配置管理实例-haproxy 的部署与业务引用

一、haproxy 部署

1.编写 sls 方法文件

1.1 编译环境安装方法文件

[root@master ~]# cat /srv/salt/prod/pkg/pkg-init.sls 
pkg-init:
  pkg.installed:
    - names: 
      - gcc
      - gcc-c++
      - glibc
      - make
      - autoconf
      - openssl
      - openssl-devel

1.2 haproxy安装方法文件

[root@master ~]# cat /srv/salt/prod/haproxy/install.sls 
include:
  - pkg.pkg-init

haproxy-install:
  file.managed:
    - name: /opt/haproxy-1.6.14.tar.gz
    - source: salt://haproxy/files/haproxy-1.6.14.tar.gz
    - user: root
    - group: root
    - mode: 755
  cmd.run:
    - name: cd /opt && tar zxf haproxy-1.6.14.tar.gz && cd haproxy-1.6.14 && make TARGET=linux26 PREFIX=/usr/local/haproxy && make install PREFIX=/usr/local/haproxy
    - unless: test -d /usr/local/haproxy
    - require: 
      - pkg: pkg-init
      - file: haproxy-install

haproxy-init:
  file.managed:
    - name: /etc/init.d/haproxy
    - source: salt://haproxy/files/haproxy.init
    - user: root
    - group: root
    - mode: 755
    - require:
      - cmd: haproxy-install
  cmd.run:
    - name: chkconfig --add haproxy
    - unless: chkconfig --list | grep haproxy
    - require:
      - file: /etc/init.d/haproxy

net.ipv4.ip_nonlocal_bind:
  sysctl.present:
    - value: 1


haproxy-config-dir:
  file.directory:
    - name: /etc/haproxy
    - user: root
    - group: root
    - mode: 755

1.2 haproxy安装方法测试

## 指定安装的客户端与环境
[root@master ~]# salt '192.168.1.102' state.sls haproxy.install env=prod test=True

二、haproxy 业务引用

1.编写 sls 方法文件

1.1 集群配置文件

[root@master cluster]# cat /srv/salt/prod/cluster/files/haproxy-outside.cfg 
global
maxconn 100000
chroot /usr/local/haproxy
uid 99  
gid 99 
daemon
nbproc 1 
pidfile /usr/local/haproxy/logs/haproxy.pid 
log 127.0.0.1 local3 info


defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client  50000ms
timeout server 50000ms


listen stats
mode http
bind 0.0.0.0:8888
stats enable
stats uri     /haproxy-status 
stats auth    haproxy:saltstack


frontend frontend_www_example_com
bind 10.0.0.11:80
mode http
option httplog

log global

    default_backend backend_www_example_com

backend backend_www_example_com
option forwardfor header X-REAL-IP
option httpchk HEAD / HTTP/1.0

## 修改如下部分的地址与端口号为实际的地址和http端口号
balance source                
server web-node1  192.168.1.102:8080 check inter 2000 rise 30 fall 15
server web-node2  192.168.1.103:8080 check inter 2000 rise 30 fall 15

1.2 集群配置方法文件

[root@master cluster]# cat /srv/salt/prod/cluster/haproxy-outside.sls 
include:
  - haproxy.install

haproxy-service:
  file.managed:
    - name: /etc/haproxy/haproxy.cfg
    - source: salt://cluster/files/haproxy-outside.cfg
    - user: root
    - group: root
    - mode: 644

  service.running:
    - name: haproxy
    - enable: True
    - reload: True
    - require: 
      - cmd: haproxy-init
    - watch:
      - file: haproxy-service

2.测试

[root@master ~]# salt '192.168.1.102' state.sls cluster.haproxy-outside env=prod test=True