1:介绍
Nacos 致力于帮助您发现、配置和管理微服务。Nacos 提供了一组简单易用的特性集,帮助您快速实现动态服务发现、服务配置、服务元数据及流量管理。
Nacos 帮助您更敏捷和容易地构建、交付和管理微服务平台。 Nacos 是构建以“服务”为中心的现代应用架构 (例如微服务范式、云原生范式) 的服务基础设施。
2:关键特性
2.1:服务发现和服务健康监测
Nacos 支持基于 DNS 和基于 RPC 的服务发现。服务提供者使用 原生SDK、OpenAPI、或一个独立的Agent TODO注册 Service 后,服务消费者可以使用DNS TODO 或HTTP&API查找和发现服务。
Nacos 提供对服务的实时的健康检查,阻止向不健康的主机或服务实例发送请求。Nacos 支持传输层 (PING 或 TCP)和应用层 (如 HTTP、MySQL、用户自定义)的健康检查。 对于复杂的云环境和网络拓扑环境中(如 VPC、边缘网络等)服务的健康检查,Nacos 提供了 agent 上报模式和服务端主动检测2种健康检查模式。Nacos 还提供了统一的健康检查仪表盘,帮助您根据健康状态管理服务的可用性及流量。
2.2:动态配置服务
动态配置服务可以让您以中心化、外部化和动态化的方式管理所有环境的应用配置和服务配置。
动态配置消除了配置变更时重新部署应用和服务的需要,让配置管理变得更加高效和敏捷。
配置中心化管理让实现无状态服务变得更简单,让服务按需弹性扩展变得更容易。
Nacos 提供了一个简洁易用的UI (控制台样例 Demo:http://console.nacos.io/nacos/index.html
) 帮助您管理所有的服务和应用的配置。Nacos 还提供包括配置版本跟踪、金丝雀发布、一键回滚配置以及客户端配置更新状态跟踪在内的一系列开箱即用的配置管理特性,帮助您更安全地在生产环境中管理配置变更和降低配置变更带来的风险。
2.3:动态 DNS 服务
动态 DNS 服务支持权重路由,让您更容易地实现中间层负载均衡、更灵活的路由策略、流量控制以及数据中心内网的简单DNS解析服务。动态DNS服务还能让您更容易地实现以 DNS 协议为基础的服务发现,以帮助您消除耦合到厂商私有服务发现 API 上的风险。
Nacos 提供了一些简单的 DNS APIs TODO(https://nacos.io/zh-cn/docs/xx
) 帮助您管理服务的关联域名和可用的 IP:PORT 列表
2.4:服务及其元数据管理
Nacos 能让您文章来源(Source):https://www.dqzboy.com从微服务平台建设的视角管理数据中心的所有服务及元数据,包括管理服务的描述、生命周期、服务的静态依赖分析、服务的健康状态、服务的流量管理、路由及安全策略、服务的 SLA 以及最首要的 metrics 统计数据。
3:环境
| 主机名 |
IP |
配置 |
| nacos_node_1 |
10.0.0.10 |
2C2G |
| nacos_node_2 |
10.0.0.11 |
2C2G |
| nacos_node_3 |
10.0.0.12 |
2C2G |
4:环境初始化
1:配置主机名(所有主机操作)
[root@virtual_host ~]# hostnamectl set-hostname nacos_node_1
[root@virtual_host ~]# hostnamectl set-hostname nacos_node_2
[root@virtual_host ~]# hostnamectl set-hostname nacos_node_3
2:配置主机名解析
[root@nacos_node_1 ~]# cat << eof>> /etc/hosts
10.0.0.10 nacos_node_1
10.0.0.11 nacos_node_2
10.0.0.12 nacos_node_3
eof
3:使用`nacos_node_1`免密登录其他节点
[root@nacos_node_1 ~]# ssh-keygen -t rsa
[root@nacos_node_1 ~]# ssh-copy-id root@10.0.0.10
[root@nacos_node_1 ~]# ssh-copy-id root@10.0.0.11
[root@nacos_node_1 ~]# ssh-copy-id root@10.0.0.12
4:下发hosts配置
[root@nacos_node_1 ~]# for i in 10.0.0.{11,12}; do echo ">>> $i";scp /etc/hosts root@$i:/etc/; done
5:关闭防火墙
[root@nacos_node_1 ~]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "systemctl stop firewalld && systemctl disable firewalld && systemctl status firewalld"; done
6:关闭SELINUX
# 永久关闭
[root@nacos_node_1 ~]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "sed -ri 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config"; done
# 临时关闭
[root@nacos_node_1 ~]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "setenforce 0 && getenforce"; done
7:安装常用命令(建议挨个装)
[root@nacos_node_1 ~]# yum install -y gcc gcc-c++ wget git openssl openssl-devel ntp yum-utils bash-completion zip unzip chrony
# 一键部署
[root@nacos_node_1 ~]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "yum install -y gcc gcc-c++ wget git openssl openssl-devel ntp yum-utils bash-completion zip unzip chrony" ; done
8:配置时间同步
`nacos_node_1`节点与互联网时间服务器进行同步,其他节点则于`nacos_node_1`节点进行时间同步
[root@nacos_node_1 ~]# systemctl enable ntpd --now
[root@nacos_node_1 ~]# cat /etc/chrony.conf | grep allow
allow 10.0.0.0/8
[root@nacos_node_1 ~]# systemctl enable chronyd --now
# 配置时区
[root@nacos_node_1 ~]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "timedatectl set-timezone Asia/Shanghai"; done
# 其他节点关闭ntpd服务,我们这里使用chronyd服务
[root@nacos_node_1 ~]# for i in 10.0.0.{11,12}; do echo ">>> $i";ssh root@$i "systemctl disable ntpd --now"; done
# 登入各个节点服务器进行手动修改chronyd的server
[root@nacos_node_2 ~]# cat /etc/chrony.conf | grep server | grep -v "#"
server 10.0.0.10 iburst
[root@nacos_node_3 ~]# cat /etc/chrony.conf | grep server | grep -v "#"
server 10.0.0.10 iburst
# 检查配置
[root@nacos_node_1 ~]# for i in 10.0.0.{11,12}; do echo ">>> $i";ssh root@$i "cat /etc/chrony.conf | grep server | grep -v '#'"; done
# 另外2个节点启动服务,在`nacos_node_1`节点操作
[root@nacos_node_1 ~]# for i in 10.0.0.{11,12}; do echo ">>> $i";ssh root@$i "systemctl restart chronyd && systemctl enable chronyd --now"; done
[root@nacos_node_1 ~]# for i in 10.0.0.{11,12}; do echo ">>> $i";ssh root@$i "chronyc sources -v"; done
9:所有节点安装JDK
[root@nacos_node_1 ~]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "yum install -y java-1.8.0-openjdk java-1.8.0-openjdk-devel"; done
5:MySQL主从配置
官方建议数据库最好是主备模式,这里我就先搭建个一主多从的模式,由于我虚拟机资源有限,所以这里选择和Nacos部署在一起
5.1:下载安装
安装方式为RPM包安装,3台机器都需要进行安装部署,所需安装包如下:
1:选择国内Yum源
[root@nacos_node_1 ~]# cat << eof>> /etc/yum.repos.d/mysql.repo
[mysql57-community]
name=MySQL 5.7 Community Server
baseurl=https://mirrors.cloud.tencent.com/mysql/yum/mysql-5.7-community-el7-x86_64/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-mysql
eof
2:同步源到其他主机
[root@nacos_node_1 ~]# for i in 10.0.0.{11,12}; do echo ">>> $i";scp /etc/yum.repos.d/mysql.repo root@$i:/etc/yum.repos.d/; done
3:安装MySQL
[root@nacos_node_1 ~]# mkdir -p /opt/soft && cd /opt/soft
# 卸载掉系统默认的mariadb
[root@nacos_node_1 soft]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "rpm -qa|grep mariadb|xargs rpm -e --nodeps"; done
# 安装
[root@nacos_node_1 soft]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "yum install mysql-community-* -y"; done
国内源统一的尿性,统一IP并发不高,一起下载可能会出错。
5.2:启动MySQL(三台节点都操作)
[root@nacos_node_1 soft]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "systemctl enable mysqld --now"; done
重置三台密码,查看密码--->登录MySQL--->修改密码强度--->修改密码 (三台机器一起操作)
[root@nacos_node_1 soft]# MYSQLPD=$(cat /var/log/mysqld.log | grep password | awk '{print $11}')
[root@nacos_node_1 soft]# mysql -uroot -p$MYSQLPD
# 修改密码策略
mysql> set global validate_password_policy=0;
Query OK, 0 rows affected (0.00 sec)
mysql> set global validate_password_mixed_case_count=0;
Query OK, 0 rows affected (0.00 sec)
mysql> set global validate_password_number_count=3;
Query OK, 0 rows affected (0.00 sec)
mysql> set global validate_password_special_char_count=0;
Query OK, 0 rows affected (0.00 sec)
mysql> set global validate_password_length=3;
Query OK, 0 rows affected (0.00 sec)
# 修改本地登录密码,我这里用123456,生产可不兴这么玩
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
5.3:修改配置
[root@nacos_node_1 soft]# cat /etc/my.cnf
# 在[mysqld]下添加如下
server-id = 10
gtid-mode = ON
enforce-gtid-consistency = ON
log-slave-updates = ON
expire_logs_days = 30
max_binlog_size = 100M
log_bin = /var/run/mysqld/mysql-bin
binlog-format = Row
skip_slave_start= ON
[root@nacos_node_2 ~]# cat /etc/my.cnf
# 在[mysqld]下添加如下
[mysqld]
server-id = 11
gtid-mode = ON
enforce-gtid-consistency = ON
log-slave-updates = ON
expire_logs_days = 30
max_binlog_size = 100M
log_bin = /var/run/mysqld/mysql-bin
binlog-format = Row
skip_slave_start= ON
[root@nacos_node_3 ~]# cat /etc/my.cnf
# 在[mysqld]下添加如下
[mysqld]
server-id = 12
gtid-mode = ON
enforce-gtid-consistency = ON
log-slave-updates = ON
expire_logs_days = 30
max_binlog_size = 100M
log_bin = /var/run/mysqld/mysql-bin
binlog-format = Row
skip_slave_start= ON
所有节点重启MySQL服务
[root@nacos_node_1 soft]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "systemctl restart mysqld"; done
5.4:配置主从
创建同步账号(在主操作)
1:修改密码策略
mysql> set global validate_password_policy=0;
Query OK, 0 rows affected (0.00 sec)
mysql> set global validate_password_mixed_case_count=0;
Query OK, 0 rows affected (0.00 sec)
mysql> set global validate_password_number_count=3;
Query OK, 0 rows affected (0.00 sec)
mysql> set global validate_password_special_char_count=0;
Query OK, 0 rows affected (0.00 sec)
mysql> set global validate_password_length=3;
Query OK, 0 rows affected (0.00 sec)
2:创建同步用户
mysql> grant replication slave on *.* to 'slave'@'10.0.0.%' identified by '123456';
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
查看主库与从库的GTID是否开启
mysql> show variables like "%gtid%";
+----------------------------------+-----------+
| Variable_name | Value |
+----------------------------------+-----------+
| binlog_gtid_simple_recovery | ON |
| enforce_gtid_consistency | ON |
| gtid_executed_compression_period | 1000 |
| gtid_mode | ON |
| gtid_next | AUTOMATIC |
| gtid_owned | |
| gtid_purged | |
| session_track_gtids | OFF |
+----------------------------------+-----------+
8 rows in set (0.00 sec)
mysql> show variables like '%gtid_next%';
+---------------+-----------+
| Variable_name | Value |
+---------------+-----------+
| gtid_next | AUTOMATIC |
+---------------+-----------+
1 row in set (0.00 sec)
3:主库查看状态
mysql> show master status\G;
*************************** 1. row ***************************
File: mysql-bin.000001
Position: 597
Binlog_Do_DB:
Binlog_Ignore_DB:
Executed_Gtid_Set: 00fecda5-2143-11ed-a97a-000c2925e822:1-2
1 row in set (0.00 sec)
4:从库链接主库
[root@nacos_node_2 ~]# mysql -uroot -p123456
mysql> change master to master_host='10.0.0.10',master_user='slave',master_password='123456',master_auto_position=1;
mysql> start slave;
Query OK, 0 rows affected (0.00 sec)
[root@nacos_node_3 ~]# mysql -uroot -p123456
mysql> change master to master_host='10.0.0.10',master_user='slave',master_password='123456',master_auto_position=1;
Query OK, 0 rows affected, 2 warnings (0.01 sec)
mysql> start slave;
Query OK, 0 rows affected (0.00 sec)
查看主机
mysql> show slave hosts\G;
*************************** 1. row ***************************
Server_id: 11
Host:
Port: 3306
Master_id: 10
Slave_UUID: 02a918ba-2143-11ed-9b99-000c29467739
*************************** 2. row ***************************
Server_id: 12
Host:
Port: 3306
Master_id: 10
Slave_UUID: 043b197b-2143-11ed-9b84-000c296c3e86
2 rows in set (0.00 sec)
查看从的状态
mysql> show slave status\G;
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
Master_Host: 10.0.0.10
Master_User: slave
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000001
Read_Master_Log_Pos: 597
Relay_Log_File: nacos_node_2-relay-bin.000002
Relay_Log_Pos: 810
Relay_Master_Log_File: mysql-bin.000001
Slave_IO_Running: Yes # 看到yes就OK了
Slave_SQL_Running: Yes # 看到yes就OK了
5:检查GTID复制
主库创建数据库
mysql> create database layzer;
Query OK, 1 row affected (0.00 sec)
从库查看数据库
[root@nacos_node_1 ~]# for i in 10.0.0.{11,12}; do echo ">>> $i";ssh root@$i "mysql -uroot -p123456 -e 'show databases;'"; done
6:部署Nacos
6.1:下载Nacos
我这里决定使用的是`1.3.1`的版本,可能有些老,大家可以去研究新的版本去部署
1:下载
[root@nacos_node_1 soft]# pwd
/opt/soft
[root@nacos_node_1 soft]# wget https://hub.fastgit.xyz/alibaba/nacos/releases/download/1.3.1/nacos-server-1.3.1.zip --no-check-certificate
2:解压
[root@nacos_node_1 soft]# unzip nacos-server-1.3.1.zip -d /usr/local/
6.2:修改配置
1:同步配置
[root@nacos_node_1 soft]# for i in 10.0.0.{11,12}; do echo ">>> $i";scp -r /usr/local/nacos root@$i:/usr/local/; done
2:修改配置(全部节点操作)
[root@nacos_node_1 nacos]# cat /usr/local/nacos/conf/cluster.conf
#ip:port
10.0.0.10:8848
10.0.0.11:8448
10.0.0.12:8848
3:数据源配置
主库操作即可,此数据库提供给Nacos使用
[root@nacos_node_1 nacos]# mysql -uroot -p123456
mysql> CREATE DATABASE `nacos_config` CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;
mysql> CREATE USER 'nacos'@'%' IDENTIFIED BY '123456';
mysql> grant all privileges on nacos_config.* to nacos@'%';
mysql> flush privileges;
4:导入数据(主库操作即可)
mysql> use nacos_config;
mysql> source /usr/local/nacos/conf/nacos-mysql.sql;
5:所有nacos节点修改nacos连接数据库的配置文件
[root@nacos_node_1 nacos]# for i in 10.0.0.{11,12}; do echo ">>> $i";scp -r /usr/local/nacos/conf/application.properties root@$i:/usr/local/nacos/conf; done
6.3:启动Nacos
所有节点执行以下命令启动
[root@nacos_node_1 nacos]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "sh /usr/local/nacos/bin/startup.sh"; done
查看启动日志
[root@nacos_node_1 nacos]# tailf /usr/local/nacos/logs/start.out
2022-08-21 20:21:22,165 INFO Nacos started successfully in cluster mode. use external storage
查看端口
[root@nacos_node_1 nacos]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "ss -lnt | grep 8848"; done
>>> 10.0.0.10
LISTEN 0 100 [::]:8848 [::]:*
>>> 10.0.0.11
LISTEN 0 100 [::]:8848 [::]:*
>>> 10.0.0.12
LISTEN 0 100 [::]:8848 [::]:*
这样我们的Nacos的集群就部署好了,后面我们要做的就是部署一下`Keepalived`来保证Nacos的高可用了
7:部署Keepalived
安装Keepalived(全部节点安装)
[root@nacos_node_1 ~]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "yum install -y keepalived"; done
分别为三台主机配置keepalived
[root@nacos_node_1 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id nacos_node_1
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nacos_status {
script "/etc/keepalived/check_nacos_status.sh"
interval 5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.100
}
track_script {
check_nacos_status
}
}
[root@nacos_node_2 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id nacos_node_2
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nacos_status {
script "/etc/keepalived/check_nacos_status.sh"
interval 5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.100
}
track_script {
check_nacos_status
}
}
[root@nacos_node_3 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id nacos_node_3
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nacos_status {
script "/etc/keepalived/check_nacos_status.sh"
interval 5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.100
}
track_script {
check_nacos_status
}
}
创建检测nacos是否存存活脚本
[root@nacos_node_1 keepalived]# cat /etc/keepalived/check_nacos_status.sh
#!/bin/bash
nacos=`netstat -tnlp|grep 8848|wc -l`
if [ "$nacos" -eq 0 ];then
systemctl stop keepalived
fi
[root@nacos_node_1 keepalived]# for i in 10.0.0.{11,12}; do echo ">>> $i";scp -r /etc/keepalived/check_nacos_status.sh root@$i:/etc/keepalived/; done
启动keepalived
[root@nacos_node_1 keepalived]# for i in 10.0.0.{10..12}; do echo ">>> $i";ssh root@$i "systemctl enable keepalived --now"; done
[root@nacos_node_1 keepalived]# ip a | grep "inet" | grep "100"
inet 10.0.0.100/32 scope global eth0
最后解析域名到Keepalived的虚拟IP即可,最后附上结果
总之一句话,内存一定要足,否则nacos的节点可是会down掉的。
浙公网安备 33010602011771号