Consul使用小记

最新推荐文章于 2021-05-13 13:01:08 发布
最新推荐文章于 2021-05-13 13:01:08 发布
阅读量359 收藏
点赞数
文章标签: json ui 运维
原文链接:https://my.oschina.net/yugj/blog/2247117
版权

为什么80%的码农都做不了架构师?>>>   hot3.png

Consul使用小记

1,概要

项目中原使用eureka作为注册中心,鉴于2.0不继续开源,适当对其他组件也了解下,以适应未知情况

consul getting started:https://www.consul.io/intro/getting-started/install.html

2,consul vs eureka

参考:https://www.consul.io/intro/vs/eureka.html

官方表示consul有其他发现注册产品没有的特性,but目前很多特性我们没用到,后续再继续研究

对比差异主要关系我们使用和可能使用的部分,健康检查两者都支持,spring clound支持;cap 方面consul强调一致性,eureka强调分区耐久性,consul服务注册相比 Eureka 会稍慢一些。因为 Consul 的 raft 协议要求必须过半数的节点都写入成功才认为注册成功 Leader 挂掉时,重新选举期间整个 Consul 不可用。保证了强一致性但牺牲了可用性;eureka服务注册相对要快,因为不需要等注册信息 replicate 到其它节点,也不保证注册信息是否 replicate 成功 当数据出现不一致时,虽然 A, B 上的注册信息不完全相同,但每个 Eureka 节点依然能够正常对外提供服务,这会出现查询服务信息时如果请求 A 查不到,但请求 B 就能查到。如此保证了可用性但牺牲了一致性;牺牲一致性在注册发现场景问题不大,在注册发现场景eureka性能更高

主流注册发现组件比较(摘自网络)

FeatureConsulzookeeperetcdeuerka
服务健康检查服务状态,内存,硬盘等(弱)长连接,keepalive连接心跳可配支持
多数据中心支持
kv存储服务支持支持支持
一致性raftpaxosraft
capcacpcpap
使用接口(多语言能力)支持http和dns客户端http/grpchttp(sidecar)
watch支持全量/支持long polling支持支持 long polling支持 long polling/大部分增量
自身监控metricsmetricsmetrics
安全acl /httpsaclhttps支持(弱)
spring cloud集成已支持已支持已支持已支持
开发语言go   
3,安装使用

Consul agent有两种运行模式:Server和Client。这里的Server和Client只是Consul集群层面的区分,与搭建在Cluster之上 的应用服务无关。以Server模式运行的Consul agent节点用于维护Consul集群的状态,官方建议每个Consul Cluster至少有3个或以上的运行在Server mode的Agent,Client节点不限

consul借助agent来运行,类似elk的logstash agent 或 zabbix监控系统的agent ,每个需要被发现的服务上,通过consul agent client 来收集服务本身的信息,然后向consul agent server汇报, consul server 可以集群部署

mac上安装:brew install consul

参考:https://www.consul.io/intro/getting-started/install.html

启动agent 及ui:consul agent -ui -dev -advertise 127.0.0.1

默认ui页面:http://localhost:8500/ui

单机测试代码:https://github.com/yugj/spring-clound-test.git

说明:consul-client-1 请求consul-rest-server、consul-rest-server2 实现服务发现负载均衡

 

集群配置:

server:

Server Configuration

The configuration files are stored as JSON files. Consul has built-in encryption support using a shared-secret system for the gossip protocol.

In the terminal, we can use the Consul command to generate a key of the necessary length and encoding as follows:

root@server1:~#consul keygen
EXz7LFN8hpQ4id8EDYiFoQ==

It should be the same for all the servers and clients in a datacenter. If it's different the consul members will refuse to join.

Create the first file in the /etc/consul.d/server directory in server1.example.com (IP Address: 192.168.1.11). Use the encryption key generated above as the value for the "encrypt" key in the JSON.

server1.example.com

root@server1:~#vim /etc/consul.d/server/config.json
{
"bind_addr": "192.168.1.11", 
"datacenter": "dc1",
"data_dir": "/var/consul",
"encrypt": "EXz7LFN8hpQ4id8EDYiFoQ==",
"log_level": "INFO",
"enable_syslog": true,
"enable_debug": true,
"node_name": "ConsulServer1",
"server": true,
"bootstrap_expect": 3,
"leave_on_terminate": false,
"skip_leave_on_interrupt": true,
"rejoin_after_leave": true,
"retry_join": [ 
  "192.168.1.11:8301",
  "192.168.1.12:8301",
  "192.168.1.13:8301"
  ]
 }

More information on what each key means can be found in the documentation.

You should copy the contents of this configuration file to the other machines that will be acting as your Consul servers. Place them in the same location just like you did in the first server.

The only value you need to modify on the other servers is the IP addresses that it should attempt to listen on - the value of the 'bind_addr' key.

server2.example.com

root@server2:~#vim /etc/consul.d/server/config.json
{
"bind_addr": "192.168.1.12",
"datacenter": "dc1",
"data_dir": "/var/consul",
"encrypt": "EXz7LFN8hpQ4id8EDYiFoQ==",
"log_level": "INFO",
"enable_syslog": true,
"enable_debug": true,
"node_name": "ConsulServer2",
"server": true,
"bootstrap_expect": 3,
"leave_on_terminate": false,
"skip_leave_on_interrupt": true,
"rejoin_after_leave": true,
"retry_interval": "30s",
"retry_join": [ 
  "192.168.1.11:8301",
  "192.168.1.12:8301",
  "192.168.1.13:8301"
  ]
 }

server3.example.com

root@server3:~#vim /etc/consul.d/server/config.json
{
"bind_addr": "192.168.1.13",
"datacenter": "dc1",
"data_dir": "/var/consul",
"encrypt": "EXz7LFN8hpQ4id8EDYiFoQ==",
"log_level": "INFO",
"enable_syslog": true,
"enable_debug": true,
"node_name": "ConsulServer3",
"server": true,
"bootstrap_expect": 3,
"leave_on_terminate": false,
"skip_leave_on_interrupt": true,
"rejoin_after_leave": true,
"retry_interval": "30s",
"retry_join": [ 
  "192.168.1.11:8301",
  "192.168.1.12:8301",
  "192.168.1.13:8301"
  ]
 }

Starting the cluster

Now we have everything in place to get a consul cluster up and running.

Start server1.example.com first.

root@server1:~#su consul
​
consul@server1:~$consul agent -config-dir /etc/consul.d/server/
​
==> WARNING: Expect Mode enabled, expecting 3 servers
==> Starting Consul agent...
==> Starting Consul agent RPC...
==> Joining cluster...
    Join completed. Synced with 1 initial agents
==> Consul agent running!
     Node name: 'ConsulServer1'
    Datacenter: 'dc1'
        Server: true (bootstrap: false)
   Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400)
  Cluster Addr: 192.168.1.11 (LAN: 8301, WAN: 8302)
Gossip encrypt: true, RPC-TLS: false, TLS-Incoming: false
         Atlas: <disabled>

The service should start up and occupy the terminal window. It will attempt to connect to the two other servers and keep retrying until they are up.

Now start Consul in the other two servers (server2.example.com, server3.example.com) in the same manner.

server2.example.com
​
root@server2:~#su consul
​
consul@server2:~$consul agent -config-dir /etc/consul.d/server/
​
==> WARNING: Expect Mode enabled, expecting 3 servers
==> Starting Consul agent...
==> Starting Consul agent RPC...
==> Joining cluster...
    Join completed. Synced with 1 initial agents
==> Consul agent running!
     Node name: 'ConsulServer2'
    Datacenter: 'dc1'
        Server: true (bootstrap: false)
   Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400)
  Cluster Addr: 192.168.1.12 (LAN: 8301, WAN: 8302)
Gossip encrypt: true, RPC-TLS: false, TLS-Incoming: false
         Atlas: <disabled>
​
server3.example.com
​
root@server3:~#su consul
​
consul@server3:~$consul agent -config-dir /etc/consul.d/server/
​
==> WARNING: Expect Mode enabled, expecting 3 servers
==> Starting Consul agent...
==> Starting Consul agent RPC...
==> Joining cluster...
    Join completed. Synced with 1 initial agents
==> Consul agent running!
     Node name: 'ConsulServer3'
    Datacenter: 'dc1'
        Server: true (bootstrap: false)
   Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400)
  Cluster Addr: 192.168.1.13 (LAN: 8301, WAN: 8302)
Gossip encrypt: true, RPC-TLS: false, TLS-Incoming: false
         Atlas: <disabled>

These servers (server2.example.com, server3.example.com) will connect to the server1.example.com, completing the cluster with one of the servers as the leader and the other two as followers.

You can see the members of the cluster (servers and clients) by asking consul for its members on any of the machines:

root@server3:~#consul members
NodeAddressStatusTypeBuildProtocolDC
ConsulServer1192.168.1.11:8301aliveserver0.6.42dc1
ConsulServer2192.168.1.12:8301aliveserver0.6.42dc1
ConsulServer3192.168.1.13:8301aliveserver0.6.42dc1

The cluster is fully operational now and applications can connect. We'll configure and start the client next.

 

Client Configuration

The client is also a member of the system, and can connect to servers for information about the infrastructure.

Consul clients are very light-weight and simply forward requests to the servers. They provide a method of insulating your servers and offload the responsibility of knowing the servers' addresses from the applications that use Consul.

Create the configuration file under the /etc/consul.d/client directory.

root@client:~#vim /etc/consul.d/client/config.json
{
 "bind_addr": "192.168.1.21",
 "datacenter": "dc1",
 "data_dir": "/var/consul",
 "encrypt": "EXz7LFN8hpQ4id8EDYiFoQ==",
 "log_level": "INFO",
 "enable_syslog": true,
 "enable_debug": true,
 "node_name": "ConsulClient",
 "server": false,
   "service": {"name": "Apache", "tags": ["HTTP"], "port": 80,
   "check": {"script": "curl localhost >/dev/null 2>&1", "interval": "10s"}},
 "rejoin_after_leave": true,
 "retry_join": [
    "192.168.1.11", 
    "192.168.1.12", 
    "192.168.1.13"
    ]
 }

Start Consul

root@client:~#su consul
​
consul@client:~$consul agent -config-dir /etc/consul.d/client
​
consul@client:~$consul members
NodeAddressStatusTypeBuildProtocolDC
ConsulClient192.168.1.21:8301aliveclient0.6.42dc1
ConsulServer1192.168.1.11:8301aliveserver0.6.42dc1
ConsulServer2192.168.1.12:8301aliveserver0.6.42dc1
ConsulServer3192.168.1.13:8301aliveserver0.6.42dc1

You can see that the client has joined the cluster. Let us try to list the available services from this client using the REST API.

consul@client:~$curl -s http://client.example.com:8500/v1/catalog/services
{"ConsulClient": {
   "ID":"ConsulClient",
   "Service":"Apache",
   "Tags":["HTTP"],
   "Address":"",
   "Port":80,
   "EnableTagOverride":false,
   "CreateIndex":0,
   "ModifyIndex":0}
   }

We can also list the members via the same REST endpoint.

consul@client:~$curl -s http://client.example.com:8500/v1/agent/members
​
 [{"Name":"ConsulClient",
    "Addr":"192.168.1.21",
    "Port":8301,
    "Tags": {"build":"0.6.4:26a0ef8c",
        "dc":"dc1",
        "role":"node",
        "vsn":"2",
        "vsn_max":"3",
        "vsn_min":"1"},
    "Status":1,
    "ProtocolMin":1,
    "ProtocolMax":3,
    "ProtocolCur":2,
    "DelegateMin":2,
    "DelegateMax":4,
    "DelegateCur":4
   },
 {"Name":"ConsulServer1",
    "Addr":"192.168.1.11",
    "Port":8301,
    "Tags":{"build":"0.6.4:26a0ef8c",
        "dc":"dc1",
        "expect":"3",
        "port":"8300",
        "role":"consul",
        "vsn":"2",
        "vsn_max":"3",
        "vsn_min":"1"},
    "Status":1,
    "ProtocolMin":1,
    "ProtocolMax":3,
    "ProtocolCur":2,
    "DelegateMin":2,
    "DelegateMax":4,
    "DelegateCur":4
   },
 {"Name":"ConsulServer2",
    "Addr":"192.168.1.12",
    "Port":8301,
    "Tags":{"build":"0.6.4:26a0ef8c",
        "dc":"dc1",
        "expect":"3",
        "port":"8300",
        "role":"consul",
        "vsn":"2",
        "vsn_max":"3",
        "vsn_min":"1"},
    "Status":1,
    "ProtocolMin":1,
    "ProtocolMax":3,
    "ProtocolCur":2,
    "DelegateMin":2,
    "DelegateMax":4,
    "DelegateCur":4
   },
  {"Name":"ConsulServer3",
    "Addr":"192.168.1.13",
    "Port":8301,
    "Tags":{"build":"0.6.4:26a0ef8c",
        "dc":"dc1",
        "expect":"3",
        "port":"8300",
        "role":"consul",
        "vsn":"2",
        "vsn_max":"3",
        "vsn_min":"1"},
   "Status":1,
   "ProtocolMin":1,
   "ProtocolMax":3,
   "ProtocolCur":2,
   "DelegateMin":2,
   "DelegateMax":4,
   "DelegateCur":4
   }]

In case the client fails or is shutdown, after a restart it will rejoin the cluster automatically, as the required parameters are in JSON configuration.

 

参考地址:

https://imaginea.gitbooks.io/consul-devops-handbook/content/server_configuration.html

转载于:https://my.oschina.net/yugj/blog/2247117

weixin_33790053
关注
python consul_Consul 使用手册
weixin_39653717的博客
12-03 825
使用consul介绍Consul包含多个组件,但是作为一个整体,为你的基础设施提供服务发现和服务配置的工具.他提供以下关键特性:服务发现 Consul的客户端可用提供一个服务,比如 api 或者mysql ,另外一些客户端可用使用Consul去发现一个指定服务的提供者.通过DNS或者HTTP应用程序可用很容易的找到他所依赖的服务.健康检查 Consul客户端可用提供任意数量的健康检查,指定一个服务...
Prometheus 和 Grafana 监控 Consul服务端
南宫乘风-Linux运维-虚拟化容器-Python编程 ownit.top
03-17 1284
Consul是一款常用的服务发现和配置管理工具,可以很好地管理和发现分布式系统中的服务和实例。而Prometheus是一款常用的开源监控和告警系统,可以监控各种不同的系统组件并进行告警和分析。本文将介绍如何使用Prometheus监控Consul服务端,以便更好地管理和分析Consul集群的运行情况。
consul服务配置维护
weixin_30654419的博客
11-15 396
1、命令参数 -advertise:通知展现地址用来改变我们给集群中的其他节点展现的地址,默认情况下-bind地址就是展现地址,然而也存在一些路由地址是不能受约束的,这时候会激活一个不同的地址来供应,如果这个地址不能路由,这个路由将不能被加入集群 -bootstrap:用来控制一个server是否在bootstrap模式,在一个datacenter中只能有一个server处于bootstr...
Consul中文文档—Consul调优思路(推荐)
shuai_wy的专栏
10-22 2385
Consul调优思路总结
解决Consul 启动后访问不了原因
那杯热咖啡
09-17 1万+
笔记补录: 在阿里云上安装并启动了consul,以开发模式启动,如下: ./consul agent -dev -ui -node=consul-dev -client=ip地址 于是我在浏览器输入http://ip地址:8500/ui时一直访问不了。然后查看服务器安全组是否开放8500端口。开放8500端口后还是访问不了。 解决方法: -client加上的指定其他机器即可。 ./consul agent -dev -ui -node=consul-dev -client=0.0.0.0 .
consul使用案例源代码
07-16
这个"consul使用案例源代码"的压缩包文件很可能是包含了一些示例代码,帮助开发者理解和学习如何在实际项目中应用Consul。下面将详细阐述Consul的主要功能、工作原理以及如何使用它。 1. **服务发现**: Consul ...
consul使用手册
08-21
不同于翻译自官方文档 的Consul 简介和快速入门,官网的文档太难懂了。 这个是来源于http://www.liangxiansen.cn/2017/04/06/consul/的文章。 看完基本的操作就很容易上手了。
spring cloud consul使用ip注册服务的方法示例
08-26
这将使 Consul 使用 IP 地址来健康检查服务。 ```yaml spring: cloud: consul: host: xxx.xxx.xxx.xxx port: 8500 discovery: prefer-ip-address: true instance-id: ${spring.application.name}:${spring....
Spring boot2X Consul如何使用Feign实现服务调用
08-25
在Spring Boot 2.x版本中,使用Consul作为服务注册与发现中心,并通过Feign进行服务调用,是一种常见的微服务架构实践。Feign是一个声明式的Web服务客户端,它使得编写HTTP客户端变得简单。下面我们将详细讲解如何...
5分钟让你看懂Consul特性及搭建
热门推荐
Jlion 技术博客
04-06 9万+
一、前言 虽然说牛逼的公司都有那么几个牛逼的运维团队,牛逼的运维团队都有着神秘黑科技般敲代码的姿势;本人虽然不是一个运维工程师,但是有幸自己比较爱倒腾这些东西,也会那么一点点运维知识,虽然不算专业,但是还是可以在linux平台下敲一敲代码。去年由于自己业余时间搞了一个app项目,当时自己兼任后端开发,又同时兼任运维,经过多少个夜晚才把后端API网关 搭建起来,当时技术选型主要使用微服务架构,说到微...
consul + consul-template + tls 安装指南
kozazyh的专栏
04-07 2593
实验环境:Consul v0.8.1consul-template v0.19.0consul参考:https://github.com/hashicorp/consul-templatehttps://github.com/hashicorp/consul证书制作参考:https://github.com/cloudflare/cfsslhttps://coreos.com/os/docs/la...
优雅关闭consul
huchao_lingo的博客
05-13 2653
优雅关闭consul consul关闭原理分析 consul agent 在正常关闭的时候会向集群发送 leave 信令,宣告自己离开集群,那么什么才叫正常关闭呢? 首先 agent 监听了三个系统信令,os.Interrupt, syscall.SIGTERM, syscall.SIGHUP os.Interrupt, syscall.SIGTERM两个信令分开处理, os.Interrupt 这个信令对应的其实就是 ctrl+c, 这一般是我们在开发时才会用到,那么和这个信令配合的配置是*config
Consul详解
qq_40652202的博客
09-09 3万+
Spring Cloud 支持很多服务发现的软件,Eureka 只是其中之一,下面是 Spring Cloud 支持的服务发现软件以及特性对比:FeatureeuerkaConsulzookeeperetcd服务健康检查可配支持服务状态,内存,硬盘等(弱)长连接,keepalive连接心跳多数据中心—支持——kv 存储服务—支持支持支持一致性—raftpaxosraftcapapcacpcp使用接口(多语言能力)http(sidecar)支持 http 和 dns客户端htt...
consul命令行查看服务_Consul 命令行最全文档
weixin_39918043的博客
12-20 3753
1.启动一个带ACL 控制的Agent首先,从这个网址下载consul,解压后发现就是个可执行文件,如果不可以执行,chmod +x consul 一下。为了试验Consul较多的功能,这里我们打算启用一个dev模式,带ACL控制的Consul代理。配置文件config.json如下{"datacenter":"dc1","primary_datacenter":"dc1","data_dir":...
consul golang使用_Prometheus+Consul服务自动发现监控
weixin_39848347的博客
11-30 372
决战双十一,最后一天!K8s课程golang 课程 一 简介在上一篇Prometheus+Node_exporter+Grafana+Alertmanager 监控部署(上)里,已经有了 promethues 的一套监控环境。但是这里有个问题,就是在 prometheus.yml 里配置需要监听的服务时,是按服务名写死的,如果后面增加了节点或者组件信息,就得手动修改此配置,并重启 p...
Consul介绍
06-04 4096
Consul:服务管理软件。支持多数据中心下,分布式高可用,服务发现和配置共享,成员管理和消息广播,支持ACL访问控制。(相关的其他类似软件Zookeeper、Etcd、spring里的eureka) 官网: https://www.consul.io/intro/index.html 安装: 1、下载解压之后就是一个可执行文件 2、拷贝到你的/usr/local/bin目录中(或者其他你...
Consul实践之Consul是什么
huaweitman的专栏
04-05 1377
http://dgd2010.blog.51cto.com/1539422/1730263
ConsulConsul实践指导-Encryption配置
渡江客涂鸦板
08-23 5669
Consul Agent支持对其所有的网络数据流进行加密。加密方法后续介绍。有两个独立的加密系统:Gossip Traffic和RPC。
consul 使用consul-config
最新发布
07-27
使用Consul时,可以使用Consul-template来实现配置模板和Nginx配置的更新。首先,需要安装并运行Consul。可以从官网下载最新版本的Consul服务,并解压到指定目录。然后,将解压后的Consul可执行文件移动到/usr/...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值