yindun
/
ansible-devops
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ansible-devops/scripts/haproxy.sh

204 lines
5.1 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
set -euo pipefail
# 初始化变量
ACTION=""
BACKENDS=""
VIP=""
HAPROXY_PORT=6443
HAPROXY_CONF="/etc/haproxy/haproxy.cfg"
HAPROXY_LOG_CONF="/etc/rsyslog.d/haproxy.conf"
HAPROXY_LOG="/var/log/haproxy.log"
# 打印帮助信息
usage() {
echo "用法: $0 [操作] [选项]"
echo "操作:"
echo " --install 安装并配置haproxy"
echo " --uninstall 卸载haproxy并清理配置"
echo "安装选项:"
echo " --backend <节点列表> 必选,后端节点(格式:IP:端口,IP:端口..."
echo " --vip <VIP> 必选虚拟IP格式:192.168.1.100"
echo " --port <端口> 可选监听端口默认6443"
echo "示例:"
echo " 安装: $0 --install --backend 192.168.1.10:6443,192.168.1.11:6443 --vip 192.168.1.100"
echo " 卸载: $0 --uninstall"
exit 1
}
# 解析参数
while [[ $# -gt 0 ]]; do
case "$1" in
--install|--uninstall)
ACTION="$1"
shift
;;
--backend)
BACKENDS="$2"
shift 2
;;
--vip)
VIP="$2"
shift 2
;;
--port)
HAPROXY_PORT="$2"
shift 2
;;
*)
echo "错误:未知参数 $1"
usage
;;
esac
done
# 校验操作参数
if [[ -z "$ACTION" ]]; then
echo "错误:必须指定 --install 或 --uninstall"
usage
fi
# 检查root权限
if [[ $EUID -ne 0 ]]; then
echo "错误脚本必须以root权限运行使用sudo"
exit 1
fi
# 安装haproxy
install_haproxy() {
# 校验安装参数
if [[ -z "$BACKENDS" || -z "$VIP" ]]; then
echo "错误:安装必须指定 --backend 和 --vip"
usage
fi
# 校验后端节点格式
IFS=',' read -ra BACKEND_LIST <<< "$BACKENDS"
for node in "${BACKEND_LIST[@]}"; do
if ! [[ "$node" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+:[0-9]+$ ]]; then
echo "错误后端节点格式无效正确格式IP:端口)"
exit 1
fi
done
# 安装软件
echo "===== 开始安装haproxy ====="
apt update >/dev/null
apt install -y haproxy >/dev/null || { echo "haproxy安装失败"; exit 1; }
# 备份原有配置(若存在)
if [[ -f "$HAPROXY_CONF" ]]; then
mv "$HAPROXY_CONF" "${HAPROXY_CONF}.bak.$(date +%F_%H%M%S)"
echo "已备份原有配置文件"
fi
# 生成配置文件
echo "生成haproxy配置..."
cat > "$HAPROXY_CONF" << EOF
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 10000
user haproxy
group haproxy
daemon
defaults
mode tcp
log global
option tcplog
option dontlognull
option redispatch
retries 3
timeout connect 10s
timeout client 1m
timeout server 1m
maxconn 8000
frontend k8s-api-frontend
bind $VIP:$HAPROXY_PORT
mode tcp
default_backend k8s-api-backend
backend k8s-api-backend
mode tcp
balance roundrobin
EOF
# 添加后端节点
for idx in "${!BACKEND_LIST[@]}"; do
node="${BACKEND_LIST[$idx]}"
echo " server master-$idx $node check fall 3 rise 2 weight 10" >> "$HAPROXY_CONF"
done
# 配置日志
echo "配置日志..."
echo 'local2.* /var/log/haproxy.log' > "$HAPROXY_LOG_CONF"
systemctl restart rsyslog >/dev/null
# 启动服务
systemctl enable --now haproxy
if systemctl is-active --quiet haproxy; then
echo "===== haproxy安装完成 ====="
echo "监听:$VIP:$HAPROXY_PORT"
echo "后端:$BACKENDS"
else
echo "错误haproxy启动失败请查看日志 $HAPROXY_LOG"
exit 1
fi
}
# 卸载haproxy
uninstall_haproxy() {
echo "===== 开始卸载haproxy ====="
# 停止服务
if systemctl is-active --quiet haproxy; then
systemctl stop haproxy
echo "已停止haproxy服务"
fi
# 卸载软件
if dpkg -l haproxy &>/dev/null; then
apt purge -y haproxy >/dev/null
apt autoremove -y >/dev/null
echo "已卸载haproxy软件包"
else
echo "haproxy未安装跳过卸载"
fi
# 清理配置文件(保留备份提示)
if [[ -d /etc/haproxy/ ]]; then
mv /etc/haproxy/ "/etc/haproxy.bak.$(date +%F_%H%M%S)"
echo "配置文件已备份至 /etc/haproxy.bak.xxx"
fi
# 清理日志配置
if [[ -f "$HAPROXY_LOG_CONF" ]]; then
rm -f "$HAPROXY_LOG_CONF"
systemctl restart rsyslog >/dev/null
echo "已清理日志配置"
fi
# 清理日志文件
if [[ -f "$HAPROXY_LOG" ]]; then
rm -f "$HAPROXY_LOG"
echo "已删除日志文件"
fi
echo "===== haproxy卸载完成 ====="
}
# 执行操作
case "$ACTION" in
--install)
install_haproxy
;;
--uninstall)
uninstall_haproxy
;;
*)
usage
;;
esac
Reference in New Issue View Git Blame Copy Permalink