使用dockerswarm+consul+ocelot对asp netcore服务进行集群,发现和网关认证

发表于 2018-04-13 | 分类于 docker ， microservice | | 阅读次数: | 本文总阅读量次

介绍使用dockerswarm+consul+ocelot对asp netcore服务进行集群,发现和网关认证
swarm是docker官方下的服务编排组件，上手简单，能快速地进行服务的集群发布。
在集群中使用consul进行服务发现与注册

环境

window10环境下hyper-v中使用docker-machine创建三个 Docker 主机，并使用docker swarm加入到集群中

manager管理节点ip为10.0.0.126
work1工作节点ip为10.0.0.112
work2工作节点ip为10.0.0.113

user_service和product_service服务部署于三个节点中，consulserver、ocelotgateway、identity_service和simpleclient服务部署在manager管理节点中

其中user_service用户服务,product_service产品服务，ocelotgateway路由网关，identity_service认证服务，consulserver服务注册与发现，simpleclient访问客户端

简述

docker swarm是docker官方下的服务编排组件，上手简单，能快速地进行服务的集群发布。

swarm集群中使用endpoint_mode的dnsrr模式对各主机节点进行负载均衡，默认采用轮询方式

在集群中使用consul进行服务发现与注册，user_service和product_service服务会向consul服务进行注册，在product_service中会使用consul的服务发现api调用user_service服务

ocelot服务作为网关对user_service和product_service服务进行路由，并集成identity_service服务的认证

代码

步骤

进入manager管理节点，创建并编辑dockerSwarm.yml

进入manager管理节点

1	docker-machine ssh manager

创建并编辑dockerSwarm.yml

1	cd /tmp && > dockerSwarm.yml && vi ./dockerSwarm.yml

使用docker stack命令发布服务

1	docker stack deploy -c ./dockerSwarm.yml simpleconsul

查看consul的UI中的服务

http://10.0.0.126:8500

使用客户端访问经过ocelot网关认证（密码模式）的product服务信息

http://10.0.0.126:8821/product/ownerpassword

使用客户端访问的经过ocelot认证（密码模式）的Product服务中user信息

http://10.0.0.126:8821/product/userinfo

dockerSwarm.yml 文件

#version: "3"  #error endpoint_mode Additional property endpoint_mode is not allowed
version: "3.2"
services:
  consulserver:
    image: progrium/consul:latest
    environment:
      SERVICE_TAGS: consul servers
    networks:
      - overlay
    #hostname: consulserver
    ports:
      - "8300:8300"
      - "8400:8400"
      - "8500:8500"
      - "53:53"
    command: -server -ui-dir /ui -data-dir /tmp/consul -bootstrap-expect 1
    deploy:
      placement:
        constraints: [node.role == manager]
  user_service:
    image: windcatcher/user_service:v1
    networks:
      - overlay    
    # ports:    #error port published with ingress mode can't be used with dnsrr mode
    #   - 80:80
    environment:
      - ASPNETCORE_URLS=http://0.0.0.0:80
      - ConsulUrl=http://consulserver:8500
      - RegisterServerUrl=http://user_service
      - RegisterServiceName=user_service
    deploy:
      mode: replicated
      replicas: 3
      endpoint_mode: dnsrr
  product_service:
    image: windcatcher/product_service:v1
    #hostname: product_service
    networks:
      - overlay 
    environment:
      - ASPNETCORE_URLS=http://0.0.0.0:80
      - ConsulUrl=http://consulserver:8500
      - RegisterServerUrl=http://product_service
      - RegisterServiceName=product_service
      - DiscoveryServiceName=user_service
      - DiscoverDnsUrl=http://consulserver:8600
       
    # ports:
    #   - '8802:80' 
      
    depends_on:
      - consulserver
      - user_service
    deploy:
      mode: replicated
      replicas: 3
      endpoint_mode: dnsrr
  identity_service:
    image: windcatcher/identity_service:v1
    #hostname: identity_service
    networks:
      - overlay     
    ports:
      - '8010:80' 
    deploy:
      placement:
        constraints: [node.role == manager]
        
  ocelotgateway:
    image: windcatcher/ocelotgateway:v1
    networks:
      - overlay     
    environment:
      - IdentityServerUrl=http://identity_service
    
    ports:
      - '9900:80'  
    depends_on:
      - consulserver
      - user_service
      - product_service
      - identity_service
    deploy:
      placement:
        constraints: [node.role == manager]
  simpleclient:
    image: windcatcher/simpleclient:v1
    networks:
      - overlay     
    environment:
      - IdentityServerUrl=http://identity_service
      - GatewayUrl=http://ocelotgateway
    ports:
      - '8821:80'   
    depends_on:
      - ocelotgateway
      - user_service
      - product_service
      - identity_service
    deploy:
      placement:
        constraints: [node.role == manager]
networks:
  overlay:

参考

您的支持将鼓励我继续创作