使用dockerswarm+consul+ocelot对asp netcore服务进行集群,发现和网关认证
环境
window10环境下hyper-v中使用docker-machine创建三个 Docker 主机,并使用docker swarm加入到集群中
- manager管理节点ip为10.0.0.126
- work1工作节点ip为10.0.0.112
- work2工作节点ip为10.0.0.113
user_service和product_service服务部署于三个节点中,consulserver、ocelotgateway、identity_service和simpleclient服务部署在manager管理节点中
其中user_service用户服务,product_service产品服务,ocelotgateway路由网关,identity_service认证服务,consulserver服务注册与发现,simpleclient访问客户端
简述
docker swarm是docker官方下的服务编排组件,上手简单,能快速地进行服务的集群发布。
swarm集群中使用endpoint_mode的dnsrr模式对各主机节点进行负载均衡,默认采用轮询方式
在集群中使用consul进行服务发现与注册,user_service和product_service服务会向consul服务进行注册,在product_service中会使用consul的服务发现api调用user_service服务
ocelot服务作为网关对user_service和product_service服务进行路由,并集成identity_service服务的认证
代码
步骤
进入manager管理节点,创建并编辑dockerSwarm.yml
进入manager管理节点
docker-machine ssh manager
创建并编辑dockerSwarm.yml
cd /tmp && > dockerSwarm.yml && vi ./dockerSwarm.yml
使用docker stack命令发布服务
docker stack deploy -c ./dockerSwarm.yml simpleconsul
查看consul的UI中的服务
使用客户端访问经过ocelot网关认证(密码模式)的product服务信息
http://10.0.0.126:8821/product/ownerpassword
使用客户端访问的经过ocelot认证(密码模式)的Product服务中user信息
http://10.0.0.126:8821/product/userinfo
dockerSwarm.yml 文件
#version: "3" #error endpoint_mode Additional property endpoint_mode is not allowed
version: "3.2"
services:
consulserver:
image: progrium/consul:latest
environment:
SERVICE_TAGS: consul servers
networks:
- overlay
#hostname: consulserver
ports:
- "8300:8300"
- "8400:8400"
- "8500:8500"
- "53:53"
command: -server -ui-dir /ui -data-dir /tmp/consul -bootstrap-expect 1
deploy:
placement:
constraints: [node.role == manager]
user_service:
image: windcatcher/user_service:v1
networks:
- overlay
# ports: #error port published with ingress mode can't be used with dnsrr mode
# - 80:80
environment:
- ASPNETCORE_URLS=http://0.0.0.0:80
- ConsulUrl=http://consulserver:8500
- RegisterServerUrl=http://user_service
- RegisterServiceName=user_service
deploy:
mode: replicated
replicas: 3
endpoint_mode: dnsrr
product_service:
image: windcatcher/product_service:v1
#hostname: product_service
networks:
- overlay
environment:
- ASPNETCORE_URLS=http://0.0.0.0:80
- ConsulUrl=http://consulserver:8500
- RegisterServerUrl=http://product_service
- RegisterServiceName=product_service
- DiscoveryServiceName=user_service
- DiscoverDnsUrl=http://consulserver:8600
# ports:
# - '8802:80'
depends_on:
- consulserver
- user_service
deploy:
mode: replicated
replicas: 3
endpoint_mode: dnsrr
identity_service:
image: windcatcher/identity_service:v1
#hostname: identity_service
networks:
- overlay
ports:
- '8010:80'
deploy:
placement:
constraints: [node.role == manager]
ocelotgateway:
image: windcatcher/ocelotgateway:v1
networks:
- overlay
environment:
- IdentityServerUrl=http://identity_service
ports:
- '9900:80'
depends_on:
- consulserver
- user_service
- product_service
- identity_service
deploy:
placement:
constraints: [node.role == manager]
simpleclient:
image: windcatcher/simpleclient:v1
networks:
- overlay
environment:
- IdentityServerUrl=http://identity_service
- GatewayUrl=http://ocelotgateway
ports:
- '8821:80'
depends_on:
- ocelotgateway
- user_service
- product_service
- identity_service
deploy:
placement:
constraints: [node.role == manager]
networks:
overlay:
