一、Pillar和Jinja簡介
Pillar是Salt用來分發全局變量到所有minions的一個接口
官方文檔介紹:http://docs.saltstack.cn/topics/pillar/index.html
Jinja加載工具爲jinja模板提供了一個更強大的後端
官方文檔介紹http://docs.saltstack.cn/ref/renderers/all/salt.renderers.jinja.html
二、部署haproxy+keepalived+nginx
本此實驗的所以資源及源代碼均已上傳,需要的可以下載交流
下載地址:srv.tar.gz
1.環境部署安排:
系統:redhat6.5
server5:salt—master
server6:keepalived+haproxy
server7:keepalived+haproxy
server8:nginx
server9:nginx
2.在salt—master上創建top.sls
vim /srv/salt/top.sls
base:
'server6':
- keepalived.service
- haproxy.service
'server7':
- keepalived.service
- haproxy.service
'roles:nginx':
- match: grain
- nginx.service
3.在salt—master上創建my_grains.py
[root@server5 salt]# vim /srv/salt/_grains/my_grains.py
#!/usr/bin/env python
def my_grains():
grains = {}
grains['roles'] = 'nginx'
return grains
4.在salt-master上創建nginx部署
4.1 安裝腳本install.sls
vim /srv/salt/nginx/install.sls
include:
- pkg.nginx
nginx-install:
file.managed:
- name: /mnt/nginx-1.12.0.tar.gz
- source: salt://nginx/files/nginx-1.12.0.tar.gz
cmd.run:
- name: cd /mnt && tar zxf nginx-1.12.0.tar.gz && cd nginx-1.12.0 && sed -i.bak 's/#define NGINX_VER "nginx\/" NGINX_VERSION/#define NGINX_VER "nginx"/g' src/core/nginx.h && sed -i.bak 's/CFLAGS="$CFLAGS -g"/#CFLAGS="$CFLAGS -g"/g' auto/cc/gcc && ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module && make && make install
- creates: /usr/local/nginx
/usr/local/nginx/html/index.html:
file.managed:
- source: salt://nginx/files/index.html
- template: jinja
4.2 服務啓動腳本service.sls
vim /srv/salt/nginx/service.sls
include:
- nginx.install
- user.nginx
/usr/local/nginx/conf/nginx.conf:
file.managed:
- source: salt://nginx/files/nginx.conf
- mode: 644
/etc/init.d/nginx:
file.managed:
- source: salt://nginx/files/nginx
- mode: 755
nginx-service:
service.running:
- name: nginx
- enable: true
- reload: true
- require:
- file: /etc/init.d/nginx
- watch:
- file: /usr/local/nginx/conf/nginx.conf
4.3 依賴安裝腳本nginx.sls
vim /srv/salt/pkg/nginx.sls
nginx-pkg:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
- zlib-devel
4.4 pillar部署方案腳本web.sls
vim /srv/pillar/nginx/web.sls
{% if grains['host'] == 'server7' %}
bind: 172.25.27.7
{% elif grains['host'] == 'server8' %}
bind: 172.25.27.8
{% endif %}
4.5 pillar腳本top.sls
vim /srv/pillar/top.sls
base:
'server7':
- nginx.web
'server8':
- nginx.web
4.6 用戶創建腳本
vim /srv/salt/user/nginx.sls
nginx:
user.present:
- uid: 800
- shell: /sbin/nologin
- home: /usr/local/nginx
- createhome: false
5.在salt-master上創建haproxy部署
5.1安裝腳本
vim /srv/salt/haproxy/install.sls
include:
- pkg.haproxy
- user.haproxy
haproxy-install:
file.managed:
- name: /mnt/haproxy-1.6.11.tar.gz
- source: salt://haproxy/files/haproxy-1.6.11.tar.gz
cmd.run:
- name: cd /mnt && tar zxf haproxy-1.6.11.tar.gz && cd haproxy-1.6.11 && make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy && make TARGET=linux26 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy install
- creates: /usr/local/haproxy
/etc/haproxy:
file.directory:
- mode: 755
/etc/haproxy/haproxy.cfg:
file.managed:
- source: salt://haproxy/files/haproxy.cfg
/etc/init.d/haproxy:
file.managed:
- source: salt://haproxy/files/haproxy
- mode: 755
5.2 服務啓動腳本service.sls
vim /srv/salt/haproxy/service.sls
include:
- haproxy.install
haproxy-service:
service.running:
- name: haproxy
- enable: true
- reload: true
- watch:
- file: /etc/haproxy/haproxy.cfg
5.3 依賴安裝腳本nginx.sls
vim /srv/salt/pkg/haproxy.sls
haproxy-pkg:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
- zlib-devel
5.4 用戶創建腳本
vim /srv/salt/user/haproxy.sls
haproxy:
group.present:
- gid: 200
user.present:
- uid: 200
- gid: 200
- shell: /sbin/nologin
- home: /usr/local/haproxy
- createhome: false
6.在salt-master上創建keepalived部署
6.1安裝腳本
vim /srv/salt/keepalived/install.sls
{% set keepalived_version = '1.3.6' %}
include:
- pkg.keepalived
keepalived-install:
file.managed:
- name: /mnt/keepalived-{{keepalived_version}}.tar.gz
- source: salt://keepalived/files/keepalived-{{keepalived_version}}.tar.gz
cmd.run:
- name: cd /mnt && tar zxf keepalived-{{keepalived_version}}.tar.gz && cd keepalived-{{keepalived_version}} && ./configure --prefix=/usr/local/keepalived --with-init=SYSV && make && make install
- creates: /usr/local/keepalived
/etc/sysconfig/keepalived:
file.managed:
- source: salt://keepalived/files/keepalived
- mode: 644
- user: root
/etc/keepalived:
file.directory:
- mode: 755
/etc/keepalived/keepalived.conf:
file.managed:
- source: salt://keepalived/files/keepalived.conf
- mode: 644
- template: jinja
{% if grains['fqdn'] == 'server6' %}
- STATE: MASTER
- PRIORITY: 100
{% elif grains['fqdn'] == 'server7' %}
- STATE: BACKUP
- PRIORITY: 50
{% endif %}
/sbin/keepalived:
file.symlink:
- target: /usr/local/keepalived/sbin/keepalived
/etc/init.d/keepalived:
file.managed:
- source: salt://keepalived/files/keepalived-init
- mode: 755
6.2 服務啓動腳本service.sls
vim /srv/salt/keepalived/service.sls
include:
- keepalived.install
keepalived-service:
service.running:
- name: keepalived
- enable: true
- reload: true
- watch:
- file: /etc/keepalived/keepalived.conf
6.3 依賴安裝腳本keepalived.sls
vim /srv/salt/pkg/keepalived.sls
keepalived-pkg:
pkg.installed:
- pkgs:
- gcc
- pcre-devel
- openssl-devel
- zlib-devel
6.4 keepalived 配置文件配置
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id 51
priority {{ PRIORITY }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.27.100/24
}
}
virtual_server 172.25.27.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 172.25.27.8 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.27.9 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
7.安裝部署
上面只是完成了腳本,巧婦難爲無米之炊,我們還需要一些相應的包和配置文件來支持安裝,這裏不做詳細介紹
最後配置下nginx的默認發佈頁
[root@server5 salt]# vim nginx/files/index.html
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx! {{ grains['host'] }} </h1> ##修改這裏,用以區分
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
再寫一個測試頁
vim /srv/salt/nginx/files/test.html
<h1>data from {{ HOST }} <h1>
相應的/srv/salt/nginx/install.sls也要改動一下
vim /srv/salt/nginx/install.sls ##在最後添加以下內容
/usr/local/nginx/html/test.html:
file.managed:
- source: salt://nginx/files/test.html
- template: jinja
- HOST: {{ grains['host'] }}
最終的目錄結構是這樣的
[root@server5 srv]# tree
.
├── pillar
│ ├── nginx
│ │ └── web.sls
│ └── top.sls
└── salt
├── haproxy
│ ├── files
│ │ ├── haproxy
│ │ ├── haproxy-1.6.11.tar.gz
│ │ └── haproxy.cfg
│ ├── install.sls
│ └── service.sls
├── keepalived
│ ├── files
│ │ ├── keepalived
│ │ ├── keepalived-1.3.6.tar.gz
│ │ ├── keepalived.conf
│ │ └── keepalived-init
│ ├── install.sls
│ └── service.sls
├── nginx
│ ├── files
│ │ ├── index.html
│ │ ├── nginx
│ │ ├── nginx-1.12.0.tar.gz
│ │ ├── nginx.conf
│ │ └── test.html
│ ├── install.sls
│ └── service.sls
├── pkg
│ ├── haproxy.sls
│ ├── keepalived.sls
│ └── nginx.sls
├── top.sls
└── user
├── haproxy.sls
└── nginx.sls
[root@server5 ~]# salt '*' saltutil.refresh_pillar ##可不用執行
[root@server5 salt]# salt server[8,9] saltutil.sync_grains ##可不用執行
[root@server5 salt]# salt '*' state.highstate
部署成功瀏覽器測試:
瀏覽器有緩存,我們通過shell查看輪詢效果