内容简介:本文风哥教程参考Linux官方文档、Red Hat Enterprise Linux官方文档、Ansible Automation Platform官方文档、Docker官方文档、Kubernetes官方文档和Podman官方文档等内容,详细介绍了相关技术的配置和使用方法。
风哥提示:
本文档介绍企业级配置中心部署综合实战案例。
Part01-Consul配置中心
1.1 Consul集群部署
[root@fgedu-consul1 ~]# yum install -y consul
# 配置Consul服务器
[root@fgedu-consul1 ~]# cat > /etc/consul.d/consul.hcl << 'EOF'
datacenter = "fgedu-dc"
data_dir = "/opt/consul/data"
log_level = "INFO"
server = true
bootstrap_expect = 3
ui = true
bind_addr = "192.168.1.10"
client_addr = "0.0.0.0"
retry_join = ["192.168.1.10", "192.168.1.11", "192.168.1.12"]
# 加密配置
encrypt = "abc123def456ghi789jkl012mno345pqr678stu901vwx234yz"
# 性能配置
performance {
raft_multiplier = 1
}
# 服务配置
services {
name = "consul"
tags = ["server"]
port = 8300
}
EOF
# 启动Consul
[root@fgedu-consul1 ~]# systemctl enable consul --now
# 查看集群状态
[root@fgedu-consul1 ~]# consul members
Node Address Status Type Build Protocol DC Segment
fgedu-consul1 192.168.更多视频教程www.fgedu.net.cn1.10:8301 alive server 1.17.0 2 fgedu-dc
fgedu-consul2 192.168.1.11:8301 alive server 1.17.0 2 fgedu-dc
fgedu-consul3 192.168.1.12:8301 alive server 1.17.0 2 fgedu-dc
[root@fgedu-consul1 ~]# consul operator raft list-peers
Node ID Address State Voter RaftProtocol
fgedu-consul1 abc123-456def-789ghi更多学习教程公众号风哥教程itpux_com-012jkl-345mno 192.168.1.10:8300 leader true 3
fgedu-consul2 def456-ghi789-jkl012-345mno-678pqr 192.168.1.11:8300 follower true 3
fgedu-consul3 ghi789-jkl012-mno345-678pqr-901stu 192.168.1.12:8300 follower true 3
Part02-服务注册发现
2.1 服务注册配置
[root@fgedu-app ~]# cat > /etc/consul.d/web-service.hcl << 'EOF' services { name = "web" tags = ["nginx", "frontend"] port = 80 check { id = "web-health" name = "HTTP Health Check" http = "http://localhost/health" interval = "10s" timeout = "2s" } } EOF [root@fgedu-app ~]# consul reload Configuration reload triggered # 查看服务 [root@fgedu-consul1 ~]# consul catalog services consul web [root@fgedu-consul1 ~]# consul catalog nodes -service=web Node ID Addressfrom PG视频:www.itpux.com DC fgedu-web1 abc123 192.168.1.20 fgedu-dc fgedu-web2 def456 192.168.1.21 fgedu-dc fgedu-web3 ghi789 192.168.1.22 fgedu-dc # DNS查询服务 [root@fgedu-client ~]# dig @127.0.0.1 -p 8600 web.service.consul ; <<>> DiG 9.16.23 <<>> @127.0.0.1 -p 8600 web.service.consul
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;web.service.consul. IN A ;; ANSWER SECTION: web.service.consul. 0 IN A 192.168.1.20 web.service.consul. 0 IN A 192.168.1.21 web.service.consul. 0 IN A 192.168.1.22 # 使用HTTP API查询 [root@fgedu-client ~]# curl -s http://localhost:8500/v1/catalog/service/学习交流加群风哥微信: itpux-comweb | jq '.[] | {Node, ServiceAddress, ServicePort}' { "Node": "fgedu-web1", "ServiceAddress": "192.168.1.20", "ServicePort": 80 } { "Node": "fgedu-web2", "ServiceAddress": "192.168.1.21", "ServicePort": 80 }
Part03-KV配置管理
3.1 配置存储管理
[root@fgedu-consul1 ~]# consul kv put fgedu/config/database/host 192.168.1.40
Success! Data written to: fgedu/config/database/host
[root@fgedu-consul1 ~]# consul kv put fgedu/config/database/port 3306
Success! Data written to: fgedu/config/database/port
[root@fgedu-consul1 ~]# consul kv put fgedu/config/redis/host 192.168.1.50
Success! Data written to: fgedu/config/redis/host
# 读取配置
[root@fgedu-consul1 ~]# consul kv get fgedu/config/database/host
192.168.1.40
# 列出所有配置
[root@fgedu-consul1 ~]# consul kv get -recurse fgedu/config/
fgedu/config/database/host:192.168.1.40
fgedu/config/database/port:3306
fgedu/config/redis/host:192.168.1.50
# 存储JSON配置
[root@fgedu-consul1 ~]# consul kv put fgedu/config/app ‘{
“name”: “fgedu-app”,
“version”: “1.0.0”,
“features”: {
“cache”: true,
“logging”: true
}
}’
# 使用API操作
[root@fgedu-client ~]# curl -X PUT -d ‘192.168.1.41’ http://localhost:8500/v1/kv/fgedu/config/database/host
[root@fgedu-client ~]# curl -s http://localhost:8500/v1/kv/fgedu/config/database/host?raw
192.168.1.41
# 配置模板渲染
[root@fgedu-app ~]# cat > /etc/consul-template/config.hcl << 'EOF'
consul {
address = "localhost:8500"
}
template {
source = "/etc/consul-template/templates/app.conf.tmpl"
destination = "/etc/app/app.conf"
command = "systemctl reload app"
}
EOF
[root@fgedu-app ~]# cat > /etc/consul-template/templates/app.conf.tmpl << 'EOF'
database {
host = "{{ key "fgedu/config/database/host" }}"
port = {{ key "fgedu/config/database/port" }}
}
redis {
host = "{{ key "fgedu/config/redis/host" }}"
port = 6379
}
EOF
Part04-配置中心监控
4.1 监控配置
[root@fgedu-consul1 ~]# cat > /usr/local/bin/consul-monitor.sh << 'EOF' #!/bin/bash # consul-monitor.sh # from:www.itpux.com.qq113257174.wx:itpux-com # web: http://www.fgedu.net.cn echo "=== Consul监控报告 ===" echo "监控时间: $(date)" echo "" echo "1. 集群状态" consul members echo "" echo "2. Leader状态" consul operator raft list-peers echo "" echo "3. 服务数量" consul学习交流加群风哥QQ113257174 catalog services | wc -l echo "" echo "4. 健康检查状态" curl -s http://localhost:8500/v1/health/state/any | jq -r '.[] | "\(.ServiceName): \(.Status)"' echo "" echo "5. KV存储统计" consul kv get -recurse | wc -l echo "" echo "6. 连接统计" ss -tuln | grep -E "8300|8301|8302|8500|8600" echo "" echo "7. 最近事件" curl -s http://localhost:8500/v1/event/list | jq '.[0:5]' echo "" echo "=== 监控完成 ===" EOF [root@fgedu-consul1 ~]# chmod +x /usr/local/bin/consul-monitor.sh # 配置Prometheus监控 [root@fgedu-consul1 ~]# cat >> /etc/consul.d/consul.hcl << 'EOF' # Prometheus导出 telemetry { prometheus_retention_time = "24h" disable_hostname = true } EOF [root@fgedu-consul1 ~]# consul reload # 配置Prometheus [root@fgedu-prometheus ~]# cat >> /etc/prometheus/prometheus.yml << 'EOF' - job_name: 'consul' metrics_path: '/v1/agent/metrics' params: format: ['prometheus'] static_configs: - targets: ['192.168.1.10:8500', '192.168.1.11:8500', '192.168.1.12:8500'] EOF
- 配置高可用集群
- 启用ACL访问控制
- 配置服务健康检查
- 使用配置模板动态更新
- 监控配置变更
本文由风哥教程整理发布,仅用于学习测试使用,转载注明出处:http://www.fgedu.net.cn/10327.html
