技术支持-鼎维重庆网站建设专家,口碑好的网站开发,西安seo培训,表白网在线制作一键生成Docker compose部署redis哨兵集群 安装Docker和docker-compose准备docker-compose文件redis exporter本地部署准备Redis配置文件ACL用户权限配置Linux内核参数优化启停Redis实例主从复制配置 环境准备#xff1a;
IP版本角色172.x.x.11RHEL 7.9master172.x.x.12RHEL 7.9repli… Docker compose部署redis哨兵集群 安装Docker和docker-compose准备docker-compose文件redis exporter本地部署准备Redis配置文件ACL用户权限配置Linux内核参数优化启停Redis实例主从复制配置 环境准备
IP版本角色172.x.x.11RHEL 7.9master172.x.x.12RHEL 7.9replica172.x.x.13RHEL 7.9replica
安装Docker和docker-compose
安装docker-ce
# 移除旧版本
sudo yum remove docker \docker-client \docker-client-latest \docker-common \docker-latest \docker-latest-logrotate \docker-logrotate \docker-engine# 配置仓库
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
#官方源
#sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
#阿里云源
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo yum makecache fast# 检查可安装的版本
yum list docker-ce --showduplicates | sort -r# 安装指定版本
#sudo yum install docker-ce-VERSION_STRING docker-ce-cli-VERSION_STRING containerd.io docker-buildx-plugin docker-compose-plugin
yum install -y docker-ce-25.0.1 docker-ce-cli-25.0.1 containerd.io docker-buildx-plugin docker-compose-plugin# 启动
sudo systemctl enable docker
sudo systemctl start docker 配置阿里云镜像源:
cat /etc/docker/daemon.json EOF
{registry-mirrors : [https://b9pmyelo.mirror.aliyuncs.com]
}
EOFsudo systemctl restart dockerDocker社区版部署参见 https://docs.docker.com/engine/install/centos/https://gottdeskrieges.blog.csdn.net/article/details/113242029 安装docker-compose
curl -SL https://github.com/docker/compose/releases/download/v2.24.6/docker-compose-linux-x86_64 -o /usr/local/bin/docker-composechmod 755 /usr/local/bin/docker-compose参考https://docs.docker.com/compose/install/standalone/ 准备docker-compose文件 Redis版本7.2.4Redis安装路径/opt/docker-compose/redis 准备单台服务的compose文件每台服务器上部署一个redis实例、一个sentinel实例和一个redis exporter。容器网络采用仅主机模式避免NAT转发的复杂性。
version: 3services:redis-server:image: redis:7.2.4network_mode: hostcontainer_name: redis-serverrestart: unless-stopped#ports:# - 6379:6379environment:TZ: Asia/Shanghaicommand: [/conf/redis.conf]volumes:- ./conf/:/conf/- ./data/:/data/redis-sentinel:image: redis:7.2.4network_mode: hostcontainer_name: redis-sentinelrestart: unless-stoppedenvironment:TZ: Asia/Shanghai#ports:# - 26379:26379command: [/conf/sentinel.conf,--sentinel]volumes:- ./conf/:/conf/redis-exporter:image: oliver006/redis_exporternetwork_mode: hostrestart: unless-stoppedenvironment:TZ: Asia/ShanghaiREDIS_ADDR: redis://localhost:6379REDIS_USER: redis_monitorREDIS_PASSWORD: Monpass_xxxx# ports:# - 9121:9121redis exporter本地部署
如果没有现成的redis exporter镜像可以采用本地部署并注释掉docker compose文件中的对应内容。
直接下载二进制安装包
cd /opt
wget https://github.com/oliver006/redis_exporter/releases/download/v1.58.0/redis_exporter-v1.58.0.linux-amd64.tar.gztar -xvf redis_exporter-v1.58.0.linux-amd64.tar.gz
cd redis_exporter
./redis_exporter --redis.addrredis://localhost:6379 --redis.userredis_monitor --redis.passwordMonpass_xxxx检查redis exporter采集到的数据
curl -X GET http://localhost:9121/metrics参考https://github.com/oliver006/redis_exporter 准备Redis配置文件
哨兵节点配置文件/opt/docker-compose/redis/conf/sentinel.conf
#port 26379
loglevel verbose
sentinel announce-ip REDIS_SENTINEL_IP
sentinel announce-port 26379
dir /datasentinel monitor SVC_NAME REDIS_SERVER_IP 6379 2
sentinel auth-user SVC_NAME sentinel_user
sentinel auth-pass SVC_NAME xxxxxx
sentinel down-after-milliseconds SVC_NAME 15000其中SVC_NAME是自定义的哨兵集群服务名。由于数据库实例和哨兵实例都部署在同一台服务器上REDIS_SENTINEL_IP和REDIS_SERVER_IP可以都填写本地宿主机IP。
数据库节点配置文件/opt/docker-compose/redis/conf/redis.conf
bind 0.0.0.0
#port 6379
timeout 3600
tcp-keepalive 300
loglevel notice
databases 16save 600 100
save 120 10000
save 7200 1dir /data
masteruser username # 主从复制用户
masterauth passwordreplica-read-only yes
#min-replicas-to-write 3
#min-replicas-max-lag 10replica-announce-ip REDIS_SERVER_IP
replica-announce-port 6379
aclfile /conf/users.aclmaxclients 10000
maxmemory 10gb
maxmemory-policy noevictionappendonly yes
appendfsync everysec
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mbACL用户权限配置
配置好管理员用户、监控用户、sentinel用户、主从复制用户、以及应用用户。
在redis.conf中配置aclfile参数ACL文件conf/users.acl示例如下
user default off nopass * -all
user root on Rootpass_xxxx allkeys allchannels all
user redis_monitor on Monpass_xxxx client ping info config|get cluster|info slowlog latency memory select get scan xinfo type pfcount strlen llen scard zcard hlen xlen eval allkeys
user sentinel_user on Senpass_xxxx allchannels multi slaveof ping exec subscribe config|rewrite role publish info client|setname client|kill script|kill
user replica_user on Replpass_xxxx psync replconf ping
user appuser on Apppass_xxxx allkeys allchannels all -admin -dangerous导入ACL文件配置
# 列出已有的用户权限清单
docker exec -it redis-server redis-cli acl list# 导入ACL文件中的用户权限配置
docker exec -it redis-server redis-cli acl loaddocker exec -it redis-server redis-cli acl list参考https://redis.io/docs/management/security/acl/#create-and-edit-user-acls-with-the-acl-setuser-command Linux内核参数优化
修改Linux内核参数
sed -i /vm.overcommit_memory/d /etc/sysctl.conf
echo vm.overcommit_memory 1 /etc/sysctl.conf
echo net.core.somaxconn2048 /etc/sysctl.conf
sysctl -p禁用透明大页
cat EOF /etc/rc.d/rc.local
if test -f /sys/kernel/mm/transparent_hugepage/enabled; thenecho never /sys/kernel/mm/transparent_hugepage/enabled
fi
EOFchmod x /etc/rc.d/rc.local编辑/etc/security/limits.conf和/etc/security/limits.d/90-nproc.conf添加以下配置
* soft core unlimited
* hard core unlimited
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
* hard nproc 65536最后重启服务器生效。
启停Redis实例
修改文件权限
cd /opt/docker-compose/
chown -R polkitd:root redis/在docker-compose.yml文件所在路径下执行以下命令来启停单个节点上的REDIS实例。
#启动容器
cd /opt/docker-compose/redis docker-compose up -d#停止容器
cd /opt/docker-compose/redis docker-compose stop主从复制配置
将当前节点redis实例配置为172.x.x.11上的实例的从实例
docker exec -it redis-server redis-cli --user xx -a xxxxxx replicaof 172.x.x.11 6379也可以把replicaof 172.x.x.11 6379配置到从实例的redis.conf文件中。
检查各节点角色和同步状态
docker exec -it redis-server redis-cli --user xx -a xxxxxx -h 172.x.x.11 -p 6379 info replication
docker exec -it redis-server redis-cli --user xx -a xxxxxx -h 172.x.x.12 -p 6379 info replication
docker exec -it redis-server redis-cli --user xx -a xxxxxx -h 172.x.x.13 -p 6379 info replication测试主从切换
# 停止172.x.x.11上的主实例
docker stop redis-server# 检查哨兵节点日志输出
docker logs -fn100 redis-sentinel# 输出以下日志内容表示发生了故障转移
...
1:X 01 Jun 2020 17:31:50.435 # sdown master mymaster 172.x.x.11 6379 # -主实例客观宕机
1:X 01 Jun 2020 17:31:50.458 # new-epoch 4
1:X 01 Jun 2020 17:31:50.460 # vote-for-leader 79c1f8276a8fedd78a9f987da8c85fce0ea7f751 4
1:X 01 Jun 2020 17:31:50.527 # odown master mymaster 172.x.x.11 6379 #quorum 3/2 # -主实例主观宕机
1:X 01 Jun 2020 17:31:50.527 # Next failover delay: I will not start a failover before Mon Jun 1 17:37:50 2020
1:X 01 Jun 2020 17:31:51.708 # config-update-from sentinel 79c1f8276a8fedd78a9f987da8c85fce0ea7f751 172.x.x.12 26379 mymaster 172.x.x.11 6379
1:X 01 Jun 2020 17:31:51.708 # switch-master mymaster 172.x.x.11 6379 172.x.x.12 6379 # -主实例地址发生切换
1:X 01 Jun 2020 17:31:51.708 * slave slave 172.x.x.13:6379 172.x.x.13 6379 mymaster 172.x.x.12 6379
1:X 01 Jun 2020 17:31:51.708 * slave slave 172.x.x.11:6379 172.x.x.11 6379 mymaster 172.x.x.12 6379
...上面的信息表示主实例从172.x.x.11切换到了172.x.x.12。
主从切换后主从节点的sentinel.conf中的replicaof参数会发生变化相应的epoch参数也会自动1。
References 【1】https://www.codenong.com/cs106478941/ 【2】https://lipeng1667.github.io/2021/06/21/set-up-redis-with-replication-and-sentinel-using-docker-compose/
