SaltStack一键部署高可用加负载均衡集群

在上篇博客中我们利用salt推送了一台主机上的haproxy为了实现高可用和负载均衡，我们再使用一台虚拟机server4搭建集群…..

server1和server4组成高可用和负载均衡集群；
server2和server3作为后端真实服务器提供httpd服务；

1.将server4加进server1的minion群组中，并在server4上配置yum源

2.在server1的/srv/salt目录下，建立keepalived目录，进到目录里边编辑安装keepalived的sls推送文件
vim install.sls
(将install.sls文件分开来写，先尝试安装的推送，再做文件的软链接等，可以在server4中边验证边在server1中编辑)

kp-install:
pkg.installed:
- pkgs:
- openssl-devel
- gcc
- mailx                      # 源码编译所需要的依赖性
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz           # 源码包所再的位置（server4中）
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
# server1中源码包所在的位置
cmd.run:
- name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null     # 源码编译的过程
- creates: /usr/local/keepalived       # 决定是否要再次编译安装的条件

/etc/keepalived:
file.directory:
- mode: 755

/etc/sysconfig/keepalived:
file.symlink:           # 做软链接，方便使用，将
- target: /usr/local/keepalived/etc/sysconfig/keepalived

/sbin/keepalived:
file.symlink:
- target: /usr/local/keepalived/sbin/keepalived    # 这是对keepalived的二进制命令，配置文件等做软链接等等

3.在server4中查看是否安装源码编译好keepalived
4.将server4中安装编译好的keepalived的脚本，配置文件远程发送到到sevrer1中/srv/salt/keepalived/files

5.执行安装推送

salt server4 state.sls keepalived.install

6.在server1中编辑service.sls，用来启动服务和编辑配置文件

include:
- keepalived.install

/etc/keepalived/keepalived.conf:
file.managed:
- source: salt://keepalived/files/keepalived.conf
- template: jinja                            # 使用jinja模版
- context:
STATE: {{ pillar['state'] }}               # 在pillar中取值
VRID: {{ pillar['vrid'] }}
PRIORITY: {{ pillar['priority'] }}

kp-service:
file.managed:
- name: /etc/init.d/keepalived
- source: salt://keepalived/files/keepalived
- mode: 755
service.running:
- name: keepalived
- reload: True
- watch:
- file: /etc/keepalived/keepalived.conf

7.因为我们在service中用到jinja模版和pillar值，所以去到/srv/pillar中编辑模版,即存储键值对的

cd /srv/pillar/
cd keepalived/
vim install.sls
{% if grains['fqdn'] == 'server1' %}         # server1是master
state: MASTER
vrid: 1
priority: 100                                # 赋予键和键值
{% elif grains['fqdn'] == 'server4' %}       # server2是backup
state: BACKUP
vrid: 1
priority: 50
{% endif %}

cd /srv/pillar/
vim top.sls
base:
'*':
- web.install
- keepalived.install

9.在/srv/salt下编辑全部节点的推送的top.sls文件

cd /srv/salt
vim top.sls
base:
'server1':                          # 在server1上执行的推送
- haproxy.install
- keepalived.service
'server4':
- haproxy.install
- keepalived.service
'roles:apach':
- match: grain
- httpd.install
'roles:nginx':
- match: grain
- nginx.service

10.执行top.sls文件，向所有节点安装以及部署服务

salt '*' state.highstate

11.在浏览器测试负载均衡和高可用


做到这儿我们发现一个问题，如果正在提供服务的主机上haproxy停掉，那么我们的负载均衡失效，但是keepalived还是不会转移到另一台主机，这时我们应该采取一点措施来解决keepalived不会转移的问题：

1.在server1上编写执行此功能的脚本

vim /opt/haproxy_check.sh
#!bin/bash

/etc/init.d/haproxy status &> /dev/null || /etc/init.d/haproxy retsart &> /dev/null
# 如果haproxy的状态是打开的，不做任何事情，如果haproxy的状态是关闭的，那么重新打开haproxy
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop &> /dev/null
fi
# 如果重新打开haproxy的操作返回值非0，那么说明haproxy出现故障，此时由脚本关闭keepalived，将提供服务的节点转移

2.将该脚本写进/srv/salt/keepalived/files/keepalived的配置文件中

vrrp_script check_haproxy {
script "/opt/check_haproxy.sh"
interval 2                     # 每隔两秒一词，检测到haproxy出现故障无法打开时，此时vip所在主机的优先级每次减2，直到低于另一台主机的优先级，keepalived转移
weight 2
}

......

track_script {
check_haproxy
}

3.做推送，将该文件推送到server1和server4上

salt server4 state.sls keepalived.service
salt server1 state.sls keepalived.service

4.我们模仿haproxy彻底宕掉的情形，在server1上：

/etc/init.d/haproxy stop
cd /etc/init.d/
chmod -x haproxy                #  让他不能自行利用脚本恢复

5.过了一会儿之后我们发现vip转移server4上

6.在server1上重新打开keepalived
salt server1 service.start keepalived
此时vip回到server1上：

三.两个简单salt模块的用法

1.向minion上远程发送
salt-cp ‘*’ /etc/passwd /opt/


2.远程执行命令
salt ‘*’ cmd.run ‘rm -fr /opt/passwd’