本文基於nacos1.3
環境准備
准備三台Centos7機器和Mysql5.7
三台Centos7的ip: 192.168.1.53;192.168.1.54;192.168.1.55
Mysql的IP:192.168.1.36:3307(生產使用建議至少主備模式)
cd /opt
yum install -y wget net-tools
yum -y install java-1.8.0-openjdk java-1.8.0-openjdk-devel
wget https://github.com/alibaba/nacos/releases/download/1.3.0/nacos-server-1.3.0.tar.gz
tar -zxvf nacos-server-1.3.0.tar.gz
cd nacos/conf
cp cluster.conf.example cluster.conf
vi cluster.conf
192.168.1.53:8848
192.168.1.54:8848
192.168.1.55:8848
在mysql中執行nacos/conf/nacos-mysql.sql
新建nacos_config數據庫:
vi application.properties
server.servlet.contextPath=/nacos
server.port=8848
#使用外置數據庫
db.num=1
db.url.0=jdbc:mysql://192.168.1.36:3307/nacos_config?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC
db.user=root
db.password=1234
nacos.naming.empty-service.auto-clean=true
nacos.naming.empty-service.clean.initial-delay-ms=50000
nacos.naming.empty-service.clean.period-time-ms=30000
nacos.cmdb.dumpTaskInterval=3600
nacos.cmdb.eventTaskInterval=10
nacos.cmdb.labelTaskInterval=300
nacos.cmdb.loadDataAtStart=false
management.metrics.export.elastic.enabled=false
management.metrics.export.influx.enabled=false
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b %D %{User-Agent}i
nacos.security.ignore.urls=/,/error,/**/*.css,/**/*.js,/**/*.html,/**/*.map,/**/*.svg,/**/*.png,/**/*.ico,/console-fe/public/**,/v1/auth/**,/v1/console/health/**,/actuator/**,/v1/console/server/**
nacos.core.auth.system.type=nacos
nacos.core.auth.enabled=false
nacos.core.auth.default.token.expire.seconds=18000
nacos.core.auth.default.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789
nacos.core.auth.caching.enabled=true
nacos.istio.mcp.server.enabled=false
啟動
sh /opt/nacos/bin/startup.sh
查看日志輸出文件
cat /opt/nacos/logs/start.out
訪問192.168.1.53:8848/nacos
如果訪問不了,記得關閉防火牆,或配置防火牆策略
systemctl disable firewalld.service
systemctl stop firewalld.service
集群節點:
微服務注冊到Nacos集群
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
<version>2.2.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
</dependencies>
application.properties
spring.application.name=myApp
spring.cloud.nacos.discovery.server-addr=192.168.1.53:8848,192.168.1.54:8848,192.168.1.55:8848
main方法:
@EnableDiscoveryClient
@SpringBootApplication
public class BootNacosApplication {
public static void main(String[] args) {
SpringApplication.run(BootNacosApplication.class, args);
}
}
Keepalived+HaProxy高可用
下圖時nacos官網的集群架構部署圖
我這里用Keepalived+HaProxy簡單實現這個圖。
搭建Keepalived
yum install -y conntrack-tools libseccomp libtool-ltdl psmisc
yum install -y keepalived
keepalived配置:
cat > /etc/keepalived/keepalived.conf <<EOF
! Configuration File for keepalived
global_defs {
router_id k8s
}
vrrp_script check_haproxy {
script "killall -0 haproxy"
interval 3
weight -2
fall 10
rise 2
}
vrrp_instance VI_1 {
state MASTER
interface ens192
virtual_router_id 51
priority 250
advert_int 1
authentication {
auth_type PASS
auth_pass ceb1b3ec013d66163d6ab
}
virtual_ipaddress {
192.168.1.56
}
track_script {
check_haproxy
}
}
EOF
啟動服務:
systemctl start keepalived.service
systemctl enable keepalived.service
安裝haproxy
sed -i 's/enforcing/disabled/' /etc/selinux/config # 永久
setenforce 0 # 臨時
yum install -y haproxy
haproxy配置:
cat > /etc/haproxy/haproxy.cfg << EOF
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend nacos_fontend
mode http
bind *:18848
option httplog
default_backend nacos-backend
backend nacos-backend
mode http
balance roundrobin
server 192.168.1.53 192.168.1.53:8848 check
server 192.168.1.54 192.168.1.54:8848 check
server 192.168.1.55 192.168.1.55:8848 check
listen stats
bind *:1080
stats auth admin:awesomePassword
stats refresh 5s
stats realm HAProxy\ Statistics
stats uri /admin?stats
EOF
啟動haproxy:
systemctl enable haproxy
systemctl start haproxy
netstat -lntup|grep haproxy
訪問:http://192.168.1.56:18848/nacos
訪問:http://192.168.1.56:1080/admin?stats
賬號/密碼:admin/awesomePassword
application.properties配置:
spring.application.name=myApp
spring.cloud.nacos.discovery.server-addr=192.168.1.56:18848
發現服務仍然能注冊到Nacos集群。
這里我的vip在192.168.1.55機器上。模擬宕機,我關閉55機器和54機器
nacos集群注冊服務仍然沒有受到影響
