[리눅스] consul cluster 구성

consul cluster 구성

테스트 환경

호스트 이름	서버 아이피	Type	비고
control1	192.168.0.51	server
node1	192.168.0.61	server
node2	192.168.0.62	server
node3	192.168.0.63	client

consul 설치

- consul 설치 : https://sangchul.kr/632

 

consul cluster 구성

consul.hcl 설정(/etc/consul.d/consul.hcl)

vim /etc/consul.d/consul.hcl

[control1-consul.hcl]

datacenter = "my-dc-1"
data_dir = "/opt/consul"
client_addr = "0.0.0.0"
ui_config{
  enabled = true
}
server = true
bind_addr = "0.0.0.0" # Listen on all IPv4
advertise_addr = "192.168.0.51"
bootstrap_expect=3
retry_join = ["control1", "node1", "node2"]

[node1-consul.hcl]

datacenter = "my-dc-1"
data_dir = "/opt/consul"
client_addr = "0.0.0.0"
ui_config{
  enabled = true
}
server = true
bind_addr = "0.0.0.0" # Listen on all IPv4
advertise_addr = "192.168.0.61"
bootstrap_expect=3
retry_join = ["control1", "node1", "node2"]

[node2-consul.hcl]

datacenter = "my-dc-1"
data_dir = "/opt/consul"
client_addr = "0.0.0.0"
ui_config{
  enabled = true
}
server = true
bind_addr = "0.0.0.0" # Listen on all IPv4
advertise_addr = "192.168.0.62"
bootstrap_expect=3
retry_join = ["control1", "node1", "node2"]

시스템 데몬 리로드

systemctl daemon-reload

systemctl restart consul

systemctl status consul --no-pager

클러스터 상태 확인(노드 리스트)

consul members

$ consul members
Node      Address            Status  Type    Build   Protocol  DC       Partition  Segment
control1  192.168.0.51:8301  alive   server  1.14.3  2         my-dc-1  default    <all>
node1     192.168.0.61:8301  alive   server  1.14.3  2         my-dc-1  default    <all>
node2     192.168.0.62:8301  alive   server  1.14.3  2         my-dc-1  default    <all>

웹 브라우저

- http://192.168.0.51:8500

---

consul 클라이언트 조인(join)

consul.hcl 설정(/etc/consul.d/consul.hcl)

vim /etc/consul.d/consul.hcl

datacenter = "my-dc-1"
data_dir = "/opt/consul"
bind_addr = "0.0.0.0" # Listen on all IPv4
advertise_addr = "192.168.0.63"
retry_join = ["control1", "node1", "node2"]

시스템 데몬 리로드

systemctl --now enable consul.service

systemctl restart consul.service

systemctl status consul --no-pager

서비스 포트 확인

netstat -nlpt | grep consul | sort -k 4

$ netstat -nlpt | grep consul | sort -k 4
tcp        0      0 127.0.0.1:8500          0.0.0.0:*               LISTEN      3539/consul
tcp        0      0 127.0.0.1:8600          0.0.0.0:*               LISTEN      3539/consul
tcp6       0      0 :::8301                 :::*                    LISTEN      3539/consul

노드 리스트 확인

consul members

$ consul members
Node      Address            Status  Type    Build   Protocol  DC       Partition  Segment
control1  192.168.0.51:8301  alive   server  1.14.3  2         my-dc-1  default    <all>
node1     192.168.0.61:8301  alive   server  1.14.3  2         my-dc-1  default    <all>
node2     192.168.0.62:8301  alive   server  1.14.3  2         my-dc-1  default    <all>
node3     192.168.0.63:8301  alive   client  1.14.3  2         my-dc-1  default    <default>

웹 브라우저

- http://192.168.0.51:8500

 

---

dns 질의 테스트

- 도메인 : {Node}.node.consul

dig @127.0.0.1 -p 8600 control1.node.consul +short

$ dig @127.0.0.1 -p 8600 control1.node.consul

; <<>> DiG 9.18.1-1ubuntu1.2-Ubuntu <<>> @127.0.0.1 -p 8600 control1.node.consul
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8422
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;control1.node.consul.		IN	A

;; ANSWER SECTION:
control1.node.consul.	0	IN	A	192.168.0.51

;; ADDITIONAL SECTION:
control1.node.consul.	0	IN	TXT	"consul-network-segment="

;; Query time: 0 msec
;; SERVER: 127.0.0.1#8600(127.0.0.1) (UDP)
;; WHEN: Thu Jan 26 23:18:47 KST 2023
;; MSG SIZE  rcvd: 101

 

참고URL

- Vault HA Cluster with Integrated Storage : https://developer.hashicorp.com/vault/tutorials/raft/raft-storage