本文主要介紹 Consul 的安裝及使用,文中使用到的軟件版本:RHEL 6.6、Consul 1.11.1。
1、單機版安裝
1.1、下載 Consul 並解壓
https://www.consul.io/downloads
unzip consul_1.11.1_linux_amd64.zip
1.2、啟動
./consul agent -server -ui -bootstrap-expect=1 -data-dir=./data -datacenter=dc1 -node=node10 -client=0.0.0.0 -bind=10.49.196.10
參數說明:
-server: 以 server 身份啟動;不加該參數默認是 client
-ui:可以訪問 UI 界面
-bootstrap-expect:集群期望的節點數,只有節點數量達到這個值才會選舉 leader
-data-dir:數據存放的目錄
-datacenter:數據中心名稱,默認是 dc1
-node:節點的名稱
-client:客戶端訪問 Consul 的綁定地址;默認為 127.0.0.1,只能本地訪問
-bind:集群內部通信綁定的地址,默認為 0.0.0.0
1.3、控制台
http://10.49.196.10:8500/
2、集群安裝
2.1、規划
| 機器 | agent 類型 | 數據中心名稱 |
| 10.49.196.10 | server | dc1 |
| 10.49.196.11 | server | dc1 |
| 10.49.196.12 | server | dc1 |
2.2、啟動
這里通過配置文件來依次啟動各節點(先啟動 10.49.196.10,再啟動其他兩個節點):
nohup ./consul agent -config-file=./agent.hcl &
10.49.196.10 上 agent.hcl:
server = true, ui_config = { enabled = true }, bootstrap_expect = 3, data_dir = "./data", datacenter = "dc1", node_name = "node10", client_addr = "0.0.0.0", bind_addr = "10.49.196.10"
10.49.196.11 上 agent.hcl:
server = true, ui_config = { enabled = true }, bootstrap_expect = 3, data_dir = "./data", datacenter = "dc1", node_name = "node11", client_addr = "0.0.0.0", bind_addr = "10.49.196.11" start_join = ["10.49.196.10"],
retry_join = ["10.49.196.10"],
10.49.196.12 上 agent.hcl:
server = true, ui_config = { enabled = true }, bootstrap_expect = 3, data_dir = "./data", datacenter = "dc1", node_name = "node12", client_addr = "0.0.0.0", bind_addr = "10.49.196.12" start_join = ["10.49.196.10"],
retry_join = ["10.49.196.10"],
配置文件中參數說明:
server:同命令行的 server 參數
bootstrap_expect:同命令行的 bootstrap-expect 參數
data_dir:同命令行的 data-dir 參數
datacenter:同命令行的 datacenter 參數
node_name:同命令行的 node 參數
client_addr:同命令行的 client 參數
bind_addr:同命令行的 bind 參數
start_join:啟動時加入集群的地址,同命令行的 join 參數
retry_join:加入集群的重試地址,同命令行的 retry-join 參數
2.3、管理
2.3.1、查看節點信息
./consul members
結果如下:
Node Address Status Type Build Protocol DC Partition Segment node10 10.49.196.10:8301 alive server 1.11.1 2 dc1 default <all> node11 10.49.196.11:8301 alive server 1.11.1 2 dc1 default <all> node12 10.49.196.12:8301 alive server 1.11.1 2 dc1 default <all>
2.3.2、查看集群狀態
./consul operator raft list-peers
結果如下:
Node ID Address State Voter RaftProtocol node10 e8974195-0bfc-9156-c4ea-abb2b594f75e 10.49.196.10:8300 leader true 3 node11 bf0f6378-fb29-8fad-07f3-2d369a8093c3 10.49.196.11:8300 follower true 3 node12 d460dfcd-607b-2804-725e-28aa79566127 10.49.196.12:8300 follower true 3
2.3.3、退出集群
A、優雅的離開集群並關閉
./consul leave [-http-addr=<address>]
執行該命令后,該節點的狀態變為 “left”;參數 http-addr 默認為 http://127.0.0.1:8500,即本機所在節點。在 10.49.196.12 上執行該命令后,再查看節點信息如下:
Node Address Status Type Build Protocol DC Partition Segment node10 10.49.196.10:8301 alive server 1.11.1 2 dc1 default <all> node11 10.49.196.11:8301 alive server 1.11.1 2 dc1 default <all> node12 10.49.196.12:8301 left server 1.11.1 2 dc1 default <all>
B、強制設置節點狀態為 “left”
./consul force-leave [-prune] nodeName
如果節點狀態為 “alive”,該節點會重新加入集群,所以看起來命令沒啥效果。
對於 ”fail" 或 “left” 狀態的節點,可以通過該命令把節點從集群中徹底刪除(通過 prune 參數),node12 已經是 “left" 狀態了,執行如下命令:
./consul force-leave -prune node12
再查看節點信息如下:
Node Address Status Type Build Protocol DC Partition Segment node10 10.49.196.10:8301 alive server 1.11.1 2 dc1 default <all> node11 10.49.196.11:8301 alive server 1.11.1 2 dc1 default <all>
3、多數據中心
3.1、規划
在上一步搭建的集群上,我們再搭建一個不通數據中心的集群,組成跨數據中心集群。
| 機器 | agent 類型 | 數據中心名稱 |
| 10.49.196.10 | server | dc1 |
| 10.49.196.11 | server | dc1 |
| 10.49.196.12 | server | dc1 |
| 10.49.196.20 | server | dc2 |
| 10.49.196.21 | client | dc2 |
3.2、啟動 dc2 的節點
nohup ./consul agent -config-file=./agent.hcl &
10.49.196.20 上 agent.hcl:
server = true, ui_config = { enabled = true }, bootstrap_expect = 1, data_dir = "./data", datacenter = "dc2", node_name = "node20", client_addr = "0.0.0.0", bind_addr = "10.49.196.20"
10.49.196.21 上 agent.hcl:
server = false, ui_config = { enabled = true }, data_dir = "./data", datacenter = "dc2", node_name = "node21", client_addr = "0.0.0.0", bind_addr = "10.49.196.21", start_join = ["10.49.196.20"],
retry_join = ["10.49.196.20"],
3.3、加入 dc1
在 10.49.196.20(需為 server 節點)上執行:
./consul join -wan 10.49.196.10
3.4、管理
3.4.1、查看所有 server 節點
./consul members -wan
該命令可以查看所以數據中心的 server 類型的節點:
Node Address Status Type Build Protocol DC Partition Segment node10.dc1 10.49.196.10:8302 alive server 1.11.1 2 dc1 default <all> node11.dc1 10.49.196.11:8302 alive server 1.11.1 2 dc1 default <all> node12.dc1 10.49.196.12:8302 alive server 1.11.1 2 dc1 default <all> node20.dc2 10.49.196.20:8302 alive server 1.11.1 2 dc2 default <all>
查看某個數據中心的所有節點信息可用:
./consul members [-http-addr=<address>]
3.4.2、斷開數據中心的關聯
1、在 10.49.196.20 上執行:
./consul leave
2、在 10.49.196.10、10.49.196.11、10.49.196.12 人一台集群上執行:
./consul force-leave -prune -wan node20.dc2
3、在 10.49.196.20 再啟動 consul:
nohup ./consul agent -config-file=./agent.hcl &
4、命令行使用
可以通過執行 consul 命令后的提示來學習如何使用命令行,如執行:
./consul
提示如下:
Usage: consul [--version] [--help] <command> [<args>] Available commands are: acl Interact with Consul's ACLs agent Runs a Consul agent catalog Interact with the catalog config Interact with Consul's Centralized Configurations connect Interact with Consul Connect debug Records a debugging archive for operators event Fire a new event exec Executes a command on Consul nodes force-leave Forces a member of the cluster to enter the "left" state info Provides debugging information for operators. intention Interact with Connect service intentions join Tell Consul agent to join cluster keygen Generates a new encryption key keyring Manages gossip layer encryption keys kv Interact with the key-value store leave Gracefully leaves the Consul cluster and shuts down lock Execute a command holding a lock login Login to Consul using an auth method logout Destroy a Consul token created with login maint Controls node or service maintenance mode members Lists the members of a Consul cluster monitor Stream logs from a Consul agent operator Provides cluster-level tools for Consul operators reload Triggers the agent to reload configuration files rtt Estimates network round trip time between nodes services Interact with services snapshot Saves, restores and inspects snapshots of Consul server state tls Builtin helpers for creating CAs and certificates validate Validate config files/directories version Prints the Consul version watch Watch for changes in Consul
如需查看 members 指令的用法,再執行:
./consul members -h
就會顯示用法及各種參數,參數是可選的:
Usage: consul members [options] Outputs the members of a running Consul agent. HTTP API Options -ca-file=<value> Path to a CA file to use for TLS when communicating with Consul. This can also be specified via the CONSUL_CACERT environment variable. -ca-path=<value> Path to a directory of CA certificates to use for TLS when communicating with Consul. This can also be specified via the CONSUL_CAPATH environment variable. -client-cert=<value> Path to a client cert file to use for TLS when 'verify_incoming' is enabled. This can also be specified via the CONSUL_CLIENT_CERT environment variable. -client-key=<value> Path to a client key file to use for TLS when 'verify_incoming' is enabled. This can also be specified via the CONSUL_CLIENT_KEY environment variable. -http-addr=<address> The `address` and port of the Consul HTTP agent. The value can be an IP address or DNS address, but it must also include the port. This can also be specified via the CONSUL_HTTP_ADDR environment variable. The default value is http://127.0.0.1:8500. The scheme can also be set to HTTPS by setting the environment variable CONSUL_HTTP_SSL=true. -tls-server-name=<value> The server name to use as the SNI host when connecting via TLS. This can also be specified via the CONSUL_TLS_SERVER_NAME environment variable. -token=<value> ACL token to use in the request. This can also be specified via the CONSUL_HTTP_TOKEN environment variable. If unspecified, the query will default to the token of the Consul agent at the HTTP address. -token-file=<value> File containing the ACL token to use in the request instead of one specified via the -token argument or CONSUL_HTTP_TOKEN environment variable. This can also be specified via the CONSUL_HTTP_TOKEN_FILE environment variable. Command Options -detailed Provides detailed information about nodes. -partition=<default> Specifies the admin partition to query. If not provided, the admin partition will be inferred from the request's ACL token, or will default to the `default` admin partition. Admin Partitions are a Consul Enterprise feature. -segment=<string> (Enterprise-only) If provided, output is filtered to only nodes inthe given segment. -status=<string> If provided, output is filtered to only nodes matching the regular expression for status. -wan If the agent is in server mode, this can be used to return the other peers in the WAN pool.
最后知道執行如下命令就可以查看節點信息:
./consul members