目录
一、consul概述
1、工作原理
首先我们在server上有很多我们跑的业务模块,由于业务增加和减少,节点上会增加和减少容器,由于我们认为不方便管理,所以我们就引入了consul
registrator在监控到我们的业务节点增加或者减少容器的时候,他会通知注册机consul服务端(可用方式协程或者回调),同样当服务端发现后,他会告诉我们的客户端
客户端会用template模板,用template组件去和nginx.conf来进行对接服务,在这个模板里,一般都是变量的方式,写到这个模板后,会作为nginx的子配置文件的方式,被nginx定期调取,客户端通过reload,识别nginx的配置文件的变化,从而达到了调用和控制后端资源的目的
2、特点
支持健康检查、允许存储键值对
基于Go语言,可移植性强
支持ACL访问控制
二、consul部署
准备
服务器: 192.168.255.142 Docker-ce、compose 、consul、Consul-template
服务器: 192.168.255.141 Docker-ce. registrator
template模板(更新>
registrator《自动发现+注册到consul-server端)
后端每构建出一个容器,会向registrator进行注册,控制consul_完成更新操作,consu1会触发consul template模板进行热更新核心机制: consul :自动发现、自动更新,为容器提供服务(添加、删除、生命周期)
主服务器配置
[root@localhost ~]# mkdir /opt/consul
[root@localhost ~]# rz -E
rz waiting to receive.
[root@localhost ~]# cp consul_0.9.2_linux_amd64.zip /opt/consul
/[root@localhost ~]# cd /opt/consul/
[root@localhost consul]# unzip consul_0.9.2_linux_amd64.zip
Archive: consul_0.9.2_linux_amd64.zip
inflating: consul
[root@localhost consul]# mv consul /usr/bin/
[root@localhost consul]# consul agent -server -bootstrap -ui -d
ata-dir=/var/lib/consul-data -bind=192.168.255.142 -client=0.0.0.0 -node=consul-server01 &> /var/log/consul.log &
[1] 58713
[root@localhost consul]# jobs -l
[1]+ 58713 运行中 consul agent -server -bootstrap
-ui -data-dir=/var/lib/consul-data -bind=192.168.255.142 -client=0.0.0.0 -node=consul-server01 &>/var/log/consul.log &
consul agent \
-server \ server模式
-bootstrap \ 前端框架
-ui \ 可被访问的web界面
-data-dir=/var/lib/consul-data \
-bind=192.168.255.142 \
-client=0.0.0.0
-node=consul-server01 &> /var/log/consul.log &
[root@localhost consul]# consul members
Node Address Status Type Build Protocol DC
consul-server01 192.168.255.142:8301 alive server 0.9.2 2 dc1
[root@localhost consul]# consul info|grep leader
leader = true
leader_addr = 192.168.255.142:8300
[root@localhost consul]# netstat -natp|grep 8500
tcp 0 0 127.0.0.1:33450 127.0.0.1:8500 TIME_WAIT -
tcp6 0 0 :::8500 :::* LISTEN 58713/consul
#可通过HTTP API获取群集信息:
curl 127.0.0.1:8500/v1/status/peers '//查看集群server成员'
curl 127.0.0.1:8500/v1/status/leader '//集群Raf leader'
curl 127.0.0.1:8500/v1/catalog/services '//注册的所有服务'
curl 127.0.0.1:8500/v1/catalog/nginx '//查看(nginx)服务信息'
curl 127.0.0.1:8500/v1/catalog/nodes '//集群节点详细信息'
nginx服务器连接consul并创建nginx容器服务
[root@localhost ~]# docker run -d \
> --name=registrator \
> --net=host \
> -v /var/run/docker.sock:/tmp/docker.sock \
> --restart=always \
> gliderlabs/registrator:latest \
> -ip=192.168.126.12 \
> consul://192.168.126.11:8500
[root@localhost ~]# docker run -itd -p 81:80 --name test-01 -h test01 nginx
#-h选项表示指定host主机名称
[root@localhost ~]# docker run -itd -p 82:80 --name test-02 -h test02 nginx
[root@localhost ~]# docker run -itd -p 83:80 --name test-03 -h test03 httpd
[root@localhost ~]# docker run -itd -p 84:80 --name test-04 -h test04 httpd
验证结果
主服务器安装consul-template
Consul-Template是一个守护进程,用于实时查询Consul集群信息,并更新文件系统上任意数量的指定模板,生成配置文件
更新完成以后,可以选择运行shell 命令执行更新操作,重新加载_Nginx
Consul-Template可以查询consul中的服务目录、Key、Key-values等
这种强大的抽象功能和查询语言模板可以使Consul-Template特别适合动态的创建配置文件
例如:创建Apache/Nginx Proxy Balancers、Haproxy Backends
[root@localhost consul]# vim nginx.ctmpl
upstream http_backend {
{{range service "nginx"}}
server {{.Address}}:{{.Port}};
{{end}}
}
server {
listen 81;
server_name localhost 192.168.255.142;
access_log /var/log/nginx/lic.com-access.log;
index index.html index.php;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded
_for; proxy_pass http://http_backend;
}
}
yum -y install gcc pcre-devel zlib-devel
rz nginx-1.12.2.tar.gz
tar zxvf nginx-1.12.2.tar.gz -C /opt
cd /opt/nginx-1.12.10
./configure --prefix=/usr/local/nginx
make && make install
--
vim /usr/local/nginx/conf/nginx.conf
include mime.types;
include vhost/*.conf; #19行添加,虚拟主机目录
[root@localhost nginx-1.12.2]# vim /usr/local/nginx/conf/nginx.conf
[root@localhost nginx-1.12.2]# mkdir /usr/local/nginx/conf/vhost
[root@localhost nginx-1.12.2]# mkdir /var/log/nginx
[root@localhost nginx-1.12.2]# /usr/local/nginx/sbin/nginx
[root@localhost nginx-1.12.2]# netstat -natp|grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:*
LISTEN 61726/nginx: master
[root@localhost nginx-1.12.2]# cd /opt/consul/
[root@localhost consul]# rz -E
rz waiting to receive.
[root@localhost consul]# ls
consul_0.9.2_linux_amd64.zip nginx.ctmpl
consul-template_0.19.3_linux_amd64.zip
[root@localhost consul]# unzip consul-template_0.19.3_linux_amd
64.zip Archive: consul-template_0.19.3_linux_amd64.zip
inflating: consul-template
[root@localhost consul]# mv consul-template /usr/bin/
#启动template,指定template模板文件及生成路径:
[root@xjj consul]# consul-template -consul-addr 192.168.255.142:8500 -template "/opt/consul/nginx.ctmpl:/usr/local/nginx/conf/vhost/kgc.conf:/usr/local/nginx/sbin/nginx -s reload" --log-level=info
#指定模板路径/consul/nginx.ctmpl,生成到/usr/locla/nginx/conf/vhost/xjj.conf,然后重载nginx -s reload,之后定义日志级别,进入监控状态
--
#主节点打开新终端查看配置文件:
#访问这个池子里面的Web页面,得访问192.168.255.142:8080,且是轮询机制,这里若访问不了,可以重载nginx再试试
[root@localhost ~]# cat /usr/local/nginx/conf/vhost/kgc.conf
upstream http_backend {
server 192.168.255.141:81;
server 192.168.255.141:82;
}
server {
listen 81;
server_name localhost 192.168.255.142;
access_log /var/log/nginx/lic.com-access.log;
index index.html index.php;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded
_for; proxy_pass http://http_backend;
}
}
nginx服务器新增容器节点以测试自动更新
nginx服务器
[root@localhost nginx-1.12.2]# docker run -itd -p 86:80 --name
test-06 -h test06 nginxWARNING: IPv4 forwarding is disabled. Networking will not work.
909d1dea43b847d849aabcbb0bcbefd50153a13ec94d3d6c82c97c1156c9eec5
主服务器查看
[root@localhost ~]# cat /usr/local/nginx/conf/vhost/kgc.conf
upstream http_backend {
server 192.168.255.141:81;
server 192.168.255.141:82;
server 192.168.255.141:86;
}
server {
listen 100;
server_name localhost 192.168.255.142;
access_log /var/log/nginx/lic.com-access.log;
index index.html index.php;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded
_for; proxy_pass http://http_backend;
}
}