Docker------redis主従+歩哨モード

redis主従+哨兵モード

一、構築redis主従

1、プロファイルの作成

2、docker起動命令

3、検証主従状態

二、sentinel哨兵集団の構築

1、哨兵配置書類

2、哨兵集団起動命令

2.1、起動命令は以下の通り:

2.2、哨兵起動後の配置書類の変化

三、検証高可用性

1、アナログマスターノードダウン

2、停止したマスターノードを再起動

哨兵全配置

一、redis主従を構築する
1、プロファイルの作成
メインノード:redis.conf

bind 0.0.0.0
daemonize no
pidfile "/var/run/redis.pid"
port 6380
timeout 300
loglevel warning
logfile "redis.log"
databases 16
rdbcompression yes
dbfilename "redis.rdb"
dir "/data"
requirepass "all123456@"
masterauth "all123456@"
maxclients 10000
maxmemory 1000mb
maxmemory-policy allkeys-lru
appendonly yes
appendfsync always

ノード:redis.conf

bind 0.0.0.0
daemonize no
pidfile "/var/run/redis.pid"
port 6380
timeout 300
loglevel warning
logfile "redis.log"
databases 16
rdbcompression yes
dbfilename "redis.rdb"
dir "/data"
requirepass "all123456@"
masterauth "all123456@"
maxclients 10000
maxmemory 1000mb
maxmemory-policy allkeys-lru
appendonly yes
appendfsync always
slaveof 192.168.99.100 6380

注:redis:5.0以降はreplicaofまたはslaveof対応
2、docker起動コマンド

#    
 docker run -d --name redis-master --restart=always -p 6380:6380 \
 -v /root/redis/data/:/data \
 redis:5.0 \
 redis-server  redis.conf

#    
docker run -d --name redis-slaver --restart=always -p 6380:6380 \
-v /root/redis/data/:/data \
redis:5.0 \
redis-server  redis.conf

3、主従状態の検証
メインノードに入ってメインノードのステータスを表示します.メインノードReplication情報は次のとおりです.

[root@centos2 ~]# docker exec -it redis-master bash
root@160fe0654a21:/data# redis-cli -h 127.0.0.1 -p 6380 -a all123456@
Warning: Using a password with '-a' or '-u' option on the command line interface may not be 
127.0.0.1:6380> info replication
# Replication
role:master
connected_slaves:1
slave0:ip=192.168.99.100,port=6380,state=online,offset=196,lag=1
master_replid:3b5a3f441d4fb50668310c25798e341da369aa43
master_replid2:0000000000000000000000000000000000000000
master_repl_offset:196
second_repl_offset:-1
repl_backlog_active:1
repl_backlog_size:1048576
repl_backlog_first_byte_offset:1
repl_backlog_histlen:196

スレーブノード表示スレーブノード状態に入り、スレーブノードReplication情報は以下の通りである.

root@c56f869e9d05:/data# redis-cli -h 127.0.0.1 -p 6380 -a all123456@
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
127.0.0.1:6380> info replication
# Replication
role:slave
master_host:192.168.99.108
master_port:6380
master_link_status:up
master_last_io_seconds_ago:1
master_sync_in_progress:0
slave_repl_offset:672
slave_priority:100
slave_read_only:1
connected_slaves:0
master_replid:3b5a3f441d4fb50668310c25798e341da369aa43
master_replid2:0000000000000000000000000000000000000000
master_repl_offset:672
second_repl_offset:-1
repl_backlog_active:1
repl_backlog_size:1048576
repl_backlog_first_byte_offset:1
repl_backlog_histlen:672

これで主従構築完了
二、sentinel哨兵集団を構築する
1、歩哨配置書類
sentinel.conf

daemonize no
protected-mode no
port 26379
dir "/data"
sentinel monitor mymaster 192.168.99.108 6380 2
sentinel down-after-milliseconds mymaster 10000
sentinel failover-timeout mymaster 180000
sentinel auth-pass mymaster all123456@
sentinel config-epoch mymaster 0
sentinel leader-epoch mymaster 0

2、歩哨集団起動命令
2.1、起動命令は以下の通り:

docker run -d --name sentinel1 --restart=always --net=host -p 26379:26379 \
-v /root/sentinel/sentinel.conf:/data/sentinel.conf \
redis:5.0 redis-sentinel sentinel.conf

docker run -d --name sentinel2 --restart=always --net=host -p 26379:26379 \
-v /root/sentinel/sentinel.conf:/data/sentinel.conf \
redis:5.0 redis-sentinel sentinel.conf

docker run -d --name sentinel3 --restart=always --net=host -p 26379:26379 \
-v /root/sentinel/sentinel.conf:/data/sentinel.conf \
redis:5.0 redis-sentinel sentinel.conf

--net=host歩哨はホストを使わなくても通信できる(同じローカルエリアネットワークの下で)ことを保証しないで、さもなくばknown-sentinel監視するIPアドレスは容器dockerブリッジを起動して自動的に分配するブリッジアドレスで、異なるホスト間は通信できません

sentinel known-sentinel mymaster 172.17.0.3 26379 df892f9d04a7a672b390527cfd4ac386c0727b69

2.2、哨兵起動後の配置書類の変化
最初のsentinel哨兵を起動すると、プロファイルは次のように変更されます.

sentinel.conf
[root@centos2 sentinel]# cat sentinel.conf 
daemonize no
protected-mode no
port 26379
dir "/data"
sentinel myid 9a17dff3f1cd2bbdf09c1efcc18e9a4445d21991
sentinel deny-scripts-reconfig yes
sentinel monitor mymaster 192.168.99.108 6380 2
sentinel down-after-milliseconds mymaster 10000
sentinel auth-pass mymaster all123456@
# Generated by CONFIG REWRITE
sentinel config-epoch mymaster 0
sentinel leader-epoch mymaster 0
sentinel known-replica mymaster 192.168.99.100 6380
sentinel current-epoch 0

2番目のsentinel哨兵を起動した後、配置ファイルは以下のように変更されました.

.....
sentinel known-replica mymaster 192.168.99.100 6380
sentinel known-sentinel mymaster 192.168.99.100 26379 f706e74cf52a0d960c79929e5761f69b2e78c8fb
sentinel current-epoch 0

3番目のsentinel哨兵を起動した後、配置ファイルは以下のように変更されました.

.....
sentinel known-replica mymaster 192.168.99.100 6380
sentinel known-sentinel mymaster 192.168.99.108 26379 9a17dff3f1cd2bbdf09c1efcc18e9a4445d21991
sentinel known-sentinel mymaster 192.168.99.100 26379 f706e74cf52a0d960c79929e5761f69b2e78c8fb
sentinel current-epoch 0

コンフィギュレーションファイルを比較すると、各哨兵は別のコピーノード(ノードから)を監視し、sentinelノード注意--net=hostパラメータを追加しないことを監視し、sentinel哨兵間では互いに発見できないことがわかる.
三、高可用性の検証
1、アナログマスターノードダウンdocker stop redis-mastermasterノードを停止し、スレーブノードReplication情報をモニタし、master_link_down_since_secondsが10になった後、ノードからメインノードになり、フェイルオーバー(哨兵がいない場合でも可能)を完了すると、新しいmasterノードプロファイルを表示すると、replicaof 192.168.99.100 6380がなくなった

127.0.0.1:6380> info replication
.....
master_link_down_since_seconds:10
.....
127.0.0.1:6380> info replication
# Replication
role:master
connected_slaves:1
slave0:ip=192.168.99.108,port=6380,state=online,offset=2182,lag=1
master_replid:abecf83438a7e5fdcf1b236943f1b2c18c505d45
master_replid2:0000000000000000000000000000000000000000
master_repl_offset:2182
second_repl_offset:-1
repl_backlog_active:1
repl_backlog_size:1048576
repl_backlog_first_byte_offset:1
repl_backlog_histlen:2182

哨兵配置ファイルを見るknown-replica監視しているのはさっき停止したメインノードです

daemonize no
protected-mode no
port 26379
dir "/data"
sentinel myid 1852ac0e6796080d6279f3cdabe66f341e3b26ef
sentinel deny-scripts-reconfig yes
sentinel monitor mymaster 192.168.99.100 6380 2
sentinel down-after-milliseconds mymaster 10000
sentinel auth-pass mymaster all123456@
# Generated by CONFIG REWRITE
sentinel config-epoch mymaster 1
sentinel leader-epoch mymaster 1
sentinel known-replica mymaster 192.168.99.108 6380
sentinel known-sentinel mymaster 192.168.99.108 26379 9a17dff3f1cd2bbdf09c1efcc18e9a4445d21991
sentinel known-sentinel mymaster 192.168.99.100 26379 f706e74cf52a0d960c79929e5761f69b2e78c8fb
sentinel current-epoch 1

2、停止したマスターノードを再起動する
再起動したmasterノードに入ってReplication情報を表示すると、元のmasterノードがslaveノードになり(プライマリノードの複数回の検証を停止することで)、高可用性クラスタの構築が完了します.

root@160fe0654a21:/data# redis-cli -h 127.0.0.1 -p 6380 -a all123456@
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
127.0.0.1:6380> info replication
# Replication
role:slave
master_host:192.168.99.100
master_port:6380
master_link_status:down
master_last_io_seconds_ago:-1
master_sync_in_progress:0
slave_repl_offset:1
master_link_down_since_seconds:1569147670
slave_priority:100
slave_read_only:1
connected_slaves:0
master_replid:105ef9c468a488c7f0743d833fac15f418b54942
master_replid2:0000000000000000000000000000000000000000
master_repl_offset:0
second_repl_offset:-1
repl_backlog_active:0
repl_backlog_size:1048576
repl_backlog_first_byte_offset:0
repl_backlog_histlen:0

歩哨はすべて配置する

# Example sentinel.conf

# *** IMPORTANT ***
#
# By default Sentinel will not be reachable from interfaces different than
# localhost, either use the 'bind' directive to bind to a list of network
# interfaces, or disable protected mode with "protected-mode no" by
# adding it to this configuration file.
#
# Before doing that MAKE SURE the instance is protected from the outside
# world via firewalling or other means.
#
# For example you may use one of the following:
#
# bind 127.0.0.1 192.168.1.1
#
# protected-mode no

# port 
# The port that this sentinel instance will run on
port 26379

# By default Redis Sentinel does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis-sentinel.pid when
# daemonized.
daemonize no

# When running daemonized, Redis Sentinel writes a pid file in
# /var/run/redis-sentinel.pid by default. You can specify a custom pid file
# location here.
pidfile /var/run/redis-sentinel.pid

# Specify the log file name. Also the empty string can be used to force
# Sentinel to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""

# sentinel announce-ip 
# sentinel announce-port 
#
# The above two configuration directives are useful in environments where,
# because of NAT, Sentinel is reachable from outside via a non-local address.
#
# When announce-ip is provided, the Sentinel will claim the specified IP address
# in HELLO messages used to gossip its presence, instead of auto-detecting the
# local address as it usually does.
#
# Similarly when announce-port is provided and is valid and non-zero, Sentinel
# will announce the specified TCP port.
#
# The two options don't need to be used together, if only announce-ip is
# provided, the Sentinel will announce the specified IP and the server port
# as specified by the "port" option. If only announce-port is provided, the
# Sentinel will announce the auto-detected local IP and the specified port.
#
# Example:
#
# sentinel announce-ip 1.2.3.4

# dir 
# Every long running process should have a well-defined working directory.
# For Redis Sentinel to chdir to /tmp at startup is the simplest thing
# for the process to don't interfere with administrative tasks such as
# unmounting filesystems.
dir /tmp

# sentinel monitor    
#
# Tells Sentinel to monitor this master, and to consider it in O_DOWN
# (Objectively Down) state only if at least  sentinels agree.
#
# Note that whatever is the ODOWN quorum, a Sentinel will require to
# be elected by the majority of the known Sentinels in order to
# start a failover, so no failover can be performed in minority.
#
# Replicas are auto-discovered, so you don't need to specify replicas in
# any way. Sentinel itself will rewrite this configuration file adding
# the replicas using additional configuration options.
# Also note that the configuration file is rewritten when a
# replica is promoted to master.
#
# Note: master name should not include special characters or spaces.
# The valid charset is A-z 0-9 and the three characters ".-_".
sentinel monitor mymaster 127.0.0.1 6379 2

# sentinel auth-pass  
#
# Set the password to use to authenticate with the master and replicas.
# Useful if there is a password set in the Redis instances to monitor.
#
# Note that the master password is also used for replicas, so it is not
# possible to set a different password in masters and replicas instances
# if you want to be able to monitor these instances with Sentinel.
#
# However you can have Redis instances without the authentication enabled
# mixed with Redis instances requiring the authentication (as long as the
# password set is the same for all the instances requiring the password) as
# the AUTH command will have no effect in Redis instances with authentication
# switched off.
#
# Example:
#
# sentinel auth-pass mymaster MySUPER--secret-0123passw0rd

# sentinel down-after-milliseconds  
#
# Number of milliseconds the master (or any attached replica or sentinel) should
# be unreachable (as in, not acceptable reply to PING, continuously, for the
# specified period) in order to consider it in S_DOWN state (Subjectively
# Down).
#
# Default is 30 seconds.
sentinel down-after-milliseconds mymaster 30000

# sentinel parallel-syncs  
#
# How many replicas we can reconfigure to point to the new replica simultaneously
# during the failover. Use a low number if you use the replicas to serve query
# to avoid that all the replicas will be unreachable at about the same
# time while performing the synchronization with the master.
sentinel parallel-syncs mymaster 1

# sentinel failover-timeout  
#
# Specifies the failover timeout in milliseconds. It is used in many ways:
#
# - The time needed to re-start a failover after a previous failover was
#   already tried against the same master by a given Sentinel, is two
#   times the failover timeout.
#
# - The time needed for a replica replicating to a wrong master according
#   to a Sentinel current configuration, to be forced to replicate
#   with the right master, is exactly the failover timeout (counting since
#   the moment a Sentinel detected the misconfiguration).
#
# - The time needed to cancel a failover that is already in progress but
#   did not produced any configuration change (SLAVEOF NO ONE yet not
#   acknowledged by the promoted replica).
#
# - The maximum time a failover in progress waits for all the replicas to be
#   reconfigured as replicas of the new master. However even after this time
#   the replicas will be reconfigured by the Sentinels anyway, but not with
#   the exact parallel-syncs progression as specified.
#
# Default is 3 minutes.
sentinel failover-timeout mymaster 180000

# SCRIPTS EXECUTION
#
# sentinel notification-script and sentinel reconfig-script are used in order
# to configure scripts that are called to notify the system administrator
# or to reconfigure clients after a failover. The scripts are executed
# with the following rules for error handling:
#
# If script exits with "1" the execution is retried later (up to a maximum
# number of times currently set to 10).
#
# If script exits with "2" (or an higher value) the script execution is
# not retried.
#
# If script terminates because it receives a signal the behavior is the same
# as exit code 1.
#
# A script has a maximum running time of 60 seconds. After this limit is
# reached the script is terminated with a SIGKILL and the execution retried.

# NOTIFICATION SCRIPT
#
# sentinel notification-script  
# 
# Call the specified notification script for any sentinel event that is
# generated in the WARNING level (for instance -sdown, -odown, and so forth).
# This script should notify the system administrator via email, SMS, or any
# other messaging system, that there is something wrong with the monitored
# Redis systems.
#
# The script is called with just two arguments: the first is the event type
# and the second the event description.
#
# The script must exist and be executable in order for sentinel to start if
# this option is provided.
#
# Example:
#
# sentinel notification-script mymaster /var/redis/notify.sh

# CLIENTS RECONFIGURATION SCRIPT
#
# sentinel client-reconfig-script  
#
# When the master changed because of a failover a script can be called in
# order to perform application-specific tasks to notify the clients that the
# configuration has changed and the master is at a different address.
# 
# The following arguments are passed to the script:
#
#       
#
#  is currently always "failover"
#  is either "leader" or "observer"
# 
# The arguments from-ip, from-port, to-ip, to-port are used to communicate
# the old address of the master and the new address of the elected replica
# (now a master).
#
# This script should be resistant to multiple invocations.
#
# Example:
#
# sentinel client-reconfig-script mymaster /var/redis/reconfig.sh

# SECURITY
#
# By default SENTINEL SET will not be able to change the notification-script
# and client-reconfig-script at runtime. This avoids a trivial security issue
# where clients can set the script to anything and trigger a failover in order
# to get the program executed.

sentinel deny-scripts-reconfig yes

# REDIS COMMANDS RENAMING
#
# Sometimes the Redis server has certain commands, that are needed for Sentinel
# to work correctly, renamed to unguessable strings. This is often the case
# of CONFIG and SLAVEOF in the context of providers that provide Redis as
# a service, and don't want the customers to reconfigure the instances outside
# of the administration console.
#
# In such case it is possible to tell Sentinel to use different command names
# instead of the normal ones. For example if the master "mymaster", and the
# associated replicas, have "CONFIG" all renamed to "GUESSME", I could use:
#
# SENTINEL rename-command mymaster CONFIG GUESSME
#
# After such configuration is set, every time Sentinel would use CONFIG it will
# use GUESSME instead. Note that there is no actual need to respect the command
# case, so writing "config guessme" is the same in the example above.
#
# SENTINEL SET can also be used in order to perform this configuration at runtime.
#
# In order to set a command back to its original name (undo the renaming), it
# is possible to just rename a command to itsef:
#
# SENTINEL rename-command mymaster CONFIG CONFIG