rhnsd salt-minion sshd functions iptables lvm2-monitor postfix rhsmcertd sandbox udev-post [root@server1 init.d]# chmod +x haproxy 重新增加可执行权限 [root@server1 init.d]# ll haproxy -rwxr-xr-x 1 root root 2298 Jul 10 2013 haproxy [root@server1 init.d]# /etc/init.d/keepalived status keepalived is stopped [root@server1 init.d]# /etc/init.d/keepalived start 打开keepalived服务 Starting keepalived: [ OK ] [root@server1 init.d]# ip addr server1依旧会抢回来MASTER的角色进行接管虚拟IP
[root@server1 init.d]# salt server1 service.start keepalived 打开keepalived服务
server1:
True
[root@server1 init.d]# ls
auditd halt keepalived netconsole rdisc rsyslog saslauthd
blk-availability haproxy killall netfs restorecond salt-master single
crond ip6tables lvm2-lvmetad network rhnsd salt-minion sshd
functions iptables lvm2-monitor postfix rhsmcertd sandbox udev-post
[root@server1 init.d]# cd
[root@server1 ~]# salt-cp '*' /etc/passwd /tmp 将/etc/passwd文件同步到所有主机的/tmp目录下
在server2查看已经推送成功,拿server2举例子,不一一进行查看后端:
[root@server2 ~]# cd /tmp/ [root@server2 tmp]# ls passwd yum.log yum_save_tx-2018-08-17-09-30GSgtBm.yumtx
[root@server1 ~]# salt '*' cmd.run 'rm -f /tmp/passwd' 调用salt命令删除传递过去的passwd文件 server4: server2: server3: server1: [root@server1 ~]# cd /tmp/ 在server1查看已经被删除 [root@server1 tmp]# ls yum.log
在server2查看passwd文件已经被删除:
[root@server2 tmp]# ls yum.log yum_save_tx-2018-08-17-09-30GSgtBm.yumtx
[root@server1 tmp]# salt server3 state.single pkg.installed httpd 直接调用模块命令安装apache
在serevr3查看httpd已经被安装:
[root@server3 ~]# rpm -q httpd httpd-2.2.15-29.el6_4.x86_64
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持 码农网
猜你喜欢:
- dubbo集群和负载均衡
- 认识认识LVS负载均衡集群
- Nginx+Tomcat 配置负载均衡集群
- 高可用负载均衡集群之 HAProxy 部署
- Keepalived+Nginx搭建高可用负载均衡集群
- 在 Kubernetes 集群中 gRPC 的负载均衡
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
写给大家看的Web设计书
Robin Williams、John Tollett / 苏金国、刘亮 / 人民邮电出版社 / 201005 / 69.00元
在这个网络时代,Web设计几乎已经成为每个人生活的必备技能。如果你想自力更生创建一个网站,或者认为自己的网站在设计上还不尽如人意,希望它看上去更具创意和专业性,那么本书正是为你准备的! 作者Robin和John先采用通俗易懂的方式将有关基础知识娓娓道来,比如Internet、搜索信息、构建简单网页等,然后为我们奉上了精妙的技巧、技术和设计示例来启发大家的设计灵感,比如Web基本设计原则、实现......一起来看看 《写给大家看的Web设计书》 这本书的介绍吧!
