搜索到
154
篇与
的结果
-
ArgoCD部署 一、安装Argo CD 1.1创建nskubectl create namespace argocd1.2安装argocdkubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml注意事项:默认下载的是最新版argocd,安装argocd时,务必参阅支持的k8s版本列表,否则会出现安装失败pod运行异常的情况。 参考文档:https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions 由于k8s集群版本为1.27.6。因此安装的argo cd版本为2.11.3,yaml文件地址:https://github.com/argoproj/argo-cd/blob/v2.11.3/manifests/install.yaml执行成功后会在argocd的namespace下创建如下资源。 root@k8s-01:~/argocd# kubectl get all -n argocd NAME READY STATUS RESTARTS AGE pod/argocd-application-controller-0 1/1 Running 0 4m9s pod/argocd-applicationset-controller-7c75857ff5-9lrzm 1/1 Running 0 4m9s pod/argocd-dex-server-7496f974df-p9ms2 1/1 Running 0 92s pod/argocd-notifications-controller-66f486587f-grsgd 1/1 Running 0 4m9s pod/argocd-redis-544dbfdbc5-sbvn8 1/1 Running 0 4m9s pod/argocd-repo-server-87d6bf9b7-txql5 1/1 Running 0 4m9s pod/argocd-server-b54fdb74d-jsfwr 1/1 Running 0 4m9s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/argocd-applicationset-controller ClusterIP 10.108.48.9 <none> 7000/TCP,8080/TCP 4m9s service/argocd-dex-server ClusterIP 10.104.66.145 <none> 5556/TCP,5557/TCP,5558/TCP 4m9s service/argocd-metrics ClusterIP 10.110.242.240 <none> 8082/TCP 4m9s service/argocd-notifications-controller-metrics ClusterIP 10.108.2.224 <none> 9001/TCP 4m9s service/argocd-redis ClusterIP 10.111.74.193 <none> 6379/TCP 4m9s service/argocd-repo-server ClusterIP 10.111.94.151 <none> 8081/TCP,8084/TCP 4m9s service/argocd-server ClusterIP 10.102.209.251 <none> 80/TCP,443/TCP 4m9s service/argocd-server-metrics ClusterIP 10.99.167.144 <none> 8083/TCP 4m9s NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/argocd-applicationset-controller 1/1 1 1 4m9s deployment.apps/argocd-dex-server 1/1 1 1 4m9s deployment.apps/argocd-notifications-controller 1/1 1 1 4m9s deployment.apps/argocd-redis 1/1 1 1 4m9s deployment.apps/argocd-repo-server 1/1 1 1 4m9s deployment.apps/argocd-server 1/1 1 1 4m9s NAME DESIRED CURRENT READY AGE replicaset.apps/argocd-applicationset-controller-7c75857ff5 1 1 1 4m9s replicaset.apps/argocd-dex-server-7496f974df 1 1 1 4m9s replicaset.apps/argocd-notifications-controller-66f486587f 1 1 1 4m9s replicaset.apps/argocd-redis-544dbfdbc5 1 1 1 4m9s replicaset.apps/argocd-repo-server-87d6bf9b7 1 1 1 4m9s replicaset.apps/argocd-server-b54fdb74d 1 1 1 4m9s NAME READY AGE statefulset.apps/argocd-application-controller 1/1 4m9s root@k8s-01:~/argocd# 二、web访问argocd访问Argo server的方式有两种: 1. 通过web ui 2. 使用argocd 客户端工具2.1访问web ui(NodePort方式)通过kubectl edit -n argocd svc argocd-server将service的type类型从ClusterIP改为NodePort。改完后通过以下命令查看端口:root@k8s-01:~/argocd# kubectl get svc -n argocd NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE argocd-applicationset-controller ClusterIP 10.108.48.9 <none> 7000/TCP,8080/TCP 9m34s argocd-dex-server ClusterIP 10.104.66.145 <none> 5556/TCP,5557/TCP,5558/TCP 9m34s argocd-metrics ClusterIP 10.110.242.240 <none> 8082/TCP 9m34s argocd-notifications-controller-metrics ClusterIP 10.108.2.224 <none> 9001/TCP 9m34s argocd-redis ClusterIP 10.111.74.193 <none> 6379/TCP 9m34s argocd-repo-server ClusterIP 10.111.94.151 <none> 8081/TCP,8084/TCP 9m34s argocd-server ClusterIP 10.102.209.251 <none> 80/TCP,443/TCP 9m34s argocd-server-metrics ClusterIP 10.99.167.144 <none> 8083/TCP 9m34s root@k8s-01:~/argocd# root@k8s-01:~/argocd# root@k8s-01:~/argocd# root@k8s-01:~/argocd# root@k8s-01:~/argocd# kubectl edit -n argocd svc argocd-serve Error from server (NotFound): services "argocd-serve" not found root@k8s-01:~/argocd# kubectl edit -n argocd svc argocd-server service/argocd-server edited root@k8s-01:~/argocd# kubectl get svc -n argocd NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE argocd-applicationset-controller ClusterIP 10.108.48.9 <none> 7000/TCP,8080/TCP 12m argocd-dex-server ClusterIP 10.104.66.145 <none> 5556/TCP,5557/TCP,5558/TCP 12m argocd-metrics ClusterIP 10.110.242.240 <none> 8082/TCP 12m argocd-notifications-controller-metrics ClusterIP 10.108.2.224 <none> 9001/TCP 12m argocd-redis ClusterIP 10.111.74.193 <none> 6379/TCP 12m argocd-repo-server ClusterIP 10.111.94.151 <none> 8081/TCP,8084/TCP 12m argocd-server NodePort 10.102.209.251 <none> 80:31232/TCP,443:32542/TCP 12m argocd-server-metrics ClusterIP 10.99.167.144 <none> 8083/TCP 12m https://192.168.30.180:31232/2.2获取admin密码用户名为admin,密码通过以下方式获取。 root@k8s-01:~/argocd# kubectl get secrets argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -d DCg5oVXU8Xd-rNMW root@k8s-01:~/argocd# 2.3访问web ui(ingress方式)访问web ui必须使用https方式访问,以traefik为例,创建ingressroute资源 # 创建证书文件 root@k8s-01:~/argocd# kubectl get secrets argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 -d DCg5oVXU8Xd-rNMWroot@kopenssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=argocd.local.com"rgocd.local.com" ..+..........+......+..+...+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+......+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+.+...+.....+....+...+..+...+....+...+..................+...+...............+.....+.+...+......+.........+..+...+.+.....+.+......+..+.............+............+..+....+.....+....+....................+..........+.....+...+...+.+.........+.....+......+.+..+.......+......+........+.+.....+.............+..+.............+.....+.+......+......+.....+.........+.+..+............+....+..+...+.+...+..+..........+...........+...+....+......+......+...+.....+.+..+........................+.+..+.............+..+.+.........+...+..+......+.+.....+.+..............+......+....+...+...........+..........+..+.........+...+.............+..+.+.....+......+...+......+....+......+.........+.....+.+..+.........................+..+............+.+...+......+...........+....+...+........+...+.+.....+......+...+.........+...+.......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ..........+...+..........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+....+.....+.+.........+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ----- root@k8s-01:~/argocd# kubectl create secret tls argocd-tls --cert=tls.crt --key=tls.key -n argocd secret/argocd-tls created root@k8s-01:~/argocd# kubectl describe secrets argocd-tls -n argocd Name: argocd-tls Namespace: argocd Labels: <none> Annotations: <none> Type: kubernetes.io/tls Data ==== tls.crt: 1131 bytes tls.key: 1704 bytes #创建ingress资源 root@k8s-01:~/argocd# cat ingress.yaml apiVersion: traefik.io/v1alpha1 kind: ServersTransport metadata: name: argocd-transport namespace: argocd spec: serverName: "argocd.local.com" insecureSkipVerify: true --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: argocd-tls namespace: argocd spec: entryPoints: - websecure routes: - match: Host(`argocd.local.com`) kind: Rule services: - name: argocd-server port: 443 serversTransport: argocd-transport tls: secretName: argocd-tls root@k8s-01:~/argocd# kubectl apply -f ingress.yaml serverstransport.traefik.io/argocd-transport created ingressroute.traefik.io/argocd-tls created添加hosts解析记录 192.168.30.180 argocd.local.com三、客户端工具访问argocd 3.1下载argocd客户端工具root@k8s-01:~/argocd# ls argocd-linux-amd64 ingress.yaml install.yaml tls.crt tls.key root@k8s-01:~/argocd# mv argocd-linux-amd64 /usr/local/bin/argocd root@k8s-01:~/argocd# chmod u+x /usr/local/bin/argocd root@k8s-01:~/argocd# argocd version argocd: v2.11.3+3f344d5 BuildDate: 2024-06-06T08:42:00Z GitCommit: 3f344d54a4e0bbbb4313e1c19cfe1e544b162598 GitTreeState: clean GoVersion: go1.21.9 Compiler: gc Platform: linux/amd64 FATA[0000] Argo CD server address unspecified 3.2客户端工具登录argocdroot@k8s-01:~/argocd# argocd login argocd.local.com:30443 --username admin --password DCg5oVXU8Xd-rNMW WARNING: server certificate had error: tls: failed to verify certificate: x509: certificate relies on legacy Common Name field, use SANs instead. Proceed insecurely (y/n)? y WARN[0020] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web. 'admin:login' logged in successfully Context 'argocd.local.com:30443' updated 3.3修改密码root@k8s-01:~/argocd# argocd account update-password --account admin --current-password DCg5oVXU8Xd-rNMW --new-password '30044844Abc@' WARN[0000] Failed to invoke grpc call. Use flag --grpc-web in grpc calls. To avoid this warning message, use flag --grpc-web. Password updated Context 'argocd.local.com:30443' updated -
ArgoCD简介 一、ArgoCD简介Argo CD 是 Kubernetes 生态中非常受欢迎的 GitOps 工具。Argo CD 可以整合我们的代码仓库,轻松定义一组应用程序,并在多 Kubernetes 集群中轻松部署我们定义的应用程序,部署完成之后 Argo CD 可以持续监控应用的状态,根据我们对应用的声明捕捉偏移,进行持续的部署。二、工作流程 1. Argo CD 从 Git Repo 拉取应用的配置,部署在 Kubernetes 集群中。 2. 当有人新增功能时,提交一个 Pull Requests 到 Git Repo 修改应用的部署配置,等待合并。 3. 在 Pull Requests 合并之后,通过 Webhook 触发 Argo CD 执行更新操作。 4. 应用得到更新,发送通知三、架构组件 在 Argo CD 的处理逻辑中,定义了四个组件: 1. Event Source,接入各种事件消息 2. Sensor,将消息转换为触发的动作 3. Eventbus,消息订阅路由系统 4. Trigger,触发外部的实际动作对于运维人员,需要了解的主要是两点: Argo CD 可以处理什么事件? AMQP、AWS SNS、AWS SQS、Cron Schedules、GCP PubSub、GitHub、GitLab、HDFS、File Based Events、Kafka、Minio、NATS、MQTT、K8s Resources、Slack、NetApp StorageGrid、Webhooks、Stripe、NSQ、Emitter、Redis、Azure Events Hub Argo CD 可以处理执行哪些动作? Argo Workflows、Standard K8s Objects、HTTP Requests、AWS Lambda、NATS Messages、Kafka Messages、Slack Notifications、Argo Rollouts CR、Custom / Build Your Own Triggers、Apache OpenWhisk四、ArgoCD部署方式
-
thingsboard 安装部署 一、安装 Java (OpenJDK 17)#ThingsBoard 3.x+ 需要 Java 11 或更高版本。Rocky Linux 9 仓库默认提供 OpenJDK 17。 sudo dnf install -y java-17-openjdk-devel #验证安装 java -version二、安装postgresql#如果有服务端的话 安装客户端即可 sudo dnf install postgresql #ThingsBoard 使用 PostgreSQL 作为主数据库。Rocky Linux 9 默认仓库提供较新版本的 PostgreSQL(如 13 或更高)。 #安装 PostgreSQL Server & Client sudo dnf install -y postgresql-server postgresql-contrib #初始化数据库(如果尚未初始化) sudo postgresql-setup --initdb --unit postgresql #启动并启用 PostgreSQL 服务 sudo systemctl enable postgresql sudo systemctl start postgresql 三、创建 ThingsBoard 数据库和用户[root@localhost ~]# psql -h 192.168.30.23 -p 5432 -U postgres Password for user postgres: psql (13.20, server 12.22) Type "help" for help. postgres=# CREATE USER thingsboard WITH PASSWORD 'axing123456'; CREATE ROLE postgres=# CREATE DATABASE thingsboard WITH OWNER thingsboard; CREATE DATABASE postgres=# GRANT ALL PRIVILEGES ON DATABASE thingsboard TO thingsboard; GRANT postgres=# \q -- 创建一个名为 thingsboard 的新用户(role),并设置密码(请替换 'PUT_YOUR_STRONG_PASSWORD_HERE' 为强密码!) CREATE USER thingsboard WITH PASSWORD 'PUT_YOUR_STRONG_PASSWORD_HERE'; -- 创建一个名为 thingsboard 的新数据库,并指定所有者(owner)为刚刚创建的 thingsboard 用户 CREATE DATABASE thingsboard WITH OWNER thingsboard; -- 授予新用户所有权限 (通常 CREATE USER 和 CREATE DATABASE 已隐含足够权限,此步可选但推荐) GRANT ALL PRIVILEGES ON DATABASE thingsboard TO thingsboard; -- 退出 psql \q四、配置 ThingsBoard 存储库#下载地址 https://github.com/thingsboard/thingsboard/releases/tag/v3.9 #安装 [root@rabbit3 ~]# ls anaconda-ks.cfg mq redis.tar thingsboard-3.9.rpm [root@rabbit3 ~]# sudo dnf install -y ./thingsboard-3.9.rpm 五、初始化数据库 Schema#执行 vi /usr/share/thingsboard/conf/thingsboard.yml 修改postgresql连接地址和账号密码[root@rabbit3 ~]# sudo /usr/share/thingsboard/bin/install/install.sh --loadDemo OpenJDK 64-Bit Server VM warning: Option UseBiasedLocking was deprecated in version 15.0 and will likely be removed in a future release. ______ __ _ ____ __ /_ __/ / /_ (_) ____ ____ _ _____ / __ ) ____ ____ _ _____ ____/ / / / / __ \ / / / __ \ / __ `/ / ___/ / __ | / __ \ / __ `/ / ___/ / __ / / / / / / / / / / / / / / /_/ / (__ ) / /_/ / / /_/ // /_/ / / / / /_/ / /_/ /_/ /_/ /_/ /_/ /_/ \__, / /____/ /_____/ \____/ \__,_/ /_/ \__,_/ /____/ =================================================== :: ThingsBoard :: (v3.9.0) =================================================== Starting ThingsBoard Installation... Installing DataBase schema for entities... Installing SQL DataBase schema part: schema-entities.sql Installing SQL DataBase schema indexes part: schema-entities-idx.sql Installing SQL DataBase schema PostgreSQL specific indexes part: schema-entities-idx-psql-addon.sql Installing SQL DataBase schema views and functions: schema-views-and-functions.sql Successfully executed query: DROP VIEW IF EXISTS device_info_view CASCADE; Successfully executed query: CREATE OR REPLACE VIEW device_info_view AS SELECT * FROM device_info_active_attribute_view; Installing DataBase schema for timeseries... Installing SQL DataBase schema part: schema-ts-psql.sql Successfully executed query: CREATE TABLE IF NOT EXISTS ts_kv_indefinite PARTITION OF ts_kv DEFAULT; Loading system data... Creating JWT admin settings... Loading system widgets Loading system SCADA symbols Creating default notification configs for system admin Creating default notification configs for all tenants Loading system images and resources... Loading demo data... Installation finished successfully! ThingsBoard installed successfully! [root@rabbit3 ~]# sudo systemctl enable thingsboard sudo systemctl start thingsboard #查看状态 [root@rabbit3 ~]# sudo systemctl status thingsboard ● thingsboard.service - thingsboard Loaded: loaded (/usr/lib/systemd/system/thingsboard.service; enabled; preset: disabled) Active: active (running) since Thu 2025-08-14 10:05:16 CST; 3s ago Main PID: 7315 (thingsboard.jar) Tasks: 25 (limit: 48682) Memory: 209.7M CPU: 7.018s CGroup: /system.slice/thingsboard.service ├─7315 /bin/bash /usr/share/thingsboard/bin/thingsboard.jar └─7330 /usr/bin/java -Dsun.misc.URLClassPath.disableJarChecking=true -Dplatform=rpm -Dinstall.data_dir=/usr/share/thingsboard/data "-Xlog:gc*,heap*,age*,safepoint=debug:file=/var/log/thingsboard/gc.log:time,uptime,l> Aug 14 10:05:16 rabbit3 thingsboard.jar[7330]: OpenJDK 64-Bit Server VM warning: Option UseBiasedLocking was deprecated in version 15.0 and will likely be removed in a future release. Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: ______ __ _ ____ __ Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: /_ __/ / /_ (_) ____ ____ _ _____ / __ ) ____ ____ _ _____ ____/ / Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: / / / __ \ / / / __ \ / __ `/ / ___/ / __ | / __ \ / __ `/ / ___/ / __ / Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: / / / / / / / / / / / / / /_/ / (__ ) / /_/ / / /_/ // /_/ / / / / /_/ / Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: /_/ /_/ /_/ /_/ /_/ /_/ \__, / /____/ /_____/ \____/ \__,_/ /_/ \__,_/ Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: /____/ Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: =================================================== Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: :: ThingsBoard :: (v3.9.0) Aug 14 10:05:18 rabbit3 thingsboard.jar[7330]: =================================================== 六、访问webhttp://192.168.30.26:8080/ 系统管理员: Username: tenant@thingsboard.org Password: tenant 租户管理员: Username: customer@thingsboard.org Password: customer (重要!) 首次登录后立即更改这些默认密码!#日志查看 sudo tail -f /var/log/thingsboard/thingsboard.log
-
keycloak安装 一、关闭防火墙sudo systemctl stop firewalld sudo systemctl disable firewalld二、准备工作 2.1安装postgres略过2.2必要工具sudo dnf install -y wget unzip java-17-openjdk-devel2.3安装 Java 17# 检查 Java 版本 java -version # 应显示 OpenJDK 17 # 设置默认 Java sudo alternatives --config java2.4下载 Keycloak# 创建安装目录 sudo mkdir -p /opt/keycloak sudo chown `whoami` /opt/keycloak # 下载最新版(以 Keycloak 22.0.5 为例) wget https://github.com/keycloak/keycloak/releases/download/22.0.5/keycloak-22.0.5.zip unzip keycloak-22.0.5.zip -d /opt/keycloak mv /opt/keycloak/keycloak-22.0.5/* /opt/keycloak/2.5创建专用用户sudo useradd -r -s /sbin/nologin keycloak sudo chown -R keycloak:keycloak /opt/keycloak2.6配置 PostgreSQL 数据库 如果在别的节点已经部署过了 略过这步# 安装 PostgreSQL sudo dnf install -y postgresql-server # 初始化数据库 sudo postgresql-setup --initdb # 启动服务 sudo systemctl enable postgresql --now # 创建 Keycloak 数据库和用户 sudo -u postgres psql <<EOF CREATE USER keycloak WITH PASSWORD 'axing123456'; CREATE DATABASE keycloak OWNER keycloak; GRANT ALL PRIVILEGES ON DATABASE keycloak TO keycloak; EOF2.7配置 Keycloakcd /opt/keycloak/conf vim keycloak.conf# 主机名 hostname=k8s-02 # 数据库配置 (Quarkus格式) quarkus.datasource.db-kind=postgresql quarkus.datasource.jdbc.driver=org.postgresql.Driver quarkus.datasource.jdbc.url=jdbc:postgresql://192.168.30.23:5432/keycloak quarkus.datasource.username=keycloak quarkus.datasource.password=axing123456 # 网络设置 http-host=0.0.0.0 http-port=32399 hostname-strict=false hostname-strict-https=false http-enabled=true # 设置上下文路径为 /auth http-relative-path=/auth # 启用 Token Exchange features=token-exchange # 开启客户端凭据授权 (Token Exchange 需要) oidc-client-credentials-grant-enabled=true # 启用域间 Token Exchange token-exchange-enabled=true三、创建 Systemd 服务 3.1配置sudo vim /etc/systemd/system/keycloak.service[Unit] Description=Keycloak Service After=network.target postgresql.service [Service] User=keycloak Group=keycloak ExecStart=/opt/keycloak/bin/kc.sh start --optimized WorkingDirectory=/opt/keycloak Restart=always RestartSec=30 Environment="KEYCLOAK_ADMIN=admin" Environment="KEYCLOAK_ADMIN_PASSWORD=axing123456" [Install] WantedBy=multi-user.target 3.2配置时间时区# 创建配置文件目录 sudo mkdir -p /etc/systemd/system/keycloak.service.d/ # 创建时区配置文件 sudo tee /etc/systemd/system/keycloak.service.d/timezone.conf <<EOF [Service] Environment="JAVA_TOOL_OPTIONS=-Duser.timezone=Asia/Shanghai" EOF # 重新加载 systemd sudo systemctl daemon-reload3.3 启动服务sudo systemctl daemon-reload sudo systemctl enable keycloak sudo systemctl start keycloak3.4其他# 从Keycloak服务器测试连接 PGPASSWORD="axing123456" psql -U keycloak -h 192.168.30.23 -p 5432 -d keycloak -c "SELECT version();" #测试上下文 curl http://192.168.30.21:32399/realms/master/.well-known/openid-configuration curl http://localhost:32399/realms/master/.well-known/openid-configuration
-
redis集群部署 一、关闭防火墙sudo systemctl stop firewalld sudo systemctl disable firewalld二、修改配置文件[root@rabbit2 redis]# cat docker-compose.yaml version: '3.3' services: redis6001: image: redis:6.2.6 container_name: redis6001 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6001/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6001/data:/data ports: - "6001:6001" - "16001:16001" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6002: image: redis:6.2.6 container_name: redis6002 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6002/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6002/data:/data ports: - "6002:6002" - "16002:16002" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6003: image: redis:6.2.6 container_name: redis6003 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6003/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6003/data:/data ports: - "6003:6003" - "16003:16003" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6004: image: redis:6.2.6 container_name: redis6004 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6004/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6004/data:/data ports: - "6004:6004" - "16004:16004" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6005: image: redis:6.2.6 container_name: redis6005 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6005/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6005/data:/data ports: - "6005:6005" - "16005:16005" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' redis6006: image: redis:6.2.6 container_name: redis6006 restart: always command: ["redis-server", "/usr/local/etc/redis/redis.conf"] volumes: - ./6006/conf/redis.conf:/usr/local/etc/redis/redis.conf - ./6006/data:/data ports: - "6006:6006" - "16006:16006" environment: # 设置时区为上海,否则时间会有问题 - TZ=Asia/Shanghai logging: options: max-size: '100m' max-file: '10' networks: app_net: external: true [root@rabbit2 redis]# cat redis-cluster.tmpl # redis端口 port ${PORT} #redis 访问密码 requirepass 7hGtW#eCx5#Pu#FXRf#gFHSo #redis 访问Master节点密码 masterauth 7hGtW#eCx5#Pu#FXRf#gFHSo # 关闭保护模式 protected-mode no # 开启集群 cluster-enabled yes # 集群节点配置 cluster-config-file nodes.conf # 超时 cluster-node-timeout 5000 # 集群节点IP host模式为宿主机IP cluster-announce-ip 192.168.30.25 # 集群节点端口,bus-port比port大1000 cluster-announce-port ${PORT} cluster-announce-bus-port 1${PORT} # 开启 appendonly 备份模式 appendonly yes # 每秒钟备份 appendfsync everysec # 对aof文件进行压缩时,是否执行同步操作 no-appendfsync-on-rewrite no # 当目前aof文件大小超过上一次重写时的aof文件大小的100%时会再次进行重写 auto-aof-rewrite-percentage 100 # 重写前AOF文件的大小最小值 默认 64mb auto-aof-rewrite-min-size 64mb # 日志配置 # debug:会打印生成大量信息,适用于开发/测试阶段 # verbose:包含很多不太有用的信息,但是不像debug级别那么混乱 # notice:适度冗长,适用于生产环境 # warning:仅记录非常重要、关键的警告消息 loglevel notice # 日志文件路径 logfile "/data/redis.log" [root@rabbit2 redis]# cat redis-cluster-config.sh for port in `seq $1 $2`; do \ mkdir -p ./${port}/conf \ && PORT=${port} envsubst < ./redis-cluster.tmpl > ./${port}/conf/redis.conf \ && mkdir -p ./${port}/data; \ done 三、加入集群[root@rabbit2 redis]# bash ./redis-cluster-config.sh 6001 6006 [root@rabbit2 redis]# ls 6001 6002 6003 6004 6005 6006 docker-compose.yaml redis-cluster-config.sh redis-cluster.tmpl [root@rabbit2 redis]# chmod -R +777 ./6001 [root@rabbit2 redis]# chmod -R +777 ./6002 [root@rabbit2 redis]# chmod -R +777 ./6003 [root@rabbit2 redis]# chmod -R +777 ./6004 [root@rabbit2 redis]# chmod -R +777 ./6005 [root@rabbit2 redis]# chmod -R +777 ./6006 [root@rabbit2 redis]# ls 6001 6002 6003 6004 6005 6006 docker-compose.yaml redis-cluster-config.sh redis-cluster.tmpl [root@rabbit2 redis]# vi redis-cluster.tmpl [root@rabbit2 redis]# port ${PORT} -bash: port: command not found [root@rabbit2 redis]# vi docker-compose.yaml [root@rabbit2 redis]# vi redis-cluster.tmpl [root@rabbit2 redis]# docker-compose down [root@rabbit2 redis]# docker-compose up -d [+] Running 6/7 ⠋ Network redis_default Created 1.1s ✔ Container redis6001 Started 0.8s ✔ Container redis6003 Started 1.0s ✔ Container redis6002 Started 1.0s ✔ Container redis6005 Started 0.5s ✔ Container redis6004 Started 0.9s ✔ Container redis6006 Started 0.8s [root@rabbit2 redis]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 5b8722bbcb37 redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6004->6004/tcp, [::]:6004->6004/tcp, 0.0.0.0:16004->16004/tcp, [::]:16004->16004/tcp, 6379/tcp redis6004 e1e91fded2ad redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6005->6005/tcp, [::]:6005->6005/tcp, 0.0.0.0:16005->16005/tcp, [::]:16005->16005/tcp, 6379/tcp redis6005 f9010b959cd1 redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6001->6001/tcp, [::]:6001->6001/tcp, 0.0.0.0:16001->16001/tcp, [::]:16001->16001/tcp, 6379/tcp redis6001 258f08b79453 redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6003->6003/tcp, [::]:6003->6003/tcp, 0.0.0.0:16003->16003/tcp, [::]:16003->16003/tcp, 6379/tcp redis6003 04d79831176e redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6006->6006/tcp, [::]:6006->6006/tcp, 0.0.0.0:16006->16006/tcp, [::]:16006->16006/tcp, 6379/tcp redis6006 ef30d93d3223 redis:6.2.6 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:6002->6002/tcp, [::]:6002->6002/tcp, 0.0.0.0:16002->16002/tcp, [::]:16002->16002/tcp, 6379/tcp redis6002 f1bdda1a4069 redis:6.2.6 "docker-entrypoint.s…" 12 minutes ago Up 12 minutes 6379/tcp relaxed_mayer b4dab98879a6 rabbitmq:3.9.0-management "docker-entrypoint.s…" About an hour ago Up 59 minutes rabbitmq [root@rabbit2 redis]# docker run -it --rm --network host redis:6.2.6 \ redis-cli -a '7hGtW#eCx5#Pu#FXRf#gFHSo' --cluster create \ 192.168.30.25:6001 192.168.30.25:6002 192.168.30.25:6003 \ 192.168.30.25:6004 192.168.30.25:6005 192.168.30.25:6006 \ --cluster-replicas 1 Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe. >>> Performing hash slots allocation on 6 nodes... Master[0] -> Slots 0 - 5460 Master[1] -> Slots 5461 - 10922 Master[2] -> Slots 10923 - 16383 Adding replica 192.168.30.25:6005 to 192.168.30.25:6001 Adding replica 192.168.30.25:6006 to 192.168.30.25:6002 Adding replica 192.168.30.25:6004 to 192.168.30.25:6003 >>> Trying to optimize slaves allocation for anti-affinity [WARNING] Some slaves are in the same host as their master M: 50654b9d91a28d7ed8e9327cbd218b40d05e0135 192.168.30.25:6001 slots:[0-5460] (5461 slots) master M: ee12edf412044f81ce55b93b686505c300e121f7 192.168.30.25:6002 slots:[5461-10922] (5462 slots) master M: 1fe3b80e312eea1fec18c41712295f5d623debd7 192.168.30.25:6003 slots:[10923-16383] (5461 slots) master S: 95301b0852b5239991119c10dd06b1bf0d96268f 192.168.30.25:6004 replicates ee12edf412044f81ce55b93b686505c300e121f7 S: d0d9ebbddd63acc4675634f67358ee0e214598dc 192.168.30.25:6005 replicates 1fe3b80e312eea1fec18c41712295f5d623debd7 S: 8a62664439a5be16439d3b293f5a9ca2b7be09a7 192.168.30.25:6006 replicates 50654b9d91a28d7ed8e9327cbd218b40d05e0135 Can I set the above configuration? (type 'yes' to accept): yes >>> Nodes configuration updated >>> Assign a different config epoch to each node >>> Sending CLUSTER MEET messages to join the cluster Waiting for the cluster to join . >>> Performing Cluster Check (using node 192.168.30.25:6001) M: 50654b9d91a28d7ed8e9327cbd218b40d05e0135 192.168.30.25:6001 slots:[0-5460] (5461 slots) master 1 additional replica(s) S: 8a62664439a5be16439d3b293f5a9ca2b7be09a7 192.168.30.25:6006 slots: (0 slots) slave replicates 50654b9d91a28d7ed8e9327cbd218b40d05e0135 M: ee12edf412044f81ce55b93b686505c300e121f7 192.168.30.25:6002 slots:[5461-10922] (5462 slots) master 1 additional replica(s) M: 1fe3b80e312eea1fec18c41712295f5d623debd7 192.168.30.25:6003 slots:[10923-16383] (5461 slots) master 1 additional replica(s) S: d0d9ebbddd63acc4675634f67358ee0e214598dc 192.168.30.25:6005 slots: (0 slots) slave replicates 1fe3b80e312eea1fec18c41712295f5d623debd7 S: 95301b0852b5239991119c10dd06b1bf0d96268f 192.168.30.25:6004 slots: (0 slots) slave replicates ee12edf412044f81ce55b93b686505c300e121f7 [OK] All nodes agree about slots configuration. >>> Check for open slots... >>> Check slots coverage... [OK] All 16384 slots covered. [root@rabbit2 redis]# [root@rabbit2 redis]# [root@rabbit2 redis]# docker run -it --rm redis:6.2.6 redis-cli -a '7hGtW#eCx5#Pu#FXRf#gFHSo' -h 192.168.30.25 -p 6001 cluster info Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe. cluster_state:ok cluster_slots_assigned:16384 cluster_slots_ok:16384 cluster_slots_pfail:0 cluster_slots_fail:0 cluster_known_nodes:6 cluster_size:3 cluster_current_epoch:6 cluster_my_epoch:1 cluster_stats_messages_ping_sent:539 cluster_stats_messages_pong_sent:531 cluster_stats_messages_sent:1070 cluster_stats_messages_ping_received:526 cluster_stats_messages_pong_received:539 cluster_stats_messages_meet_received:5 cluster_stats_messages_received:1070
