实验环境
192.168.63.131 ansible服务器
192.168.63.137 keepalived 服务器基于nginx
192.168.63.140 keepalived 服务器基于nginx
192.168.63.134 HTTP服务器
192.168.63.135 HTTP服务器
1.安装ansible,基于epel源
yum install ansible -y
2.配置主配置文件,在主配置文件中加入要远程的ip
vim /etc/ansible/hosts
[keepalived]
192.168.63.137
192.168.63.140
[httpdserver]
192.168.63.134
192.168.63.135
[server]
192.168.63.134
192.168.63.135
192.168.63.137
192.168.63.140
3.基于ssh验证
ssh-keygen 生成秘钥文件
ssh-copy-id 192.168.63.131 拷贝到自己主机
拷贝到其他主机
scp -r /root/.ssh root@192.168.63.137:/root/.ssh/
scp -r /root/.ssh root@192.168.63.140:/root/.ssh/
scp -r /root/.ssh root@192.168.63.135:/root/.ssh/
scp -r /root/.ssh root@192.168.63.134:/root/.ssh/
4.测试ansible是否可以ping通其他主机
ansible 192.168.63.137 -m ping
ansible 192.168.63.134 -m ping
ansible 192.168.63.135 -m ping
ansible 192.168.63.140 -m ping
或
ansible server -m ping
5.创建一个ansible目录用来组名存放ansible脚本
mkdir ansible
6.创建yml
[root@contes7 ansible]# vim keepalived.yml
—
– hosts: keepalived
remote_user: root
tasks:
– name: install
yum: name=keepalived
– name: install
yum: name=nginx
– name: install
yum: name=psmisc
– name: install
yum: name=mail*
– name: copy conf file
copy: src=/root/ansible/templates/keepalived.conf.bak.j2 dest=/etc/keepalived/keepalived.conf
– name: copy conf file
copy: src=/root/ansible/templates/notify.sh.j2 dest=/etc/keepalived/notify.sh
– name: copy conf file
copy: src=/root/ansible/templates/nginx.conf.bak.j2 dest=/etc/nginx/nginx.conf
– name: copy conf file
copy: src=/root/ansible/templates/www.conf.j2 dest=/etc/nginx/conf.d/www.conf
– name: shell
shell: chmod +x /etc/keepalived/notify.sh
– name: shell
shell: iptables -F
– name: start service
service: name=keepalived.service state=started enabled=yes
– name: start service
service: name=nginx state=started enabled=yes
– name: shell
shell: iptables -F
– hosts: 192.168.63.140
remote_user: root
tasks:
– name: copy conf file
copy: src=/root/ansible/templates/keepalived2.conf.bak.j2 dest=/etc/keepalived/keepalived.conf backup=yes
– hosts: httpdserver
remote_user: root
tasks:
– name: install package
yum: name=httpd
– name: copy
copy: src=/root/ansible/templates/index.html.j2 dest=/var/www/html/index.html
– name: shell
shell: iptables -F
– name: start service
service: name=httpd state=started enabled=yes
– hosts: 192.168.63.135
remote_user: root
tasks:
– name: copy
copy: src=/root/ansible/templates/index.html.j3 dest=/var/www/html/index.html
– name: shell
shell: iptables -F
7. 创建模板文件
vim ansible/templates/keepalived.conf.bak.j2
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_iptables
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group 224.0.98.98
}
vrrp_script ngxhealth { #定义独立的脚本,名字自己定义
#killall -0 nginx 命令是检查nginx服务是否正常
script “killall -0 nginx && exit 0 || exit 1” #指明要配置脚本了,script可以是放置在系统中的脚本文件路径,也可以是一条命令
interval 1 #一秒钟检测一次
weight -5 #如果nginx故障权重减5,要确定减完以后低于备用节点
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 66
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 12345678
}
virtual_ipaddress {
192.168.63.98/24
}
track_script {
ngxhealth #在vrrp_instance VI_1中调用ngxhealth脚本
}
track_interface {
ens33 #跟踪ens33接口
}
notify_master “/etc/keepalived/notify.sh master” # 当前节点成为主节点时触发的脚本
notify_backup “/etc/keepalived/notify.sh backup” # 当前节点转为备节点时触发的脚本
notify_fault “/etc/keepalived/notify.sh fault” # 当前节点转为失败状时触发的脚本
}
vrrp_instance VI_2 { #唯一标识,如果有vrrp,两个标识不一样,可以自己指定
state BACKUP #优先级最高的为MASTER,其他级别为BACKUP
interface ens33 #在哪个接口工作
virtual_router_id 77 #id是0-255主机的十进制数字都可以,id和自己的主服务器一样
priority 98 #优先级,数字越大,优先级就越高
advert_int 1 #自己的心跳信息,通过组播每隔多长时间通告一次
authentication { #为了安全需要验证
auth_type PASS #PASS是密码验证,默认是8位
auth_pass pvfe4HZi #密码8位,可以通过“openssl rand -base64 8” 命令生成随机的8位字串
}
virtual_ipaddress { #设置虚拟ip地址
192.168.63.100/24 #虚拟的ip,不是真实的
}
track_script {
ngxhealth #在vrrp_instance VI_1中调用ngxhealth脚本
}
notify_master “/etc/keepalived/notify.sh master” # 当前节点成为主节点时触发的脚本
notify_backup “/etc/keepalived/notify.sh backup” # 当前节点转为备节点时触发的脚本
notify_fault “/etc/keepalived/notify.sh fault” # 当前节点转为失败状时触发的脚本
}
vim ansible/templates/keepalived2.conf.bak.j2
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_iptables
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group 224.0.98.98
}
vrrp_script ngxhealth { #定义独立的脚本,名字自己定义
#killall -0 nginx 命令是检查nginx服务是否正常
script “killall -0 nginx && exit 0 || exit 1” #指明要配置脚本了,script可以是放置在系统中的脚本文件路径,也可以是一条命令
interval 1 #一秒钟检测一次
weight -5 #如果nginx故障权重减5,要确定减完以后低于备用节点
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 66
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 12345678
}
virtual_ipaddress {
192.168.63.98/24
}
track_interface {
ens33 #跟踪ens33接口
}
track_script {
ngxhealth #在vrrp_instance VI_1中调用ngxhealth脚本
}
notify_master “/etc/keepalived/notify.sh master” # 当前节点成为主节点时触发的脚本
notify_backup “/etc/keepalived/notify.sh backup” # 当前节点转为备节点时触发的脚本
notify_fault “/etc/keepalived/notify.sh fault” # 当前节点转为失败状时触发的脚本
}
vrrp_instance VI_2 { #唯一标识,如果有vrrp,两个标识不一样,可以自己指定
state MASTER #优先级最高的为MASTER,其他级别为BACKUP
interface ens33 #在哪个接口工作
virtual_router_id 77 #id是0-255主机的十进制数字都可以,id和自己的主服务器一样
priority 100 #优先级,数字越大,优先级就越高
advert_int 1 #自己的心跳信息,通过组播每隔多长时间通告一次
authentication { #为了安全需要验证
auth_type PASS #PASS是密码验证,默认是8位
auth_pass pvfe4HZi #密码8位,可以通过“openssl rand -base64 8” 命令生成随机的8位字串
}
virtual_ipaddress { #设置虚拟ip地址
192.168.63.100/24 #虚拟的ip,不是真实的
}
track_script {
ngxhealth #在vrrp_instance VI_1中调用ngxhealth脚本
}
notify_master “/etc/keepalived/notify.sh master” # 当前节点成为主节点时触发的脚本
notify_backup “/etc/keepalived/notify.sh backup” # 当前节点转为备节点时触发的脚本
notify_fault “/etc/keepalived/notify.sh fault” # 当前节点转为失败状时触发的脚本
}
vim ansible/templates/index.html.j2
RS1
vim ansible/templates/index.html.j3
RS2
vim ansible/templates/nginx.conf.bak.j2
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
vim ansible/templates/www.conf.j2
upstream websrvs {
server 192.168.63.134:80; #http服务器的ip地址
server 192.168.63.135:80; #http服务器的ip地址
}
server {
listen 80 default_server; #默认访问这个网站
server_name nginx2.zhouyfei.com; #定义域名
root /user/share/nginx/html; #网站所在的目录
location / { #转换网站所在的目录
proxy_pass http://websrvs; #定义websrvs组名
}
}
vim ansible/templates/notify.sh.j2
#!/bin/bash
#通知脚本
#
contact=’root@localhost’
notify() {
local mailsubject=”$(hostname) to be $1, vip floating”
local mailbody=”$(date +’%F %T’): vrrp transition, $(hostname) changed to be $1″
echo “$mailbody” | mail -s “$mailsubject” $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo “Usage: $(basename $0) {master|backup|fault}”
exit 1
;;
esac
本文来自投稿,不代表Linux运维部落立场,如若转载,请注明出处:http://www.178linux.com/103046
