一、Pillar和Jinja简介
Pillar是Salt用来分发全局变量到所有minions的一个接口
官方文档介绍:http://docs.saltstack.cn/topics/pillar/index.html
Jinja加载工具为jinja模板提供了一个更强大的后端
官方文档介绍http://docs.saltstack.cn/ref/renderers/all/salt.renderers.jinja.html
二、部署haproxy+keepalived+nginx
本此实验的所以资源及源代码均已上传,需要的可以下载交流
下载地址:srv.tar.gz
1.环境部署安排:
系统:redhat6.5
server5:salt—master
server6:keepalived+haproxy
server7:keepalived+haproxy
server8:nginx
server9:nginx
2.在salt—master上创建top.sls
vim /srv/salt/top.sls
base:'server6':- keepalived.service - haproxy.service 'server7':- keepalived.service - haproxy.service 'roles:nginx':- match: grain - nginx.service3.在salt—master上创建my_grains.py
[root@server5 salt]# vim /srv/salt/_grains/my_grains.py
#!/usr/bin/env pythondef my_grains():grains = {}grains['roles'] = 'nginx'return grains
4.在salt-master上创建nginx部署
4.1 安装脚本install.sls
vim /srv/salt/nginx/install.slsinclude:- pkg.nginx
nginx-install:file.managed:- name: /mnt/nginx-1.12.0.tar.gz - source: salt://nginx/files/nginx-1.12.0.tar.gz cmd.run:- name: cd /mnt && tar zxf nginx-1.12.0.tar.gz && cd nginx-1.12.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module && make && make install - creates: /usr/local/nginx /usr/local/nginx/html/index.html:file.managed:- source: salt://nginx/files/index.html - template: jinja 4.2 服务启动脚本service.sls
vim /srv/salt/nginx/service.slsinclude:- nginx.install - user.nginx /usr/local/nginx/conf/nginx.conf:file.managed:- source: salt://nginx/files/nginx.conf - mode: 644 /etc/init.d/nginx:file.managed:- source: salt://nginx/files/nginx - mode: 755
nginx-service:service.running:- name: nginx - enable: true - reload: true - require: - file: /etc/init.d/nginx - watch: - file: /usr/local/nginx/conf/nginx.conf4.3 依赖安装脚本nginx.sls
vim /srv/salt/pkg/nginx.sls
nginx-pkg:pkg.installed:- pkgs: - gcc - pcre-devel - openssl-devel - zlib-devel4.4 pillar部署方案脚本web.sls
vim /srv/pillar/nginx/web.sls
{% if grains['host'] == 'server7' %}
bind: 172.25.27.7
{% elif grains['host'] == 'server8' %}
bind: 172.25.27.8
{% endif %}4.5 pillar脚本top.sls
vim /srv/pillar/top.sls
base:'server7':- nginx.web'server8':- nginx.web4.6 用户创建脚本
vim /srv/salt/user/nginx.sls
nginx:user.present:- uid: 800 - shell: /sbin/nologin - home: /usr/local/nginx - createhome: false5.在salt-master上创建haproxy部署
5.1安装脚本
vim /srv/salt/haproxy/install.sls
include:- pkg.haproxy - user.haproxy
haproxy-install:file.managed:- name: /mnt/haproxy-1.6.11.tar.gz - source: salt://haproxy/files/haproxy-1.6.11.tar.gz cmd.run:- name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install - creates: /usr/local/haproxy /etc/haproxy:file.directory:- mode: 755 /etc/haproxy/haproxy.cfg:file.managed:- source: salt://haproxy/files/haproxy.cfg /etc/init.d/haproxy:file.managed:- source: salt://haproxy/files/haproxy - mode: 7555.2 服务启动脚本service.sls
vim /srv/salt/haproxy/service.sls
include:- haproxy.install
haproxy-service:service.running:- name: haproxy - enable: true - reload: true - watch: - file: /etc/haproxy/haproxy.cfg5.3 依赖安装脚本nginx.sls
vim /srv/salt/pkg/haproxy.sls
haproxy-pkg:pkg.installed:- pkgs: - gcc - pcre-devel - openssl-devel - zlib-devel5.4 用户创建脚本
vim /srv/salt/user/haproxy.sls
haproxy:group.present:- gid: 200 user.present:- uid: 200 - gid: 200 - shell: /sbin/nologin - home: /usr/local/haproxy - createhome: false6.在salt-master上创建keepalived部署
6.1安装脚本
vim /srv/salt/keepalived/install.sls{% set keepalived_version = '1.3.6' %}include:- pkg.keepalived
keepalived-install:file.managed:- name: /mnt/keepalived-{
{keepalived_version}}.tar.gz - source: salt://keepalived/files/keepalived-{
{keepalived_version}}.tar.gz cmd.run:- name: cd /mnt && tar zxf keepalived-{
{keepalived_version}}.tar.gz && cd keepalived-{
{keepalived_version}} && ./configure --prefix=/usr/local/keepalived --with-init=SYSV && make && make install - creates: /usr/local/keepalived /etc/sysconfig/keepalived:file.managed:- source: salt://keepalived/files/keepalived - mode: 644 - user: root /etc/keepalived:file.directory:- mode: 755 /etc/keepalived/keepalived.conf:file.managed:- source: salt://keepalived/files/keepalived.conf - mode: 644 - template: jinja {% if grains['fqdn'] == 'server6' %}- STATE: MASTER - PRIORITY: 100 {% elif grains['fqdn'] == 'server7' %}- STATE: BACKUP - PRIORITY: 50 {% endif %}
/sbin/keepalived:file.symlink:- target: /usr/local/keepalived/sbin/keepalived /etc/init.d/keepalived:file.managed:- source: salt://keepalived/files/keepalived-init - mode: 7556.2 服务启动脚本service.sls
vim /srv/salt/keepalived/service.sls
include:- keepalived.install
keepalived-service:service.running:- name: keepalived - enable: true - reload: true - watch: - file: /etc/keepalived/keepalived.conf6.3 依赖安装脚本keepalived.sls
vim /srv/salt/pkg/keepalived.sls
keepalived-pkg:pkg.installed:- pkgs: - gcc - pcre-devel - openssl-devel - zlib-devel6.4 keepalived 配置文件配置
! Configuration File for keepalivedglobal_defs {notification_email {root@localhost}notification_email_from keepalived@localhostsmtp_server 127.0.0.1smtp_connect_timeout 30router_id LVS_DEVELvrrp_skip_check_adv_addr
# vrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_instance VI_1 {state {
{ STATE }}interface eth0virtual_router_id 51priority {
{ PRIORITY }}advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.25.27.100/24}
}
virtual_server 172.25.27.100 80 {delay_loop 6lb_algo rrlb_kind DRpersistence_timeout 50protocol TCPreal_server 172.25.27.8 80 {weight 1TCP_CHECK {connect_timeout 3nb_get_retry 3delay_before_retry 3}}real_server 172.25.27.9 80 {weight 1TCP_CHECK {connect_timeout 3nb_get_retry 3delay_before_retry 3}}
}
7.安装部署
上面只是完成了脚本,巧妇难为无米之炊,我们还需要一些相应的包和配置文件来支持安装,这里不做详细介绍
最后配置下nginx的默认发布页
[root@server5 salt]# vim nginx/files/index.html <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style>body {width: 35em;margin: 0 auto;font-family: Tahoma, Verdana, Arial, sans-serif;} </style> </head> <body> <h1>Welcome to nginx! {
{ grains['host'] }} </h1> ##修改这里,用以区分 <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p><p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p><p><em>Thank you for using nginx.</em></p> </body> </html> 再写一个测试页
vim /srv/salt/nginx/files/test.html
<h1>data from {
{ HOST }} <h1>相应的/srv/salt/nginx/install.sls也要改动一下
vim /srv/salt/nginx/install.sls ##在最后添加以下内容
/usr/local/nginx/html/test.html:file.managed:- source: salt://nginx/files/test.html - template: jinja - HOST: {
{ grains['host'] }}最终的目录结构是这样的
[root@server5 srv]# tree
.
├── pillar
│ ├── nginx
│ │ └── web.sls
│ └── top.sls
└── salt├── haproxy│ ├── files│ │ ├── haproxy│ │ ├── haproxy-1.6.11.tar.gz│ │ └── haproxy.cfg│ ├── install.sls│ └── service.sls├── keepalived│ ├── files│ │ ├── keepalived│ │ ├── keepalived-1.3.6.tar.gz│ │ ├── keepalived.conf│ │ └── keepalived-init│ ├── install.sls│ └── service.sls├── nginx│ ├── files│ │ ├── index.html│ │ ├── nginx│ │ ├── nginx-1.12.0.tar.gz│ │ ├── nginx.conf│ │ └── test.html│ ├── install.sls│ └── service.sls├── pkg│ ├── haproxy.sls│ ├── keepalived.sls│ └── nginx.sls├── top.sls└── user├── haproxy.sls└── nginx.sls
[root@server5 ~]# salt '*' saltutil.refresh_pillar ##可不用执行
[root@server5 salt]# salt server[8,9] saltutil.sync_grains ##可不用执行
[root@server5 salt]# salt '*' state.highstate部署成功浏览器测试:
浏览器有缓存,我们通过shell查看轮询效果
