本文介绍基于 Kubernetes(k8s) 环境集成阿里云 私有镜像仓库 来部署一套 Dubbo + Nacos 的微服务系统,并使用 Kubernetes DNS 以及 port-forward 的方式来打通网络访问。
Kubernetes基础入门
K8S集群管理平台Rancher(1):基础入门
K8S集群管理平台Rancher(2):安装与使用
创建配置文件 mysql-local.yaml 内容如下:
apiVersion: v1
kind: ReplicationController
metadata:
name: mysql
labels:
name: mysql
spec:
replicas: 1
selector:
name: mysql
template:
metadata:
labels:
name: mysql
spec:
containers:
- name: mysql
image: nacos/nacos-mysql:5.7
ports:
- containerPort: 3306
volumeMounts:
- name: mysql-data
mountPath: /var/lib/mysql
env:
- name: MYSQL_ROOT_PASSWORD
value: "root"
- name: MYSQL_DATABASE
value: "nacos_devtest"
- name: MYSQL_USER
value: "nacos"
- name: MYSQL_PASSWORD
value: "nacos"
volumes:
- name: mysql-data
hostPath:
path: /var/lib/mysql
---
apiVersion: v1
kind: Service
metadata:
name: mysql
labels:
name: mysql
spec:
ports:
- port: 3306
targetPort: 3306
selector:
name: mysql
ReplicationController 简称 RC 可以保证在任意时间运行 Pod 的副本数量,能够保证 Pod 总是可用的。
执行以下命令,部署 MySQL 5.7:
kubectl apply -f mysql-local.yaml
创建配置文件 nacos-standalone-start.yaml 内容如下:
---
apiVersion: v1
kind: Service
metadata:
name: nacos-standalone
labels:
app: nacos-standalone
spec:
type: ClusterIP
clusterIP: None
ports:
- port: 8848
name: server
targetPort: 8848
- port: 9848
name: client-rpc
targetPort: 9848
- port: 9849
name: raft-rpc
targetPort: 9849
## 兼容1.4.x版本的选举端口
- port: 7848
name: old-raft-rpc
targetPort: 7848
selector:
app: nacos
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nacos-cm
data:
mysql.host: "mysql"
mysql.db.name: "nacos_devtest"
mysql.port: "3306"
mysql.user: "nacos"
mysql.password: "nacos"
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nacos
spec:
replicas: 1
template:
metadata:
labels:
app: nacos
annotations:
pod.alpha.kubernetes.io/initialized: "true"
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: "app"
operator: In
values:
- nacos
topologyKey: "kubernetes.io/hostname"
containers:
- name: nacos
imagePullPolicy: Always
image: nacos/nacos-server:latest
resources:
requests:
memory: "1Gi"
cpu: "500m"
ports:
- containerPort: 8848
name: client
- containerPort: 9848
name: client-rpc
- containerPort: 9849
name: raft-rpc
- containerPort: 7848
name: old-raft-rpc
env:
- name: SPRING_DATASOURCE_PLATFORM
value: "mysql"
- name: MYSQL_SERVICE_HOST
valueFrom:
configMapKeyRef:
name: nacos-cm
key: mysql.host
- name: MYSQL_SERVICE_DB_NAME
valueFrom:
configMapKeyRef:
name: nacos-cm
key: mysql.db.name
- name: MYSQL_SERVICE_PORT
valueFrom:
configMapKeyRef:
name: nacos-cm
key: mysql.port
- name: MYSQL_SERVICE_USER
valueFrom:
configMapKeyRef:
name: nacos-cm
key: mysql.user
- name: MYSQL_SERVICE_PASSWORD
valueFrom:
configMapKeyRef:
name: nacos-cm
key: mysql.password
- name: MODE
value: "standalone"
- name: NACOS_SERVER_PORT
value: "8848"
- name: PREFER_HOST_MODE
value: "hostname"
selector:
matchLabels:
app: nacos
使用 ConfigMap 对象来配置 MySQL 的参数;Nacos 通过 DNS 来访问数据库的 Service。
执行以下命令,部署 Nacos 最新版本:
kubectl apply -f nacos-standalone-start.yaml
执行以下命令,暴露 Nacos 的端口到宿主机中给外部访问:
nohup kubectl port-forward svc/nacos-standalone 8848:8848 9848:9848 9849:9849 7848:7848 --address='0.0.0.0' &
kubectl port-forward 通过端口转发映射本地端口到指定的应用端口,它将在您的计算机和 kubernetes 之间创建一条隧道;一般用于测试、实验室、故障排除,而不是长期的解决方案。
由于拉取阿里云仓库的私有镜像时需要输入账户和密码,需要用到 k8s 的 Secret 对象来管理密码秘钥等敏感信息。
执行以下命令,创建 Secret 对象:
kubectl create secret docker-registry aliyuncs \
--docker-server=registry.cn-guangzhou.aliyuncs.com \
--docker-username=[email protected] \
--docker-password=xxxxxx
docker-registry 指定 secret 的名称
docker-server 仓库地址
docker-username 仓库账号
docker-password 仓库密码
创建成功后,可以使用以下命令查看密钥信息:
kubectl get secret aliyuncs --output=yaml
创建配置文件 provider.yaml 内容如下:
---
apiVersion: v1
kind: Service
metadata:
name: zlt-nacos-provider
spec:
clusterIP: None
selector:
app: zlt-nacos-provider
ports:
- protocol: TCP
port: 20880
targetPort: 20880
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: zlt-nacos-provider
spec:
replicas: 1
selector:
matchLabels:
app: zlt-nacos-provider
template:
metadata:
labels:
app: zlt-nacos-provider
spec:
imagePullSecrets:
- name: aliyuncs
containers:
- name: server
image: registry.cn-guangzhou.aliyuncs.com/zlt-test/nacos-provider:1.0-SNAPSHOT
imagePullPolicy: IfNotPresent
ports:
- containerPort: 20880
env:
- name: DUBBO_REGISTRY_ADDRESS
value: "nacos://nacos-standalone:8848"
- name: DUBBO_IP_TO_REGISTRY
value: "zlt-nacos-provider"
DUBBO_REGISTRY_ADDRESS 参数指定注册中心地址,使用 DNS 来访问 Nacos
DUBBO_IP_TO_REGISTRY 参数指定服务注册的 IP 地址,配置自己 Service 的名称
通过 imagePullSecrets 参数来绑定登录镜像仓库所使用的 secret 名称。
执行以下命令,部署 provider 最新版本:
kubectl apply -f provider.yaml
创建配置文件 consumer.yaml 内容如下:
---
apiVersion: v1
kind: Service
metadata:
name: zlt-nacos-consumer
spec:
clusterIP: None
selector:
app: zlt-nacos-consumer
ports:
- name: web
port: 8080
targetPort: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: zlt-nacos-consumer
spec:
replicas: 1
selector:
matchLabels:
app: zlt-nacos-consumer
template:
metadata:
labels:
app: zlt-nacos-consumer
spec:
imagePullSecrets:
- name: aliyuncs
containers:
- name: server
image: registry.cn-guangzhou.aliyuncs.com/zlt-test/nacos-consumer:1.0-SNAPSHOT
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
env:
- name: DUBBO_REGISTRY_ADDRESS
value: "nacos://nacos-standalone:8848"
- name: DUBBO_IP_TO_REGISTRY
value: "zlt-nacos-consumer"
执行以下命令,部署 consumer 最新版本:
kubectl apply -f consumer.yaml
通过命令 kubectl get pod 查看所有创建的 pods 确保所有的状态都为 Running
执行以下命令,暴露 consumer 服务的 web 端口到宿主机中给外部访问:
nohup kubectl port-forward svc/zlt-nacos-consumer 8080:8080 --address='0.0.0.0' &
在浏览器输入以下地址进行访问:
http://宿主机IP:8080/test?name=123