saltstack功能模塊
阿新 • • 發佈:2018-12-01
cfg fix false all .tar.gz ins linux m auth nec
[root@master ~]# mkdir /srv/salt/prod/pkg
[root@master ~]# mkdir /srv/salt/prod/haproxy
[root@master ~]# mkdir /srv/salt/prod/haproxy/files
[root@master pkg]# pwd
/srv/salt/prod/pkg
[root@master pkg]# vim pkg-init.sls
[root@master pkg]# cat pkg-init.sls
pkg-init:
pkg.installed:
- names:
- gcc
- gcc-c++
- glibe
- make
- autoconf
- openssl
- openssl-devel
[root@master prod]# cd haproxy/files/
[root@master files]# wget https://fossies.org/linux/misc/haproxy-1.8.14.tar.gz
[root@master files]# cp haproxy-1.8.14.tar.gz /usr/local/src
[root@master src]# pwd
/usr/local/src
[root@master src]# tar -zxf haproxy-1.8.14.tar.gz
[root@master src]# cd haproxy-1.8.14
[root@master haproxy-1.8.14]# less README
[root@master haproxy-1.8.14]# uname -a
Linux master.com 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@master haproxy-1.8.14]# make TARGET=linux26 PREEFIX=/usr/local/haproxy &&make install PREFIX=/usr/local/haproxy
[root@master haproxy-1.8.14]# cd examples/
[root@master examples]# vim haproxy.init
BIN=/usr/local/haproxy/sbin/$BASENAME
[root@master examples]# cp haproxy.init /srv/salt/prod/haproxy/files/
[root@master examples]# cd /srv/salt/prod/haproxy/files/
[root@master files]# cd ..
[root@master haproxy]# ls
files
狀態模塊:條件判斷,用於cmd狀態模塊
onlyif: 檢查的命令,僅當onlyif選項指向的命令返回true時才執行name定義的命令。
unless: 用於檢查的命令,僅當unless選項指向的命令返回false時才執行name指向的命令。
require: 解決依賴
[root@master haproxy]# vim install.sls
[root@master haproxy]# cat install.sls
include:
- pkg.pkg-init #pkg模塊調用自定義的pkg-init
haproxy-install: #id
file.managed: #file模塊的managed的方法
- name: /usr/local/src/haproxy-1.8.14.tar.gz
- source: salt://haproxy/files/haproxy-1.8.14.tar.gz #等於/srv/salt/prod/haproxy/files/haproxy-1.8.14.tar.gz
- user: root
- group: root
- mode: 755 #權限
cmd.run: #cmd模塊的run方法
- name: cd /usr/local/src && tar -zxf haproxy-1.8.14.tar.gz && cd haproxy-1.8.14 && make TARGET=linux26 PREEFIX=/usr/local/haproxy &&make install PREFIX=/usr/local/haproxy
- unless: test -d /usr/local/haproxy #unless用於檢測, test -d /usr/local/haproxy 檢測文件是否存在,並返回,返回值
- require: #依賴
- pkg: pkg-init #執行了pkg-init才能執行cmd.run
- file: haproxy-install #執行了id為haproy-install的命令才能執行cmd.run
haproxy-init:
file.managed: #file模塊的managed的方法
- name: /etc/init.d/haproxy
- source: salt://haproxy/files/haproxy.init #同上
- user: root
- group: root
- mode: 755
- require: #依賴
- cmd: haproxy-install #執行了id為haproxy-install的命令才能執行file.managed
cmd.run:
- name: chkconfig --add haproxy
- unles: chkconfig --list |grep haproxy #判斷是否有haproxy,並返回,返回值
- require:
- file: haproxy-init 執行了id為haproy-init的命令才能執行cmd.run
net.ipv4.ip_nonlocal_bind: #開啟自己的ipv4監聽
sysctl.present:
- value: 1
haproxy-config-dir:
file.directory:
- name: /etc/haproxy
- user: root
- group: root
- mode: 755
[root@master haproxy]# salt ‘*‘ state.sls haproxy.install env=prod #env=prod 默認是加載的base文件,haproxy.install 為轉態可以自定義名稱
一個id下不能寫相同的模塊
[root@master prod]# mkdir /srv/salt/prod/cluster
[root@master prod]# mkdir /srv/salt/prod/cluster/files
[root@master prod]# cd /srv/salt/prod/cluster/files
[root@master files]# vim haproxy-outside.cfg
[root@master files]# cat haproxy-outside.cfg
global
maxconn 100000
chroot /usr/local/haproxy
uid 99
gid 99
daemon
nbproc 1
pidfile /usr/local/haproxy/logs/haproxy.pid
log 127.0.0.1 local3 info
defaults
option http-keep-alive
maxconn 100000
mode http
timeout connect 5000ms
timeout client 50000ms
listen stats
mode http
bind 0.0.0.0:8888
stats enable
stats uri /haproxy-status
stats auth haproxy:saltstack #用戶名:密碼
frontend frontend_www_example_com
bind 192.168.43.119:80
mode http
option httplog
log global
default_backend backend_www_example_com
backend backend_www_example_com
option forwardfor header X-REA-IP
option httpchk HEAD / HTTP/1.0
balance source
server web-node1 192.168.43.118:8080 check inter 2000 rise 30 fall 15
server web-node2 192.168.43.71:8080 check inter 2000 rise 30 fall 15
[root@master cluster]# pwd
/srv/salt/prod/cluster
[root@master cluster]# tree
.
└── files
└── haproxy-outside.cfg
1 directory, 1 file
[root@master cluster]# vim haproxy-outside.sls
[root@master cluster]# cat haproxy-outside.sls
include:
- haproxy.install
haproxy-service:
file.managed:
- name: /etc/haproxy/haproxy.cfg
- source: salt://cluster/files/haproxy-outside.cfg
- user: root
- group: root
- mdoe: 644
service.running:
- nmae: haproxy
- enable: True
- reload: True
- require:
- cmd: haproxy-init
- watch: #監控配置文件是否改變,變了直接reload
- file: haproxy-service
[root@master base]# pwd
/srv/salt/base
[root@master base]# vim top.sls
[root@master base]# cat top.sls
base:
‘*‘:
- init.env_init
prod:
‘*‘:
- cluster.haproxy-outside
[root@master base]# salt ‘*‘ state.highstate test=true
[root@slave ~]# cd /var/www/html/
[root@slave html]# ls
[root@slave html]# vim index.html
[root@slave html]# cat index.html
q
w
q
w
q
w
q
w
[root@master base]# cd /var/www/
[root@master www]# cd html/
[root@master html]# vim index.html
[root@master html]# cat index.html
12313123132
訪問: http://192.168.43.71:8888/haproxy-status
vim /etc/http/conf/httpd.conf
listen 8080
saltstack功能模塊