一、consul原理
consul的功能
・服务发现
・健康检查
・多数据中心
・key/value存储
consul的使用场景
・docker实例的注册与配置共享
・coreos实例的注册与配置共享
consul的优势
・使用 Raft 算法来保证一致性, 比复杂的 Paxos 算法更直接. 相比较而言, zookeeper 采用的是 Paxos, 而 etcd 使用的则是 Raft
・支持多数据中心,内外网的服务采用不同的端口进行监听。 多数据中心集群可以避免单数据中心的单点故障,而其部署则需要考虑网络延迟, 分片等情况等. zookeeper 和 etcd 均不提供多数据中心功能的支持
・支持健康检查. etcd 不提供此功能
・官方提供web管理界面, etcd 无此功能
・支持 http 和 dns 协议接口. zookeeper 的集成较为复杂, etcd 只支持 http 协议
consul发现机制
当一个Consul代理启动后,它并不知道其它节点的存在,它是一个孤立的 单节点集群,如果想感知到其它节点的存在,它必须加入到一个现存的集群,要加入到一个现存的集群,它只用加入集群中任意一个现存的成员,当加入一个现存的成员后,会通过成员间的通讯很快发现集群中的其它成员,一个Consul代理可以加入任意一个代理,而不仅仅是服务节点
consul角色
client:注册服务、健康检查并将数据发送到服务端
server:保存配置信息, 高可用集群, 在局域网内与本地客户端通讯, 通过广域网与其他数据中心通讯
二、构建consul
2.1安装consul
[root@consul-1 ~]# unzip consul_0.6.3_linux_amd64.zip [root@consul-1 ~]# mv consul /usr/locao/bin/.
2.2单节点启动consul
[root@consul-1 ~]# consul agent -dev -bind=192.168.0.149 ==> Starting Consul agent... ==> Starting Consul agent RPC... ==> Consul agent running! Node name: 'consul-1' Datacenter: 'dc1' Server: true (bootstrap: false) Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400) Cluster Addr: 192.168.0.149 (LAN: 8301, WAN: 8302) Gossip encrypt: false, RPC-TLS: false, TLS-Incoming: false Atlas: <disabled> ==> Log data will now stream in as it occurs: 2016/03/23 15:17:27 [INFO] serf: EventMemberJoin: consul-1 192.168.0.149 2016/03/23 15:17:27 [INFO] serf: EventMemberJoin: consul-1.dc1 192.168.0.149 2016/03/23 15:17:27 [INFO] raft: Node at 192.168.0.149:8300 [Follower] entering Follower state 2016/03/23 15:17:27 [INFO] consul: adding LAN server consul-1 (Addr: 192.168.0.149:8300) (DC: dc1) 2016/03/23 15:17:27 [INFO] consul: adding WAN server consul-1.dc1 (Addr: 192.168.0.149:8300) (DC: dc1) 2016/03/23 15:17:27 [ERR] agent: failed to sync remote state: No cluster leader 2016/03/23 15:17:29 [WARN] raft: Heartbeat timeout reached, starting election 2016/03/23 15:17:29 [INFO] raft: Node at 192.168.0.149:8300 [Candidate] entering Candidate state 2016/03/23 15:17:29 [DEBUG] raft: Votes needed: 1 2016/03/23 15:17:29 [DEBUG] raft: Vote granted from 192.168.0.149:8300. Tally: 1 2016/03/23 15:17:29 [INFO] raft: Election won. Tally: 1 2016/03/23 15:17:29 [INFO] raft: Node at 192.168.0.149:8300 [Leader] entering Leader state 2016/03/23 15:17:29 [INFO] raft: Disabling EnableSingleNode (bootstrap) 2016/03/23 15:17:29 [DEBUG] raft: Node 192.168.0.149:8300 updated peer set (2): [192.168.0.149:8300] 2016/03/23 15:17:29 [INFO] consul: cluster leadership acquired 2016/03/23 15:17:29 [DEBUG] consul: reset tombstone GC to index 2 2016/03/23 15:17:29 [INFO] consul: member 'consul-1' joined, marking health alive 2016/03/23 15:17:29 [INFO] consul: New leader elected: consul-1 2016/03/23 15:17:29 [INFO] agent: Synced service 'consul' 2016/03/23 15:18:46 [DEBUG] agent: Service 'consul' in sync
2.3查看集群中的成员
[root@consul-1 ~]# consul members Node Address Status Type Build Protocol DC consul-1 192.168.0.149:8301 alive server 0.6.4 2 dc1
2.4查询节点
可以通过HTTP API和DNS API查询节点
如果使用DNS查询格式为:name.node.consul或者name.node.datacenter.consul
[root@consul-1 ~]# dig @127.0.0.1 -p 8600 consul-1.node.consul ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> @127.0.0.1 -p 8600 consul-1.node.consul ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6969 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;consul-1.node.consul. IN A ;; ANSWER SECTION: consul-1.node.consul. 0 IN A 192.168.0.149 ;; Query time: 1 msec ;; SERVER: 127.0.0.1#8600(127.0.0.1) ;; WHEN: Wed Mar 23 15:50:19 CST 2016 ;; MSG SIZE rcvd: 74
2.5脱离节点:可以使用ctrl+c来平滑退出,也可以使用kill退出,区别是主动告知其他节点自己离开,和被其他节点标记为失效,被发现离开
三、服务注册
服务定义是服务注册最常用的方法
3.1创建配置文件目录
[root@consul-1 ~]# mkdir /etc/consul.d/
NOTE:consul.d是配置文件目录,表示里面有若干个配置文件,这是命名规范
3.2编写服务定义配置文件
[root@consul-1 ~]# echo '{"service": {"name": "web", "tags": ["rails"], "port": 80}}' \ > /etc/consul.d/web.json
配置文件内容解释:有个名称为web的服务运行在端口80,另外给他一个标签作为额外的方法查询服务
3.3重启代理并加载配置文件
[root@consul-1 ~]# consul agent -dev -bind=192.168.0.149 -config-dir=/etc/consul.d/ ==> Starting Consul agent... ==> Starting Consul agent RPC... ==> Consul agent running! Node name: 'consul-1' Datacenter: 'dc1' Server: true (bootstrap: false) Client Addr: 127.0.0.1 (HTTP: 8500, HTTPS: -1, DNS: 8600, RPC: 8400) Cluster Addr: 192.168.0.149 (LAN: 8301, WAN: 8302) Gossip encrypt: false, RPC-TLS: false, TLS-Incoming: false Atlas: <disabled> ==> Log data will now stream in as it occurs: 2016/03/23 16:18:57 [INFO] serf: EventMemberJoin: consul-1 192.168.0.149 2016/03/23 16:18:57 [INFO] serf: EventMemberJoin: consul-1.dc1 192.168.0.149 2016/03/23 16:18:57 [INFO] raft: Node at 192.168.0.149:8300 [Follower] entering Follower state 2016/03/23 16:18:57 [INFO] consul: adding LAN server consul-1 (Addr: 192.168.0.149:8300) (DC: dc1) 2016/03/23 16:18:57 [INFO] consul: adding WAN server consul-1.dc1 (Addr: 192.168.0.149:8300) (DC: dc1) 2016/03/23 16:18:57 [ERR] agent: failed to sync remote state: No cluster leader 2016/03/23 16:18:58 [WARN] raft: Heartbeat timeout reached, starting election 2016/03/23 16:18:58 [INFO] raft: Node at 192.168.0.149:8300 [Candidate] entering Candidate state 2016/03/23 16:18:58 [DEBUG] raft: Votes needed: 1 2016/03/23 16:18:58 [DEBUG] raft: Vote granted from 192.168.0.149:8300. Tally: 1 2016/03/23 16:18:58 [INFO] raft: Election won. Tally: 1 2016/03/23 16:18:58 [INFO] raft: Node at 192.168.0.149:8300 [Leader] entering Leader state 2016/03/23 16:18:58 [INFO] raft: Disabling EnableSingleNode (bootstrap) 2016/03/23 16:18:58 [DEBUG] raft: Node 192.168.0.149:8300 updated peer set (2): [192.168.0.149:8300] 2016/03/23 16:18:58 [INFO] consul: cluster leadership acquired 2016/03/23 16:18:58 [DEBUG] consul: reset tombstone GC to index 2 2016/03/23 16:18:58 [INFO] consul: member 'consul-1' joined, marking health alive 2016/03/23 16:18:58 [INFO] consul: New leader elected: consul-1 2016/03/23 16:19:01 [INFO] agent: Synced service 'consul' 2016/03/23 16:19:01 [INFO] agent: Synced service 'web'
输出中表示Synced service‘web’服务注册成功,如果想注册多个服务,可以创建多个配置文件
3.4使用DNS API查询服务
可以使用DNS API的方式查看服务的IP
dig @127.0.0.1 -p 8600 web.service.consul ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> @127.0.0.1 -p 8600 web.service.consul ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18524 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;web.service.consul. IN A ;; ANSWER SECTION: web.service.consul. 0 IN A 192.168.0.149 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#8600(127.0.0.1) ;; WHEN: Wed Mar 23 16:24:48 CST 2016 ;; MSG SIZE rcvd: 70
也可以使用DNS API获取整个address/port信息,只需加上SRV
[root@consul-1 ~]# dig @127.0.0.1 -p 8600 web.service.consul SRV ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> @127.0.0.1 -p 8600 web.service.consul SRV ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2987 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;web.service.consul. IN SRV ;; ANSWER SECTION: web.service.consul. 0 IN SRV 1 1 80 consul-1.node.dc1.consul. ;; ADDITIONAL SECTION: consul-1.node.dc1.consul. 0 IN A 192.168.0.149 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#8600(127.0.0.1) ;; WHEN: Wed Mar 23 16:27:17 CST 2016 ;; MSG SIZE rcvd: 138
使用DNS API标签过滤服务
[root@consul-1 ~]# dig @127.0.0.1 -p 8600 rails.web.service.consul ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.3 <<>> @127.0.0.1 -p 8600 rails.web.service.consul ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51120 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;rails.web.service.consul. IN A ;; ANSWER SECTION: rails.web.service.consul. 0 IN A 192.168.0.149 ;; Query time: 0 msec ;; SERVER: 127.0.0.1#8600(127.0.0.1) ;; WHEN: Wed Mar 23 16:29:21 CST 2016 ;; MSG SIZE rcvd: 82
3.5使用HTTP API查询服务
[root@consul-1 ~]# curl http://localhost:8500/v1/catalog/service/web [{"Node":"consul-1","Address":"192.168.0.149","ServiceID":"web","ServiceName":"web","ServiceTags":["rails"],"ServiceAddress":"","ServicePort":80,"ServiceEnableTagOverride":false,"CreateIndex":5,"ModifyIndex":5}]
3.6查询服务的健康状态
[root@consul-1 ~]# curl 'http://localhost:8500/v1/health/service/web?passing' [{"Node":{"Node":"consul-1","Address":"192.168.0.149","TaggedAddresses":{"wan":"192.168.0.149"},"CreateIndex":3,"ModifyIndex":5},"Service":{"ID":"web","Service":"web","Tags":["rails"],"Address":"","Port":80,"EnableTagOverride":false,"CreateIndex":5,"ModifyIndex":5},"Checks":[{"Node":"consul-1","CheckID":"serfHealth","Name":"Serf Health Status","Status":"passing","Notes":"","Output":"Agent alive and reachable","ServiceID":"","ServiceName":"","CreateIndex":3,"ModifyIndex":3}]}]