Lework Study hard, improve every day.

初创型公司-持续部署系列(三)部署nginx和consul

2016-12-10
本文 3692 字,阅读全文约需 11 分钟

nginx的作用是让后端多个服务器来同时分担用户的流量,从而减少单个服务器的压力。在自动化持续交付的时候,我们不能采用手工得方式来进行灰度发布,即在nginx服务器上关闭发布服务器,平滑重启nginx。这时引用了consul,通过consul来动态的管理nginx后端服务器,不需要平滑重启nginx也能在nginx上关闭后端服务器。

安装依赖

yum -y install gcc gcc-c++ make libtool zlib zlib-devel openssl openssl-devel pcre pcre-devel

下载文件

cd /opt/software
wget https://releases.hashicorp.com/consul/0.7.1/consul_0.7.1_linux_amd64.zip
wget http://nginx.org/download/nginx-1.11.5.tar.gz
wget https://github.com/weibocom/nginx-upsync-module/archive/master.zip

unzip consul_0.7.1_linux_amd64.zip
unzip master.zip 
tar zxf nginx-1.11.5.tar.gz

配置nginx

groupadd nginx
useradd -g nginx -s /sbin/nologin nginx
mkdir -p /var/tmp/nginx/client/
mkdir -p /usr/local/nginx

编译安装nginx

./configure   --prefix=/usr/local/nginx   --user=nginx   --group=nginx   --with-http_ssl_module   --with-http_flv_module   --with-http_stub_status_module   --with-http_gzip_static_module   --with-http_realip_module   --http-client-body-temp-path=/var/tmp/nginx/client/   --http-proxy-temp-path=/var/tmp/nginx/proxy/   --http-fastcgi-temp-path=/var/tmp/nginx/fcgi/   --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi   --http-scgi-temp-path=/var/tmp/nginx/scgi   --with-pcre --add-module=../nginx-upsync-module-master
make && make install

nginx配置文件

# /usr/local/nginx/conf/nginx.conf
#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"'
 		      '$upstream_addr $upstream_status $upstream_response_time $request_time';

    access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    #
    vhost_traffic_status_zone;
    #proxy_cache_path /tmp/cache_backend keys_zone=cache_backend:10m;

    upstream test {
        server 127.0.0.1:11111;
        upsync 192.168.77.129:8500/v1/kv/upstreams/test upsync_timeout=6m upsync_interval=500ms upsync_type=consul strong_dependency=off;
        upsync_dump_path /usr/local/nginx/conf/servers/servers_test.conf;
        server 192.168.77.140:8080 backup;
    }

    upstream bar {
        server 192.168.77.139:80 weight=1 fail_timeout=10 max_fails=3; 
    } 


    server {
        listen 80;

        location = / {
        proxy_pass http://test;
	      proxy_set_header  Host  $host;
	      proxy_set_header  X-Real-IP  $remote_addr;
	      proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
	      add_header	real $upstream_addr;
        }

        location ~ /Content|Scripts/ {
	      proxy_pass http://test;
	      proxy_set_header  Host  $host;
	      proxy_set_header  X-Real-IP  $remote_addr;
	      proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
        }

        location = /bar {
            proxy_pass http://bar;
        }

        location = /upstream_show {
            upstream_show;
        }

        location = /upstream_status {
            stub_status on;
            access_log off;
        }
    }
}

创建upsync_dump_path

mkdir /usr/local/nginx/conf/servers/

安装consul

mkdir /usr/local/consul
mv consul /usr/local/consul/

启动consul

/usr/local/consul/consul agent -server -bootstrap-expect=1 -data-dir=/consul_data -node=one1 -bind=192.168.77.129 -config-dir=/etc/consul.d -client 0.0.0.0 -ui

添加后端服务

curl -X PUT http://192.168.77.129:8500/v1/kv/upstreams/test/192.168.77.140:80
curl -X PUT http://192.168.77.129:8500/v1/kv/upstreams/test/192.168.77.142:80

关闭后端服务

curl -X PUT -d '{"weight":2, "max_fails":2, "fail_timeout":10, "down":0}' http://192.168.77.129:8500/v1/kv/upstreams/test/192.168.77.140:80

开启后端服务

curl -X PUT -d '{"weight":2, "max_fails":2, "fail_timeout":10, "down":0}' http://192.168.77.129:8500/v1/kv/upstreams/test/192.168.77.142:80

启动nginx

nginx

查看consul web信息

Paste_Image.png

Paste_Image.png

查看通过consul添加的后端服务

cat /usr/local/nginx/conf/servers/servers_test.conf 
server 192.168.77.142:80 weight=2 max_fails=2 fail_timeout=10s;
server 192.168.77.140:80 weight=2 max_fails=2 fail_timeout=10s;

访问nginx,测试下是否代理到后端服务

Paste_Image.png

real地址就是后端服务器的地址。

原文地址 https://lework.github.io/2016/12/10/chu-chuang-xing-gong-si-chi-xu-bu-shu-xi-lie-(-san-)-bu-shu-nginx-he-consul/

Comments

Content