zoukankan      html  css  js  c++  java

  • K8S conul部署

    官网有Helm方式的安装文档(https://www.consul.io/docs/platform/k8s/index.html)

    一,准备工作:

    1,k8s环境

    2,nfs服务器

    二,创建PV

    nfs_pv.yaml

    apiVersion: v1
kind: PersistentVolume
metadata:
  name: kingsun.nfs1
spec:
  capacity:
    storage: 1Gi
  accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
  persistentVolumeReclaimPolicy: Recycle
  storageClassName: nfs
  nfs:
    path: /mnt/nfsdata
    server: 196.1.210.140

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: kingsun.nfs2
spec:
  capacity:
    storage: 1Gi
  accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
  persistentVolumeReclaimPolicy: Recycle
  storageClassName: nfs
  nfs:
    path: /mnt/nfsdata
    server: 196.1.210.140
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: kingsun.nfs3
spec:
  capacity:
    storage: 1Gi
  accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
  persistentVolumeReclaimPolicy: Recycle
  storageClassName: nfs
  nfs:
    path: /mnt/nfsdata
    server: 196.1.210.140

    执行:kubectl apply -f nfs_pv.yaml 创建pv(PersistentVolume)

    三,将Consul使用端口通过Service暴露

    PortService.yaml

    apiVersion: v1
kind: Service
metadata:  
    name: consul  
    labels:    
      name: consul
spec:  
    type: ClusterIP
    clusterIP: None  
    ports:    
      - name: http      
        port: 8500      
        targetPort: 8500    
      - name: https      
        port: 8443      
        targetPort: 8443    
      - name: rpc      
        port: 8400      
        targetPort: 8400    
      - name: serflan-tcp      
        protocol: "TCP"      
        port: 8301      
        targetPort: 8301    
      - name: serflan-udp      
        protocol: "UDP"      
        port: 8301      
        targetPort: 8301    
      - name: serfwan-tcp      
        protocol: "TCP"      
        port: 8302      
        targetPort: 8302    
      - name: serfwan-udp      
        protocol: "UDP"      
        port: 8302      
        targetPort: 8302    
      - name: server      
        port: 8300      
        targetPort: 8300    
      - name: consuldns      
        port: 8600      
        targetPort: 8600  
    selector:    
     app: consul

    四,编辑ACL配置文件并保存到K8S ConfigMap

    Acl.json

    {"acl":{
 "enabled":true,
 "default_policy":"deny",
 "enable_token_persistence":true,
 "tokens":{
   "master":"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c",
   "agent":"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c"
 }
}}

    执行:kubectl create configmap --from-file Acl.json

    查看configmap:kubectl get configmap -o yaml

    PS G:KingSunConsulYaml> kubectl get configmap -o yaml
apiVersion: v1
items:
- apiVersion: v1
  data:
    Acl.json: "{"acl":{
 "enabled":true,
 "default_policy":"deny",

      "enable_token_persistence":true,
 "tokens":{
   "master":"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c",

        "agent":"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c"
 }
}}"
  kind: ConfigMap
  metadata:
    creationTimestamp: "2019-12-03T08:21:22Z"
    name: consul-acl-config
    namespace: default
    resourceVersion: "771714"
    selfLink: /api/v1/namespaces/default/configmaps/consul-acl-config
    uid: 57507410-e0a2-4979-9c8b-731fe9dc62b8
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

    五,编辑StateFulSet配置文件创建pod

    StateFulSet.yaml

    apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: consul
spec:
  selector: 
    matchLabels:
      app: consul
  serviceName: consul
  replicas: 1
  template: 
    metadata:
      labels:
        app: consul
    spec:
      #affinity:
      #  podAntiAffinity:
      #    requiredDuringSchedulingIgnoredDuringExecution:
      #      - labelSelector:
      #          matchExpressions:
      #            - key: app
      #              operator: In
      #              values:
      #                - consul
      #        topologyKey: kubernetes.io/hostname
      terminationGracePeriodSeconds: 10
      volumes:
        - name: config
          configMap:
            name: consul-acl-config
      containers:
      - name: consul
        image: consul:latest
        volumeMounts:
         - name: config
           mountPath: /consul/config
         - name: data
           mountPath: /consul/data
        command: 
        - "/bin/sh"
        - "-ec"
        - |
          exec /bin/consul agent 
           -server 
           -ui 
           -advertise="$(PODIP)" 
           -bind=0.0.0.0 
           -client=0.0.0.0 
           -bootstrap-expect=1 
           -data-dir=/consul/data 
           -domain=cluster.local 
           -retry-join=consul-0.consul.$(NAMESPACE).svc.cluster.local 
           -disable-host-node-id 
           -datacenter=ks 
           -config-file=/consul/config/Acl.json
        env:
            - name: PODIP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
            - name: NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
        ports:
            - containerPort: 8500
              name: ui-port
            - containerPort: 8400
              name: alt-port
            - containerPort: 53
              name: udp-port
            - containerPort: 8443
              name: https-port
            - containerPort: 8080
              name: http-port
            - containerPort: 8301
              name: serflan
            - containerPort: 8302
              name: serfwan
            - containerPort: 8600
              name: consuldns
            - containerPort: 8300
              name: server
  volumeClaimTemplates:
    - metadata:
       name: data
      spec:
       accessModes: ["ReadWriteOnce"]
       resources:
         requests:
           storage: 1Gi
       storageClassName: nfs

     执行:kubectl apply -f StateFulSet.yaml

    查看consul pod日志:kubectl logs consul-0

    查看StateFulSet启动日志:kubectl describe StateFulSet consul

    六,通过NodePort Service暴露consul ui

    UiService.yaml

    apiVersion: v1
kind: Service
metadata:
  name: consul-ui
  labels:
    app: consul
spec:
  selector:
     app: consul
  ports:
   - name: consul-port
     protocol: TCP
     port: 80
     nodePort: 32000
     targetPort: 8500
  type: NodePort

    七,打开ui

    先点击"acl"输入Acl.json中定义的master_token
  • 相关阅读:
    skynet源码分析之socketchannel
    skynet源码分析之master/salve集群模式
    skynet源码分析之网络层——网关服务器
    Android反编译基础(apktoos)--广工图书馆APK
    Android-Native-Server 启动和注册详细分析
    Android NDK r8 windows环境搭建
    Android 4.1.1源码编译
    Android Binder------ServiceManager启动分析
    更改系统盘符后DFS无法复制故障处理
    Centos6.9部署Gitlab-11.9.8并汉化
  • 原文地址:https://www.cnblogs.com/liujiabing/p/11977726.html
Copyright © 2011-2022 走看看