实验环境
ip | 服务 | 备注 |
---|---|---|
192.168.1.11 | Docker swarm service(nginx+php) | swarm-manager |
192.168.1.12 | Docker swarm service(nginx+php) | node1 |
192.168.1.13 | Docker swarm service(nginx+php) | node2 |
192.168.1.14 | mysql+haproxy | mysql-haproxy |
实验目的
swarm集群中搭建两个service,分别是nginx和php,都使用dockerfile进行构建镜像,然后启动service,两个service之间使用my_net的overlay网络进行通信,使用集群外部的一台服务器搭建mysql和Haproxy,Haproxy用来对swarm集群中的nginx service进行负载均衡,mysql用来与php通信,搭建discuz论坛
实验步骤
搭建swarm集群
放行端口
swarm-manager
firewall-cmd --add-port=2377/tcp # 节点加入集群使用
firewall-cmd --add-port=8888/tcp # swarm图形化工具访问端口
firewall-cmd --add-port=5000/tcp # 节点访问私库端口
firewall-cmd --add-port=80/tcp # dockerfile进行测试端口
firewall-cmd --add-port=8080/tcp # service nginx的访问端口
swarm三台集群
firewall-cmd --add-port=7946/tcp
firewall-cmd --add-port=4789/udp
mysql-haproxy
firewall-cmd --add-port=3306/tcp # php连接数据库端口
firewall-cmd --add-port=80/tcp # Haproxy访问端口
搭建私库供上传私有镜像使用
swarm-manager
[root@swarm-manager ~]# docker pull registry:2
[root@swarm-manager ~]# mkdir -p /opt/data/registry
[root@swarm-manager ~]# docker run -itd -p 5000:5000 --restart always \
--volume /opt/data/registry/:/var/lib/registry registry:2
修改配置文件指定从私库下载
[root@swarm-manager ~]# vim /usr/lib/systemd/system/docker.service
# 14行的末尾添加--insecure-registry 192.168.1.11:5000
# 14行也就是以ExecStart开头的一行
将修改后的文件传到其他两台
[root@swarm-manager ~]# scp /usr/lib/systemd/system/docker.service node1:/usr/lib/systemd/system/
[root@swarm-manager ~]# scp /usr/lib/systemd/system/docker.service node2:/usr/lib/systemd/system/
三台全部重启服务
systemctl daemon-reload
systemctl restart docker
nginx-Dockerfile
dockerfile文件说明
本文中的dockerfile如果要借用,请按照步骤,包括名字也不要改,除非理解了dockerfile文件中的所有内容,且在修改文件的部分,phpfpm:9000,这个名字是php启动的service的名字,如要更改,请在nginx的Dockerfile文件中找到该部分,但是更改之后,让php的service的名字与这里一致
这个文件中还有修改的php部分的root目录为/www/php也将会在php的dockerfile中创建
swarm-manager
mkdir nginx phpfpm
cd nginx # rz 拖包
#----------------------------------------
# 编写Nginx的Dockerfile
#----------------------------------------
vim Dockerfile
#---
FROM centos
MAINTAINER FeiYi
RUN yum -y install net-tools iproute pcre-devel openssl-devel gcc gcc-c++ make zlib-devel elinks
ADD nginx-1.11.1.tar.gz /usr/src
ENV NGINX_DIR /usr/src/nginx-1.11.1
WORKDIR $NGINX_DIR
RUN ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx && make && make install
WORKDIR /
RUN useradd nginx
RUN ln -s /usr/local/nginx/sbin/nginx /usr/sbin/nginx
RUN sed -i '/ server_name localhost;/a \ location ~ \.php$ {\n root /www/php;\n fastcgi_pass phpfpm:9000;\n fastcgi_index index.php;\n fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;\n include fastcgi.conf;\n}' /usr/local/nginx/conf/nginx.conf
RUN sed -i 's/ index index.html index.htm/ index index.php index.html index.htm/g' /usr/local/nginx/conf/nginx.conf
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]
#----------------------------------------
php-Dockerfile
dockerfile文件说明
因为最后搭建论坛需要连接mysql,需要有mysql的依赖
php-mysql
和mysql-devel
,编译时还增加了--with-mysql
和--with-mysqli
的支持,也是用来连接数据库的语法
swarm-manager
cd ../phpfpm # 拖包
#----------------------------------------
# 写phpinfo文件
#----------------------------------------
vim index.php
#---
<?php
phpinfo();
?>
#----------------------------------------
# 写启动脚本
#----------------------------------------
vim phpstart.sh
#---
#!/bin/bash
/etc/init.d/php-fpm start
/bin/bash
#----------------------------------------
# 编写phpfpm的Dockerfile
#----------------------------------------
vim Dockerfile
#---
FROM centos
MAINTAINER FeiYi
ENV PHP_INSTALL_DIR /usr/src/php-5.3.28
ENV PHP_DIR /usr/local/php
ENV PHP_SH /etc/init.d/php-fpm
ADD php-5.3.28.tar.gz /usr/src
RUN yum -y install net-tools coreutils chkconfig iproute sed freetype-devel gd-devel \
pcre-devel ncurses-devel openssl-devel zlib-devel autoconf mysql-devel php-mysql \
libjpeg-devel libxml2-devel libpng-devel gd gcc gcc-c++ make perl perl-devel bzip2-devel
RUN cp -rp /usr/lib64/mysql/libmysqlclient.so.18.0.0 /usr/lib/libmysqlclient.so
WORKDIR $PHP_INSTALL_DIR
RUN ./configure --prefix=$PHP_DIR --with-gd --with-zlib \
--with-config-file-path=$PHP_DIR --with-mysql --with-mysqli \
--enable-fpm --enable-mbstring --with-jpeg-dir=/usr/lib && make && make install
WORKDIR /
RUN cp $PHP_INSTALL_DIR/php.ini-development $PHP_DIR/php.ini
RUN sed -i '/default_charset/c \default_charset = "utf-8"' $PHP_DIR/php.ini
RUN sed -i '/short_open_tag/c \short_open_tag = On' $PHP_DIR/php.ini
RUN cp $PHP_INSTALL_DIR/sapi/fpm/init.d.php-fpm $PHP_SH
RUN chmod +x $PHP_SH && chkconfig --add php-fpm
RUN cp $PHP_DIR/etc/php-fpm.conf.default $PHP_DIR/etc/php-fpm.conf
RUN sed -i '/;pid = run/c \pid = run/php-fpm.pid' $PHP_DIR/etc/php-fpm.conf && \
sed -i '/user =/c \user = nginx' $PHP_DIR/etc/php-fpm.conf && \
sed -i '/group =/c \group = nginx' $PHP_DIR/etc/php-fpm.conf && \
sed -i '/pm.max_children/c \pm.max_children = 50' $PHP_DIR/etc/php-fpm.conf && \
sed -i '/pm.start_servers/c \pm.start_servers = 20' $PHP_DIR/etc/php-fpm.conf && \
sed -i '/pm.min_spare_servers/c \pm.min_spare_servers = 5' $PHP_DIR/etc/php-fpm.conf && \
sed -i '/pm.max_spare_servers/c \pm.max_spare_servers = 35' $PHP_DIR/etc/php-fpm.conf
RUN sed -i 's/listen = 127.0.0.1:9000/listen = 0.0.0.0:9000/g' $PHP_DIR/etc/php-fpm.conf
RUN mkdir /www/php -p
RUN useradd -M -s /sbin/nologin nginx
COPY index.php /www/php/
COPY phpstart.sh /root/
RUN chmod +x /root/phpstart.sh
EXPOSE 80 3306 9000
CMD ["/root/phpstart.sh"]
构建nginx+php
swarm-manager
docker build -t 192.168.1.11:5000/chai/nginx /root/nginx
docker build -t 192.168.1.11:5000/chai/phpfpm /root/phpfpm
上传镜像
swarm-manager
docker push 192.168.1.11:5000/chai/nginx
docker push 192.168.1.11:5000/chai/phpfpm
运行测试
swarm-manager
必须先启动phpfpm
docker run -itd --name php-fpm 192.168.1.11:5000/chai/phpfpm
docker run -itd -p 80:80 --name nginx --link php-fpm:phpfpm 192.168.1.11:5000/chai/nginx
在浏览器访问测试192.168.1.11/index.php
创建overlay网络
swarm-manager
nginx连接php使用,service之间的访问
[root@swarm-manager ~]# docker network create --driver overlay my_net
启动service phpfpm三个副本
node1/node2下载镜像
docker pull 192.168.1.11:5000/chai/nginx
docker pull 192.168.1.11:5000/chai/phpfpm
swarm-manager
[root@swarm-manager ~]# docker service create -td --name phpfpm --replicas 3 \
--network my_net --mount type=volume,src=phpconf,dst=/usr/local/php \
--mount type=volume,src=php,dst=/www/php 192.168.1.11:5000/chai/phpfpm
启动service nginx 三个副本
swarm-manager
[root@swarm-manager ~]# docker service create --name nginxphp --network my_net -p 8080:80 \
--replicas 3 --mount type=volume,src=conf,dst=/usr/local/nginx/conf \
--mount type=volume,src=html,dst=/usr/local/nginx/html 192.168.1.11:5000/chai/nginx
验证访问
http://192.168.1.11:8080/index.php
nfs
swarm-manager
[root@swarm-manager ~]# yum -y install nfs-utils rpcbind
[root@swarm-manager ~]# mkdir /file/html -p
[root@swarm-manager ~]# vim /etc/exports
/file/html *(rw,no_root_squash,sync)
[root@swarm-manager ~]# exportfs -r
[root@swarm-manager ~]# systemctl start rpcbind nfs-server
[root@swarm-manager ~]# firewall-cmd --add-service=rpc-bind
success
[root@swarm-manager ~]# firewall-cmd --add-service=nfs
success
[root@swarm-manager ~]# firewall-cmd --add-service=mountd
success
在其他主机验证
[root@node1 ~]# showmount -e 192.168.1.11
Export list for 192.168.1.11:
/file/html *
三台都执行挂载
两个路径必须挂载一起,否则,会出现论坛乱码的情况
mount 192.168.1.11:/file/html /var/lib/docker/volumes/html/_data/
mount 192.168.1.11:/file/html /var/lib/docker/volumes/php/_data/
验证挂载
swarm-manager
[root@swarm-manager ~]# vim /file/html/index.php
FeiYi
[root@swarm-manager ~]# curl 192.168.1.11:8080/index.php
FeiYi
访问http://192.168.1.11:8080/index.php
搭建mysql
mysql-haproxy
拖包cmake和mysql
[root@mysql-haproxy ~]# yum -y install ncurses-devel ncurses-libs ncurses-base
[root@mysql-haproxy ~]# tar zxf cmake-3.15.1.tar.gz -C /usr/src
[root@mysql-haproxy ~]# cd /usr/src/cmake-3.15.1/
[root@mysql-haproxy cmake-3.15.1]# ./configure && gmake && gmake install
[root@mysql-haproxy ~]# tar zxf mysql-5.6.33.tar.gz -C /usr/src
[root@mysql-haproxy ~]# cd /usr/src/mysql-5.6.33/
[root@mysql-haproxy mysql-5.6.33]# cmake -DCMAKE_INSTALL_PREFIX=/usr/local/mysql \
-DMYSQL_DATADIR=/usr/local/mysql/data \
-DSYSCONFDIR=/etc \
-DMYSQL_UNIX_ADDR=/usr/local/mysql/mysql.sock \
-DWITH_MYISAM_STORAGE_ENGINE=1 \
-DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DMYSQL_TCP_PORT=3306 \
-DENABLED_LOCAL_INFILE=1 \
-DWITH_PARTITION_STORAGE_ENGINE=1 \
-DDEFAULT_CHARSET=utf8 \
-DDEFAULT_COLLATION=utf8_general_ci \
-DWITH_EXTRA_CHARSETS=all
[root@mysql-haproxy mysql-5.6.33]# make && make install
[root@mysql-haproxy ~]# useradd -M -s /sbin/nologin mysql
[root@mysql-haproxy ~]# vim /etc/my.cnf
datadir=/usr/local/mysql/data
socket=/usr/local/mysql/mysql.sock
log-error=/var/log/mysqld.log
pid-file=/usr/local/mysql/data/mysql-haproxy.pid
[root@mysql-haproxy ~]# cd /usr/local/mysql/scripts/
[root@mysql-haproxy scripts]# ./mysql_install_db --user=mysql --group=mysql \
--basedir=/usr/local/mysql --datadir=/usr/local/mysql/data
[root@mysql-haproxy ~]# ln -s /usr/local/mysql/bin/* /usr/local/bin
[root@mysql-haproxy ~]# ln -s /usr/local/mysql/include/* /usr/include
[root@mysql-haproxy ~]# ln -s /usr/lcoal/mysql/lib/* /usr/lib
[root@mysql-haproxy ~]# cp /usr/local/mysql/support-files/mysql.server /etc/init.d/mysqld
[root@mysql-haproxy ~]# chmod +x /etc/init.d/mysqld
[root@mysql-haproxy ~]# chkconfig --add mysqld
[root@mysql-haproxy ~]# chkconfig mysqld on
[root@mysql-haproxy ~]# chown -R mysql:mysql /usr/local/mysql/
[root@mysql-haproxy ~]# systemctl start mysqld
吐核报错解决
在源码包里,编辑文件/usr/src/mysql-5.6.38/cmd-line-utils/libedit/terminal.c (mysql 安装包所在路径)
把terminal_set方法中的 char buf[TC_BUFSIZE]; 这一行注释,再把 area = buf;改为 area = NULL;
更改完之后进入路径重新编译安装即可
php连接数据库验证
mysql-haproxy
数据库授权
[root@mysql-haproxy ~]# firewall-cmd --add-port=3306/tcp
[root@mysql-haproxy ~]# mysql
mysql> grant all on *.* to 'root'@'%' identified by '123.com';
swarm-manager
[root@swarm-manager ~]# vim /file/html/conn.php
<?php
$link=mysqli_connect('192.168.1.14','root','123.com');
if($link) echo "裴金凤我爱你!!\n";
mysqli_close($link);
?>
访问http://192.168.1.11:8080/conn.php
搭建Haproxy
拖包
[root@mysql-haproxy ~]# yum -y install pcre-devel bzip2-devel
[root@mysql-haproxy ~]# tar zxf haproxy-1.4.24.tar.gz -C /usr/src
[root@mysql-haproxy ~]# cd /usr/src/haproxy-1.4.24
[root@mysql-haproxy haproxy-1.4.24]# make TARGET=linux310 PREFIX=/usr/local/haproxy
[root@mysql-haproxy haproxy-1.4.24]# make install PREFIX=/usr/local/haproxy
[root@mysql-haproxy ~]# ln -s /usr/local/haproxy/sbin/* /usr/sbin/
[root@mysql-haproxy ~]# mkdir /etc/haproxy
[root@mysql-haproxy ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.cfg /etc/haproxy/
[root@mysql-haproxy ~]# cp /usr/src/haproxy-1.4.24/examples/haproxy.init /etc/init.d/haproxy
[root@mysql-haproxy ~]# chmod +x /etc/init.d/haproxy
[root@mysql-haproxy ~]# vim /etc/haproxy/haproxy.cfg
# 注释全局配置中这一行
#chroot /usr/share/haproxy # 安装路径
# 注释默认配置中这一行
#redispatch # 客户端访问时产生cookie的对应节点坏掉,就会直接定向到另一台web,影响轮询效果,生成环境中不需要注释
#listen appli1-rewrite 0.0.0.0:10001
这行以下内容全部清空,自行写入
listen webservers 0.0.0.0:80
balance roundrobin
option httpchk GET /index.php
server web_one 192.168.1.11:8080 check inter 2000 rise 3 fall 3
server web_two 192.168.1.12:8080 check inter 2000 rise 3 fall 3
server web_three 192.168.1.13:8080 check inter 2000 rise 3 fall 3
[root@mysql-haproxy ~]# chkconfig --add /etc/init.d/haproxy
[root@mysql-haproxy ~]# systemctl start haproxy
访问192.168.1.14
和192.168.1.14/index.php
搭建Discuz
三台swarm集群全部拖包
unzip Discuz_7.2_FULL_SC_UTF8.zip
useradd nginx
mv upload/ /file/html/discuz
chown -R nginx:nginx /file/html/discuz/
chmod 777 -R /file/html/discuz/
访问http://192.168.1.14/discuz/install/