高可用Docker Swarm

高可用 Docker Swarm 安装

1. 环境介绍

**注意: 三台机器 即是主节点又是从节点 **

主机名称	swarm-01	swarm-02	swarm-03
操作系统	Centos 7	Centos 7	Centos 7
内核版本	3.10.0-957.e17.x86_64	3.10.0-957.e17.x86_64	3.10.0-957.e17.x86_64
IP	192.168.100.100	192.168.100.200	192.168.100.250
Nginx	1.22.0	1.22.0	无
keepalived	主	从	无
虚拟IP	192.168.100.50	192.168.100.50	无

2. 环境准备

2.1 修改主机名

# 各自修改主机名称
hostnamectl set-hostname xxxx

2.2 修改hosts

cat >> /etc/hosts << EOF
192.168.100.100 swarm-01
192.168.100.200 swarm-02
192.168.100.2500 swarm-03
EOF

2.3 关闭防火墙和SLinux

# 关闭防火墙
systemctl disable --now firewalld.service

# 关闭SLinux
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0

2.4 配置yum源

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

yum makecache 

2.5 同步时间

# 时区调整，时间校准
date -R
timedatectl set-timezone Asia/Shanghai
yum -y install ntp

cat >>/etc/nft.conf<<EOF
driftfile  /var/lib/ntp/drift
pidfile   /var/run/ntpd.pid
logfile /var/log/ntp.log
restrict    default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
server 127.127.1.0
fudge  127.127.1.0 stratum 10
server ntp.aliyun.com iburst minpoll 4 maxpoll 10
restrict ntp.aliyun.com nomodify notrap nopeer noquery
EOF
# 同步
ntpdate ntp.aliyun.com

3. 安装Docker

3.1 安装

# 安装docker 需要的依赖 要去操作系统必须能访问外网

yum install -y yum-utils device-mapper-persistent-data lvm2 bash-completion

# 添加阿里云docker-ce 软件源
yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

# 查看版本
yum list docker-ce --showduplicates | sort -r
yum list containerd.io --showduplicates | sort -r


# 注意 如果要安装 指定版本的docker 比如 18.09
yum install -y docker-ce-20.10.15-3.el7 docker-ce-cli-20.10.15-3.el7 containerd.io



# 启动docker
systemctl start docker

# 设置开机自启动
systemctl enable docker

# 查看docker 状态
systemctl status docker


# 配置镜像
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
    "registry-mirrors": [
        "https://dockerhub.icu",
        "https://docker.chenby.cn",
        "https://docker.1panel.live",
        "https://docker.aws19527.cn",
        "https://docker.anyhub.us.kg",
        "https://dhub.kubesre.xyz"
    ]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

3.2 修改dockerd

# 查询服务状态
systemctl status docker


[root@kube-master ~]# systemctl status docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
   Active: active (running) since 四 2024-08-08 11:01:33 CST; 5 days ago
     Docs: https://docs.docker.com
 Main PID: 104031 (dockerd)
    Tasks: 11
   Memory: 65.3M
   CGroup: /system.slice/docker.service
# 看Loaded 服务在哪里
vi /usr/lib/systemd/system/docker.service

# 在ExecStart 添加 -H tcp://0.0.0.0:2375
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://0.0.0.0:2375


sudo systemctl daemon-reload
sudo systemctl restart docker

4. 安装 Nginx 和 keepalived

4.1 主机名称：swarm-01 和 swarm-02

# 配置nginx 软件源
vi /etc/yum.repos.d/nginx.repo

[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true


# 更新索引
yum makecache 

# 查看可以安装的版本
yum list nginx --showduplicates | sort -r


# 安装nginx
yum install -y nginx-1.22.0

# 先创建swarm-access.log
touch /var/log/nginx/swarm-access.log
# 修改文件
vi /etc/nginx/nginx.conf
################################################################################################################################
stream {
 log_format main '$remote_addr $remote_port - [$time_local] $status $protocol '
                 '"$upstream_addr" "$upstream_bytes_sent" "$upstream_connect_time"' ;
 access_log /var/log/nginx/swarm-access.log main;
 upstream docker_servers {
   	server 192.168.100.100:2375;
  	server 192.168.100.200:2375;
  	server 192.168.100.250:2375;
   	# 使用轮询方式请求
   	least_conn;
 }   

 server {
   listen 9999;
   proxy_connect_timeout 3s;
   proxy_timeout 300s;
   proxy_pass docker_servers;
 }
}


# 安装 keepalived
yum install -y keepalived

# 备份配置文件
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

# 编写健康脚本
cat > /etc/keepalived/nginx_check.sh <<EOF
#!/bin/sh
# nginx down
pid=`ps -C nginx --no-header | wc -l`
if [ $pid -eq 0 ]
then
    systemctl start nginx
  sleep 5
    if [ `ps -C nginx --no-header | wc -l` -eq 0 ]
    then
        systemctl stop nginx
    else
      exit 0
    fi
fi
EOF

# 增加可执行权限
chmod +x /etc/keepalived/nginx_check.sh

4.2 swarm-01

# 配置文件
cat > /etc/keepalived/keepalived.conf <<EOF

! Configuration File for keepalived

global_defs {
   router_id lb01 # 唯一就行
}

vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_check.sh"
    interval 2
    weight 2
}


vrrp_instance VI_1 {
    state MASTER
    interface ens32 # 修改从自己网卡名称
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.100.50/24 dev ens32 label ens32:1 scope global
    }

   # 执行脚本
    track_script {
        # 对应vrrp_script配置的脚本
        chk_nginx
    }
}
EOF

4.3 swarm-02

# 配置文件
cat > /etc/keepalived/keepalived.conf <<EOF

! Configuration File for keepalived

global_defs {
   router_id lb02 # 唯一就行
}

vrrp_script chk_nginx {
    script "/etc/keepalived/nginx_check.sh"
    interval 2
    weight 2
}


vrrp_instance VI_1 {
    state MASTER
    interface ens32 # 修改从自己网卡名称
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.100.50/24 dev ens32 label ens32:1 scope global
    }

   # 执行脚本
    track_script {
        # 对应vrrp_script配置的脚本
        chk_nginx
    }
}
EOF

4.4 启动

systemctl enable nginx --now
systemctl enable keepalived --now

5. 初始化集群

5.1 主机名称: swarm-01

# 初始化集群
docker swarm init --advertise-addr=192.168.100.100

[root@swarm-01 ~]# docker swarm init --advertise-addr=192.168.100.100
Swarm initialized: current node (vf2x510svcmubg1xhmn033ybr) is now a manager.

To add a worker to this swarm, run the following command:
# 要向集群中添加一个工作节点，运行以下命令:
    docker swarm join --token SWMTKN-1-0dbfjw2hwt147y5szbqzvon2szdiz6l9r7lpbgkf6fy47djx4q-9cbxlsr9ykn8koysdohs63woc 192.168.100.100:2377

To add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.


# token 忘记咋办
docker swarm join-token worker

5.2 主机名称: swarm-02 和 swarm-03

docker swarm join --token SWMTKN-1-0dbfjw2hwt147y5szbqzvon2szdiz6l9r7lpbgkf6fy47djx4q-9cbxlsr9ykn8koysdohs63woc 192.168.100.100:2377

5.3 修改node节点为master节点

# 查看节点 
docker node ls

[root@swarm-01 ~]# docker node ls
ID                            HOSTNAME      STATUS    AVAILABILITY   MANAGER STATUS   ENGINE VERSION
vf2x510svcmubg1xhmn033ybr *   swarm-01      Ready     Active         Leader           20.10.15
d7gk2iakpqe4s2zumkaoz0d2e     swarm-02      Ready     Active                          20.10.15
pg4wpkcg6mx3wu5j0hhf4zh46     swarm-03      Ready     Active                          20.10.15


# 将 swarm-02 变成 master节点
docker node promote d7gk2iakpqe4s2zumkaoz0d2e

# 将 swarm-03 变成 master节点
docker node promote pg4wpkcg6mx3wu5j0hhf4zh46

# 再次查看
[root@swarm-01 ~]# docker node ls
ID                            HOSTNAME      STATUS    AVAILABILITY   MANAGER STATUS   ENGINE VERSION
vf2x510svcmubg1xhmn033ybr *   swarm-01      Ready     Active         Leader           20.10.15
d7gk2iakpqe4s2zumkaoz0d2e     swarm-02      Ready     Active         Reachable        20.10.15
pg4wpkcg6mx3wu5j0hhf4zh46     swarm-03      Ready     Active         Reachable        20.10.15

6 测试连接

**nginx 监听端口为 9999 ，keepalived 虚拟ip为192.168.100.50 **