SaltStack-02Haproxy以及Keepalived配置

1.首先我們不在base環境下面做在,prod環境下面。確保/etc/salt/master中沒有註釋prod這一行：

# Example:
file_roots:
  base:
    - /srv/salt/base
  dev:
    - /srv/salt/dev/services
    - /srv/salt/dev/states
  prod:
    - /srv/salt/prod

2.在prod環境下面創建如下文件

目錄結構爲：

root@ubuntu2:/srv/salt/prod# tree . -L 3
.
├── cluster
│   ├── files
│   │   └── haproxy-outside.cfg
│   └── haproxy-outside.sls
├── haproxy
│   ├── files
│   │   ├── haproxy-1.7-dev6
│   │   ├── haproxy-1.7-dev6.zip
│   │   └── haproxy.init
│   └── install.sls
└── pkg
    └── pkg-init.sls

haproxy-1.7-dev6.zip下載路徑：https://github.com/haproxy/haproxy/tree/v1.7-dev6

各個文件內容：

install.sls
include:        #引入基礎包安裝模塊
  - pkg.pkg-init

haproxy-install:
  file.managed:
    - name: /usr/local/src/haproxy-1.7-dev6.zip
    - source: salt://haproxy/files/haproxy-1.7-dev6.zip
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /usr/local/src && unzip haproxy-1.7-dev6.zip && cd haproxy-1.7-dev6 && make TARGET=linux2628 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
    - unless: test -d /usr/local/haproxy #如果沒有安裝haproxy才進行安裝
    - require:
      - pkg: pkg-init
      - file: haproxy-install

haproxy-init:
  file.managed:
    - name: /etc/init.d/haproxy
    - source: salt://haproxy/files/haproxy.init
    - user: root
    - group: root
    - mode: 755
    - require:
      - cmd: haproxy-install
  cmd.run:
    - name: chkconfig --add haproxy
    - unless: chkconfig --list | grep haproxy
    - require:
      - file: haproxy-init

#配置可以監聽本機以外的其他IP
net.ipv4.ip_nonlocal_bind:
  sysctl.present:
    - value: 1

haproxy-config-dir:
  file.directory:
    - name: /etc/haproxy
    - user: root
    - group: root
    - mode: 755

haproxy.init 爲解壓後的安裝包內haproxy-1.7-dev6/examples/haproxy.init 第35行更改爲一下內容：
BIN=/usr/local/haproxy/sbin/$BASENAME

pkg/pkg-init.sls

pkg-init:
  pkg.installed:
    - names:
      - gcc
      - gcc-c++
      - glibc
      - make
      - autoconf
      - openssl
      - openssl-devel

#外網負載均衡配置

cluster/haproxy-outside.sls

include:   
  - haproxy.install

haproxy-service:
  file.managed:
    - name: /etc/haproxy/haproxy.cfg
    - source: salt://cluster/files/haproxy-outside.cfg
    - user: root
    - group: root
    - mode: 644
  service.running:
    - name: haproxy
    - enable: True
    - reload: True #watch下面的文件發生變化就reload服務
    - require:
      - cmd: haproxy-init # haproxy.install 中的ID
    - watch:
      - file: haproxy-service #自身的file

cluster/files/haproxy-outside.cfg

global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info

defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 5000ms
timeout server 5000ms

listen stats
mode http
bind 0.0.0.0:8888
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack

frontend frontend_www_example_com
#VIP

bind 192.168.1.8:80
mode http
option httplog
log global
    default_backend backend_www_example_com

backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source

#記住要事前在兩臺node上面安裝httpd並配置/etc/httpd/conf/httpd.conf中Listen 8081,負載均衡服務監聽80端口，監聽8081可以用普通用戶啓動
server web-mode1 192.168.1.6:8081 check inter 2000 rise 30 fall 15
server web-mode2 192.168.1.5:8081 check inter 2000 rise 30 fall 15

最後一步，top.sls中/srv/salt/base/top.sls

base:
  '*':
    - init.env_init

prod:
  'centser1,centser2':
    - match: list
    - cluster.haproxy-outside

實用命令salt  '*' state.highstate 部署兩臺centos web servers.

打開192.168.1.6:8888 登陸 haproxy/saltstack，

注意 status部分可能爲Down，在/var/www/html下面隨便創建一個index.html，刷新頁面即可