[转帖]Quick Start Guide

quick,start,guide · 浏览次数 : 0

小编点评

Sure, here's a summary of the content you provided: **Auth Configuration:** * Use auth-type token to authenticate with DynamoDB. * Define the root token configuration in `$ROOT_TOKENdynamodbconfd`. * Use `onetime` flag with specific backend configurations for DynamoDB, Environment File, File, Redis, and Consul. **Template Configuration:** * Define multiple server blocks within a single template. * Each server block defines the server name, location, proxy settings, and a `server_name` variable referencing the subdomain. * The `template` prefix is used to create the server block template. * The `getv` and `range` functions are used to retrieve values from the input data. **Output:** * The generated configuration file will be named `myconfig.conf` and placed in the `/tmp` directory. * The file will be in sync with the actual configuration in the `/tmp` directory. * The output message indicates that the configuration file is now in sync with the actual settings.

正文

Before we begin be sure to download and install confd.

Select a backend

confd supports the following backends:

etcd
consul
vault
environment variables
file
redis
zookeeper
dynamodb
rancher
ssm (AWS Simple Systems Manager Parameter Store)

Add keys

This guide assumes you have a working etcd, or consul server up and running and the ability to add new keys.

etcd

etcdctl set /myapp/database/url db.example.com
etcdctl set /myapp/database/user rob

consul

curl -X PUT -d 'db.example.com' http://localhost:8500/v1/kv/myapp/database/url
curl -X PUT -d 'rob' http://localhost:8500/v1/kv/myapp/database/user

vault

vault mount -path myapp generic
vault write myapp/database url=db.example.com user=rob

environment variables

export MYAPP_DATABASE_URL=db.example.com
export MYAPP_DATABASE_USER=rob

file

myapp.yaml

myapp:
  database:
    url: db.example.com
    user: rob

redis

redis-cli set /myapp/database/url db.example.com
redis-cli set /myapp/database/user rob

zookeeper

[zk: localhost:2181(CONNECTED) 1] create /myapp ""
[zk: localhost:2181(CONNECTED) 2] create /myapp/database ""
[zk: localhost:2181(CONNECTED) 3] create /myapp/database/url "db.example.com"
[zk: localhost:2181(CONNECTED) 4] create /myapp/database/user "rob"

dynamodb

First create a table with the following schema:

aws dynamodb create-table \
    --region <YOUR_REGION> --table-name <YOUR_TABLE> \
    --attribute-definitions AttributeName=key,AttributeType=S \
    --key-schema AttributeName=key,KeyType=HASH \
    --provisioned-throughput ReadCapacityUnits=1,WriteCapacityUnits=1

Now create the items. The attribute value value must be of type string:

aws dynamodb put-item --table-name <YOUR_TABLE> --region <YOUR_REGION> \
    --item '{ "key": { "S": "/myapp/database/url" }, "value": {"S": "db.example.com"}}'
aws dynamodb put-item --table-name <YOUR_TABLE> --region <YOUR_REGION> \
    --item '{ "key": { "S": "/myapp/database/user" }, "value": {"S": "rob"}}'

Rancher

This backend consumes the Rancher metadata service. For available keys, see the Rancher Metadata Service docs.

ssm

aws ssm put-parameter --name "/myapp/database/url" --type "String" --value "db.example.com"
aws ssm put-parameter --name "/myapp/database/user" --type "SecureString" --value "rob"

Create the confdir

The confdir is where template resource configs and source templates are stored.

sudo mkdir -p /etc/confd/{conf.d,templates}

Create a template resource config

Template resources are defined in TOML config files under the confdir.

/etc/confd/conf.d/myconfig.toml

[template]
src = "myconfig.conf.tmpl"
dest = "/tmp/myconfig.conf"
keys = [
    "/myapp/database/url",
    "/myapp/database/user",
]

Create the source template

Source templates are Golang text templates.

/etc/confd/templates/myconfig.conf.tmpl

[myconfig]
database_url = {{getv "/myapp/database/url"}}
database_user = {{getv "/myapp/database/user"}}

Process the template

confd supports two modes of operation daemon and onetime. In daemon mode confd polls a backend for changes and updates destination configuration files if necessary.

etcd

confd -onetime -backend etcd -node http://127.0.0.1:2379

consul

confd -onetime -backend consul -node 127.0.0.1:8500

vault

ROOT_TOKEN=$(vault read -field id auth/token/lookup-self)

confd -onetime -backend vault -node http://127.0.0.1:8200 \
      -auth-type token -auth-token $ROOT_TOKEN

dynamodb

confd -onetime -backend dynamodb -table <YOUR_TABLE>

env

confd -onetime -backend env

file

confd -onetime -backend file -file myapp.yaml

redis

confd -onetime -backend redis -node 192.168.255.210:6379

or if you want to connect to a specific redis database (4 in this example):

confd -onetime -backend redis -node 192.168.255.210:6379/4

rancher

confd -onetime -backend rancher -prefix /2015-07-25

Note: The metadata api prefix can be defined on the cli, or as part of your keys in the template toml file.

Output:

2014-07-08T20:38:36-07:00 confd[16252]: INFO Target config /tmp/myconfig.conf out of sync
2014-07-08T20:38:36-07:00 confd[16252]: INFO Target config /tmp/myconfig.conf has been updated

The dest configuration file should now be in sync.

cat /tmp/myconfig.conf

Output:

# This a comment
[myconfig]
database_url = db.example.com
database_user = rob

ssm

confd -onetime -backend ssm

Advanced Example

In this example we will use confd to manage two nginx config files using a single template.

Add keys

etcd

etcdctl set /myapp/subdomain myapp
etcdctl set /myapp/upstream/app2 "10.0.1.100:80"
etcdctl set /myapp/upstream/app1 "10.0.1.101:80"
etcdctl set /yourapp/subdomain yourapp
etcdctl set /yourapp/upstream/app2 "10.0.1.102:80"
etcdctl set /yourapp/upstream/app1 "10.0.1.103:80"

consul

curl -X PUT -d 'myapp' http://localhost:8500/v1/kv/myapp/subdomain
curl -X PUT -d '10.0.1.100:80' http://localhost:8500/v1/kv/myapp/upstream/app1
curl -X PUT -d '10.0.1.101:80' http://localhost:8500/v1/kv/myapp/upstream/app2
curl -X PUT -d 'yourapp' http://localhost:8500/v1/kv/yourapp/subdomain
curl -X PUT -d '10.0.1.102:80' http://localhost:8500/v1/kv/yourapp/upstream/app1
curl -X PUT -d '10.0.1.103:80' http://localhost:8500/v1/kv/yourapp/upstream/app2

Create template resources

/etc/confd/conf.d/myapp-nginx.toml

[template]
prefix = "/myapp"
src = "nginx.tmpl"
dest = "/tmp/myapp.conf"
owner = "nginx"
mode = "0644"
keys = [
  "/subdomain",
  "/upstream",
]
check_cmd = "/usr/sbin/nginx -t -c {{.src}}"
reload_cmd = "/usr/sbin/service nginx reload"

/etc/confd/conf.d/yourapp-nginx.toml

[template]
prefix = "/yourapp"
src = "nginx.tmpl"
dest = "/tmp/yourapp.conf"
owner = "nginx"
mode = "0644"
keys = [
  "/subdomain",
  "/upstream",
]
check_cmd = "/usr/sbin/nginx -t -c {{.src}}"
reload_cmd = "/usr/sbin/service nginx reload"

Create the source template

/etc/confd/templates/nginx.tmpl

upstream {{getv "/subdomain"}} {
{{range getvs "/upstream/*"}}
    server {{.}};
{{end}}
}

server {
    server_name  {{getv "/subdomain"}}.example.com;
    location / {
        proxy_pass        http://{{getv "/subdomain"}};
        proxy_redirect    off;
        proxy_set_header  Host             $host;
        proxy_set_header  X-Real-IP        $remote_addr;
        proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
   }
}