本文主要介绍 Consul 的安装及使用,文中使用到的软件版本:RHEL 6.6、Consul 1.11.1。

1、单机版安装

1.1、下载 Consul 并解压

https://www.consul.io/downloads

unzip consul_1.11.1_linux_amd64.zip


1.2、启动

./consul agent -server -ui -bootstrap-expect=1 -data-dir=./data -datacenter=dc1 -node=node10 -client=0.0.0.0 -bind=10.40.96.10


参数说明:

-server: 以 server 身份启动;不加该参数默认是 client

-ui:可以访问 UI 界面

-bootstrap-expect:集群期望的节点数,只有节点数量达到这个值才会选举 leader

-data-dir:数据存放的目录

-datacenter:数据中心名称,默认是 dc1

-node:节点的名称

-client:客户端访问 Consul 的绑定地址;默认为 127.0.0.1,只能本地访问

-bind:集群内部通信绑定的地址,默认为 0.0.0.0

1.3、控制台

​http://10.40.96.10:8500/​

Consul 入门实战(2)--安装及管理_数据中心

2、集群安装

2.1、规划

机器 

 agent 类型

数据中心名称

 10.40.96.10

 server

dc1

 10.40.96.11

 server

dc1

 10.40.96.12

 server

dc1

2.2、启动

这里通过配置文件来依次启动各节点(先启动 10.40.96.10,再启动其他两个节点):

nohup ./consul agent -config-file=./agent.hcl &


10.40.96.10 上 agent.hcl:

server = true,
ui_config = {
  enabled = true
},
bootstrap_expect = 3,
data_dir = "./data",
datacenter = "dc1",
node_name = "node10",
client_addr = "0.0.0.0",
bind_addr = "10.40.96.10"


10.40.96.11 上 agent.hcl:

server = true,
ui_config = {
  enabled = true
},
bootstrap_expect = 3,
data_dir = "./data",
datacenter = "dc1",
node_name = "node11",
client_addr = "0.0.0.0",
bind_addr = "10.40.96.11"
start_join = ["10.40.96.10"],
retry_join = ["10.40.96.10"],


10.40.96.12 上 agent.hcl:

server = true,
ui_config = {
  enabled = true
},
bootstrap_expect = 3,
data_dir = "./data",
datacenter = "dc1",
node_name = "node12",
client_addr = "0.0.0.0",
bind_addr = "10.40.96.12"
start_join = ["10.40.96.10"],
retry_join = ["10.40.96.10"],


 配置文件中参数说明:

server:同命令行的 server 参数

bootstrap_expect:同命令行的 bootstrap-expect 参数

data_dir:同命令行的 data-dir 参数

datacenter:同命令行的 datacenter 参数

node_name:同命令行的 node 参数

client_addr:同命令行的 client 参数

bind_addr:同命令行的 bind 参数

start_join:启动时加入集群的地址,同命令行的 join 参数

retry_join:加入集群的重试地址,同命令行的 retry-join 参数

2.3、管理

2.3.1、查看节点信息

./consul members


结果如下:

Node     Address            Status  Type    Build   Protocol  DC   Partition  Segment
node10   10.40.96.10:8301   alive   server  1.11.1  2         dc1  default    <all>
node11   10.40.96.11:8301   alive   server  1.11.1  2         dc1  default    <all>
node12   10.40.96.12:8301   alive   server  1.11.1  2         dc1  default    <all>


2.3.2、查看集群状态

./consul operator raft list-peers


结果如下:

Node     ID                                    Address            State     Voter  RaftProtocol
node10   e8974195-0bfc-9156-c4ea-abb2b594f75e  10.40.96.10:8300   leader    true   3
node11   bf0f6378-fb29-8fad-07f3-2d369a8093c3  10.40.96.11:8300   follower  true   3
node12   d460dfcd-607b-2804-725e-28aa79566127  10.40.96.12:8300   follower  true   3


2.3.3、退出集群

A、优雅的离开集群并关闭

./consul leave [-http-addr=<address>]


执行该命令后,该节点的状态变为 “left”;参数 http-addr 默认为 http://127.0.0.1:8500,即本机所在节点。在 10.40.96.12 上执行该命令后,再查看节点信息如下:

Node     Address            Status  Type    Build   Protocol  DC   Partition  Segment
node10   10.40.96.10:8301   alive   server  1.11.1  2         dc1  default    <all>
node11   10.40.96.11:8301   alive   server  1.11.1  2         dc1  default    <all>
node12   10.40.96.12:8301   left    server  1.11.1  2         dc1  default    <all>


B、强制设置节点状态为 “left”

./consul force-leave [-prune] nodeName


如果节点状态为 “alive”,该节点会重新加入集群,所以看起来命令没啥效果。

对于 ”fail" 或 “left” 状态的节点,可以通过该命令把节点从集群中彻底删除(通过 prune 参数),node12 已经是 “left" 状态了,执行如下命令:

./consul force-leave -prune node12


再查看节点信息如下:

Node     Address            Status  Type    Build   Protocol  DC   Partition  Segment
node10   10.40.96.10:8301   alive   server  1.11.1  2         dc1  default    <all>
node11   10.40.96.11:8301   alive   server  1.11.1  2         dc1  default    <all>


3、多数据中心

3.1、规划

在上一步搭建的集群上,我们再搭建一个不通数据中心的集群,组成跨数据中心集群。

机器 

 agent 类型

数据中心名称

10.40.96.10

server

dc1

10.40.96.11

server

dc1

10.40.96.12

server

dc1

10.40.96.20

server

dc2

10.40.96.21

client

dc2

3.2、启动 dc2 的节点

nohup ./consul agent -config-file=./agent.hcl &


10.40.96.20 上 agent.hcl:

server = true,
ui_config = {
  enabled = true
},
bootstrap_expect = 1,
data_dir = "./data",
datacenter = "dc2",
node_name = "node20",
client_addr = "0.0.0.0",
bind_addr = "10.40.96.20"


10.40.96.21 上 agent.hcl:

server = false,
ui_config = {
  enabled = true
},
data_dir = "./data",
datacenter = "dc2",
node_name = "node21",
client_addr = "0.0.0.0",
bind_addr = "10.40.96.21",
start_join = ["10.40.96.20"],
retry_join = ["10.40.96.20"],


3.3、加入 dc1

在 10.40.96.20(需为 server 节点)上执行:

./consul join -wan 10.40.96.10


3.4、管理

3.4.1、查看所有 server 节点

./consul members -wan


该命令可以查看所以数据中心的 server 类型的节点:

Node         Address            Status  Type    Build   Protocol  DC   Partition  Segment
node10.dc1  10.40.96.10:8302    alive   server  1.11.1  2         dc1  default    <all>
node11.dc1  10.40.96.11:8302    alive   server  1.11.1  2         dc1  default    <all>
node12.dc1  10.40.96.12:8302    alive   server  1.11.1  2         dc1  default    <all>
node20.dc2  10.40.96.20:8302    alive   server  1.11.1  2         dc2  default    <all>


查看某个数据中心的所有节点信息可用:

./consul members [-http-addr=<address>]


3.4.2、断开数据中心的关联

1、在 10.40.96.20 上执行:

./consul leave


2、在 10.40.96.10、10.40.96.11、10.40.96.12 人一台集群上执行:

./consul force-leave -prune -wan node20.dc2


3、在 10.40.96.20 再启动 consul:

nohup ./consul agent -config-file=./agent.hcl &


4、命令行使用

可以通过执行 consul 命令后的提示来学习如何使用命令行,如执行:

./consul


提示如下:

Usage: consul [--version] [--help] <command> [<args>]

Available commands are:
    acl            Interact with Consul's ACLs
    agent          Runs a Consul agent
    catalog        Interact with the catalog
    config         Interact with Consul's Centralized Configurations
    connect        Interact with Consul Connect
    debug          Records a debugging archive for operators
    event          Fire a new event
    exec           Executes a command on Consul nodes
    force-leave    Forces a member of the cluster to enter the "left" state
    info           Provides debugging information for operators.
    intention      Interact with Connect service intentions
    join           Tell Consul agent to join cluster
    keygen         Generates a new encryption key
    keyring        Manages gossip layer encryption keys
    kv             Interact with the key-value store
    leave          Gracefully leaves the Consul cluster and shuts down
    lock           Execute a command holding a lock
    login          Login to Consul using an auth method
    logout         Destroy a Consul token created with login
    maint          Controls node or service maintenance mode
    members        Lists the members of a Consul cluster
    monitor        Stream logs from a Consul agent
    operator       Provides cluster-level tools for Consul operators
    reload         Triggers the agent to reload configuration files
    rtt            Estimates network round trip time between nodes
    services       Interact with services
    snapshot       Saves, restores and inspects snapshots of Consul server state
    tls            Builtin helpers for creating CAs and certificates
    validate       Validate config files/directories
    version        Prints the Consul version
    watch          Watch for changes in Consul


如需查看 members 指令的用法,再执行:

./consul members -h


就会显示用法及各种参数,参数是可选的:

Usage: consul members [options]

  Outputs the members of a running Consul agent.

HTTP API Options

  -ca-file=<value>
     Path to a CA file to use for TLS when communicating with Consul.
     This can also be specified via the CONSUL_CACERT environment
     variable.

  -ca-path=<value>
     Path to a directory of CA certificates to use for TLS when
     communicating with Consul. This can also be specified via the
     CONSUL_CAPATH environment variable.

  -client-cert=<value>
     Path to a client cert file to use for TLS when 'verify_incoming'
     is enabled. This can also be specified via the CONSUL_CLIENT_CERT
     environment variable.

  -client-key=<value>
     Path to a client key file to use for TLS when 'verify_incoming'
     is enabled. This can also be specified via the CONSUL_CLIENT_KEY
     environment variable.

  -http-addr=<address>
     The `address` and port of the Consul HTTP agent. The value can be
     an IP address or DNS address, but it must also include the port.
     This can also be specified via the CONSUL_HTTP_ADDR environment
     variable. The default value is http://127.0.0.1:8500. The scheme
     can also be set to HTTPS by setting the environment variable
     CONSUL_HTTP_SSL=true.

  -tls-server-name=<value>
     The server name to use as the SNI host when connecting via
     TLS. This can also be specified via the CONSUL_TLS_SERVER_NAME
     environment variable.

  -token=<value>
     ACL token to use in the request. This can also be specified via the
     CONSUL_HTTP_TOKEN environment variable. If unspecified, the query
     will default to the token of the Consul agent at the HTTP address.

  -token-file=<value>
     File containing the ACL token to use in the request instead of one
     specified via the -token argument or CONSUL_HTTP_TOKEN environment
     variable. This can also be specified via the CONSUL_HTTP_TOKEN_FILE
     environment variable.

Command Options

  -detailed
     Provides detailed information about nodes.

  -partition=<default>
     Specifies the admin partition to query. If not provided, the admin
     partition will be inferred from the request's ACL token, or will
     default to the `default` admin partition. Admin Partitions are a
     Consul Enterprise feature.

  -segment=<string>
     (Enterprise-only) If provided, output is filtered to only nodes
     inthe given segment.

  -status=<string>
     If provided, output is filtered to only nodes matching the regular
     expression for status.

  -wan
     If the agent is in server mode, this can be used to return the
     other peers in the WAN pool.


最后知道执行如下命令就可以查看节点信息:

./consul members