docker搭建consul服务,实现389DS高可用
1.操作环境
192.168.0.1 389DS服务器、consul服务器
192.168.0.2 389DS服务器、consul服务器
192.168.0.3 consul服务器
192.168.1.1 上游DNS服务器
2.基本流程
mkdir -p /home/consul/config #创建映射文件夹做可持续存储
mkdir -p /home/consul/data #创建映射文件夹做可持续存储
vi /home/consul/config/ldap.json #创建consul服务文件
vi /home/consul/config/consul.hcl #创建consul配置文件
vi consul-docker.sh #创建脚本用于生成systemctl控制的consul服务
vi /etc/selinux/config #确保disabled Selinux服务
3.编写consul.hcl
disable_remote_exec = false
data_dir = "/consul/data"
client_addr = "0.0.0.0"
node_name = "server-3"
log_level = "INFO"
ui_config{
enabled = true
}
server = true
ports{
dns = 53
}
recursors = [
"192.168.1.1"
]
bind_addr = "192.168.0.3" # Listen on all IPv4
advertise_addr = "192.168.0.3"
bootstrap_expect = 3
retry_join = [
"192.168.0.1",
"192.168.0.2"
]
4.编写service.json
{
"services": [
{
"id": "ldap1",
"name": "ldap",
"tags": [
"primary"
],
"address": "192.168.0.1",
"port": 389,
"checks": [
{
"tcp": "192.168.0.1:389",
"interval": "10s"
}
]
},
{
"id": "ldap2",
"name": "ldap",
"tags": [
"secondary"
],
"address": "192.168.0.2",
"port": 389,
"checks": [
{
"tcp": "192.168.0.2:389",
"interval": "10s"
}
]
}
]
}
5.编写sh脚本
#!/bin/bash
cat >/usr/lib/systemd/system/dockerconsul.service -<<EOF
Requires=docker.service #确保docker服务存在
[Service]
Type=simple #表示ExecStart=所设定的进程就是该服务的主进程
TimeoutStartSec=5m #设定该服务允许的最大启动时长
ExecStartPre=-/usr/bin/docker rm -f consul-1
ExecStart=/usr/bin/docker run --rm \
--name consul-1 \
--net=host \
-e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' \
-v /home/consul/config:/consul/config \
-v /home/consul/data:/consul/data \
consul agent -server
ExecReload=-/usr/bin/docker stop consul-1
ExecReload=-/usr/bin/docker rm consul-1
ExecStop=-/usr/bin/docker stop consul-1
Restart=always #always表示会被无条件的重启
RestartSec=30
[Install]
WantedBy = multi-user.target #表示systemd-service将在系统达到运行级别2时启动。
EOF
systemctl enable dockerconsul.service