cd /srv/salt/prod/
mkdir haproxy
mkdir keepalived
mkdir nginx
mkdir php
mkdir memcached
mkdir pkg
cd pkg
vim make.sls
make-pkg:
pkg.installed:
- pkgs:
- gcc
- gcc-c++
- glibc
- make
- autoconf
- openssl
- openssl-devel
- pcre
- pcre-devel
先安装一遍haproxy取得配置文件等信息
cd /srv/salt/prod/haproxy/files/
把haproxy安装包拷贝到这个目录
cp /root/tools/haproxy-1.6.3.tar.gz /usr/local/src/
解压 haproxy
make TARGET=linux2628
make install TARGET=linux2628 PREFIX=/usr/local/haproxy-1.6.3
ln -s /usr/local/haproxy-1.6.3/ /usr/local/haproxy
由于不是默认安装 需要修改启动脚本
cd /srv/salt/prod/haproxy/files/haproxy-1.6.3/examples
vim haproxy.init
拷贝
cp haproxy.init /srv/salt/prod/haproxy/files
cd /srv/salt/prod/haproxy
vim install.sls
include:
- pkg.make
haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.6.3.tar.gz
- source: salt://haproxy/files/haproxy-1.6.3.tar.gz
- mode: 755
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.6.3.tar.gz && cd haproxy-1.6.3 && make TARGET=linux2628 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy && ln -s /usr/local/haproxy-1.6.3 /usr/local/haproxy
- require:
- pkg: make-pkg
- file: haproxy-install
可以执行安装试一下了
salt '10-8-86-172' state.sls haproxy.install saltenv=prod
PS:注意路径,默认使用base可以在后面加saltenv=prod使用prod
每次执行都会执行一次这个命令,这样不合理
继续学习状态间关系
1,unless 如果unless后面返回的值为真就不执行cmd.run - unless: test -L /usr/local/haproxy
2,onlyif
再完善一下
include:
- pkg.make
haproxy-install:
file.managed:
- name: /usr/local/src/haproxy-1.6.3.tar.gz
- source: salt://haproxy/files/haproxy-1.6.3.tar.gz
- mode: 755
- user: root
- group: root
cmd.run:
- name: cd /usr/local/src && tar zxf haproxy-1.6.3.tar.gz && cd haproxy-1.6.3 && make TARGET=linux2628 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy && ln -s /usr/local/haproxy-1.6.3 /usr/local/haproxy
- unless: test -L /usr/local/haproxy
- require:
- pkg: make-pkg
- file: haproxy-install
/etc/init.d/haproxy:
file.managed:
- source: salt://haproxy/files/haproxy.init
- mode: 755
- user: root
- group: root
- require_in:
- file: haproxy-install
net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: 1
/etc/haproxy:
file.directory:
- user: root
- group: root
- mode: 755
~
PS:net.ipv4.ip_nonlocal_bind:
sysctl.present:
- value: 1
是允许ip4监听
业务引用
把结构做一个调整新建两个目录一个cluster 一个modules
把之前建立的文件夹全部放入modules(所有的基础模块放在这里)业务放在cluster
刚刚的install.sls路径也需要修改
可以执行代表设置成功
salt '10-8-86-172' state.sls modules.haproxy.install saltenv=prod
业务引用
/srv/salt/prod/cluster
mkdir files
cd files/
vim haproxy-outside.cfg
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms
listen stats
mode http
bind 0.0.0.0:8888
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack
frontend frontend_www_example_com
bind 192.168.56.21:80
mode http
option httplog
log global
default_backend backend_www_example_com
backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.56.21:8080 check inter 2000 rise 30 fall 15
server web-node2 192.168.56.22:8080 check inter 2000 rise 30 fall 15
cd /srv/salt/prod/cluster
vim haproxy-outside.sls
include:
- modules.haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy-outside.cfg
- user: root
- group: root
- mode: 644
service.running:
- name: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-install
- watch:
- file: haproxy-service
在top里面定义
vim /srv/salt/base/top.sls
base:
'*':
- init.init
prod:
'*':
- cluster.haproxy-outside
执行高级状态
salt '10-8-86-172' state.highstate