keepalived实现harbor高可用

master 192.168.53.10

backup 192.168.53.11

harbor安装及主从复制配置略，本文主要配置keepalived

两台首先都安装keepalived

# yum -y install keepalived

配置文件

 1 ! Configuration File for keepalived2 3 global_defs {4    notification_email {5      acassen@firewall.loc6      failover@firewall.loc7      sysadmin@firewall.loc8    }9    notification_email_from Alexandre.Cassen@firewall.loc
10    smtp_server 192.168.200.1
11    smtp_connect_timeout 30
12    router_id LVS_DEVEL
13    vrrp_skip_check_adv_addr
14 #   vrrp_strict　　　　#不注释掉vip是ping不通得
15    vrrp_garp_interval 0
16    vrrp_gna_interval 0
17 }
18
19 vrrp_instance VI_1 {
20     state MASTER　　　　　　# 指定 keepalived 的角色，MASTER 表示此主机是主服务器，BACKUP 表示此主机是备用服务器
21     interface ens33
22     virtual_router_id 51　　　　# 虚拟路由标识，这个标识是一个数字，同一个vrrp实例使用唯一的标识，同一vrrp_instance下，MASTER和BACKUP必须是一致的
23     priority 100　　　　　　# 定义优先级，数字越大，优先级越高(0-255)
24     advert_int 1
25     authentication {　　　　# 设置验证类型和密码
26         auth_type PASS
27         auth_pass 1111
28     }
29     virtual_ipaddress {　　　　#设置虚拟IP地址，可以设置多个虚拟IP地址，每行一个
30         192.168.53.100/24
31     }
32 }
33
34 virtual_server 192.168.53.100 80 {
35     delay_loop 6
36     lb_algo rr
37     lb_kind NAT
38     persistence_timeout 50
39     protocol TCP
40
41     real_server 192.168.53.10 80 {
42         weight 1
43     TCP_CHECK {
44             connect_timeout 3
45             nb_get_retry 3
46             delay_before_retry 3
47             connect_port 80
48     }
49 }
50 }

从服务器只需要修改角色及优先级

启动keepalived

# systemctl start keepalived.service

查看是否绑定

# ip addr

停掉master测试是否飘移

keepalived验证完毕，可以使用脚本进行检测，待优化

使用脚本进行检测，实现故障时候自动切换

检测脚本参考：

#!/bin/bash
harbor_port=`netstat -anpt |grep :80|wc -l`
[ $harbor_port -eq 0 ] && systemctl stop keepalived

keepalived master配置文件

! Configuration File for keepalivedglobal_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_DEVELvrrp_skip_check_adv_addr
#   vrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_script check_harbor {script "/etc/keepalived/harbor_check.sh"interval 2weight -2
}vrrp_instance VI_1 {state MASTERinterface ens33virtual_router_id 51priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {check_harbor}virtual_ipaddress {192.168.53.100/24}
}virtual_server 192.168.53.100 80 {delay_loop 6lb_algo rrlb_kind NATpersistence_timeout 50protocol TCPreal_server 192.168.53.10 80 {weight 1
#    TCP_CHECK {
#            connect_timeout 3
#            nb_get_retry 3
#            delay_before_retry 3
#            connect_port 80
#    }}
}

keepalived backup配置文件

! Configuration File for keepalivedglobal_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_DEVELvrrp_skip_check_adv_addr
#   vrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_script check_harbor {script "/etc/keepalived/harbor_check.sh"interval 2weight -2
}vrrp_instance VI_1 {state BACKUPinterface ens33virtual_router_id 51priority 99advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {check_harbor}virtual_ipaddress {192.168.53.100/24}
}virtual_server 192.168.53.100 80 {delay_loop 6lb_algo rrlb_kind NATpersistence_timeout 50protocol TCPreal_server 192.168.53.11 80 {weight 1
#        TCP_CHECK {
#            connect_timeout 3
#            nb_get_retry 3
#            delay_before_retry 3
#            connect_port 80
#    }}
}

keepalived.conf

我们先把镜像主从同步停掉，上传一个镜像至53.10中，以便在页面更好区分节点使用vip进行访问

登录服务器查看VIP

将主节点harbor服务停掉测试

登录服务器确认VIP

测试完毕，配置完成

PS##

1)如果需要配置通过域名访问，保证不暴露后端真实IP，需要将harbor.yml中得hostname进行修改

这样在复制拉取命令时候就不会将自己真实后端IP暴露出去

2)可以看到2.0版本后拉取镜像没有版本号，进行以下配置

[root@harbor harbor]# docker ps
CONTAINER ID        IMAGE                                COMMAND                  CREATED             STATUS                    PORTS                       NAMES
365a19c83071        goharbor/nginx-photon:v2.1.0         "nginx -g 'daemon of…"   3 days ago          Up 19 minutes (healthy)   0.0.0.0:80->8080/tcp        nginx
ce931dcc3d3a        goharbor/harbor-jobservice:v2.1.0    "/harbor/entrypoint.…"   3 days ago          Up 19 minutes (healthy)                               harbor-jobservice
18a585196b55        goharbor/harbor-core:v2.1.0          "/harbor/entrypoint.…"   3 days ago          Up 19 minutes (healthy)                               harbor-core
84cd91ad2d2d        goharbor/harbor-portal:v2.1.0        "nginx -g 'daemon of…"   3 days ago          Up 19 minutes (healthy)                               harbor-portal
039f375ff277        goharbor/registry-photon:v2.1.0      "/home/harbor/entryp…"   3 days ago          Up 19 minutes (healthy)                               registry
d329617fe932        goharbor/harbor-registryctl:v2.1.0   "/home/harbor/start.…"   3 days ago          Up 19 minutes (healthy)                               registryctl
b9a3b01fdf4e        goharbor/harbor-db:v2.1.0            "/docker-entrypoint.…"   3 days ago          Up 19 minutes (healthy)                               harbor-db
34f04df78acf        goharbor/redis-photon:v2.1.0         "redis-server /etc/r…"   3 days ago          Up 19 minutes (healthy)                               redis
e6fa18c6f576        goharbor/harbor-log:v2.1.0           "/bin/sh -c /usr/loc…"   3 days ago          Up 19 minutes (healthy)   127.0.0.1:1514->10514/tcp   harbor-log

进入harbor-portal 得容器中

[root@harbor harbor]# docker exec -it 84cd91ad2d2d /bin/bash
nginx [ / ]$ cd /usr/share/nginx/html/
nginx [ /usr/share/nginx/html ]$ ls -l
total 8612
-rw-r--r-- 1 root root  149395 2020-09-16 02:45 3rdpartylicenses.txt
-rw-r--r-- 1 root root   11347 2020-09-16 02:28 LICENSE
-rw-r--r-- 1 root root  375069 2020-09-16 02:45 dark-theme.css
-rw-r--r-- 1 root root    7455 2020-09-16 02:45 favicon.ico
drwxr-xr-x 3 root root      18 2020-09-16 02:45 i18n
drwxr-xr-x 2 root root     220 2020-09-16 02:45 images
-rw-r--r-- 1 root root     856 2020-09-16 02:45 index.html
-rw-r--r-- 1 root root  389660 2020-09-16 02:45 light-theme.css
-rw-r--r-- 1 root root 5982703 2020-09-16 02:45 main.50faa391a4ae8743ad63.js
-rw-r--r-- 1 root root   71509 2020-09-16 02:45 polyfills-es5.c04cfdffe6ecc730c69c.js
-rw-r--r-- 1 root root    1440 2020-09-16 02:45 runtime.9ad22a88fcc70a015907.js
-rw-r--r-- 1 root root  860407 2020-09-16 02:45 scripts.f4c015c4300c31a9a23c.js
-rw-r--r-- 1 root root     203 2020-09-16 02:45 setting.json
-rw-r--r-- 1 root root  532512 2020-09-16 02:45 styles.fd4a2ff060f99b077bef.css
-rw-r--r-- 1 root root  148840 2020-09-16 02:35 swagger.json
-rw-r--r-- 1 root root  169645 2020-09-16 02:28 swagger.yaml
-rw-r--r-- 1 root root   63039 2020-09-16 02:35 swagger2.json
-rw-r--r-- 1 root root   13548 2020-09-16 02:35 swagger3.json
nginx [ /usr/share/nginx/html ]$

复制一下main.50faa391a4ae8743ad63.js 退出容器

[root@harbor harbor]# find / -name main.50faa391a4ae8743ad63.js
/var/lib/docker/overlay2/8041b6cd2fb0b67619f9ae569d4b7012232c23306727124519e85883f76ec486/diff/usr/share/nginx/html/main.50faa391a4ae8743ad63.js
/var/lib/docker/overlay2/322168b51d2b67ea2bc5226cfe6e61781646a8296045e76c2cd54f2db16bc482/merged/usr/share/nginx/html/main.50faa391a4ae8743ad63.js
[root@harbor harbor]#

在merged目录下的这个，首先进行备份

[root@harbor harbor]# cp /var/lib/docker/overlay2/322168b51d2b67ea2bc5226cfe6e61781646a8296045e76c2cd54f2db16bc482/merged/usr/share/nginx/html/main.50faa391a4ae8743ad63.js{,.bak}
[root@harbor harbor]# vim /var/lib/docker/overlay2/322168b51d2b67ea2bc5226cfe6e61781646a8296045e76c2cd54f2db16bc482/merged/usr/share/nginx/html/main.50faa391a4ae8743ad63.js

搜索字符

artifactPullCommand

将下面内容:

t.type===e.type&&(e.pullCommand=t.pullCommand+" "+n.registryUrl+"/"+n.projectName+"/"+n.repoName+"@"+e.digest)

更改为：

t.type===e.type&&(e.pullCommand=t.pullCommand+" "+n.registryUrl+"/"+n.projectName+"/"+n.repoName+":"+e.tags[0].name)

保存退出，无需重启容器，最好清一下浏览器缓存

keepalived实现harbor高可用相关推荐

基于共享存储的Harbor高可用-Docker部署方案
部署规划架构图 Redis也可以和Harbor集中部署.这样避免了在不使用Reids集群模式下单节点的故障. 使用此模式,目前测试对于Harbor的登录,镜像信息查看,在计算节点,镜像的推送和下载没 ...
saltstack实现haproxy+keepalived负载均衡+高可用(二)
一键部署haproxy+keepalived实现负载均衡+高可用实验环境: !!!! 特别注意: www.westos.org为test1的minion名字 test1: 172.25.1.1 ...
Nginx+keepalived负载均衡高可用篇第③版
Nginx+keepalived负载均衡高可用篇第③版对付中.小型企业,假如没有资金去购买昂贵的四/七层负载均衡交换机,那么Nginx是不错的七层负载均衡选择,并且可以通过Nginx + Keepa ...
MySQL共享存储主备模式利用Keepalived实现双机高可用
简单介绍先简单说下MySQL主从复制与keepalived模式和MySQL共享存储与Keepalived模式 MySQL共享存储主备模式不同于MySQL主主复制模式,MySQL主主是利用MySQL自 ...
基于keepalived搭建MySQL高可用集群
MySQL的高可用方案一般有如下几种: keepalived+双主,MHA,MMM,Heartbeat+DRBD,PXC,Galera Cluster 比较常用的是keepalived+双主,MHA和 ...
转载--CentOS 6.3下部署LVS(NAT)+keepalived实现高性能高可用负载均衡
源地址:http://www.cnblogs.com/mchina/archive/2012/08/27/2644391.html 一.简介 VS/NAT原理图: 二.系统环境实验拓扑: 系统平台: ...
keepalived实现nginx高可用主备集群配置过程
keepalived实现nginx高可用基本原理: keepalived安装命令: yum install keepived -y 使用ip -a验证是否安装成功 nginx存活检测脚本nginx_c ...
高并发负载均衡（四）：基于keepalived的LVS高可用搭建
LVS四层 & Nginx七层对比你要分清哪些程序是应用层的,哪些程序是内核的. LVS四层负载均衡服务器,是不会碰握手这一个步骤的. Nginx是基于反向代理(七层)的负载均衡服务器,要 ...
Keepalived实现mysql高可用
文章目录 0.参考资料 1.实现mysql双主高可用 1.1.高可用方案选择 1.2.双主基础上实现高可用 1.2.1.安装 1.2.2.主从配置文件 2.原理介绍(整理自网络) 0.参考资料官方地 ...

keepalived实现harbor高可用

keepalived实现harbor高可用相关推荐

最新文章

热门文章