Etcd+Confd實現配置檔案動態更新
阿新 • • 發佈:2020-08-17
簡介
如上圖是一個很簡單的架構,生產環境中經常會進行灰度釋出,需要下掉一部分的節點。如果靠人工操作很容易錯誤,這裡通過Etcd和Confd來實現nginx upstream的動態更新。
類似的,自動化部署時服務的環境變數等也可存入etcd(配置中心website頁面),coredns等配置檔案內容均可存入etcd,由confd動態重新整理。
etcd: 分散式KV儲存系統,一般用於共享配置和服務註冊與發現。
confd:管理本地應用配置檔案,使用etcd或consul儲存的資料渲染模板,還支援redis、zookeeper等, 通過watch定期監測對應的etcd中目錄變化,獲取最新的Value,然後渲染模板,更新配置檔案。
安裝
- 安裝etcd
yum -y install etcdsystemctl start etcd
- 安裝confd
wget https://github.com/kelseyhightower/confd/releases/download/v0.16.0/confd-0.16.0-linux-arm64mkdir -p /etc/etcd/{conf.d,templates}mv confd-0.16.0-linux-arm64 /usr/bin/confd
- conf.d 目錄存放.toml配置檔案
- templates 目錄存放.tmpl配置模版檔案
配置
建立nginx配置和模版
配置檔案cat conf.d/test.conf.toml
[
template]src = "test.conf.tmpl"
dest = "/tmp/test.conf"
keys = [ "/nginx",]
check_cmd = "/usr/sbin/nginx -t -c {{.src}}"
reload_cmd = "/usr/sbin/nginx -s reload"
]
模版檔案cat templates/test.conf.tmpl
upstream www_{{getv "/nginx/www/server/server_name"}} { {{range getvs "/nginx/www/upstream/*"}} server {{.}}; {{end}} } server { server_name {{getv "/nginx/www/server/server_name"}}; location / { proxy_pass http://www_{{getv "/nginx/www/server/server_name"}}; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_redirect off; } }
配置etcd
etcdctl set /nginx/https/www/server/server_name test.com
etcdctl set /nginx/https/www/upstream/server1 192.168.1.110
etcdctl set /nginx/https/www/upstream/server2 192.168.1.111
啟動confd監聽
confd -watch -backend etcd -node http://127.0.0.1:2379
檢視生產的nginx配置檔案
cat /tmp/test.confupstream www_test.com
{
server 192.168.1.110;
server 192.168.1.111;}
server {
server_name test.com; location / {
proxy_pass http://www_test.com;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off; }
}
配置檔案生成完成