ansible实现keepalived和nginx高可用

原创

langy1990 2023-08-18 13:33:41 ©著作权

文章标签 nginx html ci 文章分类 Html/CSS 前端开发

©著作权归作者所有：来自51CTO博客作者langy1990的原创作品，请联系作者获取转载授权，否则将追究法律责任

实验环境

ansible节点

keepalived+nginx节点1 ansible自动安装配置

keepalived+nginx节点2 ansible自动安装配置

httpd节点1

httpd节点2

ansible配置

yum install epel-release
yum install ansible

安装ansible

vi /etc/ansible/hosts

[nginxsrv]
172.20.128.42
172.20.128.43

[keepalivedsrv]
172.20.128.42
172.20.128.43

#配置免密钥登录连接
[root@localhost .ssh]# ssh-keygen
[root@localhost .ssh]# ssh-copy-id 172.20.128.42
[root@localhost .ssh]# ssh-copy-id 172.20.128.43
[root@localhost .ssh]# ansible nginxsrv -m ping

#指定使用密码连接测试 -k
[root@localhost .ssh]# ansible nginxsrv -m ping -k

添加主机清单

编写ansible角色脚本

[root@localhost ~]# ls
 HAnginx
[root@localhost ~]# cd HAnginx/
[root@localhost HAnginx]# ls
roles  start.yaml
[root@localhost HAnginx]# cd roles
[root@localhost roles]# ls
keepalived  nginx
[root@localhost roles]# cd nginx
[root@localhost nginx]# ls
tasks  templates  vars  handlers
[root@localhost roles]# cd keepalived/
[root@localhost keepalived]# ls
tasks  templates  vars handlers

角色目录结构

keepalived角色配置

vips:
 - vip1:
   master: node1
   interface: ens33
   vip: 172.20.103.88/16
   instance: VI_1
   routeid: 91
 - vip2:
   master: node2
   interface: ens33
   vip: 172.20.103.99/16
   instance: VI_2
   routeid: 92


这个文件中变量由ansible自动传递到模板中,因此可以在template中直接引用

vars/main.yaml

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
     root@localhost
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_iptables
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.103.103
}

vrrp_script ngxhealth {
   script "killall -0 nginx && exit 0 || exit 1"
   interval 1
   weight -10

}

vrrp_script checkdown {
   script "/bin/bash -c '[[ -f /etc/keepalived/down ]]' && exit 1 || exit 0"
   interval 1
   weight -20
}


{% for v in vips %}
vrrp_instance {{ v["instance"] }} {
  {% if v["master"] == ansible_nodename  %}
   state MASTER
   priority 100
  {% else %}
   state BACKUP
   priority 95
  {% endif %}
    interface {{ v["interface"] }}
    virtual_router_id {{ v["routeid"] }}
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        {{ v["vip"] }}
    }

    track_interface {
       {{ v["interface"] }}
    }
    track_script {
     ngxhealth
     checkdown
   }
}
{% endfor %}

templates/keepalived.conf.j2

vi  yum.yaml

 - name: install keepalived
  yum: name=keepalived


vi  tmpl.yaml

  - name: copy keepalived conf
  template: src=keepalived.conf.j2 dest=/etc/keepalived/keepalived.conf


vi  start.yaml

  - name: start keepalived
  service: name=keepalived state=started enabled=yes


vi main.yaml

  - include: yum.yaml
  - include: tmpl.yaml
  - include: start.yaml

tasks目录下文件

nginx角色配置

websrv1: 172.20.128.33
webport1: 80
websrv2: 172.20.128.34
webport2: 80

vars/main.yaml

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80;
        listen       [::]:80;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }

}

templates/nginx.conf.j2

upstream websrvs {
  server {{ websrv1 }}:{{ webport1 }};
  server {{ websrv2 }}:{{ webport2 }};
}

server {
    listen 80  default_server;
    server_name www.a.com;
    root /usr/share/nginx/html;
    location /{
      proxy_pass http://websrvs;
    }
}

templates/www.conf.j2

vi yum.yaml
  - name: install nginx
    yum:  name=nginx

[root@localhost tasks]# cat templ.yaml 
- name: copy nginx conf
  template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf

- name: copy www conf
  template: src=www.conf.j2 dest=/etc/nginx/conf.d/www.conf


[root@localhost tasks]# cat start.yaml 
- name: start nginx
  service: name=nginx state=started enabled=yes


[root@localhost tasks]# cat main.yaml 
- include: yum.yaml
- include: templ.yaml
- include: start.yaml

tasks目录下文件

启动执行角色

[root@localhost HAnginx]# ls
roles  start.yaml
[root@localhost HAnginx]# ansible-playbook start.yaml



#roles目录下的文件
[root@localhost HAnginx]# cd roles
[root@localhost roles]# ls
keepalived  nginx
[root@localhost roles]#

启动目录

注意点

在模板中 {% if v["master"] == ansible_nodename %} 不能写成 {% if v["master"] == {{ ansible_nodename }} %}

只有需要输出变量的值的时候才能写成 {{ ansible_nodename }} 进行变量比较的时候直接写成 ansible_nodename 即可

可以把所有的变量定义在每个角色目录下的/vars/main.yaml文件中,然后可以直接在j2模板中引用这里面的变量名称,j2根据变量和相关业务动态生成各种配置文件传送到相关主机

[root@localhost HAnginx]# ansible all -m setup | grep hostname

"ansible_hostname": "node2",
"ansible_hostname": "node1",

ansible all -m setup -a "filter=ansible_hostname"

使用default()默认值

当我们定义了变量的值时,采用变量的值,当我们没有定义变量的值时,那么使用默认给定的值

[root@master ansible]# cat roles/temp/templates/test_default.j2 
Listen: {{ server_port|default(80) }}

上一篇：memcached命令知识

下一篇：python中json文件处理涉及的四个函数json.dumps()和json.loads()、json.dump()和json.load()的区别

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	网站地图	意见反馈

鸿蒙开发者社区	51CTO学堂
51CTO	软考资讯