一 部署jdk
二 nacos集群部署架构
http://nacos.com:port/openAPI 域名 + SLB模式(内网SLB,不可暴露到公网,以免带来安全风险),可读性好,而且换ip方便,推荐模式
三 集群规划
3.1 服务器规划
主机名称 | IP | 配置 | 功能 |
nacos-01 | 192.168.174.103 | 4C 4G | nacos |
nacos-01 | 192.168.174.104 | 4C 4G | nacos |
nacos-01 | 192.168.174.105 | 4C 4G | nacos |
haproxy | 192.168.174.120,vip:192.168.174.20 | 4C 4G | haproxy,keepalived |
mysql | 192.168.174.200 | 4C 4G | 数据库 |
3.2 资源清单
java:17.0.1
nacos:2.0.3
mysql:8.0
四 部署nacos
4.1 下载nacos安装包
root@nacos-01:~# wget https://github.com/alibaba/nacos/releases/download/2.0.3/nacos-server-2.0.3.tar.gz
root@nacos-01:~# scp nacos-server-2.0.3.tar.gz nacos-02:/root
root@nacos-01:~# scp nacos-server-2.0.3.tar.gz nacos-03:/root
4.2 安装nacos
root@nacos-01:~# tar xf nacos-server-2.0.3.tar.gz -C /usr/local/
root@nacos-02:~# tar xf nacos-server-2.0.3.tar.gz -C /usr/local/
root@nacos-03:~# tar xf nacos-server-2.0.3.tar.gz -C /usr/local/
4.3 修改配置文件
root@nacos-01:~# cat >> /usr/local/nacos/conf/cluster.conf <<EOF
192.168.174.103:8848
192.168.174.104:8848
192.168.174.105:8848
EOF
root@nacos-02:~# cat >> /usr/local/nacos/conf/cluster.conf <<EOF
192.168.174.103:8848
192.168.174.104:8848
192.168.174.105:8848
EOF
root@nacos-03:~# cat >> /usr/local/nacos/conf/cluster.conf <<EOF
192.168.174.103:8848
192.168.174.104:8848
192.168.174.105:8848
EOF
4.4 确定数据源
4.4.1 创建nacos库导入 sql
mysql> CREATE DATABASE nacos DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
Query OK, 1 row affected, 2 warnings (0.00 sec)
mysql> use nacos;
Database changed
mysql> source /usr/local/nacos/conf/nacos-mysql.sql;
4.4.2 创建nacos数据库用户
mysql> create user nacos@'192.168.174.%' identified by 'nacos';
Query OK, 0 rows affected (0.12 sec)
mysql> grant all privileges on nacos.* to nacos@'192.168.174.%';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
4.4.3 修改application.properties 配置
spring.datasource.platform=mysql
db.num=1
db.url.0=jdbc:mysql://192.168.174.200:3306/nacos?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useUnicode=true&useSSL=false&serverTimezone=UTC
db.user.0=nacos
db.password.0=nacos
五 启动测试
5.1 创建日志目录
root@nacos-01:~# mkdir -pv /usr/local/nacos/logs
mkdir: created directory '/usr/local/nacos/logs'
5.2 启动服务
点击查看代码
root@nacos-01:~# /usr/local/jdk/bin/java -server -Xms2g -Xmx2g -Xmn1g -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=320m -XX:-OmitStackTraceInFastThrow -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/usr/local/nacos/logs/java_heapdump.hprof -XX:-UseLargePages -Dnacos.member.list= -Xlog:gc*:file=/usr/local/nacos/logs/nacos_gc.log:time,tags:filecount=10,filesize=102400 -Dloader.path=/usr/local/nacos/plugins/health,/usr/local/nacos/plugins/cmdb -Dnacos.home=/usr/local/nacos -jar /usr/local/nacos/target/nacos-server.jar --spring.config.additional-locatinotallow=file:/usr/local/nacos/conf/ --logging.cnotallow=/usr/local/nacos/conf/nacos-logback.xml --server.max-http-header-size=524288
,--.
,--.'|
,--,: : | Nacos 2.0.3
,`--.'`| ' : ,---. Running in cluster mode, All function modules
| : : | | ' ,'\ .--.--. Port: 8848
: | \ | : ,--.--. ,---. / / | / / ' Pid: 17375
| : ' '; | / \ / \. ; ,. :| : /`./ Console: http://192.168.174.103:8848/nacos/index.html
' ' ;. ;.--. .-. | / / '' | |: :| : ;_
| | | \ | \__\/: . .. ' / ' | .; : \ \ `. https://nacos.io
' : | ; .' ," .--.; |' ; :__| : | `----. \
| | '`--' / / ,. |' | '.'|\ \ / / /`--' /
' : | ; : .' \ : : `----' '--'. /
; |.' | , .-./\ \ / `--'---'
'---' `--`---' `----'
2021-11-30 08:14:53,451 INFO The server IP list of Nacos is [192.168.174.103:8848, 192.168.174.104:8848, 192.168.174.105:8848]
2021-11-30 08:14:54,463 INFO Nacos is starting...
2021-11-30 08:14:55,465 INFO Nacos is starting...
2021-11-30 08:14:56,466 INFO Nacos is starting...
2021-11-30 08:14:57,467 INFO Nacos is starting...
2021-11-30 08:14:58,467 INFO Nacos is starting...
2021-11-30 08:14:59,468 INFO Nacos is starting...
2021-11-30 08:15:00,469 INFO Nacos is starting...
2021-11-30 08:15:01,470 INFO Nacos is starting...
2021-11-30 08:15:02,471 INFO Nacos is starting...
2021-11-30 08:15:03,472 INFO Nacos is starting...
2021-11-30 08:15:03,577 INFO Nacos started successfully in cluster mode. use external storage
5.3 验证端口
root@nacos-01:/usr/local/nacos# ss -tnlp |grep java
LISTEN 0 100 *:8848 *:* users:(("java",pid=7908,fd=153))
LISTEN 0 128 *:9848 *:* users:(("java",pid=7908,fd=108))
LISTEN 0 128 *:9849 *:* users:(("java",pid=7908,fd=112))
LISTEN 0 128 *:7848 *:* users:(("java",pid=7908,fd=70))
5.4 验证 nacos web
http://192.168.174.103:8848/nacos/#/login
默认用户名和密码:nacos/nacos
六 设置开机启动
6.1 准备nacos.service文件
root@nacos-01:~# cat /lib/systemd/system/nacos.service
[Unit]
Description="nacos server"
Documentation=https://nacos.io/zh-cn/
Requires=network-online.target
After=network-online.target
[Service]
type=simple
ExecStart=/usr/local/jdk/bin/java -server -Xms2g -Xmx2g -Xmn1g -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=320m -XX:-OmitStackTraceInFastThrow -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/usr/local/nacos/logs/java_heapdump.hprof -XX:-UseLargePages -Dnacos.member.list= -Xlog:gc*:file=/usr/local/nacos/logs/nacos_gc.log:time,tags:filecount=10,filesize=102400 -Dloader.path=/usr/local/nacos/plugins/health,/usr/local/nacos/plugins/cmdb -Dnacos.home=/usr/local/nacos -jar /usr/local/nacos/target/nacos-server.jar --spring.config.additional-location=file:/usr/local/nacos/conf/ --logging.config=/usr/local/nacos/conf/nacos-logback.xml --server.max-http-header-size=524288
ExecStop=/usr/local/nacos/bin/shutdown.sh
ExecReload=/bin/kill --signal HUP $MAINPID
KillMode=process
KillSignal=SIGTERM
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
6.2 开机启动
root@nacos-01:~# systemctl enable nacos.service
Created symlink /etc/systemd/system/multi-user.target.wants/nacos.service → /lib/systemd/system/nacos.service.
root@nacos-01:~# systemctl start nacos.service
七 验证集群状态
八 配置OPen-API负载
8.1 修改haproxy.cfg
~# cat /usr/local/haproxy/haproxy.cfg
listen nacos-8848
bind 192.168.174.20:8848
mode tcp
log global
server nacos-01 192.168.174.103:8848 check inter 3s fall 2 rise 5
server nacos-02 192.168.174.104:8848 check inter 3s fall 2 rise 5
server nacos-03 192.168.174.105:8848 check inter 3s fall 2 rise 5
~# systemctl restart haproxy
8.2 发布配置
~# curl -X POST "http://192.168.174.20:8848/nacos/v1/cs/configs?dataId=nacos.cfg.dataId&group=test&cnotallow=HelloWorld"
true
8.3 验证配置
8.4 获取配置
~# curl -X GET "http://192.168.174.20:8848/nacos/v1/cs/configs?dataId=nacos.cfg.dataId&group=test"
HelloWorld
~# curl -X GET "http://192.168.174.20:8848/nacos/v1/cs/configs?dataId=nacos.cfg.dataId&group=test&tenant=test" #tenant 指定名称空间id
8.5 删除配置
~# curl -X DELETE "http://192.168.174.20:8848/nacos/v1/cs/configs?dataId=nacos.cfg.dataId&group=test"
true
8.6 验证web界面
九 nginx代理nacos
server {
listen 80;
server_name nacos.xxx.com;
root /usr/local/nginx/html;
access_log logs/nacos_access.log main;
error_log logs/nacos_error.log;
index index.html index.htm index.php;
location / {
proxy_pass http://172.16.3.136:8848/nacos/;
}
location ~* \.(eot|otf|ttf|woff|woff2)$ {
proxy_pass http://172.16.3.136:8848;
}
}十 权限认证
10.1 开启授权
~# grep nacos.core.auth.enabled /usr/local/nacos/conf/application.properties
#nacos.core.auth.enabled=false
nacos.core.auth.enabled=true
### Since 1.4.1, worked when nacos.core.auth.enabled=true and nacos.core.auth.enable.userAgentAuthWhite=false.
10.2 创建用户
10.3 获取token
~# curl -X POST 'http://192.168.174.20:8848/nacos/v1/auth/login' -d 'username=test&password=123456'
{"accessToken":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0b3Bob2xkZXIiLCJleHAiOjE2Mzk3NjUwMTV9.TY6KzVxg2go7SNFRe_JvtgZ2nS4ys6yZ3mN2kGKHZc8","tokenTtl":18000,"globalAdmin":false,"username":"test"}
10.4 访问nacos
10.5.1 用户密码访问
~# curl -s -X GET "http://192.168.174.20:8848/nacos/v1/cs/configs?dataId=nacos.cfg.dataId&group=test&tenant=test&username=test&password=123456"10.5.2 token访问
~# curl -s -X GET "http://192.168.174.20:8848/nacos/v1/cs/configs?dataId=nacos.cfg.dataId&group=test&tenant=test&accessToken=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0b3Bob2xkZXIiLCJleHAiOjE2Mzk3NjUwMTV9.TY6KzVxg2go7SNFRe_JvtgZ2nS4ys6yZ3mN2kGKHZc8"
