部署 Consul
部署 Prometheus 的过程这里就不做重复介绍了,如果还不清楚的先移步到:
Prometheus 专栏 —— Prometheus安装、配置
目录结构
> hostk
> consul.yml
> roles
> - consul
> - files
> - consul_1.20.1_linux_amd64.zip
> - vars
> - main.yml
> - tasks
> - main.yml
> - deploy_consul.yml
> - templates
> - consul.json.j2
> - consul.service.j2
hostk
[consulServer]
consul-server ansible_host=172.16.X.X ansible_ssh_port=22 ansible_ssh_user='root' ansible_ssh_pass='******'
[consulServer:vars]
consul_version=1.20.1
consul_service_name=consul
consul_client_addr=0.0.0.0
consul_ui=true
consul_logs_level=INFO
acl_enabled=true
acl_default_policy=deny
consul_install.yml
---
- name: consul
hosts: consulServer
gather_facts: yes
become: yes
vars_files:
- roles/consul/vars/main.yml
roles:
- consul
vars/main.yml
---
CONSUL_VERSION: "{{ hostvars['consul-server']['consul_version'] }}"
CONSUL_CONFIG_DIR: "/data/consul.d"
CONSUL_DATA_DIR: "/data/consul"
CONSUL_BIN_PATH: "/usr/local/bin/consul"
CONSUL_SERVICE_NAME: "{{ hostvars['consul-server']['consul_service_name'] }}"
CONSUL_BIND_ADDR: "{{ ansible_default_ipv4.address }}"
CONSUL_CLIENT_ADDR: "{{ hostvars['consul-server']['consul_client_addr'] }}"
CONSUL_UI: "{{ hostvars['consul-server']['consul_ui'] }}"
CONSUL_LOG_LEVEL: "{{ hostvars['consul-server']['consul_logs_level'] }}"
CONSUL_LOG_DIR: "/data/logs/consul"
ACL_ENABLED: "{{ hostvars['consul-server']['acl_enabled'] }}"
ACL_DEFAULT_POLICY: "{{ hostvars['consul-server']['acl_default_policy'] }}"
templates/consul.json.j2
{
"datacenter": "qysy",
"data_dir": "{{ CONSUL_DATA_DIR }}",
"log_level": "{{ CONSUL_LOG_LEVEL }}",
"log_file": "{{ CONSUL_LOG_DIR }}/consul.log",
"ui": {{ CONSUL_UI }},
"bind_addr": "{{ CONSUL_BIND_ADDR }}",
"client_addr": "{{ CONSUL_CLIENT_ADDR }}",
"server": true,
"bootstrap_expect": 1,
{% if ACL_ENABLED %}
"acl": {
"enabled": true,
"default_policy": "{{ ACL_DEFAULT_POLICY }}",
"enable_token_persistence": true
}
{% endif %}
}
templates/consul.service.j2
[Unit]
Description="HashiCorp Consul - A distributed, highly available, and data-center-aware solution to connect and configure applications across dynamic, distributed infrastructure."
Documentation=https://www.consul.io/
Requires=network-online.target
After=network-online.target
[Service]
User=root
Group=root
PIDFile={{ CONSUL_DATA_DIR }}/consul.pid
ExecStartPre=-/bin/mkdir -p /run/consul
ExecStart={{ CONSUL_BIN_PATH }} agent -config-dir={{ CONSUL_CONFIG_DIR }}
ExecReload=/bin/kill -HUP $MAINPID
KillSignal=SIGINT
Restart=on-failure
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
tasks/main.yml
---
- import_tasks: deploy_consul.yml
tasks/deploy_consul.yml
---
- name: Install required dependencies
ansible.builtin.yum:
name:
- wget
- unzip
- curl
state: present
- name: Create consul directories
file:
path: "{{ item }}"
state: directory
mode: '0755'
with_items:
- "{{ CONSUL_DATA_DIR }}"
- "{{ CONSUL_CONFIG_DIR }}"
- "{{ CONSUL_LOG_DIR }}"
- name: Ensure Consul configuration directory exists
ansible.builtin.file:
path: "{{ CONSUL_CONFIG_DIR }}"
state: directory
mode: '0755'
- name: Ensure Consul data directory exists
ansible.builtin.file:
path: "{{ CONSUL_DATA_DIR }}"
state: directory
mode: '0755'
- name: Copy Consul binary
ansible.builtin.copy:
src: "{{ item }}"
dest: "/tmp"
with_fileglob:
- "../files/consul_{{ CONSUL_VERSION }}_linux_amd64.zip"
- name: Unzip Consul binary
ansible.builtin.unarchive:
src: "/tmp/consul_{{ CONSUL_VERSION }}_linux_amd64.zip"
dest: "/usr/local/bin"
remote_src: yes
- name: Set executable permission for Consul binary
ansible.builtin.file:
path: "{{ CONSUL_BIN_PATH }}"
mode: '0755'
- name: Create Consul configuration file
ansible.builtin.template:
src: consul.json.j2
dest: "{{ CONSUL_CONFIG_DIR }}/consul.json"
- name: Create Consul systemd service unit file
ansible.builtin.template:
src: consul.service.j2
dest: "/usr/lib/systemd/system/{{ CONSUL_SERVICE_NAME }}.service"
- name: Reload Consul
ansible.builtin.systemd:
name: "{{ CONSUL_SERVICE_NAME }}"
state: started
enabled: yes
- name: Wait for Consul to be ready
ansible.builtin.wait_for:
timeout: 60
- name: Generate initial management token
ansible.builtin.command: >
{{ CONSUL_BIN_PATH }} acl bootstrap
register: acl_bootstrap_output
- name: Extract management token from output
ansible.builtin.set_fact:
management_token: "{{ acl_bootstrap_output.stdout.split('SecretID: ')[1].split('\n')[0] }}"
- name: Print management token
ansible.builtin.debug:
msg: "Management Token: {{ management_token }}"
配置 Prometheus 实现自动服务发现
修改 prometheus.yml 文件
# ......其余部分不做展示
- job_name: 'consul-monitor'
consul_sd_configs:
- server: '$CONSUL_IP:8500'
relabel_configs:
- source_labels: [__metrics_path__]
regex: /metrics
target_label: __metrics_path__
replacement: /actuator/prometheus
action: replace
- source_labels: [__meta_consul_service_id]
regex: springboot-agent
target_label: __metrics_path__
replacement: /agent/actuator/prometheus
action: replace
- source_labels: [__meta_consul_service]
separator: ;
regex: (.*)
target_label: application
replacement: $1
action: replace
- source_labels: ['__meta_consul_tags']
regex: '^.*,prometheus-target,.*$'
action: keep
# ......
接下来直接访问 $MONITOR_IP:9090 进行 Target 查看添加自动服务发现监控详情
