这篇博客是基于尚硅谷-周阳老师的docker课程,是我在学习时记录下来的,有的地方是我结合自己的工作情况做了修改。
初级篇
一、安装
一次打包处处运行,实现跨平台
1.卸载旧版本
sudo yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
2.安装yum-config-manager
#yum-util提供yum-config-manager功能
yum install -y yum-utils
3.配置docker的资源库地址:
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
4.创建缓存
yum makecache fast
5.安装最新版本的Docker引擎、Docker客户端:
# docker-ce是Docker引擎,docker-ce-cli是客户端
yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin
此时,默认安装的docker引擎、客户端都是最新版本。
如果要安装指定版本:
# 查询版本列表
yum list docker-ce --showduplicates | sort -r
# 指定版本安装17.09.0.ce版
#yum install docker-ce-<VERSION_STRING> docker-ce-cli-<VERSION_STRING> containerd.io docker-compose-plugin
yum install docker-ce-17.09.0.ce docker-ce-cli-17.09.0.ce containerd.io docker-compose-plugin
6.启动Docker引擎:
# 新版本的Docker就是一个系统服务,可以直接使用启动系统服务方式启动
systemctl start docker
# 此时查看docker版本,可以看到Server: Docker Engine(Docker引擎)版本号
docker version
7.设置为开机自启动
systemctl enable docker
8.配置阿里云镜像下载加速
登录阿里云,进入 工作台 -> 容器镜像服务 -> 镜像工具 -> 镜像加速器
每个用户都会有自己专有的一个域名,直接粘贴复制即可
mkdir -p /etc/docker
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://XXXXX.mirror.aliyuncs.com"]
}
EOF
systemctl daemon-reload
systemctl restart docker
二、docker 常用命令
#启动docker
systemctl start docker
#停止Docker
systemctl stop docker
#重启Docker
systemctl restart docker
#查看状态
systemctl status docker
#设置开机自启
systemctl enable docker
#查看镜像
docker images
#删除镜像
docker rmi 镜像名
#查看正在运行的容器
docker ps
#查看所有容器
docker ps -a
#列出当前所有运行容器的ID
docker ps -q
#================工作常用命令=================#
#重启所有容器
docker restart $(docker ps -q)
#停止所有容器
docker stop $(docker ps -q)
#删除当前所有容器
docker rm $(docker ps -a -q)
#强制删除当前所有容器,不管容器是否正在运行
docker rm -f $(docker ps -a -q)
#进入容器
docker exec -it 容器ID /bin/bash
#查看日志
docker logs 容器ID
三、docker 安装tomcat
docker run -d -p 8080:8080 --name mytomcat8 billygoo/tomcat8-jdk8
四、docker 安装MySQL单机
docker run -d --restart always -p 3306:3306 --privileged=true -v /opt/mysql/log:/var/log/mysql -v /opt/mysql/data:/var/lib/mysql -v /opt/mysql/conf:/etc/mysql/conf.d --name mysql-llx -e MYSQL_ROOT_PASSWORD=123456 mysql:5.7
-d 后台启动
–restart always 开机自启动
-p 自定义端口映射 宿主机端口:容器端口
-P 大写时 自动映射 不用再配置端口映射,容器会自己映射
–privileged=true 容器卷挂载时会自动创建对应的文件夹,并赋予容器操作文件夹的权限
-v 容器挂载 宿主机文件目录:容器文件目录
–name 容器名称
-e 环境变量配置
安装完成以后需要设置服务器的字符集编码
[client]
default_character_set=utf8
[mysqld]
collation_server = utf8_general_ci
character_set_server = utf8
重启mysql服务
docker restart mysql-llx
五、docker 安装redis
将配置文件和数据存储放在宿主机
首先在宿主机新建存放redis.conf的文件夹,并建立redis.conf文件
redis.conf 文件
# Redis configuration file example.
#
# Note that in order to read the configuration file, Redis must be
# started with the file path as first argument:
#
# ./redis-server /path/to/redis.conf
# Note on units: when memory size is needed, it is possible to specify
# it in the usual form of 1k 5GB 4M and so forth:
#
# 1k => 1000 bytes
# 1kb => 1024 bytes
# 1m => 1000000 bytes
# 1mb => 1024*1024 bytes
# 1g => 1000000000 bytes
# 1gb => 1024*1024*1024 bytes
#
# units are case insensitive so 1GB 1Gb 1gB are all the same.
################################## INCLUDES ###################################
# Include one or more other config files here. This is useful if you
# have a standard template that goes to all Redis servers but also need
# to customize a few per-server settings. Include files can include
# other files, so use this wisely.
#
# Notice option "include" won't be rewritten by command "CONFIG REWRITE"
# from admin or Redis Sentinel. Since Redis always uses the last processed
# line as value of a configuration directive, you'd better put includes
# at the beginning of this file to avoid overwriting config change at runtime.
#
# If instead you are interested in using includes to override configuration
# options, it is better to use include as the last line.
#
# include /path/to/local.conf
# include /path/to/other.conf
################################## MODULES #####################################
# Load modules at startup. If the server is not able to load modules
# it will abort. It is possible to use multiple loadmodule directives.
#
# loadmodule /path/to/my_module.so
# loadmodule /path/to/other_module.so
################################## NETWORK #####################################
# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 loopback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# bind 127.0.0.1
# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
# "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode no
# Accept connections on the specified port, default is 6379 (IANA #815344).
# If port 0 is specified Redis will not listen on a TCP socket.
port 6379
# TCP listen() backlog.
#
# In high requests-per-second environments you need an high backlog in order
# to avoid slow clients connections issues. Note that the Linux kernel
# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
# in order to get the desired effect.
tcp-backlog 511
# Unix socket.
#
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
# unixsocket /tmp/redis.sock
# unixsocketperm 700
# Close the connection after a client is idle for N seconds (0 to disable)
timeout 0
# TCP keepalive.
#
# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
# of communication. This is useful for two reasons:
#
# 1) Detect dead peers.
# 2) Take the connection alive from the point of view of network
# equipment in the middle.
#
# On Linux, the specified value (in seconds) is the period used to send ACKs.
# Note that to close the connection the double of the time is needed.
# On other kernels the period depends on the kernel configuration.
#
# A reasonable value for this option is 300 seconds, which is the new
# Redis default starting with Redis 3.2.1.
tcp-keepalive 300
################################# GENERAL #####################################
# By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
daemonize no
# If you run Redis from upstart or systemd, Redis can interact with your
# supervision tree. Options:
# supervised no - no supervision interaction
# supervised upstart - signal upstart by putting Redis into SIGSTOP mode
# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
# supervised auto - detect upstart or systemd method based on
# UPSTART_JOB or NOTIFY_SOCKET environment variables
# Note: these supervision methods only signal "process is ready."
# They do not enable continuous liveness pings back to your supervisor.
supervised no
# If a pid file is specified, Redis writes it where specified at startup
# and removes it at exit.
#
# When the server runs non daemonized, no pid file is created if none is
# specified in the configuration. When the server is daemonized, the pid file
# is used even if not specified, defaulting to "/var/run/redis.pid".
#
# Creating a pid file is best effort: if Redis is not able to create it
# nothing bad happens, the server will start and run normally.
pidfile /var/run/redis_6379.pid
# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
loglevel notice
# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
# syslog-enabled no
# Specify the syslog identity.
# syslog-ident redis
# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
# syslog-facility local0
# Set the number of databases. The default database is DB 0, you can select
# a different one on a per-connection basis using SELECT <dbid> where
# dbid is a number between 0 and 'databases'-1
databases 16
# By default Redis shows an ASCII art logo only when started to log to the
# standard output and if the standard output is a TTY. Basically this means
# that normally a logo is displayed only in interactive sessions.
#
# However it is possible to force the pre-4.0 behavior and always show a
# ASCII art logo in startup logs by setting the following option to yes.
always-show-logo yes
################################ SNAPSHOTTING ################################
#
# Save the DB on disk:
#
# save <seconds> <changes>
#
# Will save the DB if both the given number of seconds and the given
# number of write operations against the DB occurred.
#
# In the example below the behaviour will be to save:
# after 900 sec (15 min) if at least 1 key changed
# after 300 sec (5 min) if at least 10 keys changed
# after 60 sec if at least 10000 keys changed
#
# Note: you can disable saving completely by commenting out all "save" lines.
#
# It is also possible to remove all the previously configured save
# points by adding a save directive with a single empty string argument
# like in the following example:
#
# save ""
save 900 1
save 300 10
save 60 10000
# By default Redis will stop accepting writes if RDB snapshots are enabled
# (at least one save point) and the latest background save failed.
# This will make the user aware (in a hard way) that data is not persisting
# on disk properly, otherwise chances are that no one will notice and some
# disaster will happen.
#
# If the background saving process will start working again Redis will
# automatically allow writes again.
#
# However if you have setup your proper monitoring of the Redis server
# and persistence, you may want to disable this feature so that Redis will
# continue to work as usual even if there are problems with disk,
# permissions, and so forth.
stop-writes-on-bgsave-error yes
# Compress string objects using LZF when dump .rdb databases?
# For default that's set to 'yes' as it's almost always a win.
# If you want to save some CPU in the saving child set it to 'no' but
# the dataset will likely be bigger if you have compressible values or keys.
rdbcompression yes
# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
# This makes the format more resistant to corruption but there is a performance
# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
# for maximum performances.
#
# RDB files created with checksum disabled have a checksum of zero that will
# tell the loading code to skip the check.
rdbchecksum yes
# The filename where to dump the DB
dbfilename dump.rdb
# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
#
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
dir ./
################################# REPLICATION #################################
# Master-Replica replication. Use replicaof to make a Redis instance a copy of
# another Redis server. A few things to understand ASAP about Redis replication.
#
# +------------------+ +---------------+
# | Master | ---> | Replica |
# | (receive writes) | | (exact copy) |
# +------------------+ +---------------+
#
# 1) Redis replication is asynchronous, but you can configure a master to
# stop accepting writes if it appears to be not connected with at least
# a given number of replicas.
# 2) Redis replicas are able to perform a partial resynchronization with the
# master if the replication link is lost for a relatively small amount of
# time. You may want to configure the replication backlog size (see the next
# sections of this file) with a sensible value depending on your needs.
# 3) Replication is automatic and does not need user intervention. After a
# network partition replicas automatically try to reconnect to masters
# and resynchronize with them.
#
# replicaof <masterip> <masterport>
# If the master is password protected (using the "requirepass" configuration
# directive below) it is possible to tell the replica to authenticate before
# starting the replication synchronization process, otherwise the master will
# refuse the replica request.
#
# masterauth <master-password>
# When a replica loses its connection with the master, or when the replication
# is still in progress, the replica can act in two different ways:
#
# 1) if replica-serve-stale-data is set to 'yes' (the default) the replica will
# still reply to client requests, possibly with out of date data, or the
# data set may just be empty if this is the first synchronization.
#
# 2) if replica-serve-stale-data is set to 'no' the replica will reply with
# an error "SYNC with master in progress" to all the kind of commands
# but to INFO, replicaOF, AUTH, PING, SHUTDOWN, REPLCONF, ROLE, CONFIG,
# SUBSCRIBE, UNSUBSCRIBE, PSUBSCRIBE, PUNSUBSCRIBE, PUBLISH, PUBSUB,
# COMMAND, POST, HOST: and LATENCY.
#
replica-serve-stale-data yes
# You can configure a replica instance to accept writes or not. Writing against
# a replica instance may be useful to store some ephemeral data (because data
# written on a replica will be easily deleted after resync with the master) but
# may also cause problems if clients are writing to it because of a
# misconfiguration.
#
# Since Redis 2.6 by default replicas are read-only.
#
# Note: read only replicas are not designed to be exposed to untrusted clients
# on the internet. It's just a protection layer against misuse of the instance.
# Still a read only replica exports by default all the administrative commands
# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
# security of read only replicas using 'rename-command' to shadow all the
# administrative / dangerous commands.
replica-read-only yes
# Replication SYNC strategy: disk or socket.
#
# -------------------------------------------------------
# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY
# -------------------------------------------------------
#
# New replicas and reconnecting replicas that are not able to continue the replication
# process just receiving differences, need to do what is called a "full
# synchronization". An RDB file is transmitted from the master to the replicas.
# The transmission can happen in two different ways:
#
# 1) Disk-backed: The Redis master creates a new process that writes the RDB
# file on disk. Later the file is transferred by the parent
# process to the replicas incrementally.
# 2) Diskless: The Redis master creates a new process that directly writes the
# RDB file to replica sockets, without touching the disk at all.
#
# With disk-backed replication, while the RDB file is generated, more replicas
# can be queued and served with the RDB file as soon as the current child producing
# the RDB file finishes its work. With diskless replication instead once
# the transfer starts, new replicas arriving will be queued and a new transfer
# will start when the current one terminates.
#
# When diskless replication is used, the master waits a configurable amount of
# time (in seconds) before starting the transfer in the hope that multiple replicas
# will arrive and the transfer can be parallelized.
#
# With slow disks and fast (large bandwidth) networks, diskless replication
# works better.
repl-diskless-sync no
# When diskless replication is enabled, it is possible to configure the delay
# the server waits in order to spawn the child that transfers the RDB via socket
# to the replicas.
#
# This is important since once the transfer starts, it is not possible to serve
# new replicas arriving, that will be queued for the next RDB transfer, so the server
# waits a delay in order to let more replicas arrive.
#
# The delay is specified in seconds, and by default is 5 seconds. To disable
# it entirely just set it to 0 seconds and the transfer will start ASAP.
repl-diskless-sync-delay 5
# Replicas send PINGs to server in a predefined interval. It's possible to change
# this interval with the repl_ping_replica_period option. The default value is 10
# seconds.
#
# repl-ping-replica-period 10
# The following option sets the replication timeout for:
#
# 1) Bulk transfer I/O during SYNC, from the point of view of replica.
# 2) Master timeout from the point of view of replicas (data, pings).
# 3) Replica timeout from the point of view of masters (REPLCONF ACK pings).
#
# It is important to make sure that this value is greater than the value
# specified for repl-ping-replica-period otherwise a timeout will be detected
# every time there is low traffic between the master and the replica.
#
# repl-timeout 60
# Disable TCP_NODELAY on the replica socket after SYNC?
#
# If you select "yes" Redis will use a smaller number of TCP packets and
# less bandwidth to send data to replicas. But this can add a delay for
# the data to appear on the replica side, up to 40 milliseconds with
# Linux kernels using a default configuration.
#
# If you select "no" the delay for data to appear on the replica side will
# be reduced but more bandwidth will be used for replication.
#
# By default we optimize for low latency, but in very high traffic conditions
# or when the master and replicas are many hops away, turning this to "yes" may
# be a good idea.
repl-disable-tcp-nodelay no
# Set the replication backlog size. The backlog is a buffer that accumulates
# replica data when replicas are disconnected for some time, so that when a replica
# wants to reconnect again, often a full resync is not needed, but a partial
# resync is enough, just passing the portion of data the replica missed while
# disconnected.
#
# The bigger the replication backlog, the longer the time the replica can be
# disconnected and later be able to perform a partial resynchronization.
#
# The backlog is only allocated once there is at least a replica connected.
#
# repl-backlog-size 1mb
# After a master has no longer connected replicas for some time, the backlog
# will be freed. The following option configures the amount of seconds that
# need to elapse, starting from the time the last replica disconnected, for
# the backlog buffer to be freed.
#
# Note that replicas never free the backlog for timeout, since they may be
# promoted to masters later, and should be able to correctly "partially
# resynchronize" with the replicas: hence they should always accumulate backlog.
#
# A value of 0 means to never release the backlog.
#
# repl-backlog-ttl 3600
# The replica priority is an integer number published by Redis in the INFO output.
# It is used by Redis Sentinel in order to select a replica to promote into a
# master if the master is no longer working correctly.
#
# A replica with a low priority number is considered better for promotion, so
# for instance if there are three replicas with priority 10, 100, 25 Sentinel will
# pick the one with priority 10, that is the lowest.
#
# However a special priority of 0 marks the replica as not able to perform the
# role of master, so a replica with priority of 0 will never be selected by
# Redis Sentinel for promotion.
#
# By default the priority is 100.
replica-priority 100
# It is possible for a master to stop accepting writes if there are less than
# N replicas connected, having a lag less or equal than M seconds.
#
# The N replicas need to be in "online" state.
#
# The lag in seconds, that must be <= the specified value, is calculated from
# the last ping received from the replica, that is usually sent every second.
#
# This option does not GUARANTEE that N replicas will accept the write, but
# will limit the window of exposure for lost writes in case not enough replicas
# are available, to the specified number of seconds.
#
# For example to require at least 3 replicas with a lag <= 10 seconds use:
#
# min-replicas-to-write 3
# min-replicas-max-lag 10
#
# Setting one or the other to 0 disables the feature.
#
# By default min-replicas-to-write is set to 0 (feature disabled) and
# min-replicas-max-lag is set to 10.
# A Redis master is able to list the address and port of the attached
# replicas in different ways. For example the "INFO replication" section
# offers this information, which is used, among other tools, by
# Redis Sentinel in order to discover replica instances.
# Another place where this info is available is in the output of the
# "ROLE" command of a master.
#
# The listed IP and address normally reported by a replica is obtained
# in the following way:
#
# IP: The address is auto detected by checking the peer address
# of the socket used by the replica to connect with the master.
#
# Port: The port is communicated by the replica during the replication
# handshake, and is normally the port that the replica is using to
# listen for connections.
#
# However when port forwarding or Network Address Translation (NAT) is
# used, the replica may be actually reachable via different IP and port
# pairs. The following two options can be used by a replica in order to
# report to its master a specific set of IP and port, so that both INFO
# and ROLE will report those values.
#
# There is no need to use both the options if you need to override just
# the port or the IP address.
#
# replica-announce-ip 5.5.5.5
# replica-announce-port 1234
################################## SECURITY ###################################
# Require clients to issue AUTH <PASSWORD> before processing any other
# commands. This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
requirepass 123456
# Command renaming.
#
# It is possible to change the name of dangerous commands in a shared
# environment. For instance the CONFIG command may be renamed into something
# hard to guess so that it will still be available for internal-use tools
# but not available for general clients.
#
# Example:
#
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
#
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
# rename-command CONFIG ""
#
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to replicas may cause problems.
################################### CLIENTS ####################################
# Set the max number of connected clients at the same time. By default
# this limit is set to 10000 clients, however if the Redis server is not
# able to configure the process file limit to allow for the specified limit
# the max number of allowed clients is set to the current file limit
# minus 32 (as Redis reserves a few file descriptors for internal uses).
#
# Once the limit is reached Redis will close all the new connections sending
# an error 'max number of clients reached'.
#
# maxclients 10000
############################## MEMORY MANAGEMENT ################################
# Set a memory usage limit to the specified amount of bytes.
# When the memory limit is reached Redis will try to remove keys
# according to the eviction policy selected (see maxmemory-policy).
#
# If Redis can't remove keys according to the policy, or if the policy is
# set to 'noeviction', Redis will start to reply with errors to commands
# that would use more memory, like SET, LPUSH, and so on, and will continue
# to reply to read-only commands like GET.
#
# This option is usually useful when using Redis as an LRU or LFU cache, or to
# set a hard memory limit for an instance (using the 'noeviction' policy).
#
# WARNING: If you have replicas attached to an instance with maxmemory on,
# the size of the output buffers needed to feed the replicas are subtracted
# from the used memory count, so that network problems / resyncs will
# not trigger a loop where keys are evicted, and in turn the output
# buffer of replicas is full with DELs of keys evicted triggering the deletion
# of more keys, and so forth until the database is completely emptied.
#
# In short... if you have replicas attached it is suggested that you set a lower
# limit for maxmemory so that there is some free RAM on the system for replica
# output buffers (but this is not needed if the policy is 'noeviction').
#
# maxmemory <bytes>
# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
# is reached. You can select among five behaviors:
#
# volatile-lru -> Evict using approximated LRU among the keys with an expire set.
# allkeys-lru -> Evict any key using approximated LRU.
# volatile-lfu -> Evict using approximated LFU among the keys with an expire set.
# allkeys-lfu -> Evict any key using approximated LFU.
# volatile-random -> Remove a random key among the ones with an expire set.
# allkeys-random -> Remove a random key, any key.
# volatile-ttl -> Remove the key with the nearest expire time (minor TTL)
# noeviction -> Don't evict anything, just return an error on write operations.
#
# LRU means Least Recently Used
# LFU means Least Frequently Used
#
# Both LRU, LFU and volatile-ttl are implemented using approximated
# randomized algorithms.
#
# Note: with any of the above policies, Redis will return an error on write
# operations, when there are no suitable keys for eviction.
#
# At the date of writing these commands are: set setnx setex append
# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
# getset mset msetnx exec sort
#
# The default is:
#
# maxmemory-policy noeviction
# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated
# algorithms (in order to save memory), so you can tune it for speed or
# accuracy. For default Redis will check five keys and pick the one that was
# used less recently, you can change the sample size using the following
# configuration directive.
#
# The default of 5 produces good enough results. 10 Approximates very closely
# true LRU but costs more CPU. 3 is faster but not very accurate.
#
# maxmemory-samples 5
# Starting from Redis 5, by default a replica will ignore its maxmemory setting
# (unless it is promoted to master after a failover or manually). It means
# that the eviction of keys will be just handled by the master, sending the
# DEL commands to the replica as keys evict in the master side.
#
# This behavior ensures that masters and replicas stay consistent, and is usually
# what you want, however if your replica is writable, or you want the replica to have
# a different memory setting, and you are sure all the writes performed to the
# replica are idempotent, then you may change this default (but be sure to understand
# what you are doing).
#
# Note that since the replica by default does not evict, it may end using more
# memory than the one set via maxmemory (there are certain buffers that may
# be larger on the replica, or data structures may sometimes take more memory and so
# forth). So make sure you monitor your replicas and make sure they have enough
# memory to never hit a real out-of-memory condition before the master hits
# the configured maxmemory setting.
#
# replica-ignore-maxmemory yes
############################# LAZY FREEING ####################################
# Redis has two primitives to delete keys. One is called DEL and is a blocking
# deletion of the object. It means that the server stops processing new commands
# in order to reclaim all the memory associated with an object in a synchronous
# way. If the key deleted is associated with a small object, the time needed
# in order to execute the DEL command is very small and comparable to most other
# O(1) or O(log_N) commands in Redis. However if the key is associated with an
# aggregated value containing millions of elements, the server can block for
# a long time (even seconds) in order to complete the operation.
#
# For the above reasons Redis also offers non blocking deletion primitives
# such as UNLINK (non blocking DEL) and the ASYNC option of FLUSHALL and
# FLUSHDB commands, in order to reclaim memory in background. Those commands
# are executed in constant time. Another thread will incrementally free the
# object in the background as fast as possible.
#
# DEL, UNLINK and ASYNC option of FLUSHALL and FLUSHDB are user-controlled.
# It's up to the design of the application to understand when it is a good
# idea to use one or the other. However the Redis server sometimes has to
# delete keys or flush the whole database as a side effect of other operations.
# Specifically Redis deletes objects independently of a user call in the
# following scenarios:
#
# 1) On eviction, because of the maxmemory and maxmemory policy configurations,
# in order to make room for new data, without going over the specified
# memory limit.
# 2) Because of expire: when a key with an associated time to live (see the
# EXPIRE command) must be deleted from memory.
# 3) Because of a side effect of a command that stores data on a key that may
# already exist. For example the RENAME command may delete the old key
# content when it is replaced with another one. Similarly SUNIONSTORE
# or SORT with STORE option may delete existing keys. The SET command
# itself removes any old content of the specified key in order to replace
# it with the specified string.
# 4) During replication, when a replica performs a full resynchronization with
# its master, the content of the whole database is removed in order to
# load the RDB file just transferred.
#
# In all the above cases the default is to delete objects in a blocking way,
# like if DEL was called. However you can configure each case specifically
# in order to instead release memory in a non-blocking way like if UNLINK
# was called, using the following configuration directives:
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
############################## APPEND ONLY MODE ###############################
# By default Redis asynchronously dumps the dataset on disk. This mode is
# good enough in many applications, but an issue with the Redis process or
# a power outage may result into a few minutes of writes lost (depending on
# the configured save points).
#
# The Append Only File is an alternative persistence mode that provides
# much better durability. For instance using the default data fsync policy
# (see later in the config file) Redis can lose just one second of writes in a
# dramatic event like a server power outage, or a single write if something
# wrong with the Redis process itself happens, but the operating system is
# still running correctly.
#
# AOF and RDB persistence can be enabled at the same time without problems.
# If the AOF is enabled on startup Redis will load the AOF, that is the file
# with the better durability guarantees.
#
# Please check http://redis.io/topics/persistence for more information.
appendonly yes
# The name of the append only file (default: "appendonly.aof")
appendfilename "appendonly.aof"
# The fsync() call tells the Operating System to actually write data on disk
# instead of waiting for more data in the output buffer. Some OS will really flush
# data on disk, some other OS will just try to do it ASAP.
#
# Redis supports three different modes:
#
# no: don't fsync, just let the OS flush the data when it wants. Faster.
# always: fsync after every write to the append only log. Slow, Safest.
# everysec: fsync only one time every second. Compromise.
#
# The default is "everysec", as that's usually the right compromise between
# speed and data safety. It's up to you to understand if you can relax this to
# "no" that will let the operating system flush the output buffer when
# it wants, for better performances (but if you can live with the idea of
# some data loss consider the default persistence mode that's snapshotting),
# or on the contrary, use "always" that's very slow but a bit safer than
# everysec.
#
# More details please check the following article:
# http://antirez.com/post/redis-persistence-demystified.html
#
# If unsure, use "everysec".
# appendfsync always
appendfsync everysec
# appendfsync no
# When the AOF fsync policy is set to always or everysec, and a background
# saving process (a background save or AOF log background rewriting) is
# performing a lot of I/O against the disk, in some Linux configurations
# Redis may block too long on the fsync() call. Note that there is no fix for
# this currently, as even performing fsync in a different thread will block
# our synchronous write(2) call.
#
# In order to mitigate this problem it's possible to use the following option
# that will prevent fsync() from being called in the main process while a
# BGSAVE or BGREWRITEAOF is in progress.
#
# This means that while another child is saving, the durability of Redis is
# the same as "appendfsync none". In practical terms, this means that it is
# possible to lose up to 30 seconds of log in the worst scenario (with the
# default Linux settings).
#
# If you have latency problems turn this to "yes". Otherwise leave it as
# "no" that is the safest pick from the point of view of durability.
no-appendfsync-on-rewrite no
# Automatic rewrite of the append only file.
# Redis is able to automatically rewrite the log file implicitly calling
# BGREWRITEAOF when the AOF log size grows by the specified percentage.
#
# This is how it works: Redis remembers the size of the AOF file after the
# latest rewrite (if no rewrite has happened since the restart, the size of
# the AOF at startup is used).
#
# This base size is compared to the current size. If the current size is
# bigger than the specified percentage, the rewrite is triggered. Also
# you need to specify a minimal size for the AOF file to be rewritten, this
# is useful to avoid rewriting the AOF file even if the percentage increase
# is reached but it is still pretty small.
#
# Specify a percentage of zero in order to disable the automatic AOF
# rewrite feature.
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
# An AOF file may be found to be truncated at the end during the Redis
# startup process, when the AOF data gets loaded back into memory.
# This may happen when the system where Redis is running
# crashes, especially when an ext4 filesystem is mounted without the
# data=ordered option (however this can't happen when Redis itself
# crashes or aborts but the operating system still works correctly).
#
# Redis can either exit with an error when this happens, or load as much
# data as possible (the default now) and start if the AOF file is found
# to be truncated at the end. The following option controls this behavior.
#
# If aof-load-truncated is set to yes, a truncated AOF file is loaded and
# the Redis server starts emitting a log to inform the user of the event.
# Otherwise if the option is set to no, the server aborts with an error
# and refuses to start. When the option is set to no, the user requires
# to fix the AOF file using the "redis-check-aof" utility before to restart
# the server.
#
# Note that if the AOF file will be found to be corrupted in the middle
# the server will still exit with an error. This option only applies when
# Redis will try to read more data from the AOF file but not enough bytes
# will be found.
aof-load-truncated yes
# When rewriting the AOF file, Redis is able to use an RDB preamble in the
# AOF file for faster rewrites and recoveries. When this option is turned
# on the rewritten AOF file is composed of two different stanzas:
#
# [RDB file][AOF tail]
#
# When loading Redis recognizes that the AOF file starts with the "REDIS"
# string and loads the prefixed RDB file, and continues loading the AOF
# tail.
aof-use-rdb-preamble yes
################################ LUA SCRIPTING ###############################
# Max execution time of a Lua script in milliseconds.
#
# If the maximum execution time is reached Redis will log that a script is
# still in execution after the maximum allowed time and will start to
# reply to queries with an error.
#
# When a long running script exceeds the maximum execution time only the
# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be
# used to stop a script that did not yet called write commands. The second
# is the only way to shut down the server in the case a write command was
# already issued by the script but the user doesn't want to wait for the natural
# termination of the script.
#
# Set it to 0 or a negative value for unlimited execution without warnings.
lua-time-limit 5000
################################ REDIS CLUSTER ###############################
# Normal Redis instances can't be part of a Redis Cluster; only nodes that are
# started as cluster nodes can. In order to start a Redis instance as a
# cluster node enable the cluster support uncommenting the following:
#
# cluster-enabled yes
# Every cluster node has a cluster configuration file. This file is not
# intended to be edited by hand. It is created and updated by Redis nodes.
# Every Redis Cluster node requires a different cluster configuration file.
# Make sure that instances running in the same system do not have
# overlapping cluster configuration file names.
#
# cluster-config-file nodes-6379.conf
# Cluster node timeout is the amount of milliseconds a node must be unreachable
# for it to be considered in failure state.
# Most other internal time limits are multiple of the node timeout.
#
# cluster-node-timeout 15000
# A replica of a failing master will avoid to start a failover if its data
# looks too old.
#
# There is no simple way for a replica to actually have an exact measure of
# its "data age", so the following two checks are performed:
#
# 1) If there are multiple replicas able to failover, they exchange messages
# in order to try to give an advantage to the replica with the best
# replication offset (more data from the master processed).
# Replicas will try to get their rank by offset, and apply to the start
# of the failover a delay proportional to their rank.
#
# 2) Every single replica computes the time of the last interaction with
# its master. This can be the last ping or command received (if the master
# is still in the "connected" state), or the time that elapsed since the
# disconnection with the master (if the replication link is currently down).
# If the last interaction is too old, the replica will not try to failover
# at all.
#
# The point "2" can be tuned by user. Specifically a replica will not perform
# the failover if, since the last interaction with the master, the time
# elapsed is greater than:
#
# (node-timeout * replica-validity-factor) + repl-ping-replica-period
#
# So for example if node-timeout is 30 seconds, and the replica-validity-factor
# is 10, and assuming a default repl-ping-replica-period of 10 seconds, the
# replica will not try to failover if it was not able to talk with the master
# for longer than 310 seconds.
#
# A large replica-validity-factor may allow replicas with too old data to failover
# a master, while a too small value may prevent the cluster from being able to
# elect a replica at all.
#
# For maximum availability, it is possible to set the replica-validity-factor
# to a value of 0, which means, that replicas will always try to failover the
# master regardless of the last time they interacted with the master.
# (However they'll always try to apply a delay proportional to their
# offset rank).
#
# Zero is the only value able to guarantee that when all the partitions heal
# the cluster will always be able to continue.
#
# cluster-replica-validity-factor 10
# Cluster replicas are able to migrate to orphaned masters, that are masters
# that are left without working replicas. This improves the cluster ability
# to resist to failures as otherwise an orphaned master can't be failed over
# in case of failure if it has no working replicas.
#
# Replicas migrate to orphaned masters only if there are still at least a
# given number of other working replicas for their old master. This number
# is the "migration barrier". A migration barrier of 1 means that a replica
# will migrate only if there is at least 1 other working replica for its master
# and so forth. It usually reflects the number of replicas you want for every
# master in your cluster.
#
# Default is 1 (replicas migrate only if their masters remain with at least
# one replica). To disable migration just set it to a very large value.
# A value of 0 can be set but is useful only for debugging and dangerous
# in production.
#
# cluster-migration-barrier 1
# By default Redis Cluster nodes stop accepting queries if they detect there
# is at least an hash slot uncovered (no available node is serving it).
# This way if the cluster is partially down (for example a range of hash slots
# are no longer covered) all the cluster becomes, eventually, unavailable.
# It automatically returns available as soon as all the slots are covered again.
#
# However sometimes you want the subset of the cluster which is working,
# to continue to accept queries for the part of the key space that is still
# covered. In order to do so, just set the cluster-require-full-coverage
# option to no.
#
# cluster-require-full-coverage yes
# This option, when set to yes, prevents replicas from trying to failover its
# master during master failures. However the master can still perform a
# manual failover, if forced to do so.
#
# This is useful in different scenarios, especially in the case of multiple
# data center operations, where we want one side to never be promoted if not
# in the case of a total DC failure.
#
# cluster-replica-no-failover no
# In order to setup your cluster make sure to read the documentation
# available at http://redis.io web site.
########################## CLUSTER DOCKER/NAT support ########################
# In certain deployments, Redis Cluster nodes address discovery fails, because
# addresses are NAT-ted or because ports are forwarded (the typical case is
# Docker and other containers).
#
# In order to make Redis Cluster working in such environments, a static
# configuration where each node knows its public address is needed. The
# following two options are used for this scope, and are:
#
# * cluster-announce-ip
# * cluster-announce-port
# * cluster-announce-bus-port
#
# Each instruct the node about its address, client port, and cluster message
# bus port. The information is then published in the header of the bus packets
# so that other nodes will be able to correctly map the address of the node
# publishing the information.
#
# If the above options are not used, the normal Redis Cluster auto-detection
# will be used instead.
#
# Note that when remapped, the bus port may not be at the fixed offset of
# clients port + 10000, so you can specify any port and bus-port depending
# on how they get remapped. If the bus-port is not set, a fixed offset of
# 10000 will be used as usually.
#
# Example:
#
# cluster-announce-ip 10.1.1.5
# cluster-announce-port 6379
# cluster-announce-bus-port 6380
################################## SLOW LOG ###################################
# The Redis Slow Log is a system to log queries that exceeded a specified
# execution time. The execution time does not include the I/O operations
# like talking with the client, sending the reply and so forth,
# but just the time needed to actually execute the command (this is the only
# stage of command execution where the thread is blocked and can not serve
# other requests in the meantime).
#
# You can configure the slow log with two parameters: one tells Redis
# what is the execution time, in microseconds, to exceed in order for the
# command to get logged, and the other parameter is the length of the
# slow log. When a new command is logged the oldest one is removed from the
# queue of logged commands.
# The following time is expressed in microseconds, so 1000000 is equivalent
# to one second. Note that a negative number disables the slow log, while
# a value of zero forces the logging of every command.
slowlog-log-slower-than 10000
# There is no limit to this length. Just be aware that it will consume memory.
# You can reclaim memory used by the slow log with SLOWLOG RESET.
slowlog-max-len 128
################################ LATENCY MONITOR ##############################
# The Redis latency monitoring subsystem samples different operations
# at runtime in order to collect data related to possible sources of
# latency of a Redis instance.
#
# Via the LATENCY command this information is available to the user that can
# print graphs and obtain reports.
#
# The system only logs operations that were performed in a time equal or
# greater than the amount of milliseconds specified via the
# latency-monitor-threshold configuration directive. When its value is set
# to zero, the latency monitor is turned off.
#
# By default latency monitoring is disabled since it is mostly not needed
# if you don't have latency issues, and collecting data has a performance
# impact, that while very small, can be measured under big load. Latency
# monitoring can easily be enabled at runtime using the command
# "CONFIG SET latency-monitor-threshold <milliseconds>" if needed.
latency-monitor-threshold 0
############################# EVENT NOTIFICATION ##############################
# Redis can notify Pub/Sub clients about events happening in the key space.
# This feature is documented at http://redis.io/topics/notifications
#
# For instance if keyspace events notification is enabled, and a client
# performs a DEL operation on key "foo" stored in the Database 0, two
# messages will be published via Pub/Sub:
#
# PUBLISH __keyspace@0__:foo del
# PUBLISH __keyevent@0__:del foo
#
# It is possible to select the events that Redis will notify among a set
# of classes. Every class is identified by a single character:
#
# K Keyspace events, published with __keyspace@<db>__ prefix.
# E Keyevent events, published with __keyevent@<db>__ prefix.
# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...
# $ String commands
# l List commands
# s Set commands
# h Hash commands
# z Sorted set commands
# x Expired events (events generated every time a key expires)
# e Evicted events (events generated when a key is evicted for maxmemory)
# A Alias for g$lshzxe, so that the "AKE" string means all the events.
#
# The "notify-keyspace-events" takes as argument a string that is composed
# of zero or multiple characters. The empty string means that notifications
# are disabled.
#
# Example: to enable list and generic events, from the point of view of the
# event name, use:
#
# notify-keyspace-events Elg
#
# Example 2: to get the stream of the expired keys subscribing to channel
# name __keyevent@0__:expired use:
#
# notify-keyspace-events Ex
#
# By default all notifications are disabled because most users don't need
# this feature and the feature has some overhead. Note that if you don't
# specify at least one of K or E, no events will be delivered.
notify-keyspace-events ""
############################### ADVANCED CONFIG ###############################
# Hashes are encoded using a memory efficient data structure when they have a
# small number of entries, and the biggest entry does not exceed a given
# threshold. These thresholds can be configured using the following directives.
hash-max-ziplist-entries 512
hash-max-ziplist-value 64
# Lists are also encoded in a special way to save a lot of space.
# The number of entries allowed per internal list node can be specified
# as a fixed maximum size or a maximum number of elements.
# For a fixed maximum size, use -5 through -1, meaning:
# -5: max size: 64 Kb <-- not recommended for normal workloads
# -4: max size: 32 Kb <-- not recommended
# -3: max size: 16 Kb <-- probably not recommended
# -2: max size: 8 Kb <-- good
# -1: max size: 4 Kb <-- good
# Positive numbers mean store up to _exactly_ that number of elements
# per list node.
# The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size),
# but if your use case is unique, adjust the settings as necessary.
list-max-ziplist-size -2
# Lists may also be compressed.
# Compress depth is the number of quicklist ziplist nodes from *each* side of
# the list to *exclude* from compression. The head and tail of the list
# are always uncompressed for fast push/pop operations. Settings are:
# 0: disable all list compression
# 1: depth 1 means "don't start compressing until after 1 node into the list,
# going from either the head or tail"
# So: [head]->node->node->...->node->[tail]
# [head], [tail] will always be uncompressed; inner nodes will compress.
# 2: [head]->[next]->node->node->...->node->[prev]->[tail]
# 2 here means: don't compress head or head->next or tail->prev or tail,
# but compress all nodes between them.
# 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail]
# etc.
list-compress-depth 0
# Sets have a special encoding in just one case: when a set is composed
# of just strings that happen to be integers in radix 10 in the range
# of 64 bit signed integers.
# The following configuration setting sets the limit in the size of the
# set in order to use this special memory saving encoding.
set-max-intset-entries 512
# Similarly to hashes and lists, sorted sets are also specially encoded in
# order to save a lot of space. This encoding is only used when the length and
# elements of a sorted set are below the following limits:
zset-max-ziplist-entries 128
zset-max-ziplist-value 64
# HyperLogLog sparse representation bytes limit. The limit includes the
# 16 bytes header. When an HyperLogLog using the sparse representation crosses
# this limit, it is converted into the dense representation.
#
# A value greater than 16000 is totally useless, since at that point the
# dense representation is more memory efficient.
#
# The suggested value is ~ 3000 in order to have the benefits of
# the space efficient encoding without slowing down too much PFADD,
# which is O(N) with the sparse encoding. The value can be raised to
# ~ 10000 when CPU is not a concern, but space is, and the data set is
# composed of many HyperLogLogs with cardinality in the 0 - 15000 range.
hll-sparse-max-bytes 3000
# Streams macro node max size / items. The stream data structure is a radix
# tree of big nodes that encode multiple items inside. Using this configuration
# it is possible to configure how big a single node can be in bytes, and the
# maximum number of items it may contain before switching to a new node when
# appending new stream entries. If any of the following settings are set to
# zero, the limit is ignored, so for instance it is possible to set just a
# max entires limit by setting max-bytes to 0 and max-entries to the desired
# value.
stream-node-max-bytes 4096
stream-node-max-entries 100
# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
# order to help rehashing the main Redis hash table (the one mapping top-level
# keys to values). The hash table implementation Redis uses (see dict.c)
# performs a lazy rehashing: the more operation you run into a hash table
# that is rehashing, the more rehashing "steps" are performed, so if the
# server is idle the rehashing is never complete and some more memory is used
# by the hash table.
#
# The default is to use this millisecond 10 times every second in order to
# actively rehash the main dictionaries, freeing memory when possible.
#
# If unsure:
# use "activerehashing no" if you have hard latency requirements and it is
# not a good thing in your environment that Redis can reply from time to time
# to queries with 2 milliseconds delay.
#
# use "activerehashing yes" if you don't have such hard requirements but
# want to free memory asap when possible.
activerehashing yes
# The client output buffer limits can be used to force disconnection of clients
# that are not reading data from the server fast enough for some reason (a
# common reason is that a Pub/Sub client can't consume messages as fast as the
# publisher can produce them).
#
# The limit can be set differently for the three different classes of clients:
#
# normal -> normal clients including MONITOR clients
# replica -> replica clients
# pubsub -> clients subscribed to at least one pubsub channel or pattern
#
# The syntax of every client-output-buffer-limit directive is the following:
#
# client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
#
# A client is immediately disconnected once the hard limit is reached, or if
# the soft limit is reached and remains reached for the specified number of
# seconds (continuously).
# So for instance if the hard limit is 32 megabytes and the soft limit is
# 16 megabytes / 10 seconds, the client will get disconnected immediately
# if the size of the output buffers reach 32 megabytes, but will also get
# disconnected if the client reaches 16 megabytes and continuously overcomes
# the limit for 10 seconds.
#
# By default normal clients are not limited because they don't receive data
# without asking (in a push way), but just after a request, so only
# asynchronous clients may create a scenario where data is requested faster
# than it can read.
#
# Instead there is a default limit for pubsub and replica clients, since
# subscribers and replicas receive data in a push fashion.
#
# Both the hard or the soft limit can be disabled by setting them to zero.
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
# Client query buffers accumulate new commands. They are limited to a fixed
# amount by default in order to avoid that a protocol desynchronization (for
# instance due to a bug in the client) will lead to unbound memory usage in
# the query buffer. However you can configure it here if you have very special
# needs, such us huge multi/exec requests or alike.
#
# client-query-buffer-limit 1gb
# In the Redis protocol, bulk requests, that are, elements representing single
# strings, are normally limited ot 512 mb. However you can change this limit
# here.
#
# proto-max-bulk-len 512mb
# Redis calls an internal function to perform many background tasks, like
# closing connections of clients in timeout, purging expired keys that are
# never requested, and so forth.
#
# Not all tasks are performed with the same frequency, but Redis checks for
# tasks to perform according to the specified "hz" value.
#
# By default "hz" is set to 10. Raising the value will use more CPU when
# Redis is idle, but at the same time will make Redis more responsive when
# there are many keys expiring at the same time, and timeouts may be
# handled with more precision.
#
# The range is between 1 and 500, however a value over 100 is usually not
# a good idea. Most users should use the default of 10 and raise this up to
# 100 only in environments where very low latency is required.
hz 10
# Normally it is useful to have an HZ value which is proportional to the
# number of clients connected. This is useful in order, for instance, to
# avoid too many clients are processed for each background task invocation
# in order to avoid latency spikes.
#
# Since the default HZ value by default is conservatively set to 10, Redis
# offers, and enables by default, the ability to use an adaptive HZ value
# which will temporary raise when there are many connected clients.
#
# When dynamic HZ is enabled, the actual configured HZ will be used as
# as a baseline, but multiples of the configured HZ value will be actually
# used as needed once more clients are connected. In this way an idle
# instance will use very little CPU time while a busy instance will be
# more responsive.
dynamic-hz yes
# When a child rewrites the AOF file, if the following option is enabled
# the file will be fsync-ed every 32 MB of data generated. This is useful
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
aof-rewrite-incremental-fsync yes
# When redis saves RDB file, if the following option is enabled
# the file will be fsync-ed every 32 MB of data generated. This is useful
# in order to commit the file to the disk more incrementally and avoid
# big latency spikes.
rdb-save-incremental-fsync yes
# Redis LFU eviction (see maxmemory setting) can be tuned. However it is a good
# idea to start with the default settings and only change them after investigating
# how to improve the performances and how the keys LFU change over time, which
# is possible to inspect via the OBJECT FREQ command.
#
# There are two tunable parameters in the Redis LFU implementation: the
# counter logarithm factor and the counter decay time. It is important to
# understand what the two parameters mean before changing them.
#
# The LFU counter is just 8 bits per key, it's maximum value is 255, so Redis
# uses a probabilistic increment with logarithmic behavior. Given the value
# of the old counter, when a key is accessed, the counter is incremented in
# this way:
#
# 1. A random number R between 0 and 1 is extracted.
# 2. A probability P is calculated as 1/(old_value*lfu_log_factor+1).
# 3. The counter is incremented only if R < P.
#
# The default lfu-log-factor is 10. This is a table of how the frequency
# counter changes with a different number of accesses with different
# logarithmic factors:
#
# +--------+------------+------------+------------+------------+------------+
# | factor | 100 hits | 1000 hits | 100K hits | 1M hits | 10M hits |
# +--------+------------+------------+------------+------------+------------+
# | 0 | 104 | 255 | 255 | 255 | 255 |
# +--------+------------+------------+------------+------------+------------+
# | 1 | 18 | 49 | 255 | 255 | 255 |
# +--------+------------+------------+------------+------------+------------+
# | 10 | 10 | 18 | 142 | 255 | 255 |
# +--------+------------+------------+------------+------------+------------+
# | 100 | 8 | 11 | 49 | 143 | 255 |
# +--------+------------+------------+------------+------------+------------+
#
# NOTE: The above table was obtained by running the following commands:
#
# redis-benchmark -n 1000000 incr foo
# redis-cli object freq foo
#
# NOTE 2: The counter initial value is 5 in order to give new objects a chance
# to accumulate hits.
#
# The counter decay time is the time, in minutes, that must elapse in order
# for the key counter to be divided by two (or decremented if it has a value
# less <= 10).
#
# The default value for the lfu-decay-time is 1. A Special value of 0 means to
# decay the counter every time it happens to be scanned.
#
# lfu-log-factor 10
# lfu-decay-time 1
########################### ACTIVE DEFRAGMENTATION #######################
#
# WARNING THIS FEATURE IS EXPERIMENTAL. However it was stress tested
# even in production and manually tested by multiple engineers for some
# time.
#
# What is active defragmentation?
# -------------------------------
#
# Active (online) defragmentation allows a Redis server to compact the
# spaces left between small allocations and deallocations of data in memory,
# thus allowing to reclaim back memory.
#
# Fragmentation is a natural process that happens with every allocator (but
# less so with Jemalloc, fortunately) and certain workloads. Normally a server
# restart is needed in order to lower the fragmentation, or at least to flush
# away all the data and create it again. However thanks to this feature
# implemented by Oran Agra for Redis 4.0 this process can happen at runtime
# in an "hot" way, while the server is running.
#
# Basically when the fragmentation is over a certain level (see the
# configuration options below) Redis will start to create new copies of the
# values in contiguous memory regions by exploiting certain specific Jemalloc
# features (in order to understand if an allocation is causing fragmentation
# and to allocate it in a better place), and at the same time, will release the
# old copies of the data. This process, repeated incrementally for all the keys
# will cause the fragmentation to drop back to normal values.
#
# Important things to understand:
#
# 1. This feature is disabled by default, and only works if you compiled Redis
# to use the copy of Jemalloc we ship with the source code of Redis.
# This is the default with Linux builds.
#
# 2. You never need to enable this feature if you don't have fragmentation
# issues.
#
# 3. Once you experience fragmentation, you can enable this feature when
# needed with the command "CONFIG SET activedefrag yes".
#
# The configuration parameters are able to fine tune the behavior of the
# defragmentation process. If you are not sure about what they mean it is
# a good idea to leave the defaults untouched.
# Enabled active defragmentation
# activedefrag yes
# Minimum amount of fragmentation waste to start active defrag
# active-defrag-ignore-bytes 100mb
# Minimum percentage of fragmentation to start active defrag
# active-defrag-threshold-lower 10
# Maximum percentage of fragmentation at which we use maximum effort
# active-defrag-threshold-upper 100
# Minimal effort for defrag in CPU percentage
# active-defrag-cycle-min 5
# Maximal effort for defrag in CPU percentage
# active-defrag-cycle-max 75
# Maximum number of set/hash/zset/list fields that will be processed from
# the main dictionary scan
# active-defrag-max-scan-fields 1000
# It is possible to pin different threads and processes of Redis to specific
# CPUs in your system, in order to maximize the performances of the server.
# This is useful both in order to pin different Redis threads in different
# CPUs, but also in order to make sure that multiple Redis instances running
# in the same host will be pinned to different CPUs.
#
# Normally you can do this using the "taskset" command, however it is also
# possible to this via Redis configuration directly, both in Linux and FreeBSD.
#
# You can pin the server/IO threads, bio threads, aof rewrite child process, and
# the bgsave child process. The syntax to specify the cpu list is the same as
# the taskset command:
#
# Set redis server/io threads to cpu affinity 0,2,4,6:
# server_cpulist 0-7:2
#
# Set bio threads to cpu affinity 1,3:
# bio_cpulist 1,3
#
# Set aof rewrite child process to cpu affinity 8,9,10,11:
# aof_rewrite_cpulist 8-11
#
# Set bgsave child process to cpu affinity 1,10,11
# bgsave_cpulist 1,10-11
# In some cases redis will emit warnings and even refuse to start if it detects
# that the system is in bad state, it is possible to suppress these warnings
# by setting the following config which takes a space delimited list of warnings
# to suppress
#
# ignore-warnings ARM64-COW-BUG
redis 容器启动命令
docker run -p 6379:6379 --name myredis --privileged=true -v /app/redis/conf/redis.conf:/etc/redis/redis.conf -v /app/redis/data:/data -d redis:6.0.8 redis-server /etc/redis/redis.conf
高级篇
一、mysql主从复制
主从复制如果查询峰值不是很高一主一从即可,如果写并发不高但是读的并发很高那么可以一主多从。如果写的并发也很高可以一主一从,然后在从机上在配置多个从机用于读操作。这样减少主机写的压力。
安装主服务器容器实例(端口号3307)
1 启动容器实例
docker run -p 3307:3306 \
--name mysql-master \
--privileged=true \
-v /app/mysql-master/log:/var/log/mysql \
-v /app/mysql-master/data:/var/lib/mysql \
-v /app/mysql-master/conf:/etc/mysql \
-e MYSQL_ROOT_PASSWORD=root \
-d mysql:5.7
2 进入/app/mysql-master/conf,新建my.cnf配置文件:
[client]
default_character_set=utf8
[mysqld]
#设置数据库字符集
collation_server = utf8_general_ci
character_set_server = utf8
## 设置server_id, 同一个局域网中需要唯一
server_id=101
## 指定不需要同步的数据库名称
binlog-ignore-db=mysql
## 开启二进制日志功能
log-bin=mall-mysql-bin
## 设置二进制日志使用内存大小(事务)
binlog_cache_size=1M
## 设置使用的二进制日志格式(mixed,statement,row)
binlog_format=mixed
## 二进制日志过期清理时间。默认值为0,表示不自动清理
expire_logs_days=7
## 跳过主从复制中遇到的所有错误或指定类型的错误,避免slave端复制中断
## 如:1062错误是指一些主键重复,1032错误是因为主从数据库数据不一致
slave_skip_errors=1062
3 重启容器实例
docker restart mysql-master
4 进入容器实例内
docker exec -it mysql-master /bin/bash
5 登录mysql,创建数据同步用户
-- 登录mysql
mysql -uroot -p
-- 创建数据同步用户
create user 'slave'@'%' identified by '123456';
-- 授权
grant replication slave, replication client on *.* to 'slave'@'%';
-- 刷新权限,不然不会生效!!!!
flush privileges;
安装从服务器容器实例(端口号3308)
- 启动容器服务
docker run -p 3308:3306 \
--name mysql-slave \
--privileged=true \
-v /app/mysql-slave/log:/var/log/mysql \
-v /app/mysql-slave/data:/var/lib/mysql \
-v /app/mysql-slave/conf:/etc/mysql \
-e MYSQL_ROOT_PASSWORD=root \
-d mysql:5.7
- 进入
/app/mysql-slave/conf目录,创建my.cnf配置文件:
[client]
default_character_set=utf8
[mysqld]
#设置数据库字符集
collation_server = utf8_general_ci
character_set_server = utf8
## 设置server_id, 同一个局域网内需要唯一
server_id=102
## 指定不需要同步的数据库名称
binlog-ignore-db=mysql
## 开启二进制日志功能,以备slave作为其它数据库实例的Master时使用
log-bin=mall-mysql-slave1-bin
## 设置二进制日志使用内存大小(事务)
binlog_cache_size=1M
## 设置使用的二进制日志格式(mixed,statement,row)
binlog_format=mixed
## 二进制日志过期清理时间。默认值为0,表示不自动清理
expire_logs_days=7
## 跳过主从复制中遇到的所有错误或指定类型的错误,避免slave端复制中断
## 如:1062错误是指一些主键重复,1032是因为主从数据库数据不一致
slave_skip_errors=1062
## relay_log配置中继日志
relay_log=mall-mysql-relay-bin
## log_slave_updates表示slave将复制事件写进自己的二进制日志
log_slave_updates=1
## slave设置只读(具有super权限的用户除外)
read_only=1
- 重启slave容器实例
docker restart mysql-slave
4.在主数据库中查看主从同步状态
#1.进入主数据库容器:
docker exec -it mysql-master /bin/bash
#2.进入Mysql
mysql -uroot -p
#3.查看主从同步状态
show master status;
第三步主要查看返回结果的文件名 File 、当前位置 Position
5.进入从数据库容器,配置主从复制
#1.进入从数据库容器:
docker exec -it mysql-slave /bin/bash
#2.进入数据库
mysql -uroot -p
#3.配置从数据库所属的主数据库:
-- 格式:
-- change master to master_host='宿主机ip',master_user='主数据库配置的主从复制用户名',master_password='主数据库配置的主从复制用户密码',master_port=宿主机主数据库端口,master_log_file='主数据库主从同步状态的文件名File',master_log_pos=主数据库主从同步状态的Position,master_connect_retry=连接失败重试时间间隔(秒);
change master to master_host='192.168.2.203',master_user='slave',master_password='123456',master_port=3307,master_log_file='mall-mysql-bin.000001',master_log_pos=769,master_connect_retry=30;
#4.查看主从同步状态: \G 可以将横向的结果集表格转换成纵向展示。 slave status的字段比较多,纵向展示比友好
show slave status \G;
#除了展示刚刚配置的主数据库信息外,主要关注 Slave_IO_Running、Slave_SQL_Running。目前两个值应该都为 No,表示还没有开始
#5.开启主从同步:
start slave;
#6.再次查看主从同步状态,Slave_IO_Running、Slave_SQL_Running都变为Yes。
show slave status \G;
6.主从复制测试
- 在主数据库上新建库、使用库、新建表、插入数据
create database db01;
use db01;
create table t1 (id int, name varchar(20));
insert into t1 values (1, 'abc');
- 在从数据库上使用库、查看记录
show databases;
use db01;
select * from t1;
安装从服务器容器实例(端口号3309)
1.启动容器
docker run -p 3309:3306 \
--name mysql-slave2 \
--privileged=true \
-v /app/mysql-slave2/log:/var/log/mysql \
-v /app/mysql-slave2/data:/var/lib/mysql \
-v /app/mysql-slave2/conf:/etc/mysql \
-e MYSQL_ROOT_PASSWORD=root \
-d mysql:5.7
2.进入/app/mysql-slave2/conf目录,创建my.cnf配置文件:
[client]
default_character_set=utf8
[mysqld]
#设置数据库字符集
collation_server = utf8_general_ci
character_set_server = utf8
## 设置server_id, 同一个局域网内需要唯一
server_id=103
## 指定不需要同步的数据库名称
binlog-ignore-db=mysql
## 开启二进制日志功能,以备slave作为其它数据库实例的Master时使用
log-bin=mall-mysql-slave1-bin
## 设置二进制日志使用内存大小(事务)
binlog_cache_size=1M
## 设置使用的二进制日志格式(mixed,statement,row)
binlog_format=mixed
## 二进制日志过期清理时间。默认值为0,表示不自动清理
expire_logs_days=7
## 跳过主从复制中遇到的所有错误或指定类型的错误,避免slave端复制中断
## 如:1062错误是指一些主键重复,1032是因为主从数据库数据不一致
slave_skip_errors=1062
## relay_log配置中继日志
relay_log=mall-mysql-relay-bin
## log_slave_updates表示slave将复制事件写进自己的二进制日志
log_slave_updates=1
## slave设置只读(具有super权限的用户除外)
read_only=1
- 重启slave容器实例
docker restart mysql-slave2
4.进入从数据库容器,配置主从复制
#1.进入从数据库容器:
docker exec -it mysql-slave /bin/bash
#2.进入数据库
mysql -uroot -p
#3.配置从数据库所属的主数据库:
-- 格式:
-- change master to master_host='宿主机ip',master_user='主数据库配置的主从复制用户名',master_password='主数据库配置的主从复制用户密码',master_port=宿主机主数据库端口,master_log_file='主数据库主从同步状态的文件名File',master_log_pos=主数据库主从同步状态的Position,master_connect_retry=连接失败重试时间间隔(秒);
change master to master_host='192.168.2.203',master_user='slave',master_password='123456',master_port=3307,master_log_file='mall-mysql-bin.000001',master_log_pos=769,master_connect_retry=30;
#4.查看主从同步状态: \G 可以将横向的结果集表格转换成纵向展示。 slave status的字段比较多,纵向展示比友好
show slave status \G;
#除了展示刚刚配置的主数据库信息外,主要关注 Slave_IO_Running、Slave_SQL_Running。目前两个值应该都为 No,表示还没有开始
#5.开启主从同步:
start slave;
#6.再次查看主从同步状态,Slave_IO_Running、Slave_SQL_Running都变为Yes。
show slave status \G;
二、redis主从搭建
redis 集群搭建原理
Redis集群使用的就是哈希槽。Redis集群有16384个哈希槽,每个key通过CRC16校验后对16384取模来决定放置在哪个槽,集群的每个节点负责一部分hash槽。
哈希槽数量16384(2^14)的决定原因:
CRC16算法产生的hash值有 16bit,该算法可以产生 2^16 = 65536个值。但是为了心跳方便和数据传输最大化,槽的数量只能有 2^14个。
- 如果槽位数量为65535个,那么发送心跳信息的消息头将达到 8k,发送的心跳包过于庞大。在消息头中最占空间的是
myslots[CLUSTER_SLOTS/8]。当槽位为65536时,这块的大小是 :
65536 ÷ 8 ÷ 1024 = 8Kb
每秒中redis节点需要发送一定数量的ping消息作为心跳,如果槽位为65536,那么这个ping消息头就会太大浪费带宽。
redis集群的主节点数量基本不可能超过1000个。集群节点越多,心跳包的消息体内携带的数据越多。如果节点超过1000个,也会导致网络拥堵。因此redis作者不建议redis cluster节点超过1000个。对于节点数在1000以内的redis cluster集群,16384个槽位足够了,没有必要扩展到65536个。
槽位越小,节点少的情况下压缩比越高,容易传输。Redis主节点的配置信息中它锁负责的哈希槽是通过一张bitmap的形式来保存的,在传输过程中会对bitmap进行压缩,但是如果bitmap的填充率
slots / N(N为节点数)很高的话,bitmap的压缩率就很低。如果节点数很少,而哈希槽数很多的话,bitmap的压缩率就很低。原文:
正常的心跳数据包带有节点的完整配置,使得可以用幂等方式用旧的节点替换旧节点,以便更新旧的配置。这意味着它们包含原始节点的插槽配置,该节点使用 2k 的空间和 16k 的插槽,而不是使用 8k 的空间(使用65k的插槽)。
同时,因为其他设计折衷,Redis集群的主节点不太可能扩展到1000个以上
Redis集群中内置了16384个哈希槽,redis会根据节点数量大致均等的将哈希槽映射到不同的节点。当需要在Redis集群中放置一个Key-Value时,redis先对key使用 CRC16 算法算出一个结果,然后把结果对 16384 取余,这样每个key都会对应一个编号在0-16383之间的哈希槽,也就是映射到某个节点上。
搭建3主3从的Redis集群
1.启动6台redis容器
# 启动第1台节点
# --net host 使用宿主机的IP和端口,默认
# --cluster-enabled yes 开启redis集群
# --appendonly yes 开启redis持久化
# --port 6381 配置redis端口号
docker run -d --name redis-node-1 --net host --privileged=true -v /app/redis-cluster/share/redis-node-1:/data redis:6.0.8 --cluster-enabled yes --appendonly yes --port 6381
# 启动第2台节点
docker run -d --name redis-node-2 --net host --privileged=true -v /app/redis-cluster/share/redis-node-2:/data redis:6.0.8 --cluster-enabled yes --appendonly yes --port 6382
# 启动第3台节点
docker run -d --name redis-node-3 --net host --privileged=true -v /app/redis-cluster/share/redis-node-3:/data redis:6.0.8 --cluster-enabled yes --appendonly yes --port 6383
# 启动第4台节点
docker run -d --name redis-node-4 --net host --privileged=true -v /app/redis-cluster/share/redis-node-4:/data redis:6.0.8 --cluster-enabled yes --appendonly yes --port 6384
# 启动第5台节点
docker run -d --name redis-node-5 --net host --privileged=true -v /app/redis-cluster/share/redis-node-5:/data redis:6.0.8 --cluster-enabled yes --appendonly yes --port 6385
# 启动第6台节点
docker run -d --name redis-node-6 --net host --privileged=true -v /app/redis-cluster/share/redis-node-6:/data redis:6.0.8 --cluster-enabled yes --appendonly yes --port 6386
2.构建主从关系
#1.进入节点1(或其中任意一个节点)
docker exec -it redis-node-1 /bin/bash
#2.构建主从关系:(过程中直接输入yes即可)
# 宿主机IP:端口
redis-cli --cluster create 192.168.2.204:6381 192.168.2.204:6382 192.168.2.204:6383 192.168.2.204:6384 192.168.2.204:6385 192.168.2.204:6386 --cluster-replicas 1
构建完成以后出现下面信息代表成功
>>> Performing Cluster Check (using node 192.168.2.204:6381)
M: aeeb97d54abf65fa7a3893f711bff90a443aa491 192.168.2.204:6381
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: 010d677d54cde803dea1efc3b8cdf142c48d7b22 192.168.2.204:6386
slots: (0 slots) slave
replicates aeeb97d54abf65fa7a3893f711bff90a443aa491
S: 6cf1e1c9a9734c3cb2b50177f4e2c3a4e548792e 192.168.2.204:6384
slots: (0 slots) slave
replicates 5f53daf92a543fe36e9975fca2f14e656970105e
M: 5f53daf92a543fe36e9975fca2f14e656970105e 192.168.2.204:6382
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
M: 37ec9b8ff3114920dd263cc5b3b67e1cba096895 192.168.2.204:6383
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: e30373d307794b83da27df2297ec56b60bc769cf 192.168.2.204:6385
slots: (0 slots) slave
replicates 37ec9b8ff3114920dd263cc5b3b67e1cba096895
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
#从结果可以看到 6381 6382 6383 为主节点 ,对应槽位如下:
6381 [0-5460]
6382 [5461-10922]
6383 [10923-16383]
3.查看集群状态
#任意节点都可以
docker exec -it redis-node-1 /bin/bash
#使用redis-cli连接到6381节点:
redis-cli -p 6381
#使用redis的相关命令查看集群状态
cluster info
4.查看集群节点信息
cluster nodes
#输出结果如下
010d677d54cde803dea1efc3b8cdf142c48d7b22 192.168.2.204:6386@16386 slave aeeb97d54abf65fa7a3893f711bff90a443aa491 0 1706759278013 1 connected
6cf1e1c9a9734c3cb2b50177f4e2c3a4e548792e 192.168.2.204:6384@16384 slave 5f53daf92a543fe36e9975fca2f14e656970105e 0 1706759275000 2 connected
5f53daf92a543fe36e9975fca2f14e656970105e 192.168.2.204:6382@16382 master - 0 1706759276008 2 connected 5461-10922
aeeb97d54abf65fa7a3893f711bff90a443aa491 192.168.2.204:6381@16381 myself,master - 0 1706759276000 1 connected 0-5460
37ec9b8ff3114920dd263cc5b3b67e1cba096895 192.168.2.204:6383@16383 master - 0 1706759277000 3 connected 10923-16383
e30373d307794b83da27df2297ec56b60bc769cf 192.168.2.204:6385@16385 slave 37ec9b8ff3114920dd263cc5b3b67e1cba096895 0 1706759277011 3 connected
#从输出结果可以分析出
6381 主节点 6386 为6381的从节点
6382 主节点 6384 为6382的从节点
6383 主节点 6385 为6383的从节点
集群读写出错
当使用 redis-cli连接redis集群时,需要添加 -c参数,否则可能会出现读写出错。
#进入容器节点1
docker exec -it redis-node-1 /bin/bash
#使用redis-cli连接,不加-c参数时
redis-cli -p 6381
#此时向redis中添加键值对,可能会成功,也可能会失败
set k1 v1
#报错:k1经过计算得到的哈希槽为12706,但是当前连接的redis-server为6381(即节点1),它的哈希槽为:[0,5460](在创建构建主从关系时redis有提示,也可以通过 cluster nodes查看),所以会因为存不进去而报错。 执行 set k2 v2可以成功,因为k2计算出的哈希槽在[0-5460]区间中。
#使用-c参数的redis-cli命令连接即可
redis-cli -p 6381 -c
set k1 v1
#会有提示信息,哈希槽为12706,重定向到6383(即节点3,哈希槽[10923, 16383])
集群信息检查
#进入容器节点1
docker exec -it redis-node-1 /bin/bash
#进行集群信息检查
# 输入任意一台主节点地址都可以进行集群检查
redis-cli --cluster check 192.168.2.204:6381
输出结果如下:
192.168.2.204:6381 (aeeb97d5...) -> 0 keys | 5461 slots | 1 slaves.
192.168.2.204:6382 (5f53daf9...) -> 0 keys | 5462 slots | 1 slaves.
192.168.2.204:6383 (37ec9b8f...) -> 1 keys | 5461 slots | 1 slaves.
[OK] 1 keys in 3 masters.
0.00 keys per slot on average.
>>> Performing Cluster Check (using node 192.168.2.204:6381)
M: aeeb97d54abf65fa7a3893f711bff90a443aa491 192.168.2.204:6381
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: 010d677d54cde803dea1efc3b8cdf142c48d7b22 192.168.2.204:6386
slots: (0 slots) slave
replicates aeeb97d54abf65fa7a3893f711bff90a443aa491
S: 6cf1e1c9a9734c3cb2b50177f4e2c3a4e548792e 192.168.2.204:6384
slots: (0 slots) slave
replicates 5f53daf92a543fe36e9975fca2f14e656970105e
M: 5f53daf92a543fe36e9975fca2f14e656970105e 192.168.2.204:6382
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
M: 37ec9b8ff3114920dd263cc5b3b67e1cba096895 192.168.2.204:6383
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: e30373d307794b83da27df2297ec56b60bc769cf 192.168.2.204:6385
slots: (0 slots) slave
replicates 37ec9b8ff3114920dd263cc5b3b67e1cba096895
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
主从扩容
假如因为业务量激增,需要向当前3主3从的集群中再加入1主1从两个节点。
启动2台新的容器节点
# 启动第7台节点
docker run -d --name redis-node-7 --net host --privileged=true -v /app/redis-cluster/share/redis-node-7:/data redis:6.0.8 --cluster-enabled yes --appendonly yes --port 6387
# 启动第8台节点
docker run -d --name redis-node-8 --net host --privileged=true -v /app/redis-cluster/share/redis-node-8:/data redis:6.0.8 --cluster-enabled yes --appendonly yes --port 6388
进入6387(节点7)容器内部
docker exec -it redis-node-7 /bin/bash
将6387作为master加入集群
# redis-cli --cluster add-node 本节点地址 要加入的集群中的其中一个节点地址
redis-cli --cluster add-node 192.168.2.204:6387 192.168.2.204:6381
检查当前集群状态
redis-cli --cluster check 192.168.2.204:6381
#输出信息如下: 从输出结果可以看出6387已经加入到了集群,但是目前没有分配到槽位
#M: 434e1eb73d22da12c9e1c4bfb987bce0cc84f4af 192.168.2.204:6387 slots: (0 slots) master
192.168.2.204:6381 (aeeb97d5...) -> 0 keys | 5461 slots | 1 slaves.
192.168.2.204:6387 (434e1eb7...) -> 0 keys | 0 slots | 0 slaves.
192.168.2.204:6382 (5f53daf9...) -> 0 keys | 5462 slots | 1 slaves.
192.168.2.204:6383 (37ec9b8f...) -> 1 keys | 5461 slots | 1 slaves.
[OK] 1 keys in 4 masters.
0.00 keys per slot on average.
>>> Performing Cluster Check (using node 192.168.2.204:6381)
M: aeeb97d54abf65fa7a3893f711bff90a443aa491 192.168.2.204:6381
slots:[0-5460] (5461 slots) master
1 additional replica(s)
S: 010d677d54cde803dea1efc3b8cdf142c48d7b22 192.168.2.204:6386
slots: (0 slots) slave
replicates aeeb97d54abf65fa7a3893f711bff90a443aa491
M: 434e1eb73d22da12c9e1c4bfb987bce0cc84f4af 192.168.2.204:6387
slots: (0 slots) master
S: 6cf1e1c9a9734c3cb2b50177f4e2c3a4e548792e 192.168.2.204:6384
slots: (0 slots) slave
replicates 5f53daf92a543fe36e9975fca2f14e656970105e
M: 5f53daf92a543fe36e9975fca2f14e656970105e 192.168.2.204:6382
slots:[5461-10922] (5462 slots) master
1 additional replica(s)
M: 37ec9b8ff3114920dd263cc5b3b67e1cba096895 192.168.2.204:6383
slots:[10923-16383] (5461 slots) master
1 additional replica(s)
S: e30373d307794b83da27df2297ec56b60bc769cf 192.168.2.204:6385
slots: (0 slots) slave
replicates 37ec9b8ff3114920dd263cc5b3b67e1cba096895
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
重新分配集群槽位
redis-cli --cluster reshard 192.168.2.204:6381
这个命令输入后需要输入3次
第一次提示输入How many slots do you want to move (from 1 to 16384)?
这个地方就是询问我们要从16384中移出来多少槽位给新节点。例如,我们现在是4台master,因为一共是16384个槽位,如果平均分配到四个master节点,这样每个节点都是4096个槽位。输入
4096即可
第二次提示输入What is the receiving node ID?
这里是询问我们要用哪个节点接受第一步移出来的槽位。我们当前是要给node7节点,所以输入节点7的ID
434e1eb73d22da12c9e1c4bfb987bce0cc84f4af即可
第三次提示输入Please enter all the source node IDs.
Type ‘all’ to use all the nodes as source nodes for the hash slots.
Type ‘done’ once you entered all the source nodes IDs.这里是问我们要从哪些节点中移出第一步的那些槽位。如果输入
all就是从所有节点中移出4096个槽位,每个节点移出一部分凑够4096个。也可以选择当前节点中的 几个,依次输入节点ID以后,再输入
done,这样就会从当前输入的节点中移出4096个槽位给到第二步选择的节点
重新分配完成后,可以进行集群信息检查,查看分配结果:
redis-cli --cluster check 192.168.2.204:6381
输出结果如下:
192.168.2.204:6381 (aeeb97d5...) -> 0 keys | 4096 slots | 1 slaves.
192.168.2.204:6387 (434e1eb7...) -> 0 keys | 4096 slots | 0 slaves.
192.168.2.204:6382 (5f53daf9...) -> 0 keys | 4096 slots | 1 slaves.
192.168.2.204:6383 (37ec9b8f...) -> 1 keys | 4096 slots | 1 slaves.
[OK] 1 keys in 4 masters.
0.00 keys per slot on average.
>>> Performing Cluster Check (using node 192.168.2.204:6381)
M: aeeb97d54abf65fa7a3893f711bff90a443aa491 192.168.2.204:6381
slots:[1365-5460] (4096 slots) master
1 additional replica(s)
S: 010d677d54cde803dea1efc3b8cdf142c48d7b22 192.168.2.204:6386
slots: (0 slots) slave
replicates aeeb97d54abf65fa7a3893f711bff90a443aa491
M: 434e1eb73d22da12c9e1c4bfb987bce0cc84f4af 192.168.2.204:6387
slots:[0-1364],[5461-6826],[10923-12287] (4096 slots) master
S: 6cf1e1c9a9734c3cb2b50177f4e2c3a4e548792e 192.168.2.204:6384
slots: (0 slots) slave
replicates 5f53daf92a543fe36e9975fca2f14e656970105e
M: 5f53daf92a543fe36e9975fca2f14e656970105e 192.168.2.204:6382
slots:[6827-10922] (4096 slots) master
1 additional replica(s)
M: 37ec9b8ff3114920dd263cc5b3b67e1cba096895 192.168.2.204:6383
slots:[12288-16383] (4096 slots) master
1 additional replica(s)
S: e30373d307794b83da27df2297ec56b60bc769cf 192.168.2.204:6385
slots: (0 slots) slave
replicates 37ec9b8ff3114920dd263cc5b3b67e1cba096895
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
从输出结果可以看出当前节点和槽位分配如下:
| 节点 | 槽位 |
|---|---|
| 192.168.2.204:6381 | [1365-5460] |
| 192.168.2.204:6382 | [6827-10922] |
| 192.168.2.204:6383 | [12288-16383] |
| 192.168.2.204:6387 | [0-1364],[5461-6826],[10923-12287] |
为主节点6387分配从节点6388
redis-cli --cluster add-node 192.168.2.204:6388 192.168.2.204:6381 --cluster-slave --cluster-master-id 434e1eb73d22da12c9e1c4bfb987bce0cc84f4af
检查集群状态
redis-cli --cluster check 192.168.2.204:6381
输出结果如下:可以看到已经变为4主4从
192.168.2.204:6381 (aeeb97d5...) -> 0 keys | 4096 slots | 1 slaves.
192.168.2.204:6387 (434e1eb7...) -> 0 keys | 4096 slots | 1 slaves.
192.168.2.204:6382 (5f53daf9...) -> 0 keys | 4096 slots | 1 slaves.
192.168.2.204:6383 (37ec9b8f...) -> 1 keys | 4096 slots | 1 slaves.
[OK] 1 keys in 4 masters.
0.00 keys per slot on average.
>>> Performing Cluster Check (using node 192.168.2.204:6381)
M: aeeb97d54abf65fa7a3893f711bff90a443aa491 192.168.2.204:6381
slots:[1365-5460] (4096 slots) master
1 additional replica(s)
S: 010d677d54cde803dea1efc3b8cdf142c48d7b22 192.168.2.204:6386
slots: (0 slots) slave
replicates aeeb97d54abf65fa7a3893f711bff90a443aa491
S: a36f9a577f1e76b634ef8f2c32c6cf6ccfece80a 192.168.2.204:6388
slots: (0 slots) slave
replicates 434e1eb73d22da12c9e1c4bfb987bce0cc84f4af
M: 434e1eb73d22da12c9e1c4bfb987bce0cc84f4af 192.168.2.204:6387
slots:[0-1364],[5461-6826],[10923-12287] (4096 slots) master
1 additional replica(s)
S: 6cf1e1c9a9734c3cb2b50177f4e2c3a4e548792e 192.168.2.204:6384
slots: (0 slots) slave
replicates 5f53daf92a543fe36e9975fca2f14e656970105e
M: 5f53daf92a543fe36e9975fca2f14e656970105e 192.168.2.204:6382
slots:[6827-10922] (4096 slots) master
1 additional replica(s)
M: 37ec9b8ff3114920dd263cc5b3b67e1cba096895 192.168.2.204:6383
slots:[12288-16383] (4096 slots) master
1 additional replica(s)
S: e30373d307794b83da27df2297ec56b60bc769cf 192.168.2.204:6385
slots: (0 slots) slave
replicates 37ec9b8ff3114920dd263cc5b3b67e1cba096895
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
主从缩容
假如业务高峰期过去,需要将4主4从重新缩容到3主3从。即从集群中移除node8和node7.
删除从节点6388
#进入容器节点1
docker exec -it redis-node-1 /bin/bash
#检查容器状态,获取6388的节点编号
redis-cli --cluster check 192.168.2.204:6381
# 将6388从集群中移除
redis-cli --cluster del-node 192.168.2.204:6388 a36f9a577f1e76b634ef8f2c32c6cf6ccfece80a
对node7重新分配哈希槽
#对集群重新分配哈希槽
redis-cli --cluster reshard 192.168.2.204:6381
#按照扩容介绍的内容 三次分别输入
4096
node1 Id
node7 Id enter键以后再次输入 done 然后再次enter键
#此时输入的意思是将node7的4096个节点移出来给到node1节点
删除node7节点
redis-cli --cluster del-node 192.168.2.204:6387 434e1eb73d22da12c9e1c4bfb987bce0cc84f4af
检查当前集群状态
redis-cli --cluster check 192.168.2.204:6381
输出结果如下:node7和node8节点都被移除,且node7的槽位分配给了node1
192.168.2.204:6381 (aeeb97d5...) -> 0 keys | 8192 slots | 1 slaves.
192.168.2.204:6382 (5f53daf9...) -> 0 keys | 4096 slots | 1 slaves.
192.168.2.204:6383 (37ec9b8f...) -> 1 keys | 4096 slots | 1 slaves.
[OK] 1 keys in 3 masters.
0.00 keys per slot on average.
>>> Performing Cluster Check (using node 192.168.2.204:6381)
M: aeeb97d54abf65fa7a3893f711bff90a443aa491 192.168.2.204:6381
slots:[0-6826],[10923-12287] (8192 slots) master
1 additional replica(s)
S: 010d677d54cde803dea1efc3b8cdf142c48d7b22 192.168.2.204:6386
slots: (0 slots) slave
replicates aeeb97d54abf65fa7a3893f711bff90a443aa491
S: 6cf1e1c9a9734c3cb2b50177f4e2c3a4e548792e 192.168.2.204:6384
slots: (0 slots) slave
replicates 5f53daf92a543fe36e9975fca2f14e656970105e
M: 5f53daf92a543fe36e9975fca2f14e656970105e 192.168.2.204:6382
slots:[6827-10922] (4096 slots) master
1 additional replica(s)
M: 37ec9b8ff3114920dd263cc5b3b67e1cba096895 192.168.2.204:6383
slots:[12288-16383] (4096 slots) master
1 additional replica(s)
S: e30373d307794b83da27df2297ec56b60bc769cf 192.168.2.204:6385
slots: (0 slots) slave
replicates 37ec9b8ff3114920dd263cc5b3b67e1cba096895
[OK] All nodes agree about slots configuration.
>>> Check for open slots...
>>> Check slots coverage...
[OK] All 16384 slots covered.
三、Dockerfile解析
常见保留字
# 基础镜像,当前新镜像是基于哪个镜像的,指定一个已经存在的镜像作为模板。Dockerfile第一条必须是FROM
FROM 镜像名称
#镜像维护者的信息
MAINTAINER
#容器构建时需要运行的命令。
# 第一种格式:等同于在终端操作的shell命令
# 格式:RUN <命令行命令>
RUN yum -y install vim
# 第二种格式:RUN ["可执行文件" , "参数1", "参数2"]
RUN ["./test.php", "dev", "offline"] # 等价于 RUN ./test.php dev offline
#当前容器对外暴露出的端口
# EXPOSE 要暴露的端口
# EXPOSE <port>[/<protocol] ....
EXPOSE 3306 33060
#指定在创建容器后, 终端默认登录进来的工作目录。
ENV CATALINA_HOME /usr/local/tomcat
WORKDIR $CATALINA_HOME
#指定该镜像以什么样的用户去执行,如果不指定,默认是root。(一般不修改该配置)
# USER <user>[:<group>]
USER patrick
#用来在构建镜像过程中设置环境变量,这个环境变量可以在后续的任何RUN指令或其他指令中使用
# 格式 ENV 环境变量名 环境变量值
# 或者 ENV 环境变量名=值
ENV MY_PATH /usr/mytest
# 使用环境变量
WORKDIR $MY_PATH
#容器数据卷,用于数据保存和持久化工作。类似于 docker run 的-v参数。
# VOLUME 挂载点
# 挂载点可以是一个路径,也可以是数组(数组中的每一项必须用双引号)
VOLUME /var/lib/mysql
#将宿主机目录下(或远程文件)的文件拷贝进镜像,且会自动处理URL和解压tar压缩包。
ADD
#类似ADD,拷贝文件和目录到镜像中。将从构建上下文目录中<源路径>的文件目录复制到新的一层镜像内的<目标路径>位置。
COPY src dest
COPY ["src", "dest"]
# <src源路径>:源文件或者源目录
# <dest目标路径>:容器内的指定路径,该路径不用事先建好。如果不存在会自动创建
#指定`容器启动后`要干的事情。跟RUN命令相似有两种方式 shell和exec
# CMD ["参数1", "参数2" ....],与ENTRYPOINT指令配合使用
CMD echo "hello world"
CMD ["catalina.sh", "run"]
#Dockerfile中如果出现多个CMD指令,只有最后一个生效。CMD会被docker run之后的参数替换。
# 因为tomcat的Dockerfile中指定了 CMD ["catalina.sh", "run"]
# 所以直接docker run 时,容器启动后会自动执行 catalina.sh run
docker run -it -p 8080:8080 tomcat
# 指定容器启动后执行 /bin/bash
# 此时指定的/bin/bash会覆盖掉Dockerfile中指定的 CMD ["catalina.sh", "run"]
docker run -it -p 8080:8080 tomcat /bin/bash
#用来指定一个容器启动时要运行的命令。类似于CMD命令,但是ENTRYPOINT不会被docker run后面的命令覆盖,这些命令参数会被当做参数送给ENTRYPOINT指令指定的程序。
#ENTRYPOINT可以和CMD一起用,一般是可变参数才会使用CMD,这里的CMD等于是在给ENTRYPOINT传参。
#当指定了ENTRYPOINT后,CMD的含义就发生了变化,不再是直接运行期命令,而是将CMD的内容作为参数传递给ENTRYPOINT指令,它们两个组合会变成 <ENTRYPOINT> "<CMD>"。
ROM nginx
ENTRYPOINT ["nginx", "-c"] # 定参
CMD ["/etc/nginx/nginx.conf"] # 变参
#对于此Dockerfile,构建成镜像 nginx:test后,如果执行;
● docker run nginx test,则容器启动后,会执行 nginx -c /etc/nginx/nginx.conf
● docker run nginx:test /app/nginx/new.conf,则容器启动后,会执行 nginx -c /app/nginx/new.conf
构建镜像
创建名称为Dockerfile的文件,示例:
#以jdk8为基础构建镜像
FROM java:8
# 指定维护者的名字
MAINTAINER William
# 将当前目录下的jar包复制到docker容器的/目录下
ADD exam-cloud-exam.jar exam-cloud-exam.jar
# 声明服务运行在8082端口
EXPOSE 8098
#设置JVM运行参数
ENV JAVA_OPTS="-server -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Xmx512M -Xms512M -XX:PermSize=512M -XX:MaxPermSize=512M"
ARG JVM_SERVER_FIXED_ARGS="-server \
-XX:+DisableExplicitGC \
-XX:+UseParNewGC \
-XX:+UseConcMarkSweepGC \
-XX:+UseCMSInitiatingOccupancyOnly \
-XX:CMSInitiatingOccupancyFraction=70 \
-XX:+ExplicitGCInvokesConcurrentAndUnloadsClasses \
-XX:+CMSClassUnloadingEnabled \
-XX:+ParallelRefProcEnabled \
-XX:+CMSScavengeBeforeRemark \
-XX:+HeapDumpOnOutOfMemoryError \
-XX:+PrintGCDetails \
-XX:+PrintGCTimeStamps \
-XX:+PrintHeapAtGC \
-XX:+PrintGCApplicationStoppedTime \
-XX:+PrintGCDateStamps"
#设置时区为上海时区
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
RUN echo 'Asia/Shanghai' >/etc/timezone
# 指定docker容器启动时运行jar包
ENTRYPOINT ["java", "-jar","/exam-cloud-exam.jar","-c"]
创建exam.sh的可执行文件。
#!/usr/bin/env bash
app_name='exam-cloud-exam'
#停止原来的容器
docker stop ${app_name}
echo '----stop container----'
#删除原来创建的容器
docker rm ${app_name}
echo '----rm container----'
#删除原来的镜像
docker rmi ${app_name}:1.0
echo '----rmi image----'
#创建新的镜像,这里可以优化为不删除上个版本,做成类似于可以保留最近的三个版本,如果出了问题能够回滚
docker build -t ${app_name}:1.0 .
echo '----build image----'
#容器启动命令
#这里如果配置JAVA_OPTS 会替换DockerFile中的相同参数
docker run -d -p 8098:8098 --name ${app_name} \
-v /usr/share/fonts:/usr/share/fonts \
-v /etc/localtime:/etc/localtime:ro \
-e JAVA_OPTS='-server -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -Xmx1024M -Xms1024M -XX:PermSize=1024M -XX:MaxPermSize=1024M' \
${app_name}:1.0
echo '----start container----'
创建完成后在当前文件夹下执行chmod u+x *.sh使exam.sh变成可执行文件,然后执行即可。
虚悬镜像
虚悬镜像:仓库名、标签名都是 的镜像,称为 dangling images(虚悬镜像)。
在构建或者删除镜像时可能由于一些错误导致出现虚悬镜像。
例如:
# 构建时候没有镜像名、tag
docker build .
列出docker中的虚悬镜像:
docker image ls -f dangling=true
虚悬镜像一般是因为一些错误而出现的,没有存在价值,可以删除:
# 删除所有的虚悬镜像
docker image prune
四、Docker 网络
在Docker服务启动前,使用 ifconfig 或 ip addr 查看网卡信息:
-
ens33或eth0:本机网卡 -
lo:本机回环网络网卡 -
可能有
virbr0(CentOS安装时如果选择的有相关虚拟化服务,就会多一个以网桥连接的私网地址的virbr0网卡,作用是为连接虚拟网卡提供NAT访问外网的功能。如果要移除该服务,可以使用yum remove libvirt-libs.x86_64)
使用 systemctl start docker启动Docker服务后,会多出一个 docker0 网卡。
Docker容器的网络隔离,是通过Linux内核特性 namespace和 cgroup 实现的。
Docker网络作用
容器间的互联和通信以及端口映射
容器IP变动时候可以通过服务名直接网络通信而不受到影响
Docker网络命令
1.查看Docker网络模式
docker network ls
如果没有修改过docker network,则默认有3个网络模式:
bridge
host
none
2.添加Docker网络
docker network create xxx
3.删除Docker网络
docker network rm xxx
4.查看网络元数据
docker network inspect xxx
5.删除所有无效的网络
docker network prune
Docker网络模式
| 网络模式 | 简介 | 使用方式 |
|---|---|---|
| bridge | 为每一个容器分配、设置IP等,并将容器连接到一个docker0虚拟网桥,默认为该模式 | --network bridge |
| host | 容器将不会虚拟出自己的网卡、配置自己的IP等,而是使用宿主机的IP和端口 | --network host |
| none | 容器有独立的 Network namespace,但并没有对齐进行任何网络设置,如分配 veth pari 和 网桥连接、IP等 | --network none |
| container | 新创建的容器不会创建自己的网卡和配置自己的IP,而是和一个指定的容器共享IP、端口范围等 | --network container:NAME或者容器ID |
查看某个容器的网络模式:
# 通过inspect获取容器信息,最后20行即为容器的网络模式信息
docker inspect 容器ID | tail -n 20
docker0
Docker 服务默认会创建一个docker0网桥(其上有一个docker0内部接口),该桥接网络的名称为 docker0,它在内核层连通了其他的物理或虚拟网卡,这就将所有容器和本地主机都放到同一个物理网络。
Docker默认指定了docker0接口的IP地址和子网掩码,让主机和容器之间可以通过网桥互相通信。
查看bridge网络的详细信息,并通过grep获取名称:
docker network inspect bridge | grep name
可以看到其名称为docker0。
bridge模式
Docker使用Linux桥接,在宿主机虚拟一个Docker容器网桥(docker0),Docker启动一个容器时会根据Docker网桥的网段分配给容器一个IP地址,称为Container-IP,同时Docker网桥是每个容器的默认网关。因为在同一个宿主机内的容器接入同一个网桥,这样容器之间就能够通过容器的Container-IP直接通信。
docker run的时候,没有指定--network的话,默认使用的网桥模式就是bridge,使用的就是docker0在宿主机ip addr就可以看到docker0和新创建network。网桥docker0会创建一对对等虚拟设备接口,一个叫vethXX,另一个叫eth0,成对匹配:
整个宿主机的网桥模式都是
docker0,类似一个交换机有一堆接口,每个接口叫veth,在本地主机和容器内分别创建一个虚拟接口,并让他们彼此联通(这样一对接口叫做veth pair)。每个容器实例内部也有一块网卡,容器内的网卡接口叫做
eth0。
docker0上面的每个veth匹配某个容器实例内部的eth0,两两配对,一一匹配。
例如:
启动tomcat容器,进入tomcat容器后,执行 ip addr,可以看到其网卡信息:
1: lo ..................
容器内的网卡为 eth0
@符号后面就是宿主机上对应的veth网卡的编号28
27: eth0@if28 ...............................
在宿主机执行 ip addr 查看宿主机网卡信息:
每个veth都有个编号:vethXXXXXX
@符号后面对应就是容器内的eth0网卡编号27
28: vethXXXXXX@if27 ................
host模式
直接使用宿主机的 IP 地址与外界进行通信,不再需要额外进行 NAT 转换。
容器将不会获得一个独立的 network namespace,而是和宿主机共用一个 network namespace。
容器将不会虚拟出自己的网卡,而是直接使用宿主机的 IP 和端口。
如果在 docker run 命令中同时使用了 --network host 和 -p端口映射,例如:
docker run -p 8082:8080 --network host tomcat
那么会出现一个警告:
WARNING: Published ports are discarded when using host network mode
因为此时已经使用了
host模式,本身就是直接使用的宿主机的IP和端口,此时的-p端口映射就没有了意义,也不会生效,端口号还是会以主机端口号为主。正确做法是:不再进行
-p端口映射,或者改用bridge模式注意 :因为会使用宿主机的端口,如果宿主机当前的端口已经被占用,则会直接导致出现端口被占用情况,也就是容器能启动,但是应用启动错误。提示端口已经被占用。
none模式
禁用网络功能。
在none模式下,并不为docker容器进行任何网络配置。进入容器内,使用 ip addr查看网卡信息,只能看到 lo(本地回环网络127.0.0.1网卡)。
container模式
新建的容器和已经存在的一个容器共享网络IP配置,而不是和宿主机共享。
新创建的容器不会创建自己的网卡、IP,而是和一个指定的容器共享IP、端口范围。两个容器除了网络共享,其他的如文件系统、进程列表依然是隔离的。
示例:
docker run -it --name alpine1 alpine /bin/sh
# 指定和 alpine1 容器共享网络
docker run -it --netrowk container:alpine1 --name alpine2 alpine /bin/sh
此时使用 ip addr查看两台容器的网络,会发现两台容器的eth0网卡内的IP等信息完全相同。
如果关掉了alpine1容器,因为alpine2的网络使用的alpine1共享网络,所以关掉alpin1后,alpine2的eth0网卡也随之消失了。
自定义网络
容器间的互联和通信以及端口映射。
容器 IP 变动时候可以通过服务名直接网络通信而不受影响。(类似Eureka,通过服务名直接互相通信,而不是写死IP地址)。
docker中还有一个 --link 进行容器网络互联,但是已经被标记为过时的,可能会在将来的版本中移除这个功能。推荐使用自定义网络替换link。
自定义桥接网络(自定义网络默认使用的是桥接网络 bridge):
新建自定义网络
docker network create tomcat_network
查看网络列表
docker network ls
创建容器时,指定加入我们自定义的网络中
docker run -d -p 8084:8080 --network tomcat_network --name tomcat1 billygoo/tomcat8-jdk8
docker run -d -p 8085:8080 --network tomcat_network --name tomcat2 billygoo/tomcat8-jdk8
此时进入tomcat1中,使用ping命令测试连接tomcat2容器名,发现可以正常连通
# 安装ifconfig命令
yum install -y net-tools
# 安装ip addr命令
yum install -y iproute
# 安装ping命令
yum install -y iputils
# 直接ping容器名,不需要ping IP地址
ping tomcat2
link连接 (官方已经准备废弃)
示例:
# 启动一台mysql容器
# --name 为容器指定一个别名
docker run --name mysql-matomo -p 3308:3306 -e MYSQL_ROOT_PASSWORD=root -d mysql:8.0.28
# 启动另一个容器,通过--link连接到mysql容器
# --link 容器名称:本容器连接对方时的别名
docker run -d -p 8888:80 --link mysql-matomo:db --name matomo matomo:4.9.0
# 此时,在matomo容器中,便可以通过 db 这个hostname连接到mysql-matomo容器,而无须再通过ip
# 连接地址:db:3306
五、Docker Compose容器编排
Docker-Compose 是 Docker 官方的开源项目,负责实现对Docker容器集群的快速编排。
Docker Compose安装
# 例如从github下载 2.5.0版本的docker-compose
# 下载下来的文件放到 /usr/local/bin目录下,命名为 docker-compose
curl -L https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
# 添加权限
chmod +x /usr/local/bin/docker-compose
# 验证
docker-compose version
卸载Docker Compose
#直接删除 usr/local/bin/docker-compose文件即可
rm -rf /usr/local/bin/docker-compose
常用命令
#查看帮助
docker-compose -h
#创建并启动docker-compose服务:(类似 docker run)
docker-compose up
# 后台运行
docker-compose up -d
#停止并删除容器、网络、卷、镜像:(类似 docker stop + docker rm + docker rmi + docker network rm)
docker-compose down
#进入容器实例内部
docker-compose exec <yml里面的服务id> /bin/bash
#展示当前docker-compose编排过的运行的所有容器
docker-compose ps
#展示当前docker-compose编排过的容器进程
docker-compose top
#查看容器输出日志:
docker-compose logs <yml里面的服务id>
#检查配置:
docker-compose config
# 有问题才输出
docker-compose config -q
#启动服务
docker-compose start
#重启服务
docker-compose restart
#停止服务
docker-compose stop
compose编排实例
# docker-compose文件版本号
version: "3"
# 配置各个容器服务
services:
microService:
image: springboot_docker:1.0
container_name: ms01 # 容器名称,如果不指定,会生成一个服务名加上前缀的容器名
ports:
- "6001:6001"
volumes:
- /app/microService:/data
networks:
- atguigu_network
depends_on: # 配置该容器服务所依赖的容器服务
- redis
- mysql
redis:
image: redis:6.0.8
container_name: redis
ports:
- "6379:6379"
volumes:
- /app/redis/redis.conf:/etc/redis/redis.conf
- /app/redis/data:data
networks:
- atguigu_network
command: redis-server /etc/redis/redis.conf
mysql:
image: mysql:5.7
container_name: mysql
environment:
MYSQL_ROOT_PASSWORD: '123456'
MYSQL_ALLOW_EMPTY_PASSWORD: 'no'
MYSQL_DATABASE: 'db2021'
MYSQL_USER: 'test'
MYSQL_PASSWORD: '123456'
ports:
- "3306:3306"
volumes:
- /app/mysql/db:/var/lib/mysql
- /app/mysql/conf/my.cnf:/etc/my.cnf
- /app/mysql/init:/docker-entrypoint-initdb.d
networks:
- atguigu_network
command: --default-authentication-plugin=mysql_native_password # 解决外部无法访问
networks:
# 创建 atguigu_network 网桥网络
atguigu_network:
六、Portainer轻量级图形化监控
Portainer是一款轻量级的应用,它提供了图形化界面,用于方便地管理Docker环境,包括单机环境和集群环境。
Portainer分为开源社区版(CE版)和商用版(BE版/EE版)。
安装
# 旧版镜像地址为portainer/portainer,从2022年1月标记为过期
# 新版镜像地址为portainer/portainer-ce
docker run -d -p 8000:8000 -p 9000:9000 --name portainer --restart=always --privileged=true -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce
使用
启动之后,便可以在浏览器中进行访问:http://xxx.xxx.xxx.xxx:9000
首次进来时,需要创建 admin 的用户名(默认admin)、密码(必须满足校验规则)。
七、CIG重量级监控
通过docker stats 命令可以很方便的查看当前宿主机上所有容器的CPU、内存、网络流量等数据,可以满足一些小型应用。
但是 docker stats 统计结果只能是当前宿主机的全部容器,数据资料是实时的,没有地方存储、没有健康指标过线预警等功能。
CAdvisor
CAdvisor是一个容器资源监控工具,包括容器的内存、CPU、网络IO、磁盘IO等监控,同时提供了一个Web页面用于查看容器的实时运行状态。
CAdvisor默认存储2分钟的数据,而且只是针对单物理机。不过CAdvisor提供了很多数据集成接口,支持 InfluxDB、Redis、Kafka、Elasticsearch等集成,可以加上对应配置将监控数据发往这些数据库存储起来。
CAdvisor主要功能:
-
展示Host和容器两个层次的监控数据
-
展示历史变化数据
InfluxDB
InfluxDB是用Go语言编写的一个开源分布式时序、事件和指标数据库,无需外部依赖。
CAdvisor默认只在本机保存2分钟的数据,为了持久化存储数据和统一收集展示监控数据,需要将数据存储到InfluxDB中。InfluxDB是一个时序数据库,专门用于存储时序相关数据,很适合存储 CAdvisor 的数据。而且 CAdvisor本身已经提供了InfluxDB的集成方法,在启动容器时指定配置即可。
InfluxDB主要功能:
-
基于时间序列,支持与时间有关的相关函数(如最大、最小、求和等)
-
可度量性,可以实时对大量数据进行计算
-
基于事件,支持任意的事件数据
Granfana
Grafana是一个开源的数据监控分析可视化平台,支持多种数据源配置(支持的数据源包括InfluxDB、MySQL、Elasticsearch、OpenTSDB、Graphite等)和丰富的插件及模板功能,支持图表权限控制和报警。
Granfana主要功能:
-
灵活丰富的图形化选项
-
可以混合多种风格
-
支持白天和夜间模式
-
多个数据源
安装部署
1.编写docker-compose.yml服务编排文件
version: '3.1'
volumes:
grafana_data: {}
services:
influxdb:
image: tutum/influxdb:0.9
restart: always
environment:
- PRE_CREATE_DB=cadvisor
ports:
- "8083:8083"
- "8086:8086"
volumes:
- ./data/influxdb:/data
cadvisor:
image: google/cadvisor:v0.32.0
command:
- -storage_driver=influxdb
- -storage_driver_db=cadvisor
- -storage_driver_host=influxdb:8086
restart: always
ports:
- "8080:8080"
volumes:
- /:/rootfs:ro
- /var/run:/var/run:rw
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
grafana:
image: grafana/grafana:8.5.2
user: '104'
restart: always
links:
- influxdb:influxsrv
ports:
- "3000:3000"
volumes:
- grafana_data:/var/lib/grafana
environment:
- HTTP_USER=admin
- HTTP_PASS=admin
2.检查语法
docker-compose config -q
3.创建并启动容器
docker-compose up -d
容器启动之后:
- 在浏览器打开
InfluxDB数据库的页面: http://xxx.xxx.xxx.xxx:8083,使用命令查看当前数据库中的数据库实例:
SHOW DATABASES
查看其中是否自动创建了我们在配置文件中配置的 cadvisor 数据库实例
1.在浏览器打开CAdvisor页面:http://xxx.xxx.xxx.xxx8080/,查看当前docker中的CPU、内存、网络IO等统计信息
2.在浏览器打开Grafana页面:http://xxx.xxx.xxx.xxx:3000/,默认用户名密码是:admin/admin。
Grafana配置
添加数据源
在Configuration(小齿轮)选项卡中,选择Data Sources,添加一个InfluxDB数据源:
-
name:自定义一个数据源名称,例如
InfluxDB -
Query Language:查询语言,默认
InfluxQL即可 -
URL:根据compose中的容器服务名连接,
http://influxdb:8086 -
database:我们在
InfluxDB中创建的数据库实例,cadvisor -
User:
InfluxDB的默认用户,root -
Password:
root
保存并测试,可以连通即可
添加工作台
1.在Create(加号)选项卡中,选择创建 Dash Board工作台。右上角配置中可以配置创建出来的工作台的标题、文件夹等信息。
2.在创建出来的工作台中,选择Add panel中的Add a new panel添加一个新的面板。
- 在右上角
Time series(时序图)位置可以切换展示的图表样式(柱状图、仪表盘、表格、饼图等等) - 右侧边栏为该图表配置相关信息:标题、描述
- 图表下方可以配置该图表展示的数据的查询语句,例如:
FROM:cpu_usage_total(Grafana会自动获取InfluxDB数据库中的元数据,可以直接选择对应表名)
WHERE:添加一个条件,container_name=cig-cadvisor-1
ALIAS:配置一个别名,CPU使用情况汇总
1917
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
