首页 Docker教程docker实战-利用docker结合负载实现网络架构高可用

docker-Open vSwitch实现跨主机的容器之间网络互联

docker-镜像仓库管理

运维派隶属马哥教育旗下专业运维社区,是国内成立最早的IT运维技术社区,欢迎关注公众号:yunweipai
领取学习更多免费Linux云计算、Python、Docker、K8s教程关注公众号:马哥linux运维

实战案例:利用docker结合负载实现网络架构高可用

整体规划图

下图为一个小型的网络架构图,其中nginx 使用docker 运行

docker实战-利用docker结合负载实现网络架构高可用插图

安装并配置keepalived
Server1 安装并配置
[root@docker-server1 ~]# yum install keepalived –y
[root@docker-server1 ~]# cat /etc/keepalived/keepalived.conf 
vrrp_instance MAKE_VIP_INT {
  state MASTER
  interface eth0
  virtual_router_id 1
  priority 100
  advert_int 1
  unicast_src_ip 192.168.10.205
  unicast_peer {
   192.168.10.206
  }

   authentication {
   auth_type PASS
   auth_pass 1111
  }

  virtual_ipaddress {
    192.168.10.100/24 dev eth0 label eth0:1
  }
}

[root@docker-server1~]# systemctl restart keepalived && systemctl enable keepalived
Server2 安装并配置:
[root@docker-server2 ~]# yum install keepalived –y
[root@docker-server2 ~]# cat /etc/keepalived/keepalived.conf 
vrrp_instance MAKE_VIP_INT {
  state BACKUP
  interface eth0
  virtual_router_id 1
  priority 50
  advert_int 1
  unicast_src_ip 192.168.10.206
  unicast_peer {
    192.168.10.205
  }

  authentication {
    auth_type PASS
    auth_pass 1111
  }

  virtual_ipaddress {
    192.168.10.100/24 dev eth0 label eth0:1
  }
}

[root@docker-server2 ~]# systemctl restart keepalived && systemctl enable keepalived
安装并配置haproxy
修改系统内核使其可以监听本地不存在的IP
[root@docker-server1 ~]# sysctl -w net.ipv4.ip_nonlocal_bind=1
[root@docker-server2 ~]# sysctl -w net.ipv4.ip_nonlocal_bind=1
Server1安装并配置haproxy
[root@docker-server1 ~]# yum install haproxy –y
[root@docker-server1 ~]# cat /etc/haproxy/haproxy.cfg 
global
maxconn 100000
uid 99
gid 99
daemon
nbproc 1
log 127.0.0.1 local0 info
defaults
option http-keep-alive
#option forwardfor
maxconn 100000
mode tcp
timeout connect 500000ms
timeout client 500000ms
timeout server 500000ms
listen stats
 mode http
 bind 0.0.0.0:9999
 stats enable
 log global
 stats uri   /haproxy-status
 stats auth  haadmin:q1w2e3r4ys

#================================================================

frontend docker_nginx_web
  bind 192.168.10.100:80 
  mode http
  default_backend docker_nginx_hosts 

backend docker_nginx_hosts
  mode http
  #balance source
  balance roundrobin

server 192.168.10.205  192.168.10.205:81 check inter 2000 fall 3 rise 5
server 192.168.10.206  192.168.10.206:81 check inter 2000 fall 3 rise 5
Server2安装并配置haproxy
[root@docker-server2 ~]# yum install haproxy –y
[root@docker-server2 ~]# cat /etc/haproxy/haproxy.cfg 
global
maxconn 100000
uid 99
gid 99
daemon
nbproc 1
log 127.0.0.1 local0 info 

defaults
option http-keep-alive

#option forwardfor
maxconn 100000
mode tcp
timeout connect 500000ms
timeout client 500000ms
timeout server 500000ms 

listen stats
 mode http
 bind 0.0.0.0:9999
 stats enable
 log global
 stats uri   /haproxy-status
 stats auth  haadmin:q1w2e3r4ys

#================================================================

frontend docker_nginx_web
  bind 192.168.10.100:80 
  mode http
  default_backend docker_nginx_hosts

backend docker_nginx_hosts

  mode http
  #balance source
  balance roundrobin
  server 192.168.10.205  192.168.10.205:81 check inter 2000 fall 3 rise 5
  server 192.168.10.206  192.168.10.206:81 check inter 2000 fall 3 rise 5
各服务器别分启动haproxy
[root@docker-server1 ~]# systemctl enable haproxy
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.
[root@docker-server1 ~]# systemctl restart haproxy
[root@docker-server2 ~]# systemctl enable haproxy
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.

[root@docker-server2 ~]# systemctl restart haproxy 
服务器启动nginx容器并验证
Server1 启动Nginx 容器

从本地Nginx 镜像启动一个容器,并指定端口,默认协议是tcp方式

[root@docker-server1 ~]# docker rm -f docker ps -a -q  #先删除之前所有的容器
[root@docker-server1 ~]# docker run --name nginx-web1 -d -p 81:80 nginx-1.10.3:v1 nginx
5410e4042f731d2abe100519269f9241a7db2b3a188c6747b28423b5a584d020
验证端口

docker实战-利用docker结合负载实现网络架构高可用插图1

验证web访问

docker实战-利用docker结合负载实现网络架构高可用插图2

Server2 启动nginx 容器:
[root@docker-server2 ~]# docker run --name nginx-web1 -d -p 81:80 nginx-1.10.3:v1 nginx
84f2376242e38d7c8ba7fabf3134ac0610ab26358de0100b151df6a231a2b56a
验证端口

docker实战-利用docker结合负载实现网络架构高可用插图3

验证web访问

docker实战-利用docker结合负载实现网络架构高可用插图4

访问VIP

docker实战-利用docker结合负载实现网络架构高可用插图5

Server1 haproxy状态页面

docker实战-利用docker结合负载实现网络架构高可用插图6

Server2 haproxy状态页面

docker实战-利用docker结合负载实现网络架构高可用插图7

日志可以在nginx 里面通过syslog传递给elk收集

指定IP、协议和端口:

[root@linux-docker ~]# docker run --name nginx-web -d -p 192.168.10.22:80:80/tcp centos-nginx nginx

[root@linux-docker ~]# docker run --name nginx-web-udp  -d -p 192.168.10.22:54:53/udp centos-nginx nginx

本文链接:https://www.yunweipai.com/34885.html

docker-Open vSwitch实现跨主机的容器之间网络互联

docker-镜像仓库管理

网友评论comments

发表回复

您的电子邮箱地址不会被公开。

暂无评论

Copyright © 2012-2022 YUNWEIPAI.COM - 运维派 京ICP备16064699号-6
扫二维码
扫二维码
返回顶部