Consul 集群
Docker concul 容器服务更新与发现:
简介
(1)Consul:
1、Consul 是 HashCorp 公司推出的开源工具,用于实现分布式系统的服务发现与配置;
2、Consul 特点:
consul 支持健康检查,允许存储键值对;
一致性协议采用 Raft 算法,用来保证服务的高可用;
成员管理和消息广播采用 GOSSIP 协议,支持 ACL 访问控制;
3、方便部署,与 Docker 等轻量级容器可无缝配合。
(2)建立 Consul 服务:
1、每个提高服务的节点上都需要部署和运行 consul 的 agent
2、Consul agent 两种运行模式:
- server;
- client;
3、server 与 client 只是 consul 群集层面的区分,与搭建在 cluster 之上的应用服务无关。
搭建 consul 集群:
IP地址 | 需要安装的软件 |
---|---|
consul-server01(20.0.0.34) | Docker-ce、Compose、Consul、Consul-template |
node(20.0.0.35) | Docker-ce、registrator |
consul-server02(20.0.0.36) | Docker-ce 、Consul |
架构思维图:
部署过程:
(1)配置 consul 服务器:
[root@localhost ~]# mkdir consul
[root@localhost consul]# cd /root/consul
[root@localhost consul]# unzip consul_0.9.2_linux_amd64.zip ##解压
[root@localhost consul]# mv consul /usr/bin/ ##便于系统识别
建立 Consul 服务:
consul agent \
-server \
-bootstrap \
-ui \
-data-dir=/var/lib/consul-data \
-bind=20.0.0.34 \
-client=0.0.0.0 \
-node=consul-server01 &> /var/log/consul.log &
(2)查看集群信息:
[root@localhost ~]# consul members
Node Address Status Type Build Protocol DC
consul-server01 20.0.0.34:8301 alive server 0.9.2 2 dc1
consul-server02 20.0.0.36:8301 alive server 0.9.2 2 dc1
[root@localhost ~]# consul info | grep leader
leader = true
leader_addr = 20.0.0.34:8300
(3)通过 httpd api 可以获取集群信息:
[root@localhost consul]# curl 127.0.0.1:8500/v1/status/peers ##查看群集server成员
[root@localhost consul]# curl 127.0.0.1:8500/v1/status/leaders ##群集中 Raf leader
[root@localhost consul]# curl 127.0.0.1:8500/v1/catalog/services ##注册的所有服务
[root@localhost consul]# curl 127.0.0.1:8500/v1/catalog/nodes ##群集节点详细信息
[root@localhost consul]# curl 127.0.0.1:8500/v1/catalog/nginx ##查看 nginx 服务信息
(4)让容器服务自动加入 nginx 群集:
配置 20.0.0.35 节点:
docker run -d \
--name=registrator \
--net=host \
-v /var/run/docker.sock:/tmp/docker.sock \
--restart=always \
gliderlabs/registrator:latest \
-ip=20.0.0.35 \
consul://20.0.0.34:8500
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ecde36720e7b nginx "/docker-entrypoint.…" About an hour ago Up About an hour 0.0.0.0:84->80/tcp nginx-02
82de26c1b8e9 nginx "/docker-entrypoint.…" About an hour ago Up About an hour 0.0.0.0:83->80/tcp nginx-01
e4436182d9a9 gliderlabs/registrator:latest "/bin/registrator -i…" 3 hours ago Up 3 hours registrator
(5)测试服务、功能是否都正常:
创建两个容器,分别为nginx-01和nginx02,指定端口号为83和84:
[root@localhost ~]# docker run -itd -p:83:80 --name nginx-01 -h nginx01 nginx
[root@localhost ~]# docker run -itd -p:84:80 --name nginx-02 -h nginx02 nginx
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ecde36720e7b nginx "/docker-entrypoint.…" About an hour ago Up About an hour 0.0.0.0:84->80/tcp nginx-02
82de26c1b8e9 nginx "/docker-entrypoint.…" About an hour ago Up About an hour 0.0.0.0:83->80/tcp nginx-01
e4436182d9a9 gliderlabs/registrator:latest "/bin/registrator -i…" 3 hours ago Up 3 hours registrator
(6)验证:http 和 nginx 服务是否都注册到了 consul :
•浏览器访问:20.0.0.34:8500
•点击 “NODES” ----> “consurl-server01” ,会出现刚刚创建的2个服务
(7)实现容器服务自动加入 Nginx 集群:
1、consul-template:
是基于 Consul 的自动替换配置文件的应用;
可以查询 Consul 中的服务目录:Key、Key-values等;
特别适合动态的创建配置文件;
是一个守护进程,用于实时查询 consul 集群信息;
2、准备 template nginx 模板文件:
//在 consul 服务器上操作
创建一个模板文件:
[root@localhost consul]# vim nginx.ctmpl
upstream http_backend {
{{range service "nginx"}}
server {{.Address}}:{{.Port}};
{{end}}
}
server {
listen 1216;
server_name localhost 20.0.0.34;
access_log /var/log/nginx/kgc.cn-access.log;
index index.html index.php;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Fprwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://http_backend;
}
}
3、编译安装一个 nginx 服务:
yum install gcc gcc-c++ pcre pcre-devel zlib-devel -y
tar zxvf nginx-1.12.0.tar.gz -C /opt/
./configure --prefix=/usr/local/nginx
make && make install
ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
4、配置 nginx :
[root@localhost]# vim /usr/local/nginx/conf/nginx.conf
在 http 模板添加虚拟主机目录:
http {
include mime.types;
include vhost/*.conf; ##添加虚拟主机目录
default_type application/octet-stream;
}
创建虚拟主机目录:
[root@localhost consul]# mkdir /usr/local/nginx/conf/vhost
//创建日志文件目录:
[root@localhost consul]# mkdir /var/log/nginx
//启动 nginx
[root@localhost consul]# /usr/local/nginx/sbin/nginx
[root@localhost consul]# netstat -anpt |grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 128297/nginx: maste
(8)配置并启动 template:
1、解压、并复制到 /bin目录下,方便直接使用:
[root@localhost consul]# unzip consul-template_0.19.3_linux_amd64.zip [root@localhost consul]
[root@localhost consul]# mv consul-template /usr/bin/
2、启动:
[root@localhost consul]# consul-template -consul-addr 20.0.0.34:8500 -template "/root/consul/nginx.ctmpl:/usr/local/nginx/conf/vhost/kgc.conf:/usr/local/nginx/sbin/nginx -s reload" --log-level=info
2020/12/01 08:22:31.550600 [INFO] consul-template v0.19.3 (ebf2d3d)
2020/12/01 08:22:31.550623 [INFO] (runner) creating new runner (dry: false, once: false)
2020/12/01 08:22:31.551461 [INFO] (runner) creating watcher
2020/12/01 08:22:31.551930 [INFO] (runner) starting
2020/12/01 08:22:31.551948 [INFO] (runner) initiating run
2020/12/01 08:22:31.555586 [INFO] (runner) initiating run
此时,我们可以再打开一个终端,查看一下根据模板生成的配置文件:
[root@localhost consul]# cat /usr/local/nginx/conf/vhost/kgc.conf
upstream http_backend {
server 20.0.0.35:83;
server 20.0.0.35:84;
}
server {
listen 1216;
server_name localhost 20.0.0.34;
access_log /var/log/nginx/kgc.cn-access.log;
index index.html index.php;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Fprwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://http_backend;
}
}
(9)为了测试自动更新效果,我们可以在 registrator 服务端在创建一个 nginx 容器节点,检测服务发现及配置更新功能:
[root@localhost ~]# docker run -itd -p:85:80 --name nginx-03 -h nginx03 nginx
ea827bdef2e7fe6e4caad595af43c54a7222b5493f473c14ebad5a4a9118793a
此时在 consul 服务器监控中会提示自动更新,查看配置文件:
[root@localhost consul]# cat /usr/local/nginx/conf/vhost/kgc.conf
upstream http_backend {
server 20.0.0.35:85;
server 20.0.0.35:83;
server 20.0.0.35:84;
}
server {
listen 1216;
server_name localhost 20.0.0.34;
access_log /var/log/nginx/kgc.cn-access.log;
index index.html index.php;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Fprwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://http_backend;
}
}
(10)为了展示轮询处理请求,可以用 logs 命令,来查看三台 nginx 容器日志,都会显示来自同一 IP地址的访问:
多刷新访问几次 nginx 首页:20.0.0.34:1216
查看日志
[root@localhost ~]# docker logs -f nginx-01
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
20.0.0.1 - - [01/Dec/2020:08:35:20 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.1 - - [01/Dec/2020:08:35:30 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.1 - - [01/Dec/2020:08:35:31 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.1 - - [01/Dec/2020:08:35:31 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.1 - - [01/Dec/2020:08:35:31 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.1 - - [01/Dec/2020:08:35:32 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
[root@localhost ~]# docker logs -f nginx-01
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
20.0.0.1 - - [01/Dec/2020:08:35:44 +0000] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
2020/12/01 08:35:44 [error] 28#28: *1 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 20.0.0.1, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "20.0.0.35:83", referrer: "http://20.0.0.35:83/"
20.0.0.1 - - [01/Dec/2020:08:35:44 +0000] "GET /favicon.ico HTTP/1.1" 404 555 "http://20.0.0.35:83/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.1 - - [01/Dec/2020:08:35:47 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.1 - - [01/Dec/2020:08:35:48 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.1 - - [01/Dec/2020:08:35:48 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
20.0.0.34 - - [01/Dec/2020:08:39:53 +0000] "GET / HTTP/1.0" 200 612 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36 Edg/87.0.664.47" "-"
可以,看出都是来自20.0.0.1的访问,都会被以轮询的方式发送给后台 docker 进行处理,实现了负载均衡。
consul多节点
在另一台consul server上执行
consul agent \
-server \
-bootstrap \
-ui \
-data-dir=/var/lib/consul-data \
-bind=20.0.0.36 \
-client=0.0.0.0 \
-node=consul-server02 \
-enable-script-checks=true \
-datacenter=dc1 \
-join 20.0.0.34 &> /var/log/condul.log &
刷新网页就能看到consul-server02