1.首先我們不在base環境下面做在,prod環境下面。確保/etc/salt/master中沒有註釋prod這一行:
# Example:
file_roots:
base:
- /srv/salt/base
dev:
- /srv/salt/dev/services
- /srv/salt/dev/states
prod:
- /srv/salt/prod
2.在prod環境下面創建如下文件
目錄結構爲:
root@ubuntu2:/srv/salt/prod# tree . -L 3
.
├── cluster
│ ├── files
│ │ └── haproxy-outside.cfg
│ └── haproxy-outside.sls
├── haproxy
│ ├── files
│ │ ├── haproxy-1.7-dev6
│ │ ├── haproxy-1.7-dev6.zip
│ │ └── haproxy.init
│ └── install.sls
└── pkg
└── pkg-init.sls
haproxy-1.7-dev6.zip下載路徑:https://github.com/haproxy/haproxy/tree/v1.7-dev6
各個文件內容:
install.sls
include: #引入基礎包安裝模塊
- pkg.pkg-init
haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.7-dev6.zip
- source: salt://haproxy/files/haproxy-1.7-dev6.zip
- user: root
- group: root
- mode: 755
cmd.run:
- name: cd /usr/local/src && unzip haproxy-1.7-dev6.zip && cd haproxy-1.7-dev6 && make TARGET=linux2628 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy #如果沒有安裝haproxy才進行安裝
- require:
- pkg: pkg-init
- file: haproxy-install
haproxy-init:
file.managed:
- name: /etc/init.d/haproxy
- source: salt://haproxy/files/haproxy.init
- user: root
- group: root
- mode: 755
- require:
- cmd: haproxy-install
cmd.run:
- name: chkconfig --add haproxy
- unless: chkconfig --list | grep haproxy
- require:
- file: haproxy-init
#配置可以監聽本機以外的其他IP
net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: 1
haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- user: root
- group: root
- mode: 755
BIN=/usr/local/haproxy/sbin/$BASENAME
pkg/pkg-init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
#外網負載均衡配置
cluster/haproxy-outside.sls
include:
- haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy-outside.cfg
- user: root
- group: root
- mode: 644
service.running:
- name: haproxy
- enable: True
- reload: True #watch下面的文件發生變化就reload服務
- require:
- cmd: haproxy-init # haproxy.install 中的ID
- watch:
- file: haproxy-service #自身的file
cluster/files/haproxy-outside.cfg
global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 5000ms
timeout server 5000ms
listen stats
mode http
bind 0.0.0.0:8888
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack
frontend frontend_www_example_com
#VIP
bind 192.168.1.8:80
mode http
option httplog
log global
default_backend backend_www_example_com
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
#記住要事前在兩臺node上面安裝httpd並配置/etc/httpd/conf/httpd.conf中Listen 8081,負載均衡服務監聽80端口,監聽8081可以用普通用戶啓動
server web-mode1 192.168.1.6:8081 check inter 2000 rise 30 fall 15
server web-mode2 192.168.1.5:8081 check inter 2000 rise 30 fall 15
最後一步,top.sls中/srv/salt/base/top.sls
base:
'*':
- init.env_init
prod:
'centser1,centser2':
- match: list
- cluster.haproxy-outside
實用命令salt '*' state.highstate 部署兩臺centos web servers.
打開192.168.1.6:8888 登陸 haproxy/saltstack,
注意 status部分可能爲Down,在/var/www/html下面隨便創建一個index.html,刷新頁面即可