opensips容器通过keepalived实现高可用
opensips容器通过keepalived实现高可用
详情请见(含截图):
https://tranquil-chill-ce7.notion.site/opensips-keepalived-ab4dca3e301642c882ed5dfe8e7a34cd
通过docker pull命令从docker hub上拉取opensips镜像,然后创建两个opensips容器(这里我命名为op和op_1。由于我们公司已经做好了op容器,所以我需要将op容器commit成镜像,然后创建两个一模一样的容器op和op_1即可。
将opensips容器op备份(要创建两个同样的容器):
docker commit -p op op_backup
确认网卡名称
ifconfig开启混杂模式(eno7为网卡名,要根据实际情况变更)
ip link set eno7 promisc on
ifconfig eno7 promisc创建Macvlan网络
docker network create -d macvlan \\
> --subnet=192.168.5.0/24 \\
> --ip-range=192.168.5.0/24 \\
> --gateway=192.168.5.1 \\
> -o parent=eno7 \\
> my_macvlan
创建两个opensips容器op和op_1,并加入macvlan网络
op(IP指定为192.168.5.160):
docker run -itd --privileged --cpus="16" -m 32000M --name op --ip=192.168.5.160 --network my_macvlan -v `pwd`/etc:/etc/opensips -v `pwd`/log:/var/log/ --entrypoint zsh op_backup:latest
op_1(IP指定为192.168.5.161):
cp -rf etc etc_1
cp -rf log log_1
docker run -itd --privileged --cpus="16" -m 32000M --name op_1 --ip=192.168.5.161 --network my_macvlan -v `pwd`/etc_1:/etc/opensips -v `pwd`/log_1:/var/log/ --entrypoint zsh op_backup:latest
(修改etc_1/opensips.cfg里的socket=...监听端口(5050->5051),里面的mysql配置的数据库名字:opensips->opensips1)
环境准备
由于两个opensips容器都是精简版的Debian系统,所以需要安装一些必要的工具,如下:
//先更新一波
apt-get update
//wget
apt install wget
//ifconfig
apt install net-tools
//ping
apt install iputils-ping
又由于keepalived需要依赖于一些库,需要安装一些必要的依赖库,如下:
apt-get install curl gcc libssl-dev libnl-3-dev libnl-genl-3-dev libsnmp-dev libtool pciutils-dev build-essential openssl
下载、安装、编译keepalived
由于以指令apt-get install keepalived 安装的keepalived太旧,所以我选择用另一种方式安装稍高版本的keepalived:
#下载安装包
wget <https://www.keepalived.org/software/keepalived-2.0.20.tar.gz>
#解压缩
tar -zxvf keepalived-2.0.20.tar.gz
#移动
mv keepalived-2.0.20 /usr/local/keepalived
#进入目录
cd /usr/local/keepalived
#编译安装
./configure --prefix=/usr/local/keepalived
#安装
make && make install
配置keepalived.conf
IP为192.168.5.160的容器:
! Configuration File for keepalived
global_defs {
router_id GienTech_1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 130
priority 130
advert_int 1
authentication {
auth_type PASS
auth_pass 2019
}
virtual_ipaddress {
192.168.5.200/24 dev eth0
}
}
IP为192.168.5.161的容器:
! Configuration File for keepalived
global_defs {
router_id GienTech_2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 130
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 2019
}
virtual_ipaddress {
192.168.5.200/24 dev eth0
}
}
配置keepalived的启动文件
发现keepalived的命令并不能正常使用,需要配置/etc/init.d/keepalived文件。才能正常使用:
/etc/init.d/keepalived {start|stop|reload|restart|condrestart|status}
#!/bin/sh
#
# Startup script for the Keepalived daemon
#
# processname: keepalived
# pidfile: /var/run/keepalived.pid
# config: /etc/keepalived/keepalived.conf
# chkconfig: - 21 79
# description: Start and stop Keepalived
# Source function library
. /lib/lsb/init-functions
# Source configuration file (we set KEEPALIVED_OPTIONS there)
. /etc/sysconfig/keepalived
RETVAL=0
prog="keepalived"
start() {
echo -n $"Starting $prog: "
daemon -- keepalived ${KEEPALIVED_OPTIONS}
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
}
stop() {
echo -n $"Stopping $prog: "
killproc keepalived
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
}
reload() {
echo -n $"Reloading $prog: "
killproc keepalived -1
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/$prog ]; then
stop
start
fi
;;
status)
status keepalived
RETVAL=$?
;;
*)
echo "Usage: $0 {start|stop|reload|restart|condrestart|status}"
RETVAL=1
esac
exit $RETVAL
故障模拟测试
测试一:
1、op和op_1启动keepalived服务,优先级高的op的eth0出现VIP,而此时op_1还是自己的IP。
2、op关闭keepalived服务,此时op的eth0恢复为自己的IP,而VIP已经跑到op_1。
3、重新启动op的keepalived服务,发现VIP又跑到了op上,而op_1网络恢复正常。
测试二:
1、将op停止,发现VIP跑到了op_1上。
2、将op启动,进入容器并开启keepalived服务,发现VIP出现在op上,而op_1的IP恢复正常。
浙公网安备 33010602011771号