image.png

實(shí)驗(yàn)環(huán)境品洛，同步所有主機(jī)的時(shí)間、設(shè)置主機(jī)名并修改hosts文件使能互相解析
主機(jī)名舅世、實(shí)現(xiàn)能互相基于秘鑰的驗(yàn)證髓梅、在node1着饥、node2篓冲、node3寒锚、node4節(jié)點(diǎn)安裝好puppet
1、創(chuàng)建keepadlived的puppet資源清單文件
[root@node1 app]#vim keepalived.pp
class keepalived { #創(chuàng)建一個(gè)父類
package {'keepalived':
       ensure => present
}-> #表示此資源優(yōu)先于后面的service資源
service {'keepalived':
        ensure => running,
        hasrestart => true,
        restart => 'systemctl restart keepalived'
}
}
class keepalived::master inherits keepalived { #創(chuàng)建一個(gè)子類乓旗，子類的名字為父類名::子類名府蛇，inherits表示從哪個(gè)父類繼承
file {'/etc/keepalived/keepalived.conf':
         ensure => file,
         source => '/app/keepalived-master.conf',
         require => Package['keepalived'] #要想運(yùn)行此資源需要先運(yùn)行package資源
}
Service['keepalived'] { #在子類中調(diào)用父類中的資源service
           subscribe =>  File['/etc/keepalived/keepalived.conf'] #在子類中對父類的資源新增加一個(gè)屬性，屬性為訂閱file資源屿愚，也就是只有file資源運(yùn)行了才會(huì)運(yùn)行此資源汇跨，也可以在file資源中notify此資源
}
}
class keepalived::backup inherits keepalived { 
file {'/etc/keepalived/keepalived.conf':
                source => '/app/keepalived-backup.conf',
                ensure => file,
         require => Package['keepalived']
}
Service['keepalived'] {
           subscribe => File['/etc/keepalived/keepalived.conf']
}
}
include keepalived::master  #在node1上調(diào)用此子類
在node2上調(diào)用include keepalived::backup子類
2务荆、在node1上keepalived的配置文件
[root@node1 app]#vim /app/keepalived-master.conf 
! Configuration File for keepalived

global_defs {
   notification_email {
          root@localhost
   }
   notification_email_from node1@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node1
    vrrp_mcast_group4 224.21.21.21#注意要加上這個(gè)多播地址，配置文件中原來是沒有的穷遂，需要后加上
}
vrrp_script chk_down {
   script "[ -f /etc/keepalived/down ] && exit 1 || exit 0" #返回結(jié)果為1則優(yōu)先級減20
   interval 1
   weight -20
}
vrrp_script chk_nginx {
        script "killall -0 nginx &>/dev/null &&exit 0||exit 1" #監(jiān)控nginx服務(wù)的腳本
                interval 1
                weight -20
                fall 2
                rise 2
}
vrrp_instance VI_1 {
    state MASTER
    interface ens37
    virtual_router_id 88
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.18.21.88 dev ens37
    }
    track_script {  #調(diào)用前面的腳本
     chk_down
     chk_nginx
   }
}
3蛹含、在node2上keepalived的配置文件
[root@node3 app]#vim /app/keepalived-backup.conf 
! Configuration File for keepalived

global_defs {
   notification_email {
          root@localhost
   }
   notification_email_from node3@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node3
    vrrp_mcast_group4 224.21.21.21
}
vrrp_script chk_down {
    script "[ -f /etc/keepalived/down ] && exit 1 || exit 0"
    interval 1
    weight -20 
}
vrrp_script chk_nginx {    
        script "killall -0 nginx &>/dev/null &&exit 0||exit 1"
                interval 1
                weight -20    
                fall 2
                rise 2
}   
vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 88
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }   
    virtual_ipaddress {
       172.18.21.88 dev ens33
    }   
    track_script {
    chk_down
    chk_nginx
    }   
}
4、node1和node3上nginx的puppet清單文件和配置文件
[root@node1 app]#vim nginx.pp #nginx的puppet清單文件
class nginx {
package {'nginx':
    ensure => present
}->
file {'nginx.conf':
     path => '/etc/nginx/nginx.conf',
     source => '/app/nginx.conf',
     ensure => file,
     notify => Service['nginx']
}
service {'nginx':
     ensure => running,
     hasrestart => true,
     restart => 'systemctl reload nginx',
     require => Package['nginx']
}
}
include nginx
[root@node1 app]#vim /app/nginx.conf #nginx的配置文件
upstream varnishsrvs {
      server 172.18.21.7:6081;
      server 172.18.21.200:6081;
     }
 location / {
         proxy_pass http://varnishsrvs;
        }
5塞颁、在node2浦箱、node4上varnish的puppet清單文件和varnish配置文件
[root@node2 app]#vim varnish.pp 
class varnish {
package {'varnish':
      ensure => present
}->
file {'default.vcl':
     path => '/etc/varnish/default.vcl',
     source => '/app/default.vcl',
     ensure => file,
     notify => Service['varnish']
}
service {'varnish':
      ensure => running,
      hasrestart => true,
      restart => 'systemctl restart varnish',
      require => Package['varnish']
}
}
include varnish
[root@node2 app]#vim /app/default.vcl 
backend default {
    .host = "172.18.21.6";
    .port = "80";
}
sub vcl_deliver {
      if (obj.hits>0) {
                set resp.http.x-cache = "HIT via" + server.ip; #表示如果命中率大于0，則在返回給客戶端的響應(yīng)報(bào)文中增加一個(gè)首部x-cache祠锣，這個(gè)首部的值為 "HIT via" + server.ip(varnish的ip地址酷窥，說明命中來自哪個(gè)緩存服務(wù)器)
        }else {
                set resp.http.x-cache = "MISS from" + server.ip;
}
}
6、在node5上安裝好httpd并啟動(dòng)服務(wù)
7伴网、測試