上一講;講到consul發現的模板形式,這一講我們聊一聊比較基礎的consul的服務註冊與發現,並且使用bind代理給服務做負載均衡,這個功能也是後面要補充的redis + consul 或者mha + consul的一個基礎,我們先看一下環境:
配置環境(還是那句話,在生產環境把server配置成3-5臺,agent隨意):
192.168.113.174 server 192.168.113.175 agent 192.168.113.176 agent 192.168.113.177 agent
1、啓動master:
[root@master src]# consul agent -server -bootstrap-expect 1 -data-dir /tmp/consul -bind 0.0.0.0 -client 0.0.0.0 -ui &
參數說明:
-server:集羣啓動爲service
-bootstrap-expect:期待加入service節點的數量
-data-dir:數據目錄
-node:節點名稱,集羣中每個節點名稱需唯一
-bind:指定一個consul運行時的監聽地址
-ui:啓動時啓動ui
2、爲了便於測試,我們在三臺agent上面安裝nginx服務。
[root@master src]# curl http://192.168.113.176/health/ 192.168.113.176 [root@master src]# curl http://192.168.113.175/health/ 192.168.113.175 [root@master src]# curl http://192.168.113.177/health/ 192.168.113.177
3、開始服務的註冊:
Consul支持兩種服務註冊的方式,一種是通過Consul的服務註冊HTTP API,由服務自身在啓動後調用API註冊自己,另外一種則是通過在配置文件中定義服務的方式進行註冊。
Consul文檔中建議使用後面一種方式來做服務 配置和服務註冊。
4、我們以腳本的方式來註冊,看一下腳本(每臺都操作,一175爲例):
[root@slave confd_data]# ls server.json [root@slave confd_data]# cat server.json { "service": { "name": "web", "tags": ["dev"], "address": "192.168.113.175", "port": 80, "checks": [ { "http": "http://192.168.113.175/health/", "interval": "10s" } ] } }
#-node的時候,175爲web1,176爲web2,177爲web3
[root@slave confd_data]# consul agent -data-dir /tmp/consul -node=web1 -bind=192.168.113.175 -config-dir=/confd_data/ &
#啓動之後還是獨立的個體,這個時候是還沒有註冊的server的,我們可以收工去註冊添加到集羣,當然這個集羣建議開始就創建好,配置文件reload即可:
[root@slave ~]# consul join 192.168.113.174 Successfully joined cluster by contacting 1 nodes.
5、配置完成後查看集羣狀態:
6、下面我們關閉web3的nginx然後再觀察一下web UI的狀態:
7、服務發現:
consul提供來服務發現接口,我們使用DNS解析的方式來查看一下,現在還解析道哪些服務:
[root@master src]# dig @127.0.0.1 -p 8600 web.service.consul SRV ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> @127.0.0.1 -p 8600 web.service.consul SRV ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61209 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 5 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;web.service.consul. IN SRV ;; ANSWER SECTION: web.service.consul. 0 IN SRV 1 1 80 web2.node.dc1.consul. web.service.consul. 0 IN SRV 1 1 80 web1.node.dc1.consul. ;; ADDITIONAL SECTION: web2.node.dc1.consul. 0 IN A 192.168.113.176 web2.node.dc1.consul. 0 IN TXT "consul-network-segment=" web1.node.dc1.consul. 0 IN A 192.168.113.175 web1.node.dc1.consul. 0 IN TXT "consul-network-segment="
8、開啓web3的nginx再做測試:
[root@master src]# dig @127.0.0.1 -p 8600 web.service.consul SRV ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> @127.0.0.1 -p 8600 web.service.consul SRV ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12981 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 7 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;web.service.consul. IN SRV ;; ANSWER SECTION: web.service.consul. 0 IN SRV 1 1 80 web1.node.dc1.consul. web.service.consul. 0 IN SRV 1 1 80 web3.node.dc1.consul. web.service.consul. 0 IN SRV 1 1 80 web2.node.dc1.consul. ;; ADDITIONAL SECTION: web1.node.dc1.consul. 0 IN A 192.168.113.175 web1.node.dc1.consul. 0 IN TXT "consul-network-segment=" web3.node.dc1.consul. 0 IN A 192.168.113.177 web3.node.dc1.consul. 0 IN TXT "consul-network-segment=" web2.node.dc1.consul. 0 IN A 192.168.113.176 web2.node.dc1.consul. 0 IN TXT "consul-network-segment="
9、域名解析問題:
我們看到consul的域名跳轉來,如何在線上使用呢, 有三個方案:
1. 原內網dns服務器,做域名轉發,consul後綴的,都轉到consul server上(我們線上是採用這個) 2. dns全部跳到consul DNS服務器上,非consul後綴的,使用 recursors 屬性跳轉到原DNS服務器上 3. dnsmaq 轉: server=/consul/10.16.X.X#8600 解析consul後綴的
10、構建bind域名解析:
[root@master src]# yum install bind -y
配置name服務做解析:
[root@master src]# cat /etc/named.conf options { listen-on port 53 { 192.168.113.174; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { any; }; recursion yes; dnssec-enable no; dnssec-validation no; /* Path to ISC DLV key */ bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; include "/etc/named/consul.conf";
[root@master src]# cat /etc/named/consul.conf zone "consul" IN { type forward; forward only; forwarders { 192.168.113.174 port 8600; }; };
11、再次測試一下解析:
[root@slave confd_data]# dig @192.168.113.174 -p 8600 web.service.consul A ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> @192.168.113.174 -p 8600 web.service.consul A ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57750 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;web.service.consul. IN A ;; ANSWER SECTION: web.service.consul. 0 IN A 192.168.113.177 web.service.consul. 0 IN A 192.168.113.176 web.service.consul. 0 IN A 192.168.113.175
#測試一下bind域名轉發:
[root@master confdata]# dig @192.168.113.174 -p 53 web.service.consul A ; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7 <<>> @192.168.113.174 -p 53 web.service.consul A ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6024 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;web.service.consul. IN A ;; ANSWER SECTION: web.service.consul. 0 IN A 192.168.113.177 web.service.consul. 0 IN A 192.168.113.176 web.service.consul. 0 IN A 192.168.113.175
12、然後修改域名解析到192.168.113.174:
[root@master confdata]# cat /etc/resolv.conf # Generated by NetworkManager nameserver 192.168.113.174
13、訪問一下這個域名看一下:
[root@master confdata]# curl web.service.consul/health/ 192.168.113.175
各臺ping測試:
[root@mha ~]# ping web.service.consul PING web.service.consul (192.168.113.177) 56(84) bytes of data. 64 bytes from mha (192.168.113.177): icmp_seq=1 ttl=64 time=1.34 ms [root@master confdata]# ping web.service.consul PING web.service.consul (192.168.113.175) 56(84) bytes of data. 64 bytes from slave (192.168.113.175): icmp_seq=1 ttl=64 time=0.524 ms 64 bytes from slave (192.168.113.175): icmp_seq=2 ttl=64 time=0.343 ms
總結:到處我們做的服務註冊與發現已經完成,看到網絡上很多概念自己有點蒙,所以就實現了一把這個東西,後面有時間我們在更新redis+哨兵+consul無縫遷移的時候,會用到類似的東西,當然應用場景是很多的,在微服務器架構下我們如何註冊並發現一個啓動的服務器,做代理,是一個問題。總之consul非常強大。