Saltstack自動部署Haproxy+keepalived+nginx+memcache+php(fastcgi)

二系列:

部署keepalived總的目錄結構

[root@web-nginx-idc0E-node02 salt]# tree /srv/salt/
/srv/salt/
├── base
│   ├── init
│   │   ├── audit.sls
│   │   ├── dns.sls
│   │   ├── env_init.sls
│   │   ├── epel.sls
│   │   ├── files
│   │   │   └── resolv.conf
│   │   ├── history.sls
│   │   └── sysctl.sls
│   └── top.sls
└── prod
    ├── cluster
    │   ├── files
    │   │   ├── haproxy-outside.cfg
    │   │   ├── haproxy-outside.cfg.bak
    │   │   └── haproxy-outside-keepalived.conf
    │   ├── haproxy-outside-keepalived.sls
    │   └── haproxy-outside.sls
    ├── haproxy
    │   ├── files
    │   │   ├── haproxy-1.4.24.tar.gz
    │   │   └── haproxy.init
    │   └── install.sls
    ├── keepalived
    │   ├── files
    │   │   ├── keepalived-1.1.19.tar.gz
    │   │   ├── keepalived.init
    │   │   └── keepalived.sysconfig
    │   └── install.sls
    └── pkg
        ├── create-haproxy.sls
        ├── keepalived-init.sls
        └── pkg-init.sls

1.軟件包管理

cd /usr/local/src
cp keepalived-1.1.19.tar.gz /srv/salt/prod/keepalived/files
tar xf keepalived-1.1.19.tar.gz
cd keepalived-1.1.19/keepalived/etc/init.d/keepalived.init  /srv/salt/prod/keepalived/files 
cp keepalived-1.1.19/keepalived/etc/init.d/keepalived.sysconfig  /srv/salt/prod/keepalived/files

由於默認安裝的keepalived是/usr/local/keepalived目錄下,所以手動修改源碼包中的init腳本：

daemon keepalived ${KEEPALIVED_OPTIONS}

修改爲：

daemon /usr/local/keepalived/sbin/keepalived ${KEEPALIVED_OPTIONS}

2.編寫Keepalived安裝SLS

2.1.安裝依賴包

[root@web-nginx-idc0E-node02 pkg]# cat /srv/salt/prod/pkg/keepalived-init.sls 
keepalived-init:
  pkg.installed:
    - names:
      - kernel-devel
      - popt-devel

2.2.Keepalived的安裝如下：

[root@web-nginx-idc0E-node02 keepalived]# cat /srv/salt/prod/keepalived/install.sls 
include:
  - pkg.keepalived-init
keepalived_install:
  file.managed:
    - name: /usr/local/src/keepalived-1.1.19.tar.gz
    - source: salt://keepalived/files/keepalived-1.1.19.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: mkdir -p /var/log/keepalived && cd /usr/local/src && tar xf keepalived-1.1.19.tar.gz && cd keepalived-1.1.19 && ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
    - unless: test -d /usr/local/keepalived
    - require:
      - file: keepalived_install
keepalived_sysconfig:
  file.managed:
    - name: /etc/sysconfig/keepalived
    - source: salt://keepalived/files/keepalived.sysconfig
    - mode: 644
    - user: root
    - group: root

keepalived-rsyslogs:
  file.append:
    - name: /etc/rsyslog.conf
    - text:
      - local0.*   /var/log/keepalived/keepalived.log 
  cmd.run:
    - name: /etc/init.d/rsyslog restart
keepalived_init.d:
  file.managed:
    - name: /etc/init.d/keepalived
    - source: salt://keepalived/files/keepalived.init
    - mode: 744
    - user: root
    - group: root
keepalived_init:
  cmd.run:
    - name: chkconfig --add keepalived
    - unless: chkconfig --list|grep keepalived
    - require:
      - file: /etc/init.d/keepalived
#另一種寫法
/etc/keepalived:
  file.directory:
    - user: root
    - group: root

2.3.Keepalived業務引用：[keepalived配置文件和服務管理]

注意：keepalived分爲主備節點，一些配置兩者不同，所以需要使用Jinja模板來完成配置文件的管理，這裏我使用了Jinja判斷函數,通過Grains獲取minion端id名來根據不同的id名設置不用的變量。

[root@web-nginx-idc0E-node02 cluster]# cat /srv/salt/prod/cluster/haproxy-outside-keepalived.sls 
include:
  - keepalived.install
keepalived-server:
  file.managed:
    - name: /etc/keepalived/keepalived.conf
    - source: salt://cluster/files/haproxy-outside-keepalived.conf
    - user: root
    - group: root
    - mode: 644
    - template: jinja
      {% if grains['id'] == 'jenkins.saltstack.me' %}
      ROUTEID: haproxy_ha
      STATEID: MASTER
      PRIORITYID: 150
      {% elif grains['id'] == 'gitlab.saltstack.me' %}
      ROUTEID: haproxy_ha
      STATEID: BACKUP
      PRIORITYID: 100
      {% endif %}
 
  service.running:
    - name: keepalived
    - enable: True
    - watch:
      - file: keepalived-server

2.4.執行Keepalived狀態

[root@web-nginx-idc0E-node02 base]# cat /srv/salt/base/top.sls 
base:
  '*':   
    - init.env_init
prod:
  '*':
    - cluster.haproxy-outside
    - cluster.haproxy-outside-keepalived
2.5.最後注意一點：
[root@web-nginx-idc0E-node02 files]# cat keepalived.sysconfig
# Options for keepalived. See `keepalived --help' output and keepalived(8) and
# keepalived.conf(5) man pages for a list of all options. Here are the most
# common ones :
#
# --vrrp               -P    Only run with VRRP subsystem.
# --check              -C    Only run with Health-checker subsystem.
# --dont-release-vrrp  -V    Dont remove VRRP VIPs & VROUTEs on daemon stop.
# --dont-release-ipvs  -I    Dont remove IPVS topology on daemon stop.
# --dump-conf          -d    Dump the configuration data.
# --log-detail         -D    Detailed log messages.
# --log-facility       -S    0-7 Set local syslog facility (default=LOG_DAEMON)
#
#KEEPALIVED_OPTIONS="-D"
KEEPALIVED_OPTIONS="-D -d -S 0"   #keepalived日誌的配置。

keepalived-rsyslogs:
  file.append:
    - name: /etc/rsyslog.conf
    - text:
      - local0.*   /var/log/keepalived/keepalived.log  ##keepalived日誌配置