diff --git a/scripts/haproxy.sh b/scripts/haproxy.sh new file mode 100644 index 0000000..00af977 --- /dev/null +++ b/scripts/haproxy.sh @@ -0,0 +1,204 @@ +#!/bin/bash +set -euo pipefail + +# 初始化变量 +ACTION="" +BACKENDS="" +VIP="" +HAPROXY_PORT=6443 +HAPROXY_CONF="/etc/haproxy/haproxy.cfg" +HAPROXY_LOG_CONF="/etc/rsyslog.d/haproxy.conf" +HAPROXY_LOG="/var/log/haproxy.log" + +# 打印帮助信息 +usage() { + echo "用法: $0 [操作] [选项]" + echo "操作:" + echo " --install 安装并配置haproxy" + echo " --uninstall 卸载haproxy并清理配置" + echo "安装选项:" + echo " --backend <节点列表> 必选,后端节点(格式:IP:端口,IP:端口...)" + echo " --vip 必选,虚拟IP(格式:192.168.1.100)" + echo " --port <端口> 可选,监听端口(默认6443)" + echo "示例:" + echo " 安装: $0 --install --backend 192.168.1.10:6443,192.168.1.11:6443 --vip 192.168.1.100" + echo " 卸载: $0 --uninstall" + exit 1 +} + +# 解析参数 +while [[ $# -gt 0 ]]; do + case "$1" in + --install|--uninstall) + ACTION="$1" + shift + ;; + --backend) + BACKENDS="$2" + shift 2 + ;; + --vip) + VIP="$2" + shift 2 + ;; + --port) + HAPROXY_PORT="$2" + shift 2 + ;; + *) + echo "错误:未知参数 $1" + usage + ;; + esac +done + +# 校验操作参数 +if [[ -z "$ACTION" ]]; then + echo "错误:必须指定 --install 或 --uninstall" + usage +fi + +# 检查root权限 +if [[ $EUID -ne 0 ]]; then + echo "错误:脚本必须以root权限运行(使用sudo)" + exit 1 +fi + +# 安装haproxy +install_haproxy() { + # 校验安装参数 + if [[ -z "$BACKENDS" || -z "$VIP" ]]; then + echo "错误:安装必须指定 --backend 和 --vip" + usage + fi + + # 校验后端节点格式 + IFS=',' read -ra BACKEND_LIST <<< "$BACKENDS" + for node in "${BACKEND_LIST[@]}"; do + if ! [[ "$node" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:[0-9]+$ ]]; then + echo "错误:后端节点格式无效(正确格式:IP:端口)" + exit 1 + fi + done + + # 安装软件 + echo "===== 开始安装haproxy =====" + apt update >/dev/null + apt install -y haproxy >/dev/null || { echo "haproxy安装失败"; exit 1; } + + # 备份原有配置(若存在) + if [[ -f "$HAPROXY_CONF" ]]; then + mv "$HAPROXY_CONF" "${HAPROXY_CONF}.bak.$(date +%F_%H%M%S)" + echo "已备份原有配置文件" + fi + + # 生成配置文件 + echo "生成haproxy配置..." + cat > "$HAPROXY_CONF" << EOF +global + log 127.0.0.1 local2 + chroot /var/lib/haproxy + pidfile /var/run/haproxy.pid + maxconn 10000 + user haproxy + group haproxy + daemon + +defaults + mode tcp + log global + option tcplog + option dontlognull + option redispatch + retries 3 + timeout connect 10s + timeout client 1m + timeout server 1m + maxconn 8000 + +frontend k8s-api-frontend + bind $VIP:$HAPROXY_PORT + mode tcp + default_backend k8s-api-backend + +backend k8s-api-backend + mode tcp + balance roundrobin +EOF + + # 添加后端节点 + for idx in "${!BACKEND_LIST[@]}"; do + node="${BACKEND_LIST[$idx]}" + echo " server master-$idx $node check fall 3 rise 2 weight 10" >> "$HAPROXY_CONF" + done + + # 配置日志 + echo "配置日志..." + echo 'local2.* /var/log/haproxy.log' > "$HAPROXY_LOG_CONF" + systemctl restart rsyslog >/dev/null + + # 启动服务 + systemctl enable --now haproxy + if systemctl is-active --quiet haproxy; then + echo "===== haproxy安装完成 =====" + echo "监听:$VIP:$HAPROXY_PORT" + echo "后端:$BACKENDS" + else + echo "错误:haproxy启动失败,请查看日志 $HAPROXY_LOG" + exit 1 + fi +} + +# 卸载haproxy +uninstall_haproxy() { + echo "===== 开始卸载haproxy =====" + + # 停止服务 + if systemctl is-active --quiet haproxy; then + systemctl stop haproxy + echo "已停止haproxy服务" + fi + + # 卸载软件 + if dpkg -l haproxy &>/dev/null; then + apt purge -y haproxy >/dev/null + apt autoremove -y >/dev/null + echo "已卸载haproxy软件包" + else + echo "haproxy未安装,跳过卸载" + fi + + # 清理配置文件(保留备份提示) + if [[ -d /etc/haproxy/ ]]; then + mv /etc/haproxy/ "/etc/haproxy.bak.$(date +%F_%H%M%S)" + echo "配置文件已备份至 /etc/haproxy.bak.xxx" + fi + + # 清理日志配置 + if [[ -f "$HAPROXY_LOG_CONF" ]]; then + rm -f "$HAPROXY_LOG_CONF" + systemctl restart rsyslog >/dev/null + echo "已清理日志配置" + fi + + # 清理日志文件 + if [[ -f "$HAPROXY_LOG" ]]; then + rm -f "$HAPROXY_LOG" + echo "已删除日志文件" + fi + + echo "===== haproxy卸载完成 =====" +} + +# 执行操作 +case "$ACTION" in + --install) + install_haproxy + ;; + --uninstall) + uninstall_haproxy + ;; + *) + usage + ;; +esac \ No newline at end of file