实战案例:利用docker结合负载实现网络架构高可用
整体规划图
下图为一个小型的网络架构图,其中nginx 使用docker 运行
安装并配置keepalived
Server1 安装并配置
[root@docker-server1 ~]# yum install keepalived –y
[root@docker-server1 ~]# cat /etc/keepalived/keepalived.conf
vrrp_instance MAKE_VIP_INT {
state MASTER
interface eth0
virtual_router_id 1
priority 100
advert_int 1
unicast_src_ip 192.168.10.205
unicast_peer {
192.168.10.206
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.100/24 dev eth0 label eth0:1
}
}
[root@docker-server1~]# systemctl restart keepalived && systemctl enable keepalived
Server2 安装并配置:
[root@docker-server2 ~]# yum install keepalived –y
[root@docker-server2 ~]# cat /etc/keepalived/keepalived.conf
vrrp_instance MAKE_VIP_INT {
state BACKUP
interface eth0
virtual_router_id 1
priority 50
advert_int 1
unicast_src_ip 192.168.10.206
unicast_peer {
192.168.10.205
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.100/24 dev eth0 label eth0:1
}
}
[root@docker-server2 ~]# systemctl restart keepalived && systemctl enable keepalived
安装并配置haproxy
修改系统内核使其可以监听本地不存在的IP
[root@docker-server1 ~]# sysctl -w net.ipv4.ip_nonlocal_bind=1
[root@docker-server2 ~]# sysctl -w net.ipv4.ip_nonlocal_bind=1
Server1安装并配置haproxy
[root@docker-server1 ~]# yum install haproxy –y
[root@docker-server1 ~]# cat /etc/haproxy/haproxy.cfg
global
maxconn 100000
uid 99
gid 99
daemon
nbproc 1
log 127.0.0.1 local0 info
defaults
option http-keep-alive
#option forwardfor
maxconn 100000
mode tcp
timeout connect 500000ms
timeout client 500000ms
timeout server 500000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:q1w2e3r4ys
#================================================================
frontend docker_nginx_web
bind 192.168.10.100:80
mode http
default_backend docker_nginx_hosts
backend docker_nginx_hosts
mode http
#balance source
balance roundrobin
server 192.168.10.205 192.168.10.205:81 check inter 2000 fall 3 rise 5
server 192.168.10.206 192.168.10.206:81 check inter 2000 fall 3 rise 5
Server2安装并配置haproxy
[root@docker-server2 ~]# yum install haproxy –y
[root@docker-server2 ~]# cat /etc/haproxy/haproxy.cfg
global
maxconn 100000
uid 99
gid 99
daemon
nbproc 1
log 127.0.0.1 local0 info
defaults
option http-keep-alive
#option forwardfor
maxconn 100000
mode tcp
timeout connect 500000ms
timeout client 500000ms
timeout server 500000ms
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:q1w2e3r4ys
#================================================================
frontend docker_nginx_web
bind 192.168.10.100:80
mode http
default_backend docker_nginx_hosts
backend docker_nginx_hosts
mode http
#balance source
balance roundrobin
server 192.168.10.205 192.168.10.205:81 check inter 2000 fall 3 rise 5
server 192.168.10.206 192.168.10.206:81 check inter 2000 fall 3 rise 5
各服务器别分启动haproxy
[root@docker-server1 ~]# systemctl enable haproxy
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.
[root@docker-server1 ~]# systemctl restart haproxy
[root@docker-server2 ~]# systemctl enable haproxy
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.
[root@docker-server2 ~]# systemctl restart haproxy
服务器启动nginx容器并验证
Server1 启动Nginx 容器
从本地Nginx 镜像启动一个容器,并指定端口,默认协议是tcp方式
[root@docker-server1 ~]# docker rm -f docker ps -a -q
#先删除之前所有的容器
[root@docker-server1 ~]# docker run --name nginx-web1 -d -p 81:80 nginx-1.10.3:v1 nginx
5410e4042f731d2abe100519269f9241a7db2b3a188c6747b28423b5a584d020
验证端口
验证web访问
Server2 启动nginx 容器:
[root@docker-server2 ~]# docker run --name nginx-web1 -d -p 81:80 nginx-1.10.3:v1 nginx
84f2376242e38d7c8ba7fabf3134ac0610ab26358de0100b151df6a231a2b56a
验证端口
验证web访问
访问VIP
Server1 haproxy状态页面
Server2 haproxy状态页面
日志可以在nginx 里面通过syslog传递给elk收集
指定IP、协议和端口:
[root@linux-docker ~]# docker run --name nginx-web -d -p 192.168.10.22:80:80/tcp centos-nginx nginx
[root@linux-docker ~]# docker run --name nginx-web-udp -d -p 192.168.10.22:54:53/udp centos-nginx nginx
本文链接:https://www.yunweipai.com/34885.html
网友评论comments