docker swarm 部署minio集群并配合nginx实现负载均衡
Minio
本示例compose文件会拉起3个节点的minio集群,节点用swarm node标签replica来标记。
docker-compose文件准备
- docker-compose-minio-limit.yml (限制使用的内存和CPU)
version: '3.7'
# Settings and configurations that are common for all containers
x-minio-common: &minio-common
image: quay.io/minio/minio:RELEASE.2023-06-19T19-52-50Z
command: server --console-address ":9001" http://minio{1...3}/data{1...2}
environment:
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: minioadmin
networks:
- minio_distributed
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
interval: 30s
timeout: 20s
retries: 3
# starts 3 docker containers running minio server instances.
# using nginx reverse proxy, load balancing, you can access
# it through port 9000.
services:
minio1:
<<: *minio-common
hostname: minio1
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
resources:
limits:
memory: 800M
cpus: "0.5"
placement:
constraints:
- node.labels.minio.replica==1
volumes:
- minio1-data-1:/data1
- minio1-data-2:/data2
minio2:
<<: *minio-common
hostname: minio2
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
resources:
limits:
memory: 800M
cpus: "0.5"
placement:
constraints:
- node.labels.minio.replica==2
volumes:
- minio2-data-1:/data1
- minio2-data-2:/data2
minio3:
<<: *minio-common
hostname: minio3
deploy:
restart_policy:
delay: 10s
max_attempts: 10
window: 60s
resources:
limits:
memory: 800M
cpus: "0.5"
placement:
constraints:
- node.labels.minio.replica==3
volumes:
- minio3-data-1:/data1
- minio3-data-2:/data2
nginx:
image: nginx:1.20-alpine
hostname: nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
networks:
- minio_distributed
ports:
- "9000:9000"
- "9001:9001"
deploy:
resources:
limits:
memory: 800M
cpus: "0.5"
placement:
constraints:
- node.labels.minio.replica==1
depends_on:
- minio1
- minio2
- minio3
## By default this config uses default local driver,
## For custom volumes replace with volume driver configuration.
volumes:
minio1-data-1:
minio1-data-2:
minio2-data-1:
minio2-data-2:
minio3-data-1:
minio3-data-2:
networks:
minio_distributed:
external: true # 用已经创建好的网络
- nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 4096;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
# include /etc/nginx/conf.d/*.conf;
upstream minio {
server minio1:9000;
server minio2:9000;
server minio3:9000;
}
upstream console {
ip_hash;
server minio1:9001;
server minio2:9001;
server minio3:9001;
}
server {
listen 9000;
listen [::]:9000;
server_name localhost;
# To allow special characters in headers
ignore_invalid_headers off;
# Allow any size file to be uploaded.
# Set to a value such as 1000m; to restrict file size to a specific value
client_max_body_size 0;
# To disable buffering
proxy_buffering off;
proxy_request_buffering off;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
proxy_pass http://minio;
}
}
server {
listen 9001;
listen [::]:9001;
server_name localhost;
# To allow special characters in headers
ignore_invalid_headers off;
# Allow any size file to be uploaded.
# Set to a value such as 1000m; to restrict file size to a specific value
client_max_body_size 0;
# To disable buffering
proxy_buffering off;
proxy_request_buffering off;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
proxy_connect_timeout 300;
# To support websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
chunked_transfer_encoding off;
proxy_pass http://console;
}
}
}
准备工作
修改docker-compose-minio.yml里的配置信息
- swarm节点标记replica
- 用户名密码,MINIO_ROOT_USER和MINIO_ROOT_PASSWORD
- 修改卷挂载,改到数据盘
创建专用网络:
docker network create --driver overlay minio_distributed
拉起服务
sudo docker stack deploy -c docker-compose-minio-new.yml minio
sudo docker stack ps minio查看服务状态
服务验证
- 登录控制台
访问 http://node1:9001输入上面的用户名和密码,登录成功界面。 - 登录其他节点控制台
问题排查
- 无法创建服务,没找到网卡,因为服务启动依赖网卡,重新再拉起一次,看到先创建网卡就好了:Creating network minio_minio_distributed。
Creating service minio_minio2
failed to create service minio_minio2: Error response from daemon: network minio_minio_distributed not found
参考官网
https://github.com/minio/minio/tree/master/docs/orchestration/docker-compose
好记性不如烂笔头!
