写在前面
- 所有组件均使用容器方式
- 目前仅仅做到了Gitlab-CE的主备方式高可用,没有做到双活
集群主机IP及组件说明
- 192.168.26.101 [etcd,patroni,redis-cluster,redis-sentinel,gitlab]
- 192.168.26.102 [etcd,patroni,redis-cluster,redis-sentinel,gitlab]
- 192.168.26.103 [etcd,patroni,redis-cluster,redis-sentinel,gitlab]
- 192.168.26.200 VIP地址用于patroni集群Master使用
- 192.168.26.201 VIP地址用于gitlab-ce的外部url使用
- 192.168.26.10 NFS地址
- 执行循序 etcd -> patroni -> redis-cluster -> redis-sentinel -> mount /etc/fstab -> 等待gitlab自运行
postgres集群
etcd集群
//192.168.26.101
HOST_NAME=etcd-1
ETCD_ENDPOINT=etcd-1=http://192.168.26.101:2380,etcd-2=http://192.168.26.102:2380,etcd-3=http://192.168.26.103:2380
HOST_IP=`python -c "import socket;res = socket.gethostbyname(socket.gethostname());print(res)"`
ETCD_DATA=/opt/etcd/data
docker run -d --restart=always --net=host \
-v $ETCD_DATA:/etcd-data \
--name $HOST_NAME \
quay.io/coreos/etcd:v3.5.7 \
/usr/local/bin/etcd \
-name $HOST_NAME \
--data-dir /etcd-data \
--listen-client-urls http://0.0.0.0:2379 \
--advertise-client-urls http://0.0.0.0:2379 \
--listen-peer-urls http://0.0.0.0:2380 \
--initial-advertise-peer-urls http://$HOST_IP:2380 \
--initial-cluster "$ETCD_ENDPOINT" \
--initial-cluster-token tkn \
--initial-cluster-state new \
--log-level info \
--logger zap \
--log-outputs stderr
//192.168.26.102
HOST_NAME=etcd-2
ETCD_ENDPOINT=etcd-1=http://192.168.26.101:2380,etcd-2=http://192.168.26.102:2380,etcd-3=http://192.168.26.103:2380
HOST_IP=`python -c "import socket;res = socket.gethostbyname(socket.gethostname());print(res)"`
ETCD_DATA=/opt/etcd/data
docker run -d --restart=always --net=host \
-v $ETCD_DATA:/etcd-data \
--name $HOST_NAME \
quay.io/coreos/etcd:v3.5.7 \
/usr/local/bin/etcd \
-name $HOST_NAME \
--data-dir /etcd-data \
--listen-client-urls http://0.0.0.0:2379 \
--advertise-client-urls http://0.0.0.0:2379 \
--listen-peer-urls http://0.0.0.0:2380 \
--initial-advertise-peer-urls http://$HOST_IP:2380 \
--initial-cluster "$ETCD_ENDPOINT" \
--initial-cluster-token tkn \
--initial-cluster-state new \
--log-level info \
--logger zap \
--log-outputs stderr
//192.168.26.103
HOST_NAME=etcd-3
ETCD_ENDPOINT=etcd-1=http://192.168.26.101:2380,etcd-2=http://192.168.26.102:2380,etcd-3=http://192.168.26.103:2380
HOST_IP=`python -c "import socket;res = socket.gethostbyname(socket.gethostname());print(res)"`
ETCD_DATA=/opt/etcd/data
docker run -d --restart=always --net=host \
-v $ETCD_DATA:/etcd-data \
--name $HOST_NAME \
quay.io/coreos/etcd:v3.5.7 \
/usr/local/bin/etcd \
-name $HOST_NAME \
--data-dir /etcd-data \
--listen-client-urls http://0.0.0.0:2379 \
--advertise-client-urls http://0.0.0.0:2379 \
--listen-peer-urls http://0.0.0.0:2380 \
--initial-advertise-peer-urls http://$HOST_IP:2380 \
--initial-cluster "$ETCD_ENDPOINT" \
--initial-cluster-token tkn \
--initial-cluster-state new \
--log-level info \
--logger zap \
--log-outputs stderr
patroni集群
//192.168.26.101
HOST_NAME=patroni-1
ETCD_ENDPOINT=192.168.26.101:2379,192.168.26.102:2379,192.168.26.103:2379
PATRONI_PASSWD='123456'
PATRONI_VIP='192.168.26.200'
PATRONI_BRD='192.168.26.255'
PATRONI_DATA=/opt/postgres/data/
docker run -d --restart=always --name=$HOST_NAME \
--privileged \
--net=host \
--hostname=$HOST_NAME \
-e ETCD_ENDPION=$ETCD_ENDPOINT \
-e PATRONI_PASSWD=$PATRONI_PASSWD \
-e PATRONI_VIP=$PATRONI_VIP \
-e PATRONI_BRD=$PATRONI_BRD \
-v $PATRONI_DATA:/home/postgres/data/ \
swr.cn-north-4.myhuaweicloud.com/easyk8s.com/postgres_cluster:2023_02_07
//192.168.26.102
HOST_NAME=patroni-2
ETCD_ENDPOINT=192.168.26.101:2379,192.168.26.102:2379,192.168.26.103:2379
PATRONI_PASSWD='123456'
PATRONI_VIP='192.168.26.200'
PATRONI_BRD='192.168.26.255'
PATRONI_DATA=/opt/postgres/data/
docker run -d --restart=always --name=$HOST_NAME \
--privileged \
--net=host \
--hostname=$HOST_NAME \
-e ETCD_ENDPION=$ETCD_ENDPOINT \
-e PATRONI_PASSWD=$PATRONI_PASSWD \
-e PATRONI_VIP=$PATRONI_VIP \
-e PATRONI_BRD=$PATRONI_BRD \
-v $PATRONI_DATA:/home/postgres/data/ \
swr.cn-north-4.myhuaweicloud.com/easyk8s.com/postgres_cluster:2023_02_07
//192.168.26.103
HOST_NAME=patroni-3
ETCD_ENDPOINT=192.168.26.101:2379,192.168.26.102:2379,192.168.26.103:2379
PATRONI_PASSWD='123456'
PATRONI_VIP='192.168.26.200'
PATRONI_BRD='192.168.26.255'
PATRONI_DATA=/opt/postgres/data/
docker run -d --restart=always --name=$HOST_NAME \
--privileged \
--net=host \
--hostname=$HOST_NAME \
-e ETCD_ENDPION=$ETCD_ENDPOINT \
-e PATRONI_PASSWD=$PATRONI_PASSWD \
-e PATRONI_VIP=$PATRONI_VIP \
-e PATRONI_BRD=$PATRONI_BRD \
-v $PATRONI_DATA:/home/postgres/data/ \
swr.cn-north-4.myhuaweicloud.com/easyk8s.com/postgres_cluster:2023_02_07
验证集群
# 验证postgres_cluster集群
# docker exec -it patroni-[1/2/3] bash
$ patronictl -c /home/postgres/config/patroni.yml list
redis 哨兵集群
redis-cluster
//192.168.26.101
#!/bin/bash
HOST_NAME=redis_server-1
REDIS_DATA=/opt/redis/data
docker run -d --name $HOST_NAME \
--net=host \
-v $REDIS_DATA:/data \
redis:latest redis-server --port 6379
//192.168.26.102
#!/bin/bash
HOST_NAME=redis_server-2
REDIS_DATA=/opt/redis/data
REDIS_MASTER_IP='192.168.26.101'
REDIS_MASTER_PORT=6379
docker run -d --name $HOST_NAME \
--net=host \
-v /opt/redis/data:/data \
redis:latest redis-server --slaveof $REDIS_MASTER_IP $REDIS_MASTER_PORT --port 6379
//192.168.26.103
#!/bin/bash
HOST_NAME=redis_server-3
REDIS_DATA=/opt/redis/data
REDIS_MASTER_IP='192.168.26.101'
REDIS_MASTER_PORT=6379
docker run -d --name $HOST_NAME \
--net=host \
-v /opt/redis/data:/data \
redis:latest redis-server --slaveof $REDIS_MASTER_IP $REDIS_MASTER_PORT --port 6379
redis-sentinel
//192.168.26.101
REDIS_NAME_IP='192.168.26.101'
REDIS_NAME_PORT=6379
REDIS_SENTINEL_CONFIG=/opt/redis/sentinel.conf
REDIS_SENTINEL_PORT=5000
HOST_NAME=reids_sentinel-1
if [[ ! -e ${REDIS_SENTINEL_CONFIG}gitlab.rb ]];
then
cat > $REDIS_SENTINEL_CONFIG <<EOF
protected-mode no
bind 0.0.0.0
port 5000
daemonize no
sentinel monitor mymaster $REDIS_NAME_IP $REDIS_NAME_PORT 2
sentinel down-after-milliseconds mymaster $REDIS_SENTINEL_PORT
sentinel failover-timeout mymaster 180000
sentinel parallel-syncs mymaster 1
EOF
fi
docker run -d --restart=always --name $HOST_NAME \
-p $REDIS_SENTINEL_PORT:$REDIS_SENTINEL_PORT \
-v /opt/redis/sentinel.conf:/etc/redis/sentinel.conf \
redis redis-sentinel /etc/redis/sentinel.conf
//192.168.26.102
REDIS_NAME_IP='192.168.26.101'
REDIS_NAME_PORT=6379
REDIS_SENTINEL_CONFIG=/opt/redis/sentinel.conf
REDIS_SENTINEL_PORT=5000
HOST_NAME=reids_sentinel-2
if [[ ! -e ${REDIS_SENTINEL_CONFIG}gitlab.rb ]];
then
cat > $REDIS_SENTINEL_CONFIG <<EOF
protected-mode no
bind 0.0.0.0
port 5000
daemonize no
sentinel monitor mymaster $REDIS_NAME_IP $REDIS_NAME_PORT 2
sentinel down-after-milliseconds mymaster $REDIS_SENTINEL_PORT
sentinel failover-timeout mymaster 180000
sentinel parallel-syncs mymaster 1
EOF
fi
docker run -d --restart=always --name $HOST_NAME \
-p $REDIS_SENTINEL_PORT:$REDIS_SENTINEL_PORT \
-v /opt/redis/sentinel.conf:/etc/redis/sentinel.conf \
redis redis-sentinel /etc/redis/sentinel.conf
//192.168.26.103
REDIS_NAME_IP='192.168.26.101'
REDIS_NAME_PORT=6379
REDIS_SENTINEL_CONFIG=/opt/redis/sentinel.conf
REDIS_SENTINEL_PORT=5000
HOST_NAME=reids_sentinel-3
if [[ ! -e ${REDIS_SENTINEL_CONFIG}gitlab.rb ]];
then
cat > $REDIS_SENTINEL_CONFIG <<EOF
protected-mode no
bind 0.0.0.0
port 5000
daemonize no
sentinel monitor mymaster $REDIS_NAME_IP $REDIS_NAME_PORT 2
sentinel down-after-milliseconds mymaster $REDIS_SENTINEL_PORT
sentinel failover-timeout mymaster 180000
sentinel parallel-syncs mymaster 1
EOF
fi
docker run -d --restart=always --name $HOST_NAME \
-p $REDIS_SENTINEL_PORT:$REDIS_SENTINEL_PORT \
-v /opt/redis/sentinel.conf:/etc/redis/sentinel.conf \
redis redis-sentinel /etc/redis/sentinel.conf
验证Redis集群
# pip install redis -i http://mirrors.aliyun.com/pypi/simple
# cat redis_test.py
# -*- coding:utf-8 -*-
from redis.sentinel import Sentinel
# 连接哨兵服务器(主机名也可以用域名)
sentinel = Sentinel([('192.168.26.101', 5000),
('192.168.26.102', 5001),
('192.168.26.103', 5001)
],
socket_timeout=0.5)
# 获取主服务器地址
master = sentinel.discover_master('mymaster')
print("redis master ip",master)
slave = sentinel.discover_slaves('mymaster')
print("redis slave ip",slave)
master = sentinel.master_for('mymaster', socket_timeout=0.5, db=15)
w_ret = master.set('foo', 'bar')
slave = sentinel.slave_for('mymaster', socket_timeout=0.5, db=15)
r_ret = slave.get('foo')
print(r_ret)
# python3 redis.py
redis master ip ('192.168.26.101', 6379)
redis slave ip [('192.168.26.102', 6379), ('192.168.26.103', 6379)]
b'bar'
redis create user And passwd And tables
// 需要取Master主机执行,也就是挂载192.168.26.200的机器
# docker exec -it patroni-3 bash
$ psql
$ create role gitlab login encrypted password 'pass';
$ create database gitlabhq_production owner=gitlab ENCODING = 'UTF8';
$ \c gitlabhq_production
$ CREATE EXTENSION pg_trgm;
$ select extname,extowner,extnamespace,extrelocatable,extversion from pg_extension;
Gitlab-CE
mount /etc/fstab
//[注意]NFS的设置sync,no_root_squash,no_all_squash
//192.168.26.101
# mkdir -p /opt/gitlab/{config,data,master}
# vi /etc/fstab
192.168.26.10:/data/gitlab/config /opt/gitlab/config nfs4 defaults 0 0
192.168.26.10:/data/gitlab/data /opt/gitlab/data nfs4 defaults 0 0
192.168.26.10:/data/gitlab/master /opt/gitlab/master nfs4 defaults 0 0
# mount -a
//[注意要设置每台机器的Crontab]
# crontab -l
# */3 * * * * /bin/bash /opt/gitlab.sh > /dev/null 2>&1
# vi /opt/gitlab.sh
#!/bin/bash
# 配合crontab 主备
# 注意MASTER_DIR 为NFS共享目录用于抢占写入
MASTER_SEZIE_CONFIG=/opt/gitlab/master/sezie.config
# 注意GIT_CONFIG/DATA为NFS共享目录用于配置文件和数据目录
GIT_CONFIG=/opt/gitlab/config/
GIT_DATA=/opt/gitlab/data/
# [注意]GIT配置文件
# 需要创建PG中的数据库,用户名,密码,库
# 配置文件中redis的哨兵地址
if [[ ! -e ${GIT_CONFIG}gitlab.rb ]];
then
cat > ${GIT_CONFIG}gitlab.rb << EOF
external_url 'http://192.168.26.201'
postgresql['enable'] = false
gitlab_rails['db_adapter'] = "postgresql"
gitlab_rails['db_encoding'] = "utf8"
gitlab_rails['db_database'] = "gitlabhq_production"
gitlab_rails['db_pool'] = 30
gitlab_rails['db_username'] = "gitlab"
gitlab_rails['db_password'] = "pass"
gitlab_rails['db_host'] = "192.168.26.200"
gitlab_rails['db_port'] = "5432"
redis['enable'] = false
gitlab_rails['redis_sentinels'] = [
{'host' => '192.168.26.101', 'port' => 5000},
{'host' => '192.168.26.102', 'port' => 5000},
{'host' => '192.168.26.103', 'port' => 5000},
]
redis['master_name'] = 'mymaster'
gitlab_rails['redis_database'] = 0
EOF
fi
# 最大超时时间
TIME_MAX=300
# 抢占启动模块
function start_gitlab(){
echo "开启抢占"
IP=`python -c "import socket;res = socket.gethostbyname(socket.gethostname());print(res)"`
TIME=`date "+%s"`
echo -n "$IP $TIME" > $MASTER_SEZIE_CONFIG
docker ps -a | grep gitlab > /dev/null 2>&1
if [[ $? -eq 0 ]];
then
docker start gitlab
else
docker run -d \
--name gitlab \
-p 443:443 -p 80:80 -p 2222:22 \
-v $GIT_CONFIG:/etc/gitlab/ \
-v /opt/gitlab/log/:/var/log/gitlab \
-v $GIT_DATA:/var/opt/gitlab/ \
gitlab/gitlab-ce
fi
}
# 判断服务是否是本地提供,不是停止
function stop_gitlab(){
IP=`cat $MASTER_SEZIE_CONFIG | awk '{print $1}'`
LOCAL_IP=`python -c "import socket;res = socket.gethostbyname(socket.gethostname());print(res)"`
if [[ $LOCAL_IP != $IP ]];
then
docker stop gitlab
fi
}
if [[ -e $MASTER_SEZIE_CONFIG ]];
then
# 存在
echo "文件存在"
IP=`cat $MASTER_SEZIE_CONFIG | awk '{print $1}'`
TIME=`cat $MASTER_SEZIE_CONFIG | awk '{print $2}'`
HTTP_CODE=`curl -sI http://$IP/users/sign_in | head -n 1 | awk '{print $2}'`
END_TIME=`date "+%s"`
if [[ $HTTP_CODE -eq 200 ]];
then
# 访问成功更新时间戳
echo -n "$IP $END_TIME" > $MASTER_SEZIE_CONFIG
stop_gitlab
else
# 访问失败判断时间戳差额
TIME_TMP=$(( END_TIME - TIME ))
if [[ $TIME_TMP -gt $TIME_MAX ]];
then
# 大于超时开始抢占
start_gitlab
fi
fi
else
# 不存在
echo "文件不存在"
start_gitlab
fi
验证环节
网友评论