在实际工作中,新项目上线往往都需要搭建HA,此时我们可以通过ansible的playbook来秒级搭建好一个HA环境,从而解放双手;
此playbook适用于centos6、centos7的keepalived搭建,但是请注意var/main.yml中变量的修改,修改为你自己想的设定的配置;
playbook的目录结构:
[root@shvpuppet01 roles]# tree keepalived/keepalived/├── files│ ├── check_nginx.sh│ └── notify.sh├── handles├── meta├── tasks│ ├── keepalived_backup.yml│ ├── keepalived_master.yml│ └── main.yml├── templates│ ├── keepalived_backup.conf.j2│ └── keepalived_master.conf.j2└── vars └── main.yml6 directories, 8 files文件说明:check_nginx.sh:用于检查nginx是否存活,如果nginx不存活,刚keepalived权重降级20,VIP将发生切换notify.sh:当VIP切换发生后,邮件通知相关用户keepalived_master.yml:keepalived MASTER节点的安装任务keepalived_backup.yml:keepalived BACKUP节点的安装任务tasks/main.yml:将要执行的任务include在此文件中,并同时指定tags对各安装任务进行区别keepalived_master.conf.j2:MASTER节点的模板配置文件keepalived_backup.conf.j2:BACKUP节点的模板配置文件vars/main.yml:所以变量都定义在此文件中
check_nginx.sh的内容:
#!/bin/bashport=80nmap localhost -p $port | grep "$port/tcp open"if [ $? -ne 0 ];then exit 10fi
notify.sh的内容:
#!/bin/bashVIP=$2sendmail (){ maillist=( zhengwei.liu@xxx.cn ) if [ "$1" == "master" ];then subject="${VIP}'s server keepalived state is translate" content="`date +'%F %T'`: `hostname`'s state change to master" for mail in ${maillist[*]};do echo $content | mail -s "$subject" $mail done elif [ "$1" == "backup" ];then subject="${VIP}'s server keepalived state is translate" content="`date +'%F %T'`: `hostname`'s state change to backup" for mail in ${maillist[*]};do echo $content | mail -s "$subject" $mail done fi}case "$1" in master) sendmail master ;; backup) sendmail backup ;; *) echo "Usage:$0 master|backup VIP" ;;esac keepalived_master.conf.j2模板的配置内容:
! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id { { ROUTE_ID }}}vrrp_script chk_nginx { script "/etc/keepalived/check_nginx.sh" interval 1 weight -20}vrrp_instance VI_1 { state { { MASTER }} interface { { INTERFACE }} virtual_router_id { { VIRTUAL_ROUTE_ID }} priority { { PRIOTIRY_MASTER }} advert_int 1 authentication { auth_type { { AUTH_TYPE }} auth_pass { { AUTH_PASS }} } virtual_ipaddress { { { VIRTUAL_IP }}/25 } track_script { chk_nginx } notify_master "/etc/keepalived/notify.sh master { { VIRTUAL_IP }}" notify_backup "/etc/keepalived/notify.sh backup { { VIRTUAL_IP }}"} keepalived_backup.conf.j2模板的配置内容:
! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id { { ROUTE_ID }}}vrrp_instance VI_1 { state { { BACKUP }} interface { { INTERFACE }} virtual_router_id { { VIRTUAL_ROUTE_ID }} priority { { PRIOTIRY_BACKUP }} advert_int 1 authentication { auth_type { { AUTH_TYPE }} auth_pass { { AUTH_PASS }} } virtual_ipaddress { { { VIRTUAL_IP }}/25 } notify_master "/etc/keepalived/notify.sh master { { VIRTUAL_IP }}" notify_backup "/etc/keepalived/notify.sh backup { { VIRTUAL_IP }}"} vars/main.yml变量的内容:
---MASTER: "MASTER"BACKUP: "BACKUP"PRIOTIRY_MASTER: "100"PRIOTIRY_BACKUP: "90"VIRTUAL_ROUTE_ID: "80"VIRTUAL_IP: "10.10.5.99"AUTH_TYPE: "pass"AUTH_PASS: "111111"ROUTE_ID: "TEST"INTERFACE: "ens160"
keepalived_master.yml任务的内容:
---- name: "安装keepalived" yum: name: keepalived state: present- name: "复制检测、通知脚本" copy: src={ { item }} dest=/etc/keepalived/ mode=755 with_items: - check_nginx.sh - notify.sh- name: "复制配置文件" template: src=keepalived_master.conf.j2 dest=/etc/keepalived/keepalived.conf- name: "配置keepalived日志格式" lineinfile: path: /etc/sysconfig/keepalived regexp: 'KEEPALIVED_OPTIONS="-D"' line: 'KEEPALIVED_OPTIONS="-D -S 3"' backrefs: no- name: "创建日志目录" file: path: /var/log/keepalived state: directory- name: "配置rsyslog中关于keepalived的" lineinfile: path: /etc/rsyslog.conf insertafter: 'local7.* /var/log/boot.log' line: 'local3.* /var/log/keepalived/keepalived.log'- name: "配置日志的udp" lineinfile: path: /etc/rsyslog.conf insertafter: 'UDPServerRun 514' line: '$ModLoad imudp'- name: "配置日志的udp" lineinfile: path: /etc/rsyslog.conf insertafter: 'UDPServerRun 514' line: '$UDPServerRun 514'- name: "重启日志" service: name=rsyslog state=restarted- name: "启动keepalived,设置开机自动启动" service: name=keepalived state=started enabled=yes keepalived_backup.yml任务的内容:
---- name: "安装keepalived" yum: name: keepalived state: present- name: "复制检测、通知脚本" copy: src={ { item }} dest=/etc/keepalived/ mode=755 with_items: - notify.sh- name: "复制配置文件" template: src=keepalived_backup.conf.j2 dest=/etc/keepalived/keepalived.conf- name: "配置keepalived日志格式" lineinfile: path: /etc/sysconfig/keepalived regexp: 'KEEPALIVED_OPTIONS="-D"' line: 'KEEPALIVED_OPTIONS="-D -S 3"' backrefs: no- name: "创建日志目录" file: path: /var/log/keepalived state: directory- name: "配置rsyslog中关于keepalived的" lineinfile: path: /etc/rsyslog.conf insertafter: 'local7.* /var/log/boot.log' line: 'local3.* /var/log/keepalived/keepalived.log'- name: "配置日志的udp" lineinfile: path: /etc/rsyslog.conf insertafter: 'UDPServerRun 514' line: '$ModLoad imudp'- name: "配置日志的udp" lineinfile: path: /etc/rsyslog.conf insertafter: 'UDPServerRun 514' line: '$UDPServerRun 514'- name: "重启日志" service: name=rsyslog state=restarted- name: "启动keepalived,设置开机自动启动" service: name=keepalived state=started enabled=yes tasks/main.yml内容:
---- include: keepalived_master.yml tags: master - include: keepalived_backup.yml tags: backup
如何执行安装:
MASTER安装命令:ansible-playbook keepalived.yml --tags master
BACKUP安装命令:ansible-playbook keepalived.yml --tags backup