使用Ansible自动化部署Lvs+grpclived

博客参考https://www.cnblogs.com/zhaoya2019/archive/2020/03/31/12609142.html

ansible-playbook入口文件

根据主机功能分配3个角色,目录结构如下

nfs角色文件

[root@zqf ~]# cat /etc/ansible/roles/nfs/files/exports
/data 192.168.1.0/24(rw,sync)
[root@zqf ~]# cat /etc/ansible/roles/nfs/handlers/main.yaml
- name: reload nfs
service: name=nfs state=reloaded
[root@zqf ~]# cat /etc/ansible/roles/nfs/tasks/main.yaml
- name: yum install nfs services
yum: name=nfs-utils state=installed
- name: yum install rpcbind
yum: name=rpcbind state=installed
- name: create share directory
file: path={{ share_path }} owner=nfsnobody group=nfsnobody state=directory recurse=yes
notify: reload nfs
- name: nfs configure
copy: src=exports dest=/etc/
notify: reload nfs
- name: start nfs service
service: name=nfs state=started enabled=yes
- name: start rpcbind
service: name=rpcbind state=started enabled=yes
[root@zqf ~]# cat /etc/ansible/roles/nfs/vars/main.yaml
share_path: /data

Web功能文件

[root@zqf ~]# cat /etc/ansible/roles/web/files/ifcfg-lo\:0
DEVICE=lo:0
IPADDR=192.168.1.200
NETMASK=255.255.255.255
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback
[root@zqf ~]# cat /etc/ansible/roles/web/files/index.html
this is web1
[root@zqf ~]# cat /etc/ansible/roles/web/files/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@zqf ~]# cat /etc/ansible/roles/web/handlers/main.yaml
- name: reload httpd
service: name=httpd state=reloaded
- name: restart network
service: name=network state=reloaded
[root@zqf ~]# cat /etc/ansible/roles/web/tasks/main.yaml
- name: install httpd
yum: name=httpd state=installed
- name: write the index
copy: src=index.html dest=/var/www/html
notify: reload httpd
- name: start httpd
service: name=httpd state=started enabled=yes
- name: yum install nfs services
yum: name=nfs-utils state=installed
- name: yum install rpcbind
yum: name=rpcbind state=installed
- name: start nfs service
service: name=nfs state=started enabled=yes
- name: start rpcbind
service: name=rpcbind state=started enabled=yes
- name: create mount directory
file: path=/var/www/html/nfs state=directory
- name: mount nfs
mount: src=192.168.1.135:{{ share_path }} path=/var/www/html/nfs fstype=nfs state=mounted
notify: reload httpd
- name: stop NetworkManager
service: name=NetworkManager state=stopped
- name: bind loopback
copy: src=ifcfg-lo:0 dest=/etc/sysconfig/network-scripts/
- name: start network
shell: systemctl restart network
- name: trun off arp
copy: src=sysctl.conf dest=/etc/sysctl.conf
- name: load sysctl configuration
shell: sysctl -p
- name: install network-tools
yum: name=net-tools state=installed
- name: add route record
shell: route add -host 192.168.1.200 dev lo:0
- name: route add local
shell: echo "route add -host 192.168.1.200 dev lo:0" >> /etc/rc.local
[root@zqf ~]# cat /etc/ansible/roles/web/vars/main.yaml
share_path: /data

LVS功能文件

[root@zqf ~]# cat /etc/ansible/roles/lvs/files/epel.repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://mirrors.aliyun.com/epel/7/$basearch
failovermethod=priority
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://mirrors.aliyun.com/epel/7/$basearch/debug
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://mirrors.aliyun.com/epel/7/SRPMS
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=0
[root@zqf ~]# cat /etc/ansible/roles/lvs/files/ifcfg-ens33\:0
TYPE="Ethernet"
DEVICE="ens33:0"
ONBOOT="yes"
IPADDR=192.168.1.200
NETMASK=255.255.255.0
[root@zqf ~]# cat /etc/ansible/roles/lvs/files/sysctl.conf1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@zqf ~]# cat /etc/ansible/roles/lvs/handlers/main.yaml
- name: reload keepalived
shell: systemctl restart keepalived
[root@zqf ~]# cat /etc/ansible/roles/lvs/tasks/main.yaml
- name: stop NetwormManager
service: name=NetworkManager state=stopped
- name: bind vip
copy: src=ifcfg-ens33:0 dest=/etc/sysconfig/network-scripts/
- name: sysctl
copy: src=sysctl.conf1 dest=/etc/sysctl.conf
- name: sysctl -p
shell: sysctl -p
- name: epel
copy: src=epel.repo dest=/etc/yum.repos.d/
- name: install ipvsadm
yum: name=ipvsadm state=installed
- name: load to kernel
shell: modprobe ip_vs
- name: ipvsadm configure
shell: ipvsadm -A -t {{ vip }}:80 -s rr
- name: ipvsadm list2
shell: ipvsadm -a -t {{ vip }}:80 -r {{ rs1 }}:80 -g;
- name: ipvsadm list3
shell: ipvsadm -a -t {{ vip }}:80 -r {{ rs2 }}:80 -g;
- name: restart this net
shell: systemctl restart network
- name: install keepalived
yum: name=keepalived state=installed
- name: configure keepalived
template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf
notify: reload keepalived
- name: start keepalived
service: name=keepalived state=started enabled=yes
[root@zqf ~]# cat /etc/ansible/roles/lvs/templates/keepalived.conf.j2
! Configuration File for keepalived
global_defs {
router_id R1   #命名主机名(同一个组里机器名称不能一致)
}
vrrp_instance VI_1 {
{% if ds_master == ansible_hostname%}
state MASTER
priority 80
{% elif ds_slave == ansible_hostname%}
state BACKUP
priority 47
{% endif %}   #设置主/从并配置优先级
interface ens33
virtual_router_id 66  #组号,如果是一组就是相同的ID号,一个主里面只能由一个主服务器和多个从服务器
advert_int 1   #心跳检测时间,检测对方存货
authentication {     #存活验证密码
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.200    #集群VIP地址
}
}
virtual_server 192.168.1.200 80 {   #设置集群地址以及端口号
delay_loop 2   #健康检查间隔
lb_algo rr #当前使用轮询调度算法
lb_kind DR   #LVS工作方式
protocol TCP   #使用的协议
real_server 192.168.1.131 80 {  #真实服务器Ip信息以及使用端口
weight 1    #权重
TCP_CHECK {     #状态检查方式
connect_port 80
connect_timeout 3 #连接超时(秒)
nb_get_retry 3    #重试次数
dealy_before_retry 4 #重试间隔(秒)
}
}
real_server 192.168.1.132 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
dealy_before_retry 4
}
}
}
[root@zqf ~]# cat /etc/ansible/roles/lvs/vars/main.yaml
vip: 192.168.1.200
rs1: 192.168.1.131
rs2: 192.168.1.132
ds_master: ds1
ds_slave: ds2

执行结果


结果测试

vip在ds1上


ds2

访问VIP

查看共享存储是否成功

断开web2服务,业务并没有停止

关掉ds1主负载均衡器 vip飘到了ds2备上

以上是 使用Ansible自动化部署Lvs+grpclived 的全部内容, 来源链接: utcz.com/a/50077.html

回到顶部