In recent years, more and more micro-architecture of the fire service in the field of Internet applications, the introduction of micro-services mainly to solve the tightly coupled single application of multiple modules, and can not be extended operation and maintenance difficulties and other problems. Micro service architecture is in accordance with functional granularity vertically split service module, the application of the monomer itself as a service and component, each component separately deployed as applets (DB from the UI). Services between the micro and the micro services interact through Service API, and in order to expand the level of support, service availability and performance, the deployment of a single service or allow simultaneous multiple service instances. At runtime, each instance is typically a virtual machine, or cloud Docker containers. This article can be the perfect solution to this problem!
About docker here is not introduced, after all, has Huobian streets, mainly look Consul, Registrator, Consul-tpmplate.
consul: is a service grid solution, it is a distributed, highly available systems, and developed using very simple, easy, it mainly provides a fully functional control platform, the main features: service discovery, health inspection, key storage, security service communications, multi-data center;
Registrator: responsible for collecting information on the container docker host, and sent consul;
Consul-tpmplate: generate new nginx profile based on the edited template, and is responsible for nginx reload configuration files;
Bowen outline:
First, the environment to prepare
two, docker01 deploy consul service
Third, the docker02 and docker03 host by way of the vessel to run consul service
Fourth, the docker02 and docker03 host by way of vessel operating registrator service
five, docker01 deploy Nginx service, to provide counter Acting to
six in docker01 installation consul-template command tools, templates and write
real-time discovery seven authentication service functions
First, prepare the environment
Workflow diagram between components:
Two, docker01 deployment consul Service
docker01 host binary way to install! Methods as below:
[root@docker01 ~]# wget https://releases.hashicorp.com/consul/1.6.2/consul_1.6.2_linux_amd64.zip
[root@docker01 ~]# unzip consul_1.6.2_linux_amd64.zip
[root@docker01 ~]# mv consul /usr/local/bin/
[root@docker01 ~]# chmod +x /usr/local/bin/consul
//下载这个软件包获取consul这个命令
[root@docker01 ~]# nohup consul agent -server -bootstrap -ui -data-dir=/var/lib/consule-data -bind=192.168.1.1 -client=0.0.0.0 -node=master &
[1] 2618
[root@docker01 ~]# nohup: 忽略输入并把输出追加到"nohup.out"
[root@docker01 ~]#
//执行完命令后,需按两次回车键,根据提示信息可以看出将命令输出的信息保存到了一个名为nohup.out的文件(当前目录下)中。
//执行上述命令后,consul服务就放到后台运行了,并返回其PID号,可以通过“jobs -l”命令进行查看The above command parameters to explain:
* -server:添加一个服务;
* -bootstrap:加入这个选项时,一般都在server单节点的时候使用,自选举为leader(领导);
* -ui:开启内部的web页面;
* -data-dir:(key/volume)数据存放目录;
* -bind:指定开启服务的IP;
* -client:指定可以访问的客户端(指定加入的从节点);
* -node:指定集群内通信使用的名称(如果不指定,默认以主机名命名);consul open the corresponding port:
* 8300:集群节点;
* 8301:集群内部访问的端口;
* 8302:跨数据中心之间的通信;
* 8500:提供web ui界面;
* 8600:使用DNS协议查看节点信息;
//因为放到后台了,所以这些端口信息都看不到,如果不放到后台的话会占用前台终端,使前台终端无法正常工作!Two additional query:
[root@docker01 ~]# consul info //查看consul的详细信息
……………………
leader_addr = 192.168.1.1:8300 //主要就是查看consul集群主节点是谁
…………………………
[root@docker01 ~]# consul members //查看consul群集中的成员信息Third, run as services on docker02 container consul and docker03 host
docker02 is as follows:
[root@docker02 ~]# docker run -d --name consul -p 8301:8301 -p 8301:8301/udp -p 8500:8500 -p 8600:8600 -p 8600:8600/udp --restart always progrium/consul -join 192.168.1.1 -advertise 192.168.1.2 -client 0.0.0.0 -node=node01
//-join:指定加入的群集主节点
//-advertise:声明本机的Ip地址
//-node:群集中的名称docker03 is as follows:
[root@docker03 ~]# docker run -d --name consul -p 8301:8301 -p 8301:8301/udp -p 8500:8500 -p 8600:8600 -p 8600:8600/udp --restart always progrium/consul -join 192.168.1.1 -advertise 192.168.1.3 -client 0.0.0.0 -node=node02Note: Although the consul service on docker01 binary packages are installed, docker02 and docker03 container by way of deployment, deployed just to show it as much as possible!
In view docker01:
[root@docker01 ~]# consul members //查看consul群集信息
Node Address Status Type Build Protocol DC Segment
master 192.168.1.1:8301 alive server 1.6.2 2 dc1 <all>
node01 192.168.1.2:8301 alive client 0.5.2 2 dc1 <default>
node02 192.168.1.3:8301 alive client 0.5.2 2 dc1 <default>Browser access the test:
Fourth, the docker02 and docker03 host is running the service in a way registrator container
docker02 is as follows:
[root@docker02 ~]# docker run -d --name registrator -v /var/run/docker.sock:/tmp/docker.sock --restart always gliderlabs/registrator consul://192.168.1.2:8500
//将收集的容器信息发送给本机的8500端口来显示Browser Test Access: 
docker03 configuration is as follows:
[root@docker03 ~]# docker run -d --name registrator -v /var/run/docker.sock:/tmp/docker.sock --restart always gliderlabs/registrator consul://192.168.1.3:8500
//将收集的容器信息发送给本机的8500端口来显示Browser Test Access:
Five, docker01 deploy Nginx service, to provide reverse proxy
[root@docker01 ~]# yum -y install pcre pcre-devel openssl openssl-devel zlib zlib-devel
[root@docker01 ~]# wget http://nginx.org/download/nginx-1.17.7.tar.gz
[root@docker01 ~]# useradd -M -s /sbin/nologin nginx
[root@docker01 ~]# tar zxf nginx-1.17.7.tar.gz -C /usr/src
[root@docker01 ~]# cd /usr/src/nginx-1.17.7/
[root@docker01 nginx-1.17.7]# ./configure --user=nginx --group=nginx --with-http_stub_status_module --with-http_realip_module --with-pcre --with-http_ssl_module && make && make install
[root@docker01 nginx-1.17.7]# cd
[root@docker01 ~]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/
[root@docker01 ~]# nginxSixth, in docker01 installation consul-template command tools, templates and write
consul-template function is to collect information (the collected information container registrator) is written in the template template, and finally written Nginx configuration file.
[root@docker01 ~]# wget https://releases.hashicorp.com/consul-template/0.23.0/consul-template_0.23.0_linux_amd64.zip
[root@docker01 ~]# unzip consul-template_0.23.0_linux_amd64.zip
[root@docker01 ~]# mv consul-template /usr/local/bin
[root@docker01 ~]# chmod +x /usr/local/bin/consul-template
//获取consul-template 命令
[root@docker01 ~]# cd /usr/local/nginx/
[root@docker01 nginx]# mkdir consul && cd consul
[root@docker01 consul]# vim nginx.ctmpl
upstream http_backend {
{{range service "nginx"}}
server {{ .Address }}:{{ .Port }};
{{ end }}
}
server {
listen 8000;
server_name localhost;
location / {
proxy_pass http://http_backend;
}
}
[root@docker01 consul]# vim ../conf/nginx.conf
include /usr/local/nginx/consul/*.conf; //调用生成的vhost.conf文件
} //必须在末尾的大括号中添加
[root@docker01 consul]# nohup consul-template -consul-addr 192.168.1.1:8500 -template "/usr/local/nginx/consul/nginx.ctmpl:/usr/local/nginx/consul/vhost.conf:/usr/local/sbin/nginx -s reload" &
[2] 64430
[root@docker01 consul]# nohup: 忽略输入并把输出追加到"nohup.out"
[root@docker01 consul]#
//同样也是将这条命令放入后台执行,否则会占用前台的终端
//这条命令的作用就i是将本机收集到的信息,生成一个vhost.conf的文件,将命令放入后台才能保证实时发现同步并更新Seven verify real-time discovery services
Thus configured, the event of any docker02 or docker03 Nginx operation after the associated container station "-d" operation mode, will be added to the reverse proxy, the scheduling, once the container from accidentally shut off automatically from the reverse proxy configuration file removed.
You can now run on docker02, and docker03 are two Nginx container vessel name followed by web01, web02 ......., its page document were: web01, web02 ...... ready for a different page file the purpose is to facilitate customers to differentiate access when client access is which container.
Because of its configuration similar process, I am here to write a procedure to run Nginx container, the other to follow suit!
[root@docker02 ~]# docker run -itd --name web01 -P nginx
[root@docker02 ~]# docker exec -it web01 /bin/bash
root@b49445d94603:/# echo "web01" > /usr/share/nginx/html/index.htmlAfter docker02 and docker03 running Nginx four containers (must be the way after running, which means that there must be "-d" option at run time), then, at this time of the visit docker01 port 8000, it will loop access to four page file container provides as follows:
[root@docker01 consul]# curl 127.0.0.1:8000
web01
[root@docker01 consul]# curl 127.0.0.1:8000
web02
[root@docker01 consul]# curl 127.0.0.1:8000
web03
[root@docker01 consul]# curl 127.0.0.1:8000
web04
[root@docker01 consul]# cat /usr/local/nginx/consul/vhost.conf
upstream http_backend {
server 192.168.1.2:32768;
server 192.168.1.2:32769;
server 192.168.1.3:32768;
server 192.168.1.3:32769;
}
server {
listen 8000;
server_name localhost;
location / {
proxy_pass http://http_backend;
}
}
//由于consul-template是在后台运行的,所以,只要检测到容器的变化,就会动态修改上述文件
//并且重启Nginx服务,使更改生效Now it has been configured, and create and delete container docker02 and docker03, vhost.conf files are modified dynamic, self-test!
---------- article. Thank reading ----------