Docker (7) consul-template service discovery and configuration

1. Overview of consul

1. What is consul

Consul is an open source tool launched by HashiCorp. Consul is developed in Go language and is very easy to deploy. It only requires very few executable programs and configuration files, and is green and lightweight.
Consul is a distributed, highly available, horizontally scalable service discovery and configuration for distributed systems.

2. The role of Consul

• Service registration and discovery (main function), providing HTTP and DNS discovery methods
• Health check, support multiple protocols, HTTP, TCP, etc.
• Key/Value storage
• Support for multiple data centers
• Based on Golong language, strong portability
• Support ACL access control
• Works seamlessly with lightweight containers like Docker

2. Overview of consul-template

Consul-Template is a daemon for querying Consul cluster information in real time

Consul-Template can update any number of specified templates on the file system. After the generated configuration file is updated, you can choose to run the shell command to perform the update operation and reload Nginx.

Consul-Template can query the service catalog, Key, Key-values, etc. in Consul.
This powerful abstraction and query language templates make Consul-Template particularly suitable for dynamically creating configuration files.

For example: Create Apache/Nginx Proxy Balancers, Haproxy Backends

Three, the role of regisrator

A service written in Go language for docker that can be used to detect container status , automatically register and unregister docker containers to the service configuration center . Consul, Etcd and SkyDNS2 are currently supported.

Fourth, build a consul cluster environment

The architecture diagram is as follows:

host	operating system	ip	Required software
consul	centos7	192.168.100.135	Docker 、Consul、Consul-template
Registry	7 hundred	192.168.100.142	Docker、registrator

need:

Realize the intercommunication between containers in a single-machine network

Create a container with Docker Compose

Build Consul service to realize automatic discovery and update

Environment preparation: turn off firewall and selinux

systemctl stop firewalld
setenforce 0 

1. Install Consul

consul：192.168.100.135

Compile and install consul

mkdir /root/consul
cd /root/consul
unzip consul_0.9.2_linux_amd64.zip
mv consul /usr/local/bin/


//设置代理，在后台启动 consul 服务端
consul agent \     
-server \
-bootstrap \
-ui \
-data-dir=/var/lib/consul-data \
-bind=192.168.80.15 \
-client=0.0.0.0 \
-node=consul-server01 &> /var/log/consul.log &
##############解释####################

//设置代理，在后台启动 consul 服务端
consul agent \：启动consul集群

-server \： 以server身份启动。默认是client。

-bootstrap \：用来控制一个server是否在bootstrap模式，在一个数据中心中只能有一个server处于bootstrap模式，当一个server处于 bootstrap模式时，可以自己选举为 server-leader。

-ui \：指定开启 UI 界面，这样可以通过 http://localhost:8500/ui 这样的地址访问 consul 自带的 web UI 界面。

-data-dir=/var/lib/consul-data \：指定数据存储目录。

-bind=192.168.80.15 \：指定用来在集群内部的通讯地址，集群内的所有节点到此地址都必须是可达的，默认是0.0.0.0。

-client=0.0.0.0 \：指定 consul 绑定在哪个 client 地址上，这个地址提供 HTTP、DNS、RPC 等服务，默认是 127.0.0.1。

-node=consul-server01 &> /var/log/consul.log & ：节点在集群中的名称，在一个集群中必须是唯一的，默认是该节点的主机名。指定数据中心名称，默认是dc1。

[root@bogon consul]# consul members

[root@bogon consul]# consul info | grep leader

Get cluster information through http api

curl 127.0.0.1:8500/v1/status/peers       //查看集群server成员
curl 127.0.0.1:8500/v1/status/leader      //集群Raf leader
curl 127.0.0.1:8500/v1/catalog/services   //注册的所有服务
curl 127.0.0.1:8500/v1/catalog/nginx      //查看nginx服务信息
curl 127.0.0.1:8500/v1/catalog/nodes      //集群节点详细信息

netstat -natp |grep consul
这5个端口的作用：
8300：集群内数据的读写和复制
8301：单个数据中心gossip协议通讯
8302：跨数据中心gossip协议通讯
8500：提供获取服务列表、注册服务、注销服务等HTTP接口；提供UI服务
8600：采用DNS协议提供服务发现功能

2. Configure the container service to automatically join the nginx cluster

registrar ： 192,168,100,142

(1) Install Gliderlabs/Registrator

docker run -d \
--name=registrator \
--net=host \
-v /var/run/docker.sock:/tmp/docker.sock \
--restart=always \
gliderlabs/registrator:latest \
--ip=192.168.100.142 \
consul://192.168.100.135:8500

-------------------------------------------------------------
--net=host ：把运行的docker容器设定为host网络模式。
-v /var/run/docker.sock:/tmp/docker.sock ：把宿主机的Docker守护进程(Docker daemon)默认监听的Unix域套接字挂载到容器中。
--restart=always ：设置在容器退出时总是重启容器。
--ip ：刚才把network指定了host模式，所以我们指定ip为宿主机的ip。
consul ：指定consul服务器的IP和端口。
-------------------------------------------------------------

(2) Test whether the service discovery function normally creates four containers

docker run -itd -p:83:80 --name test-01 -h test01 nginx
docker run -itd -p:84:80 --name test-02 -h test02 nginx
docker run -itd -p:88:80 --name test-03 -h test03 httpd
docker run -itd -p:89:80 --name test-04 -h test04 httpd	

docker ps -a

(3) Verify that http and nginx services are registered to consul

Use curl to test the connection server on the consul server

curl 127.0.0.1:8500/v1/catalog/services 
{"consul":[],"httpd":[],"nginx":[]}

3. Install consul-template

(1). Prepare the template nginx template file
to operate on the consul server (192.168.100.135)

unzip consul-template_0.19.3_linux_amd64.zip 
mv consul-template /usr/bin/

4. Prepare template nginx template file

vim /root/consul/nginx.ctmpl

upstream http_backend {
  {
   
   {range service "nginx"}}
   server {
   
   {.Address}}:{
   
   {.Port}};
   {
   
   {end}} 
}


server {
    listen 8000;
    server_name localhost 192.168.100.135;
    access_log /var/log/nginx/kgc.com-access.log;
    index index.html index.php;
    location / {
        proxy_set_header HOST $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Client-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://http_backend;
    }
}

5. Deploy nginx

Operating on the consul server (192.168.100.135)

I will install nginx on yum here

Create nginx yum repository file

vim /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1


yum install nginx -y 
nginx -v

systemctl start nginx
systemctl enable nginx

6. Start the template

 consul-template --consul-addr 192.168.100.135:8500 \
> --template "/root/consul/nginx.ctmpl:/etc/nginx/conf.d/kgc.conf:/usr/sbin/nginx -s reload"
> --log-level=info

Reopen a consul terminal and view the generated configuration file

7. Access template-nginx

root@test01:/# echo "this is test1 web" > /usr/share/nginx/html/index.html
root@test01:/# exit
exit
[root@zqh ~]# docker exec -it c4dc60f51fdb bash
root@test02:/# echo "this is test2 web" > /usr/share/nginx/html/index.html 
root@test02:/# exit
exit

The browser accesses http://[192.168.100.135:8000 and keeps refreshing

8. Add an nginx container node

(1) Add an nginx container node to test service discovery and configuration update functions.

docker run -itd -p:85:80 --name test-05 -h test05 nginx

Observe the template service, the content of the /usr/local/nginx/conf/vhost/kgc.conf file will be updated from the template, and the nginx service will be reloaded

(2) View the contents of the /usr/local/nginx/conf/vhost/kgc.conf file

9.Consul multi-node

(1) Open a new machine (192.168.100.140) to join the existing cluster

To install consul first

run consul

consul agent \
-server \
-ui \
-data-dir=/var/lib/consul-data \
-bind=192.168.100.140 \
-client=0.0.0.0 \
-node=consul-server02 \
-enable-script-checks=true  \
-datacenter=dc1  \
-join 192.168.100.135 &> /var/log/consul.log &

-enable-script-checks=true ：设置检查服务为可用
-datacenter : 数据中心名称
-join ：加入到已有的集群中

Switch to the operation on the consul server (192.168.100.135)

consul members
consul operator raft list-peers