实验环境:
172.25.23.7:master
172.25.23.8:http
172.25.23.9:nginx
172.25.23.10:backup
具体操作请查看
配置server10的minion
配置yum源
[root@server10 ~]# vim /etc/yum.repos.d/rhel-source.repo
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.23.250/rhel6.5
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[salt]
name=saltstack
baseurl=http://172.25.23.250/salt
enabled=1
gpgcheck=0
[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.23.250/rhel6.5/LoadBalancer
gpgcheck=0
[root@server10 ~]# yum repolist
Loaded plugins: product-id, subscription-manager
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
LoadBalancer | 3.9 kB 00:00
LoadBalancer/primary_db | 7.0 kB 00:00
rhel-source | 3.9 kB 00:00
rhel-source/primary_db | 3.1 MB 00:00
salt | 2.9 kB 00:00
salt/primary_db | 17 kB 00:00
[root@server10 ~]# yum install salt-minion -y
[root@server10 ~]# vim /etc/salt/minion
[root@server10 ~]# /etc/init.d/salt-minion start
Starting salt-minion:root:server10 daemon: OK
master:
给backup:server10传送钥匙
[root@server7 keepalived]# salt-key -A 172.25.23.10
The following keys are going to be accepted:
Unaccepted Keys:
server10
Proceed? [n/Y] y
Key for minion server10 accepted.
[root@server7 keepalived]# salt-key -L
Accepted Keys:
server10
server7
server8
server9
Denied Keys:
Unaccepted Keys:
Rejected Keys:
安装keepalived
[root@server7 salt]# mkdir keepalived
[root@server7 salt]# cd keepalived/
[root@server7 keepalived]# mkdir files
[root@server7 keepalived]# vim install.sls
include:
- pkgs.make
kp-install:
file.managed:
- name: /mnt/keepalived-2.0.6.tar.gz
- source: salt://keepalived/files/keepalived-2.0.6.tar.gz
cmd.run:
- name: cd /mnt && tar zxf keepalived-2.0.6.tar.gz && cd keepalived-2.0.6 && ./configure --prefix=/usr/local/keepalived --with-init=SYSV &> /dev/null && make &> /dev/null && make install &> /dev/null
- creates: /usr/local/keepalived
/etc/keepalived:
file.directory:
- mode: 755
/etc/sysconfig/keepalived:
file.symlink:
- target: /usr/local/keepalived/etc/sysconfig/keepalived
/sbin/keepalived:
file.symlink:
- target: /usr/local/keepalived/sbin/keepalived
[root@server7 keepalived]# salt server10 state.sls keepalived.install
server10:
[root@server10 init.d]# pwd
/usr/local/keepalived/etc/rc.d/init.d
[root@server10 init.d]# scp keepalived 172.25.23.7://srv/salt/keepalived/files
[root@server10 keepalived]# pwd
/usr/local/keepalived/etc/keepalived
[root@server10 keepalived]# scp keepalived.conf 172.25.23.7:/srv/salt/keepalived/files
设置keepalived的服务
第一步:我们用pillar设置数据传送给keepalived服务
[root@server7 srv]# cd pillar/
[root@server7 pillar]# mkdir keepalived
[root@server7 pillar]# cd keepalived/
[root@server7 keepalived]# ls
[root@server7 keepalived]# cd ..
[root@server7 pillar]# ls
install.sls keepalived top.sls
[root@server7 pillar]# cp install.sls keepalived/
[root@server7 pillar]# cd keepalived/
[root@server7 keepalived]# ls
install.sls
[root@server7 keepalived]# vim install.sls
{% if grains['fqdn'] == 'server7' %}
state: MASTER
vrid: 23
priority: 100
{% elif grains['fqdn'] == 'server10' %}
state: BACKUP
vrid: 23
priority: 50
{% endif %}
[root@server7 keepalived]# cd ..
[root@server7 pillar]# ls
install.sls keepalived top.sls
[root@server7 pillar]# vim top.sls
base:
'*':
- install
- keepalived.install
第二步:设置keepalived的自动部署的服务脚本
[root@server7 srv]# cd salt/
[root@server7 salt]# cd keepalived/
[root@server7 keepalived]# vim service.sls
include:
- keepalived.install
/etc/keepalived/keepalived.conf:
file.managed:
- source: salt://keepalived/files/keepalived.conf
- template: jinja
- context:
STATE: {{ pillar['state'] }}
VRID: {{ pillar['vrid'] }}
PRIORITY: {{ pillar['priority'] }}
kp-service:
file.managed:
- name: /etc/init.d/keepalived
- source: salt://keepalived/files/keepalived
- mode: 755
service.running:
- name: keepalived
- reload: True
- watch:
- file: /etc/keepalived/keepalived.conf
第三步:修改keepalived的主配置文件
[root@server7 keepalived]# cd files/
[root@server7 files]# ls
keepalived keepalived-2.0.6.tar.gz keepalived.conf
[root@server7 files]# vim keepalived.conf
修改global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state {{ STATE }}
interface eth0
virtual_router_id {{ VRID }}
priority {{ PRIORITY }}
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.23.100/24
}
}
第四步:测试:
[root@server7 keepalived]# salt '*' state.highstate
server8:
----------
ID: httpd
Function: pkg.installed
Result: True
Comment: Package httpd is already installed
Started: 10:53:38.293827
Duration: 712.851 ms
Changes:
----------
ID: php
Function: pkg.installed
Result: True
Comment: Package php is already installed
Started: 10:53:39.007008
Duration: 1.338 ms
Changes:
----------
[root@server7 keepalived]# ip addr
link/ether 52:54:00:10:42:36 brd ff:ff:ff:ff:ff:ff
inet 172.25.23.7/24 brd 172.25.23.255 scope global eth0
inet 172.25.23.100/32 scope global eth0
浏览器输入vip:172.25.23.100
当你关闭master的keepalived,server10的keepalived会来接管
[root@server7 keepalived]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@server10 sbin]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:3d:16:5b brd ff:ff:ff:ff:ff:ff
inet 172.25.23.10/24 brd 172.25.23.255 scope global eth0
inet 172.25.23.100/32 scope global eth0
inet6 fe80::5054:ff:fe3d:165b/64 scope link
valid_lft forever preferred_lft forever
注释:当haproxy关闭时,负载均衡失效,会直接报错,为了防止这种情况的发生,添加haproxy状态的监控脚本,时刻检测haproxy的状态
[root@server7 files]# cd /opt/
[root@server7 opt]# vim check_haproxy.sh
#!/bin/bash
/etc/init.d/haproxy status &> /dev/null || /etc/init.d/haproxy restart &> /dev/null
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop &> /dev/null
fi
[root@server7 opt]# chmod +x check_haproxy.sh
[root@server7 /]# cd /srv/salt/keepalived/files/
[root@server7 files]# ls
keepalived keepalived-2.0.6.tar.gz keepalived.conf
[root@server7 files]# vim keepalived.conf
[root@server7 files]# scp /opt/check_haproxy.sh 172.25.23.10:/opt/
[root@server7 files]# salt '*' state.highstate
server8:
----------
ID: httpd
Function: pkg.installed
Result: True
测试:
[root@server7 files]# /etc/init.d/haproxy stop
[root@server7 files]# ps ax 显示haproxy已经开启
[root@server7 init.d]# chmod -x haproxy
[root@server7 init.d]# ps ax 显示已经关闭
自动调转到server10上
[root@server10 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:3d:16:5b brd ff:ff:ff:ff:ff:ff
inet 172.25.23.10/24 brd 172.25.23.255 scope global eth0
inet 172.25.23.100/24 scope global secondary eth0
inet6 fe80::5054:ff:fe3d:165b/64 scope link
valid_lft forever preferred_lft forever