[root@master ~]# mkdir /srv/salt/prod/pkg
[root@master ~]# mkdir /srv/salt/prod/haproxy
[root@master ~]# mkdir /srv/salt/prod/haproxy/files
[root@master pkg]# pwd
/srv/salt/prod/pkg
[root@master pkg]# vim pkg-init.sls
[root@master pkg]# cat pkg-init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibe
- make
- autoconf
- openssl
- openssl-devel
[root@master prod]# cd haproxy/files/
[root@master files]# wget https://fossies.org/linux/misc/haproxy-1.8.14.tar.gz
[root@master files]# cp haproxy-1.8.14.tar.gz /usr/local/src
[root@master src]# pwd
/usr/local/src
[root@master src]# tar -zxf haproxy-1.8.14.tar.gz
[root@master src]# cd haproxy-1.8.14
[root@master haproxy-1.8.14]# less README
[root@master haproxy-1.8.14]# uname -a
Linux master.com 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@master haproxy-1.8.14]# make TARGET=linux26 PREEFIX=/usr/local/haproxy &&make install PREFIX=/usr/local/haproxy
[root@master haproxy-1.8.14]# cd examples/
[root@master examples]# vim haproxy.init
BIN=/usr/local/haproxy/sbin/$BASENAME
[root@master examples]# cp haproxy.init /srv/salt/prod/haproxy/files/
[root@master examples]# cd /srv/salt/prod/haproxy/files/
[root@master files]# cd ..
[root@master haproxy]# ls
files
状态模块:条件判断,用于cmd状态模块
onlyif: 检查的命令,仅当onlyif选项指向的命令返回true时才执行name定义的命令。
unless: 用于检查的命令,仅当unless选项指向的命令返回false时才执行name指向的命令。
require: 解决依赖
[root@master haproxy]# vim install.sls
[root@master haproxy]# cat install.sls
include:
- pkg.pkg-init #pkg模块调用自定义的pkg-init
haproxy-install: #id
file.managed: #file模块的managed的方法
- name: /usr/local/src/haproxy-1.8.14.tar.gz
- source: salt://haproxy/files/haproxy-1.8.14.tar.gz #等于/srv/salt/prod/haproxy/files/haproxy-1.8.14.tar.gz
- user: root
- group: root
- mode: 755 #权限
cmd.run: #cmd模块的run方法
- name: cd /usr/local/src && tar -zxf haproxy-1.8.14.tar.gz && cd haproxy-1.8.14 && make TARGET=linux26 PREEFIX=/usr/local/haproxy &&make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy #unless用于检测, test -d /usr/local/haproxy 检测文件是否存在,并返回,返回值
- require: #依赖
- pkg: pkg-init #执行了pkg-init才能执行cmd.run
- file: haproxy-install #执行了id为haproy-install的命令才能执行cmd.run
haproxy-init:
file.managed: #file模块的managed的方法
- name: /etc/init.d/haproxy
- source: salt://haproxy/files/haproxy.init #同上
- user: root
- group: root
- mode: 755
- require: #依赖
- cmd: haproxy-install #执行了id为haproxy-install的命令才能执行file.managed
cmd.run:
- name: chkconfig --add haproxy
- unles: chkconfig --list |grep haproxy #判断是否有haproxy,并返回,返回值
- require:
- file: haproxy-init 执行了id为haproy-init的命令才能执行cmd.run
net.ipv4.ip_nonlocal_bind: #开启自己的ipv4监听
sysctl.present:
- value: 1
haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- user: root
- group: root
- mode: 755
[root@master haproxy]# salt '*' state.sls haproxy.install env=prod #env=prod 默认是加载的base文件,haproxy.install 为转态可以自定义名称
一个id下不能写相同的模块
[root@master prod]# mkdir /srv/salt/prod/cluster
[root@master prod]# mkdir /srv/salt/prod/cluster/files
[root@master prod]# cd /srv/salt/prod/cluster/files
[root@master files]# vim haproxy-outside.cfg
[root@master files]# cat haproxy-outside.cfg
global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 50000ms
listen stats
mode http
bind 0.0.0.0:8888
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack #用户名:密码
frontend frontend_www_example_com
bind 192.168.43.119:80
mode http
option httplog
log global
default_backend backend_www_example_com
backend backend_www_example_com
option forwardfor header X-REA-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.43.118:8080 check inter 2000 rise 30 fall 15
server web-node2 192.168.43.71:8080 check inter 2000 rise 30 fall 15
[root@master cluster]# pwd
/srv/salt/prod/cluster
[root@master cluster]# tree
.
└── files
└── haproxy-outside.cfg
1 directory, 1 file
[root@master cluster]# vim haproxy-outside.sls
[root@master cluster]# cat haproxy-outside.sls
include:
- haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy-outside.cfg
- user: root
- group: root
- mdoe: 644
service.running:
- nmae: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-init
- watch: #监控配置文件是否改变,变了直接reload
- file: haproxy-service
[root@master base]# pwd
/srv/salt/base
[root@master base]# vim top.sls
[root@master base]# cat top.sls
base:
'*':
- init.env_init
prod:
'*':
- cluster.haproxy-outside
[root@master base]# salt '*' state.highstate test=true
[root@slave ~]# cd /var/www/html/
[root@slave html]# ls
[root@slave html]# vim index.html
[root@slave html]# cat index.html
q
w
q
w
q
w
q
w
[root@master base]# cd /var/www/
[root@master www]# cd html/
[root@master html]# vim index.html
[root@master html]# cat index.html
12313123132
访问: http://192.168.43.71:8888/haproxy-status
vim /etc/http/conf/httpd.conf
listen 8080
saltstack功能模块
猜你喜欢
转载自blog.51cto.com/13399294/2324554
今日推荐
周排行