Shulou(Shulou.com)06/02 Report--

Confd is a lightweight configuration management tool. Through the query Etcd, combined with the configuration template engine, keep the local configuration up-to-date, at the same time with regular detection mechanism, configuration changes automatic reload. The data types supported by the backend are: etcd, consul, vault, environment variables, redis, zookeeper, dynamodb, stackengine, rancher. However, it is common to use Confd and etcd together.

Front-end server:

Server IP hostname installation component remarks

192.168.27.211 Client1 etcd+confd+nginx+keepalived 192.168.27.110 (Vip)

(http://nginx.jerry.com)

192.168.27.212 Client2 etcd+confd+nginx+keepalived

192.168.27.213 Client3 etcd+confd+nginx+keepalived

192.168.27.210 master ansible Fortress Machine

Backend server (web station):

Server IP function

192.168.26.210 web1

192.168.26.211 web2

192.168.26.212 web3

Install the etcd cluster to make sure it works properly (ansible k8s-m shell-a'etcdctl endpoint health').

Installation and configuration of backend web server (pay attention to VIP domain name mapping):

A brief introduction to the installation of keepalived installation configuration:

[root@client1 ~] # yum install keepalived-y

192.168.27.211:

[root@client1 keepalived] # cat keepalived.conf

! Configuration File for keepalived

Global_defs {

Router_id nginx1

}

Vrrp_script chk_http_port {

Script "/ etc/keepalived/chk_nginx.sh"

Interval 2

Weight 2

}

Vrrp_instance VI_1 {

State MASTER

Interface ens160

Virtual_router_id 20

Priority 100

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass jerry520

}

Track_script {

Chk_http_port

}

Virtual_ipaddress {

192.168.27.110/22

}

}

192.168.27.212:

! Configuration File for keepalived

Global_defs {

Router_id nginx2

}

Vrrp_script chk_http_port {

Script "/ etc/keepalived/chk_nginx.sh"

Interval 2

Weight 2

}

Vrrp_instance VI_1 {

State BACKUP

Interface ens160

Virtual_router_id 20

Priority 99

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass jerry520

}

Track_script {

Chk_http_port

}

Virtual_ipaddress {

192.168.27.110/22

}

}

192.168.27.213:

! Configuration File for keepalived

Global_defs {

Router_id nginx3

}

Vrrp_script chk_http_port {

Script "/ etc/keepalived/chk_nginx.sh"

Interval 2

Weight 2

}

Vrrp_instance VI_1 {

State BACKUP

Interface ens160

Virtual_router_id 20

Priority 98

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass jerry520

}

Track_script {

Chk_http_port

}

Virtual_ipaddress {

192.168.27.110/22

}

}

Nginx detection script: (same) vim / etc/keepalived/chk_nginx.sh needs to be configured on all three servers

[root@client1 keepalived] # cat chk_nginx.sh

#! / bin/bash

A=ps-C nginx-- no-header | wc-l

If [$A-eq 0]; then

Echo 'nginx server is died'

/ etc/init.d/keepalived stop

Fi

Nginx installation:

Yum install nginx-y

Nginx.conf configuration file: three servers remain the same vim / etc/nginx/nginx.conf

User nginx

Worker_processes 1

Events {

Worker_connections 1024

}

Http {

Include mime.types

Default_type application/octet-stream

Sendfile on

Keepalive_timeout 65

Upstream nginx.jerry.com {

Server 192.168.26.210:80

Server 192.168.26.211:80

Server 192.168.26.212:80

}

Server {

Listen 80

Server_name nginx.jerry.com

Location / {

Root html

Index index.html index.htm

Proxy_pass http://nginx.jerry.com;

}

Error_page 500 502 503 504 / 50x.html

Location = / 50x.html {

Root html

}

}

}

Install and configure KEEPALIved and nginx (transponder) respectively and start the operation to observe the effect:

Confd installation configuration:

[root@master etc] # ansible K8s-m copy-a "src=/etc/confd dest=/etc/"

[root@master bin] # ansible K8s-m copy-a "src=/usr/bin/confd dest=/usr/bin/confd"

[root@master bin] # ansible k8s-m shell-a "cd / usr/bin;chmod + x confd"

[root@master conf.d] # ansible K8s-m shell-a'ls / usr/bin/confd-l'

Create a configuration directory

Mkdir-p / etc/confd/ {conf.d,templates}

Conf.d # resource template, the following files must be suffixed with toml

Templates # profile template, the following files must be suffixed with tmpl

Create a confd profile:

[root@client1 confd] # cat conf.d/sync_nginx.toml

[template]

Prefix = "/ nginx/www"

Src = "nginx.conf.tmpl"

Dest = "/ etc/nginx/conf.d/mynginx.conf"

Owner = "nginx"

Mode = "0644"

Keys = [

"/ server_name"

"/ upstream"

]

Reload_cmd = "/ usr/sbin/nginx-s reload"

Create a template file:

Upstream {{getv "/ server_name"}. Jerry.com {

{{range getvs "/ upstream/*"}}

Server {{.}}

{{end}}

}

Server {

Listen 80

Server_name {{getv "/ server_name"}. Jerry.com

Location / {

Root html

Index index.html index.htm

Proxy_pass http://{{getv "/ server_name"}. Jerry.com

}

Error_page 500 502 503 504 / 50x.html

Location = / 50x.html {

Root html

}

}

[root@client1 templates] # confd-watch-backend= "etcdv3"-node http://192.168.27.211:2379

[root@client1 conf.d] # etcdctl put / nginx/www/upstream/serverweb1 "192.168.26.210"

[root@client1 conf.d] # etcdctl put / nginx/www/upstream/serverweb2 "192.168.26.211"

[root@client1 conf.d] # etcdctl put / nginx/www/upstream/serverweb3 "192.168.26.212"

[root@client1 conf.d] # etcdctl put / nginx/www/server_name "nginx"

Observe the changes in the NGINX reverse proxy configuration file for each node in the cluster:

27.212:

27.213:

27.211:

Let's observe the change again, and this time we change the key value / nginx/www/server_name by 27.212 to httpd (formerly nginx) to see if the NGINX configuration file on 27.211 has changed.

[root@client2 conf.d] # etcdctl put / nginx/www/server_name "httpd"

The configuration file changes instantly:

Test: if you want to add, delete or modify the backend server (delete the backend WEB service 192.168.26.210).

[root@client2 conf.d] # etcdctl del / nginx/www/upstream/serverweb1

The back-end server 192.168.26.210 has been imperceptibly removed and reloaded in the configuration file

The interview has also changed.

Access via public network IP:192.168.27.100 (vip) (polling is used for load balancer):

Access the back-end site through the domain name (http://nginx.jerry.com) (polling is used for load balancer):

Remember to resolve the public network domain name or change the local HOST file:

Reference: https://github.com/kelseyhightower/confd/blob/master/docs/quick-start-guide.md

Https://github.com/kelseyhightower/confd/blob/master/docs/template-resources.md

Https://github.com/kelseyhightower/confd/blob/master/docs/templates.md

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.