1. Introduction to Docker Consul
Consul is an open source tool written in go language launched by HashiCorp to realize service discovery and configuration of distributed systems
- Consul supports health checks and allows key-value pairs to be stored
- The consensus protocol uses the Raft algorithm to ensure the high availability of services
- Member management and message broadcast adopt GOSSIP protocol, support ACL access control
- Easy to deploy and can work seamlessly with lightweight containers such as Docker
Docker consul service update and discovery service architecture
- consul template: configuration file template
- registrator: registration mechanism
- consul server: consul service
The topological diagram above is based on Docker, and then consul, consul template, registrator and nginx are assembled into a trustworthy and extensible service framework. This architecture can be flexible, does not need to restart any services, and does not need to rewrite any configuration Adding and removing services
When a container is added to the rear, the container will register the registrator. When the registrator finds that a container is added, it will notify the consul server to update, and the consul server uses the consul template template to update
Docker consul automatic discovery service architecture construction
- The agent of consul must be deployed and run on each node that provides services
- Consul agent has two operating modes: server and client
- Server and client are only the distinction of consul cluster level, and have nothing to do with the application services built on the cluster
2. Simulation experiment
consul node | 192.168.153.40 | Docker-ce、Consul、Consul-template、nginx |
---|---|---|
web node | 192.168.153.60 | Docker-this |
consul node
mkdir consul
cd consul/ #拉入软件包
unzip consul_0.9.2_linux_amd64.zip -d /usr/bin
consul agent \
-server \
-bootstrap \
-ui \
-data-dir=/var/lib/consul-data \
-bind=192.168.153.40 \
-client=0.0.0.0 \
-node=consul-server01 &> /var/log/consul.log &
jobs
##查看集群信息
consul members
consul info | grep leader
##通过httpd api获取集群信息
curl 127.0.0.1:8500/v1/status/peers #查看集群server成员
curl 127.0.0.1:8500/v1/status/leader #集群Raf leader
curl 127.0.0.1:8500/v1/catalog/services #注册的所有服务
curl 127.0.0.1:8500/v1/catalog/nginx #查看nginx服务信息
curl 127.0.0.1:8500/v1/catalog/nodes #集群节点详细信息
web node
Install Gliderlabs/Registrator
Gliderlabs/Registrator can check the running status of the container and register automatically, and can also unregister the service of the docker container to the service configuration center. Currently Consul, Etcd and SkyDNS2 are supported.
docker run -d \
--name=registrator \
--net=host \
-v /var/run/docker.sock:/tmp/docker.sock \
--restart=always \
gliderlabs/registrator:latest \
-ip=192.168.153.60 \
consul://192.168.153.40:8500
Test whether the service discovery function is normal
docker run -itd -p:81:80 --name test-01 -h test01 nginx
docker run -itd -p:82:80 --name test-02 -h test02 nginx
docker run -itd -p:83:80 --name test-03 -h test03 httpd
docker run -itd -p:84:80 --name test-04 -h test04 httpd
Verify that the http and nginx services are registered to the consul
browser, enter http://192.168.153.40:8500, "click Services", and then click "consurl-server01", there will be 5 services:
View service on consul server
curl 127.0.0.1:8500/v1/catalog/services
192.168.153.60:82 IP:设置好的对外端口号可以访问web界面,如果访问不到,可以重启docker服务和容器
Enter the following command on the web node to view the access records in real time
docker logs -f test-02
Install consul-template
Consul-Template_ is a daemon process used to query Consul cluster information in real time, update any number of specified templates on the file system, and generate configuration files. After the update is complete, you can choose to run the shell command to perform the update operation and reload Nginx.
Consul-Template can query the service catalog, Key, Key-values, etc. in Consul.
This powerful abstract function and query language template can make Consul-Template particularly suitable for dynamically creating configuration files. For example: create Apache/Nginx Proxy Balancers, Haproxy Backends
cd ~/consul/ #拉入软件包
unzip consul-template_0.19.3_linux_amd64.zip -d /usr/bin/
consul node
Prepare template nginx template file
vim /root/consul/nginx.ctmpl
upstream http_backend {
{
{
range service "nginx"}}
server {
{
.Address}}:{
{
.Port}};
{
{
end}}
}
server {
listen 1234;
server_name localhost 192.168.153.40;
access_log /var/log/nginx/access.log;
index index.html index.php;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://http_backend;
}
}
This template is used for the nginx reverse proxy template.
nginx.ctmpl is not directly related to nginx.
Consul is an automatic management mechanism of
docker. The parameters in nginx.ctmpl are written in the form of variables.
Compile and install nginx
yum install gcc pcre-devel zlib-devel -y
tar zxvf nginx-1.12.2.tar.gz
cd nginx-1.12.2/
./configure --prefix=/usr/local/nginx
make -j 4 && make install
Configure nginx
vim /usr/local/nginx/conf/nginx.conf
http {
include mime.types;
include vhost/*.conf; #添加虚拟主机目录
default_type application/octet-stream;
#创建虚拟主机目录
mkdir /usr/local/nginx/conf/vhost
#创建日志文件目录
mkdir /var/log/nginx
#启动nginx
/usr/local/nginx/sbin/nginx
Configure and start template
#启用模板
consul-template -consul-addr 192.168.153.40:8500 -template "/root/consul/nginx.ctmpl:/usr/local/nginx/conf/vhost/wt.conf:/usr/local/nginx/sbin/nginx -s reload" --log-level=info
出现此界面说明 template 启动成功
Add an nginx container node to the web node to test service discovery and configuration update functions
docker run -itd -p:85:80 --name test-05 -h test05 nginx
打开一个新的xshell终端查看生成配置文件,可以看到多了一个nginx节点
原先终端发现了新的容器并更新了信息
Three, consul multi-node
Add a server 192.168.153.50/24 that deploys the docker environment to join the existing cluster
consul agent \
-server \
-bootstrap \
-ui \
-data-dir=/var/lib/consul-data \
-bind= 192.168.153.50 \
-client=0.0.0.0 \
-node=consul-server02 \
-enable-script-checks=true \
-datacenter=dc1 \
-join 192.168.153.50 &> /var/log/consul.log &
-enable-script-checks=true: Set the check service to be available
-datacenter: data center name
-join: join to an existing cluster