Kubernetes部署(五):k8s项目交付----(2)配置中心
交付Apollo到k8s中
1、配置中心介绍
1.1、apollo介绍
思考问题:
交付Dubbo微服务的时候,所有的配置( 比如连接那个zk、暴露那个端口等等) 都在代码层、或者配置文件中声明使用,最后用jenkins封装成image做成容器,但如果zk出问题了,想更改连接的zk地址怎么办?比如,在上一篇文章中,消费者的web页面域名是demo.od.com,想换一个域名呢?zk用的zk1.od.com、zk2.od.com、zk3.od.com,想更换zk地址呢?按照之前的操作,只要做更改,那就得重新修改源码,因为这些信息都是写在了源码里面了,然后还要在经历一遍代码拉取,编译、打成jar包。如何能做到动态修改呢,其实很简单,在代码中声明连接zk地址从环境变量中获取,在制作deploylment.yaml的时候给pod传递对应的环境变量名、环境变量值不就行了么。这个操作称之为配置中心
配置中心(apollo):上述讲过,直接每次修改deploylmen.yaml的环境变量名、环境变量值不就行了么。为什么还要使用配置中心(apollo)。是这样的,一般项目上,需要配置的参数很多,不能声明一堆参数到deploylment.yaml文件中。比如jenkins编译出的程序在测试环境无问题了,需要投产,所以需要修改deploylment.yaml文件连接生产中的zk地址。参数少的时候怎么都好说,多的时候维护很累而且一旦填写错误怎么办。所以配置中心(apollo)出来了。他是一个可视化的web页面,可以分环境填写都有哪些key跟value数值(环境变量名、环境变量值),然后再修改deploylment.yaml文件去连接配置中心(apollo)。这样以后再页面点点点就行。
apollo官网:https://github.com/ctripcorp/apollo
apollo对比configmap:既然就是做key:value,把配置信息写入configmaps,让deploylment.yaml调用这个configmaps,不是也行么,当然可以,但configmap是一种标准资源,声明这种资源,需要严格按照yaml格式。configmaps跟secret 如出一辙,只不过secret只能集群里官员查看,其他的没什么区别 。如下是资源的对比图
题外话,如何使用configmap交付复杂的资源:
[root@hdss7-22 ~]# cd /opt/kubernetes/server/bin/conf/ [root@hdss7-22 conf]# kubectl create cm kubelet-cm --from-file=./kubelet.kubeconfig -n default configmap/kubelet-cm created
Apollo 配置中心集成在k8s里,就是在k8s中交付一套spring cloud服务,因为Apollo配置服务中心主要基于spring cloud微服务,最后实现Dubbo交付到两个不同环境,一个是测试环境、生产测试
1.2、apollo配置中心架构
讲解:
三个Eureka搭建成一个注册中心,apollo配置中心的大脑,相当于Dubbo的zk集群,所有的组件都要找Eureka注册。apollo有两个重要的组件,Config Service、Admin Service,这两个组件都要通过register、renew、cancel动作,请求Eureka来进行注册。Admin Service跟apollo的另一个组件Portal连接,Portal(入口、传送门)就是一个web程序,也就是给你提供一个web页面配置应用程序的配置,并通过Admin Service写到ConfigDB数据库,我们apollo使用的数据库是关系型数据库(mysql为例子),所以要交付mysql。其中Portal也连接PortalDB数据库主要存Portal页面的基础配置数据、更新配置的历史、回滚,所以也需要连接关系型数据库(mysql为例子)。Config Service伺候我们的客户端Client,这个Client就是互联网公司研制java的程序(也就是Dubbo的消费者跟提供者),程序通过连接Config Service,去Eureka申请想要的配置,Eureka告诉Config Service对应的配置在ConfigDB数据库的那个地方,进而Config Service连接ConfigDB拿到配置信息反回给Clinet客户端(java程序)。而且在apollo里面Eureka也Config Service集成在一起,交付Config Service,Eureka也交付了(官方打包成镜像的时候,打成一个包,物理上没有分开,逻辑上是分开的)
总结:在Portal的页面中定义fat环境下zk=什么,然后通过Admin Service把配置信息给到ConfigDB数据库。这时候创建一个java程序的pod,此java程序需要连接zk才能让代码正常运行,而代码中声明,zk是通过获取环境变量$zk的数值,进而决定java程序连接那个zk。而创建此pod的dp.yaml中,指定了环境变量zk的value数值是zk=fat -Dapollo.meta=http://config-test.od.com(告诉环境变量zk,你的value数值是fat -Dapollo.meta=http://config-test.od.com)。而请求fat -Dapollo.meta=http://config-test.od.com的这个操作,通过集群内部coredns解析出config-test.od.com是Config Service的serviceIP,进入把请求抛给了对应的Config Service,Config Service分析是想要获取fat环境下数据后,向Eureka请求想要的信息,Eureka告知去ConfigDB数据库的那个地方,进而Config Service连接ConfigDB拿到配置信息反回给Clinet客户端(java程序)
简化模型:
修改Portal仪表盘数据,Portal调用Admin Service实时同步增删改查ConfigDB里面的配置。同时Admin Service去Eureka注册,声明有哪些配置,在数据库的哪里。
Client(Dubbo的消费者跟提供者),通过Client推拉结合去和Config Service交互,Client推送给Config Service,告知Client想要的信息,Config Service去Eureka注册中心注册,然后询问配置中心Eureka确认Client想要的数据在ConfigDB哪里,Config Service去ConfigDB找到配置信息后,Client拉取回内容。
重点注意:Apollo交付有顺序,先交付Config Service,在交付Admin Service,最后交付Portal。因为Config Service绑定了Eureka,注册中心需要先交付
针对传统业务优点:configservice、adminservice、Portal 是没有状态的服务,都可以很轻松的扩容,configservice虽然绑定了Eureka,但既然能交付到K8s中,说明Eureka检测多节点后,触发自身的高可用机制
2、交付Apollo-configservice、Eureka
2.1、安装部署数据库
由于Config Service、Admin Service、Portal都需要连接关系型数据库,可以部署mysql或者部署mariadb,任选其一。部署mysql注意:必须在mysql5.6以上,部署mariadb注意:必须在10.1以上。mysql部署略具体怎么部署查看以前的文章,这里部署mariadb10.1
在hdss7-11上运行
2.1.1、更新yum源
# 随时间推移,下文中baseurl中的10.1可能会被下架,需要(https://mirrors.ustc.edu.cn/mariadb/yum/)查看目前使用什么版本
[root@7-11 ~]# vi /etc/yum.repos.d/MariaDB.repo # 配置MariaDB源
[mariadb]
name = MariaDB
baseurl = https://mirrors.ustc.edu.cn/mariadb/yum/10.1/centos7-amd64/
gpgkey=https://mirrors.ustc.edu.cn/mariadb/yum/RPM-GPG-KEY-MariaDB
gpgcheck=12.1.2、导入GPG-KEY,否则安装不上
[root@hdss7-11 ~]# rpm --import https://mirrors.ustc.edu.cn/mariadb/yum/RPM-GPG-KEY-MariaDB2.1.3、查看yum源有什么版本
[root@hdss7-11 ~]# yum clean all;yum makecache
[root@hdss7-11 ~]# yum list mariadb-server --show-duplicates # 显示mariadb 10.1可安装的数据库的版本,最新的版本是10.1.48,yum如果不指定版本号安装10.1.48
MariaDB-server.x86_64 10.1.46-1.el7.centos mariadb
MariaDB-server.x86_64 10.1.47-1.el7.centos mariadb
MariaDB-server.x86_64 10.1.48-1.el7.centos mariadb 2.1.4、yum安装mariadb
[root@hdss7-11 ~]# yum install mariadb-server -y
2.1.5、基础配置mariadb
[root@hdss7-11 my.cnf.d]# vi /etc/my.cnf.d/server.cnf # 修改服务端字符集(在[mysqld]配置) character_set_server = utf8mb4 collation_server = utf8mb4_general_ci init_connect = "SET NAMES 'utf8mb4'"
[root@hdss7-11 my.cnf.d]# vi /etc/my.cnf.d/mysql-clients.cnf # 修改客户端字符集(在[mysql]配置) default-character-set = utf8mb4
2.1.6、启动数据库
[root@hdss7-11 my.cnf.d]# systemctl start mariadb
[root@hdss7-11 my.cnf.d]# systemctl enable mariadb
2.1.7、设置root密码
[root@hdss7-11 my.cnf.d]# mysqladmin -u root password # 密码随意
New password:
Confirm new password:
2.1.8、查看状态:
[root@hdss7-11 my.cnf.d]# mysql -uroot -p
MariaDB [(none)]> \s 通过\s查看是否都是utf8mb4mysql Ver 15.1 Distrib 10.1.48-MariaDB, for Linux (x86_64) using readline 5.1 Connection id: 3 Current database: Current user: root@localhost SSL: Not in use Current pager: stdout Using outfile: '' Using delimiter: ; Server: MariaDB Server version: 10.1.48-MariaDB MariaDB Server Protocol version: 10 Connection: Localhost via UNIX socket Server characterset: utf8mb4 服务器字符集 Db characterset: utf8mb4 数据库字符集 Client characterset: utf8mb4 客户端字符集 Conn. characterset: utf8mb4 连接字符集 UNIX socket: /var/lib/mysql/mysql.sock Uptime: 3 min 27 secMariaDB [(none)]> show databases;
MariaDB [(none)]> drop database test; test库删不删除无所谓,系统自带
mariadb启动后,进程名字是mysql,不是mariadb
[root@hdss7-11 my.cnf.d]# ps -ef |grep mysqlmysql 3319 1 0 11:51 ? 00:00:00 /usr/sbin/mysqld root 4879 1078 0 11:59 pts/0 00:00:00 grep --color=auto mysql[root@hdss7-11 my.cnf.d]# ps -aux |grep maria
root 4943 0.0 0.2 112828 976 pts/0 R+ 11:59 0:00 grep --color=auto maria
默认监听3306
[root@hdss7-11 my.cnf.d]# netstat -tulpn |grep mysql
tcp6 0 0 :::3306 :::* LISTEN 3319/mysqld
2.2、执行数据库初始化脚本
执行数据库初始化脚本,脚本里面带有apollo的数据库创建语句,执行后才能有apollo数据库
2.2.1、初始化configdb脚本
下载脚本:https://github.com/ctripcorp/apollo/tree/1.5.1/scripts/db/migration/configdb
里面创建一个ApolloConfigDB 数据库
(CREATE DATABASE IF NOT EXISTS ApolloConfigDB DEFAULT CHARACTER SET = utf8mb4;)使用这个数据库,进行初始化操做
(Use ApolloConfigDB;)
访问V1.0.0__initialization.sql的raw格式,如果能打开,说明可以用wget下载,但如果访问不了,可以使用git clone或者下载成zip格式,把整个https://github.com/apolloconfig/apollo/tree/1.5.1都下载出来,然后在找到并使用V1.0.0__initialization.sql
[root@hdss7-11 my.cnf.d]# wget https://raw.githubusercontent.com/ctripcorp/apollo/1.5.1/scripts/db/migration/configdb/V1.0.0__initialization.sql -O apolloconfig.sql 下载重命名apolloconfig.sql 运行脚本:
[root@hdss7-11 my.cnf.d]# mysql -uroot -p < apolloconfig.sql
[root@hdss7-11 my.cnf.d]# mysql -uroot -p
MariaDB [(none)]> show databases;
| ApolloConfigDB |
| information_schema |
| mysql |
| performance_schema |
MariaDB [(none)]> use ApolloConfigDB;
MariaDB [ApolloConfigDB]> show tables;
+--------------------------+
| Tables_in_ApolloConfigDB |
+--------------------------+
| App |
| AppNamespace |
| Audit |
| Cluster |
| Commit |
| GrayReleaseRule |
| Instance |
| InstanceConfig |
| Item |
| Namespace |
| NamespaceLock |
| Release |
| ReleaseHistory |
| ReleaseMessage |
| ServerConfig |
+--------------------------+2.2.2、给ApolloConfigDB数据库用户授权
MariaDB [ApolloConfigDB]> grant INSERT,DELETE,UPDATE,SELECT on ApolloConfigDB.* to "apolloconfig"@"10.4.7.%" identified by "123456";
MariaDB [ApolloConfigDB]> select user,host from mysql.user;
+--------------+-----------+
| user | host |
+--------------+-----------+
| apolloconfig | 10.4.7.% |
| root | 127.0.0.1 |
| root | ::1 |
| | hdss7-11 |
| root | hdss7-11 |
| | localhost |
| root | localhost |
为什么需要创建用户:因为Config Service、Admin Service、Portal都要连接这个数据库,总的需要账户跟密码才能进行访问数据库吧,当然客户直接给root用户,Apollo各个组件,没有对使用什么用户做限制,但为了保障安全,不建议
为什么ApolloConfigDB用户授权(增删改查)权限:为了生产安全,建议给对应的账户授予对应需要的权限,还是为了保证安全,Config Service需要增删改查,就给他创建对应的权限。当然了Apollo各个组件,在对用户授权方面,只要有大于等于所需的权限,都没问题
为什么是10.4.7.%:给ApolloConfigDB用户授权中,做了限制,只允许源地址是10.4.7.% 段的IP,使用ApolloConfigDB用户才能登录到数据库,这是为什么,不管是Config Service还是Admin Service还是Portal都是运行在pod中,所以一定是(172.17.0.0/16)段的IP发出的请求呀。那是因为虽然是podIP发出的,但是pod是在k8s的内网,你要访问外网hdss7-21,必然要把访问外网hdss7-21的流量通过docker 0,转发给pod的宿主机的物理网卡ens33,通过物理网卡ens33转发出去,其中pod的ip会被snat映射成宿主机ens33的ip,如下iptables的规则。所以在数据库看来,pod的宿主机访问的hdss7-21(不知道nat原理的自行百度)。当然了,当然了可以直接给%,还是那句话为了保证安全。
[root@hdss7-21 ~]# iptables-save |grep -i postrouting |grep "172.7" |grep "MASQUERADE"
-A POSTROUTINGD -s 172.7.21.0/24 ~ -D 172.7.0.0/16 ! -o docker0 -j MASQUERADE2.2.3、修改初始数据
修改 Value: http://localhost:8080/eureka/
理由:在configservice、adminservice连接到此数据库后,通过此数据库的ServerConfig表中的配置,决定configservice、adminservice连接那个eureka(注册中心)去注册。默认是连接本地的8080/eureka/,是因为Eureka跟configservice集成在一个包中,只要部署Config Service,Eureka也部署上了,所以Config Service一定是连接本地的eureka。其中Eureka默认提供http的页面,默认的对接接口是(http://IP:8080/),要把Eureka放入k8s中,还能让外部访问此页面,就需要声明(ingress),以http服务的形式暴露,所以要换成自定义的域名(http://config.od.com 就是Eureka的注册中心),并为此域名做ingress暴露就行了
修改前:
MariaDB [(none)]> select * from ApolloConfigDB.ServerConfig\G;
*************************** 1. row ***************************
Id: 1
Key: eureka.service.url
Cluster: default
Value: http://localhost:8080/eureka/
Comment: Eureka服务Url,多个service以英文逗号分隔
IsDeleted:
DataChange_CreatedBy: default
DataChange_CreatedTime: 2021-01-16 12:40:40
DataChange_LastModifiedBy:
DataChange_LastTime: 2021-01-16 12:40:40
*************************** 2. row ***************************修改命令:
MariaDB [(none)]> update ApolloConfigDB.ServerConfig set ServerConfig.Value="http://config.od.com/eureka" where ServerConfig.Key="eureka.service.url";
修改后:
MariaDB [(none)]> select * from ApolloConfigDB.ServerConfig\G;
*************************** 1. row ***************************
Id: 1
Key: eureka.service.url
Cluster: default
Value: http://config.od.com/eureka
Comment: Eureka服务Url,多个service以英文逗号分隔
IsDeleted:
DataChange_CreatedBy: default
DataChange_CreatedTime: 2021-01-16 12:40:40
DataChange_LastModifiedBy:
DataChange_LastTime: 2021-01-16 12:40:40
*************************** 2. row ***************************2.3、配置Apollo-eureka域名解析
[root@hdss7-11 ~]# vi /var/named/od.com.zone
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com. dnsadmin.od.com. (
2020010509 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
harbor A 10.4.7.200
k8s-yaml A 10.4.7.200
traefik A 10.4.7.10
dashboard A 10.4.7.10
zk1 A 10.4.7.11
zk2 A 10.4.7.12
zk3 A 10.4.7.21
jenkins A 10.4.7.10
dubbo-monitor A 10.4.7.10
demo A 10.4.7.10
config A 10.4.7.10
[root@hdss7-11 my.cnf.d]# systemctl restart named
[root@hdss7-21 ~]# dig -t A config.od.com @192.168.0.2 +short
10.4.7.10
解释dig -t A config.od.com @192.168.0.2 +short 意思:
意思是在192.168.0.2的设备上去curl config.od.com后解析出的IP是什么,而192.168.0.2是集群IP,集群IP没有做config.od.com的解析呀,什么还能解析出10.4.7.10。那是因为集群dns解析是仰仗coredns,在配置coredns的时候特意声明了coredns的上级dns是10.4.7.11也就是hdss7-11的named。config.od.com在集群这层的dns解析不出来,势必需要向上层dns申请解析,上层10.4.7.11解析出为10.4.7.10,并返回结果
2.4、制作configservice、Eureka的Docker镜像
网址:https://github.com/ctripcorp/apollo/releases/tag/v1.5.1
下载:https://github.com/ctripcorp/apollo/releases/download/v1.5.1/apollo-configservice-1.5.1-github.zip
在HDSS7-200上操作
2.4.1、下载Apollo-configservice包
[root@hdss7-200 src]# cd /opt/src
[root@hdss7-200 src]# rz apollo-configservice-1.5.1-github.zip
[root@hdss7-200 src]# mkdir /data/dockerfile/apollo-configservice && unzip -o apollo-configservice-1.5.1-github.zip -d /data/dockerfile/apollo-configservice
[root@hdss7-200 src]# cd /data/dockerfile/apollo-configservice/
[root@hdss7-200 apollo-configservice]# ll
-rwxr-xr-x. 1 root root 61991736 11月 9 2019 apollo-configservice-1.5.1.jar
-rwxr-xr-x. 1 root root 40249 11月 9 2019 apollo-configservice-1.5.1-sources.jar
-rw-r--r--. 1 root root 57 4月 20 2017 apollo-configservice.conf
drwxr-xr-x. 2 root root 65 1月 16 20:52 config
drwxr-xr-x. 2 root root 43 10月 1 2019 scripts[root@hdss7-200 apollo-configservice]# rm -f apollo-configservice-1.5.1-sources.jar # 删除源码包
[root@hdss7-200 apollo-configservice]# cd config/
[root@hdss7-200 config]# ll
-rw-r--r--. 1 root root 289 11月 9 2019 application-github.properties
-rw-r--r--. 1 root root 30 4月 20 2017 app.properties[root@hdss7-200 config]# cat app.properties # appId保证Apollo各个组件中唯一值,可以先不用改
appId=100003171
jdkVersion=1.82.4.2、配置configservice连接mysql
configservice连接mysql配置:1、配置spring.datasource.url,声明连接那个数据库,格式(jdbc:mysql://IP:port/数据库名字?字符串=utf8,其中?一般在参数化构建、url中都是代表?后面的数值为附带参数)这里需要修改成连接hdss7-11的mysql的jdbc字符串。2、spring.datasource.username 、spring.datasource.password 为hdss7-11的mysql创建的apolloconfig账户密码
[root@hdss7-200 config]# vi /data/dockerfile/apollo-configservice/config/application-github.properties
# DataSource spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloConfigDB?characterEncoding=utf8 spring.datasource.username = apolloconfig spring.datasource.password = 123456 #apollo.eureka.server.enabled=true #apollo.eureka.client.enabled=true
配置hdss7-11的mysql域名mysql.od.com,通过named解析为10.4.7.11,好处是mysql迁移,只需要修改域名解析后是什么IP就行,不用改配置
[root@hdss7-11 src]# vi /var/named/od.com.zone
$ORIGIN od.com. $TTL 600 ; 10 minutes @ IN SOA dns.od.com. dnsadmin.od.com. ( 2020010510 ; serial 10800 ; refresh (3 hours) 900 ; retry (15 minutes) 604800 ; expire (1 week) 86400 ; minimum (1 day) ) NS dns.od.com. $TTL 60 ; 1 minute dns A 10.4.7.11 harbor A 10.4.7.200 k8s-yaml A 10.4.7.200 traefik A 10.4.7.10 dashboard A 10.4.7.10 zk1 A 10.4.7.11 zk2 A 10.4.7.12 zk3 A 10.4.7.21 jenkins A 10.4.7.10 dubbo-monitor A 10.4.7.10 demo A 10.4.7.10 config A 10.4.7.10 mysql A 10.4.7.11[root@hdss7-11 src]# systemctl restart named
[root@hdss7-11 src]# dig -t A mysql.od.com @10.4.7.11 +short
10.4.7.11
2.4.3、配置configservice的启动脚本
删除停止shutdown.sh脚本,在docker中用不到。但是startup.sh启动脚本要修改配置,因为此脚本是配置在非容器,在正常的物理机器的配置。区别:在默认的startup.sh脚本中最后一句exit 0; 意思是启动脚本帮你拉取java后,脚本的生命周期结束。但是容器不行,需要一直夯在哪,所以需要修改。把最后一句改成tail -f /dev/null,tail -f 实时查看黑洞文件,导致脚本永远夯住。其中还要对启动脚本做JVM调优。脚本中有一个(SERVER_PORT=${SERVER_PORT:=8080}),这种格式代表如果没有给SERVER_PORT定义是多少,默认SERVER_PORT=8080。hostname -i 为pod的IP。在github上有现成模板可以直接用
apollo/scripts/apollo-on-kubernetes/apollo-config-server/scripts at 1.5.1 · apolloconfig/apollo · GitHub
[root@hdss7-200 scripts]# cd /data/dockerfile/apollo-configservice/scripts/
[root@hdss7-200 scripts]# ll
-rwxr-xr-x. 1 root root 340 4月 20 2017 shutdown.sh
-rwxr-xr-x. 1 root root 5316 10月 3 2019 startup.sh
[root@hdss7-200 scripts]# rm -f shutdown.sh
[root@hdss7-200 scripts]# vi /data/dockerfile/apollo-configservice/scripts/startup.sh # 建议直接用,不要在源文件改
#!/bin/bash
SERVICE_NAME=apollo-configservice
## Adjust log dir if necessary
LOG_DIR=/opt/logs/apollo-config-server
## Adjust server port if necessary
SERVER_PORT=${SERVER_PORT:=8080}
APOLLO_CONFIG_SERVICE_NAME=$(hostname -i)
SERVER_URL="http://${APOLLO_CONFIG_SERVICE_NAME}:${SERVER_PORT}"
## Adjust memory settings if necessary
export JAVA_OPTS="-Xms128m -Xmx128m -Xss256k -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=384m -XX:NewSize=256m -XX:MaxNewSize=256m -XX:SurvivorRatio=8"
## Only uncomment the following when you are using server jvm
#export JAVA_OPTS="$JAVA_OPTS -server -XX:-ReduceInitialCardMarks"
########### The following is the same for configservice, adminservice, portal ###########
export JAVA_OPTS="$JAVA_OPTS -XX:ParallelGCThreads=4 -XX:MaxTenuringThreshold=9 -XX:+DisableExplicitGC -XX:+ScavengeBeforeFullGC -XX:SoftRefLRUPolicyMSPerMB=0 -XX:+ExplicitGCInvokesConcurrent -XX:+PrintGCDetails -XX:+HeapDumpOnOutOfMemoryError -XX:-OmitStackTraceInFastThrow -Duser.timezone=Asia/Shanghai -Dclient.encoding.override=UTF-8 -Dfile.encoding=UTF-8 -Djava.security.egd=file:/dev/./urandom"
export JAVA_OPTS="$JAVA_OPTS -Dserver.port=$SERVER_PORT -Dlogging.file=$LOG_DIR/$SERVICE_NAME.log -XX:HeapDumpPath=$LOG_DIR/HeapDumpOnOutOfMemoryError/"
# Find Java
if [[ -n "$JAVA_HOME" ]] && [[ -x "$JAVA_HOME/bin/java" ]]; then
javaexe="$JAVA_HOME/bin/java"
elif type -p java > /dev/null 2>&1; then
javaexe=$(type -p java)
elif [[ -x "/usr/bin/java" ]]; then
javaexe="/usr/bin/java"
else
echo "Unable to find Java"
exit 1
fi
if [[ "$javaexe" ]]; then
version=$("$javaexe" -version 2>&1 | awk -F '"' '/version/ {print $2}')
version=$(echo "$version" | awk -F. '{printf("%03d%03d",$1,$2);}')
# now version is of format 009003 (9.3.x)
if [ $version -ge 011000 ]; then
JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace"
elif [ $version -ge 010000 ]; then
JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace"
elif [ $version -ge 009000 ]; then
JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace"
else
JAVA_OPTS="$JAVA_OPTS -XX:+UseParNewGC"
JAVA_OPTS="$JAVA_OPTS -Xloggc:$LOG_DIR/gc.log -XX:+PrintGCDetails"
JAVA_OPTS="$JAVA_OPTS -XX:+UseConcMarkSweepGC -XX:+UseCMSCompactAtFullCollection -XX:+UseCMSInitiatingOccupancyOnly -XX:CMSInitiatingOccupancyFraction=60 -XX:+CMSClassUnloadingEnabled -XX:+CMSParallelRemarkEnabled -XX:CMSFullGCsBeforeCompaction=9 -XX:+CMSClassUnloadingEnabled -XX:+PrintGCDateStamps -XX:+PrintGCApplicationConcurrentTime -XX:+PrintHeapAtGC -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=5M"
fi
fi
printf "$(date) ==== Starting ==== \n"
cd `dirname $0`/..
chmod 755 $SERVICE_NAME".jar"
./$SERVICE_NAME".jar" start
rc=$?;
if [[ $rc != 0 ]];
then
echo "$(date) Failed to start $SERVICE_NAME.jar, return code: $rc"
exit $rc;
fi
tail -f /dev/null大致需要更改的东西
删除:
修改:
[root@hdss7-200 scripts]# chmod u+x startup.sh
2.4.4、制作dockerfile
官网给提供,但是官网的openjdk:8-jre-alpine3.8底包不好用,用自己的harbor.od.com:180/base/jre8:8u112
apollo/Dockerfile at 1.5.1 · apolloconfig/apollo · GitHub
[root@7-200 scripts]# cd /data/dockerfile/apollo-configservice/
[root@hdss7-200 apollo-configservice]# vi /data/dockerfile/apollo-configservice/Dockerfile # 官方的都不用,使用如下重新配置
FROM harbor.od.com:180/public/jre8:8u112
ENV VERSION 1.5.1
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\
echo "Asia/Shanghai" > /etc/timezone
ADD apollo-configservice-${VERSION}.jar /apollo-configservice/apollo-configservice.jar
ADD config/ /apollo-configservice/config
ADD scripts/ /apollo-configservice/scripts
CMD ["/apollo-configservice/scripts/startup.sh"]
官网配置解释:
echo "http://mirrors.aliyun.com/alpine/v3.8/main" > /etc/apk/repositories && \ 更新源
echo "http://mirrors.aliyun.com/alpine/v3.8/community" >> /etc/apk/repositories && \ 更新源
apk update upgrade && \ apk更新
apk add --no-cache procps curl bash tzdata && \ 装工具
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ 做了东八区时间软连接
echo "Asia/Shanghai" > /etc/timezone && \
ENV APOLLO_CONFIG_SERVICE_NAME="service-apollo-config-server.sre" 定义一个env,环境变量,定义名字,我们在startup.sh中定义了APOLLO_CONFIG_SERVICE_NAME=$(hostname -i)自定义配置解释:
ADD apollo-configservice-${VERSION}.jar /apollo-configservice/apollo-configservice.jar # 宿主机的 /data/dockerfile/apollo-configservice/apollo-configservice-1.5.1.jar拷贝到容器/apollo-configservice/apollo-configservice.jar
ADD config/ /apollo-configservice/config # 宿主机的 /data/dockerfile/apollo-configservice/config/ 拷贝到容器/apollo-configservice/config
ADD scripts/ /apollo-configservice/scripts # 宿主机的 /data/dockerfile/apollo-configservice/scripts/拷贝到容器/apollo-configservice/scripts
[root@hdss7-200 apollo-configservice]# docker build . -t harbor.od.com:180/infra/apollo-configservice:v1.5.1
[root@hdss7-200 apollo-configservice]# docker login harbor.od.com:180
[root@hdss7-200 apollo-configservice]# docker push harbor.od.com:180/infra/apollo-configservice:v1.5.1
2.5、配置资源配置清单
configservice、eureka是继承在一个包中,由于eureka是提供http接口的服务(eureka页面),所以把这个这个包交付到看k8s后,需要制作dp.yaml、svc.yaml、ingress.yaml资源配置清单。adminservice 不提供http,portal 提供http页面
[root@hdss7-200 apollo-configservice]# mkdir /data/k8s-yaml/apollo-configservice;cd /data/k8s-yaml/apollo-configservice
[root@hdss7-200 apollo-configservice]# vi cm.yaml # 把/data/dockerfile/apollo-configservice/conf/下的application-github.properties 和app.properties做成ConfigMap资源,方便 k8s直接调用,或者需要修改连接串等,为更新做方便(也可以不使用)apiVersion: v1 kind: ConfigMap metadata: name: apollo-configservice-cm namespace: infra data: application-github.properties: | # DataSource spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloConfigDB?characterEncoding=utf8 spring.datasource.username = apolloconfig spring.datasource.password = 123456 eureka.service.url = http://config.od.com/eureka app.properties: | appId=100003171注:如要调整eureka.service.url,需要修改当前cm.yaml中的eureka.service.url,跟数据库ApolloConfigDB.ServerConfig表中的eureka.service.url配置项
[root@hdss7-200 apollo-configservice]# vi deployment.yaml
apiVersion: extensions/v1beta1 kind: Deployment metadata: name: apollo-configservice namespace: infra labels: name: apollo-configservice spec: replicas: 1 selector: matchLabels: name: apollo-configservice template: metadata: labels: app: apollo-configservice name: apollo-configservice spec: volumes: - name: configmap-volume configMap: name: apollo-configservice-cm containers: - name: apollo-configservice image: harbor.od.com:180/infra/apollo-configservice:v1.5.1 ports: - containerPort: 8080 protocol: TCP volumeMounts: - name: configmap-volume mountPath: /apollo-configservice/config terminationMessagePath: /dev/termination-log terminationMessagePolicy: File imagePullPolicy: IfNotPresent imagePullSecrets: - name: harbor restartPolicy: Always terminationGracePeriodSeconds: 30 securityContext: runAsUser: 0 schedulerName: default-scheduler strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 maxSurge: 1 revisionHistoryLimit: 7 progressDeadlineSeconds: 600spec:
replicas: 1 # 副本一个
selector:
matchLabels: # 标签选择器
name: apollo-configservice
template: # pod模板
spec:
volumes: # 声明volumes挂在卷的名字是configmap-volume,configmap-volume数值是 configMap资源中的apollo-configservice-cm
- name: configmap-volume
configMap:
name: apollo-configservice-cm # 就是cm.yaml中的apollo-configservice-cm
containers: # 容器
- name: apollo-configservice
image: harbor.od.com:180/infra/apollo-configservice:v1.5.1
ports: # 容器暴露端口
- containerPort: 8080 # 由startup.sh中的SERVER_PORT=8080决定configservice业务启动8080,然后在这声明把8080端口暴露到容器外
protocol: TCP
volumeMounts: # 把挂载卷的名字是configmap-volume,挂在到此容器中,间接的把configmap-volume数值是 configMap资源中的apollo-configservice-cm获取到
- name: configmap-volume
[root@hdss7-200 apollo-configservice]# vi service.yaml
kind: Service apiVersion: v1 metadata: name: apollo-configservice namespace: infra spec: ports: - protocol: TCP port: 8080 targetPort: 8080 selector: app: apollo-configservice- protocol: TCP
port: 8080 # 监听集群IP的port,就是访问service资源的8080,反向代理给容器的8080
targetPort: 8080 # 容器的port
selector: # 标签选择器
app: apollo-configservice # 只要标签是apollo-configservice,就跟这个service关联
[root@hdss7-200 apollo-configservice]# vi ingress.yaml # 就是简化版的nginx
kind: Ingress apiVersion: extensions/v1beta1 metadata: name: apollo-configservice namespace: infra spec: rules: - host: config.od.com http: paths: - path: / backend: serviceName: apollo-configservice servicePort: 8080
2.6、应用资源配置清单
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-configservice/cm.yaml
configmap/apollo-configservice-cm created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-configservice/deployment.yaml
deployment.extensions/apollo-configservice created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-configservice/service.yaml
service/apollo-configservice created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-configservice/ingress.yaml
ingress.extensions/apollo-configservice created2.7、查看状态
等待几分钟查看apollo-configservice容器日志,提示(Tomcat started on port(s): 8080 (http) with context path '')代表8080已经启动,提示(Started Eureka Server)代表Eureka已经启动
访问config.od.com 就是Eureka的注册中心,因为apollo里Eureka跟Config Service集成在一起
发现apollo-configservice已经注册进来,鼠标放在UP (1) - apollo-configservice-946d67b75-7p5s7:apollo-configservice:8080,左下角显示pod的info。
点击这个UP (1) - apollo-configservice-946d67b75-7p5s7:apollo-configservice:8080返回http://172.7.22.5:8080/info,由于浏览器访问不到pod网络,在hdss7-21或者hdss7-22 访问
[root@hdss7-21 ~]# curl http://172.7.22.5:8080/info 有反馈信息说名服务正常
{"git":{"commit":{"time":{"seconds":1573275854,"nanos":0},"id":"c9eae54"},"branch":"1.5.1"}}[root@hdss7-21 ~]# 2.8、判断哪个IP连接数据库
2.8.1、k8s里面容器,用哪个IP连接数据库
[root@hdss7-11 ~]# mysql -uroot -p123456 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 12 Server version: 10.1.48-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> show processlist; +----+--------------+-----------------+----------------+---------+------+-------+------------------+----------+ | Id | User | Host | db | Command | Time | State | Info | Progress | +----+--------------+-----------------+----------------+---------+------+-------+------------------+----------+ | 2 | apolloconfig | 10.4.7.22:57232 | ApolloConfigDB | Sleep | 12 | | NULL | 0.000 | | 3 | apolloconfig | 10.4.7.22:57236 | ApolloConfigDB | Sleep | 12 | | NULL | 0.000 | | 4 | apolloconfig | 10.4.7.22:57238 | ApolloConfigDB | Sleep | 0 | | NULL | 0.000 | | 5 | apolloconfig | 10.4.7.22:57240 | ApolloConfigDB | Sleep | 0 | | NULL | 0.000 | | 6 | apolloconfig | 10.4.7.22:57242 | ApolloConfigDB | Sleep | 0 | | NULL | 0.000 | | 7 | apolloconfig | 10.4.7.22:57244 | ApolloConfigDB | Sleep | 1254 | | NULL | 0.000 | | 8 | apolloconfig | 10.4.7.22:57246 | ApolloConfigDB | Sleep | 1254 | | NULL | 0.000 | | 9 | apolloconfig | 10.4.7.22:57248 | ApolloConfigDB | Sleep | 1254 | | NULL | 0.000 | | 10 | apolloconfig | 10.4.7.22:57254 | ApolloConfigDB | Sleep | 1253 | | NULL | 0.000 | | 11 | apolloconfig | 10.4.7.22:57258 | ApolloConfigDB | Sleep | 1253 | | NULL | 0.000 | | 12 | root | localhost | NULL | Query | 0 | init | show processlist | 0.000 | +----+--------------+-----------------+----------------+---------+------+-------+------------------+----------+ 11 rows in set (0.00 sec)[root@hdss7-21 ~]# kubectl get pods -o wide -n infra NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES apollo-configservice-946d67b75-7p5s7 1/1 Running 0 25m 172.7.22.5 hdss7-22.host.comdubbo-monitor-5f795c7bc4-xjb2p 1/1 Running 55 4d5h 172.7.22.4 hdss7-22.host.com 证明了是pod的ip会被snat映射成宿主机node节点ip连接数据库
2.8.2、如何实现让pod的IP直接连接hdss7-21的数据库(show processlist后显示的是pod的IP),其实很简单,flanned原理做条route路由就行了。
1、flanned原理就是加两条route,在node节点上,比如hdss7-21上直接执行(route add -net 172.7.21.0/24 gw 10.4.7.21、route add -net 172.7.22.0/24 gw 10.4.7.22),在增加一条iptables,如果源地址是(172.7.21.0/24、172.7.22.0/24),目的地址是10.4.7.11,不做snat转换。(默认的iptabes规则是,只要是去往非172.17.0.0/16都做转换走snat,iptables的原理是,详细配置优于大范围配置,直接增加只有到10.4.7.11的不做snat就行了)
2、第二种方法是直接把数据库交付到k8s中
3、交付Apollo-adminservice
3.1、准备二进制包
下载:https://github.com/ctripcorp/apollo/releases/download/v1.5.1/apollo-adminservice-1.5.1-github.zip
[root@hdss7-200 apollo-configservice]# cd /opt/src/
[root@hdss7-200 src]# rz apollo-adminservice-1.5.1-github.zip
[root@hdss7-200 src]# mkdir /data/dockerfile/apollo-adminservice
[root@hdss7-200 src]# unzip -o apollo-adminservice-1.5.1-github.zip -d /data/dockerfile/apollo-adminservice
[root@hdss7-200 src]# cd /data/dockerfile/apollo-adminservice
[root@hdss7-200 apollo-adminservice]# ll
-rwxr-xr-x. 1 root root 58358738 11月 9 2019 apollo-adminservice-1.5.1.jar
-rwxr-xr-x. 1 root root 25991 11月 9 2019 apollo-adminservice-1.5.1-sources.jar
-rw-r--r--. 1 root root 57 4月 20 2017 apollo-adminservice.conf
drwxr-xr-x. 2 root root 65 1月 17 14:09 config
drwxr-xr-x. 2 root root 43 10月 1 2019 scripts[root@hdss7-200 apollo-adminservice]# rm -f apollo-adminservice-1.5.1-sources.jar
[root@hdss7-200 apollo-adminservice]# rm -f apollo-adminservice.conf
[root@hdss7-200 apollo-adminservice]# ll config # 此目录到时候用资源声明
[root@hdss7-200 apollo-adminservice]# cat config/app.properties # 注意数值一定要跟configservice区分开
appId=100003172
jdkVersion=1.8[root@hdss7-200 apollo-adminservice]# cd scripts/
[root@hdss7-200 scripts]# rm -f shutdown.sh
[root@hdss7-200 scripts]# vi startup.sh # 直接覆盖不建议源文改修改,跟修改configservice的startup.sh一样
#!/bin/bash SERVICE_NAME=apollo-adminservice ## Adjust log dir if necessary LOG_DIR=/opt/logs/apollo-admin-server ## Adjust server port if necessary SERVER_PORT=${SERVER_PORT:=8080} APOLLO_ADMIN_SERVICE_NAME=$(hostname -i) # SERVER_URL="http://localhost:${SERVER_PORT}" SERVER_URL="http://${APOLLO_ADMIN_SERVICE_NAME}:${SERVER_PORT}" ## Adjust memory settings if necessary #export JAVA_OPTS="-Xms2560m -Xmx2560m -Xss256k -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=384m -XX:NewSize=1536m -XX:MaxNewSize=1536m -XX:SurvivorRatio=8" ## Only uncomment the following when you are using server jvm #export JAVA_OPTS="$JAVA_OPTS -server -XX:-ReduceInitialCardMarks" ########### The following is the same for configservice, adminservice, portal ########### export JAVA_OPTS="$JAVA_OPTS -XX:ParallelGCThreads=4 -XX:MaxTenuringThreshold=9 -XX:+DisableExplicitGC -XX:+ScavengeBeforeFullGC -XX:SoftRefLRUPolicyMSPerMB=0 -XX:+ExplicitGCInvokesConcurrent -XX:+PrintGCDetails -XX:+HeapDumpOnOutOfMemoryError -XX:-OmitStackTraceInFastThrow -Duser.timezone=Asia/Shanghai -Dclient.encoding.override=UTF-8 -Dfile.encoding=UTF-8 -Djava.security.egd=file:/dev/./urandom" export JAVA_OPTS="$JAVA_OPTS -Dserver.port=$SERVER_PORT -Dlogging.file=$LOG_DIR/$SERVICE_NAME.log -XX:HeapDumpPath=$LOG_DIR/HeapDumpOnOutOfMemoryError/" # Find Java if [[ -n "$JAVA_HOME" ]] && [[ -x "$JAVA_HOME/bin/java" ]]; then javaexe="$JAVA_HOME/bin/java" elif type -p java > /dev/null 2>&1; then javaexe=$(type -p java) elif [[ -x "/usr/bin/java" ]]; then javaexe="/usr/bin/java" else echo "Unable to find Java" exit 1 fi if [[ "$javaexe" ]]; then version=$("$javaexe" -version 2>&1 | awk -F '"' '/version/ {print $2}') version=$(echo "$version" | awk -F. '{printf("%03d%03d",$1,$2);}') # now version is of format 009003 (9.3.x) if [ $version -ge 011000 ]; then JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace" elif [ $version -ge 010000 ]; then JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace" elif [ $version -ge 009000 ]; then JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace" else JAVA_OPTS="$JAVA_OPTS -XX:+UseParNewGC" JAVA_OPTS="$JAVA_OPTS -Xloggc:$LOG_DIR/gc.log -XX:+PrintGCDetails" JAVA_OPTS="$JAVA_OPTS -XX:+UseConcMarkSweepGC -XX:+UseCMSCompactAtFullCollection -XX:+UseCMSInitiatingOccupancyOnly -XX:CMSInitiatingOccupancyFraction=60 -XX:+CMSClassUnloadingEnabled -XX:+CMSParallelRemarkEnabled -XX:CMSFullGCsBeforeCompaction=9 -XX:+CMSClassUnloadingEnabled -XX:+PrintGCDateStamps -XX:+PrintGCApplicationConcurrentTime -XX:+PrintHeapAtGC -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=5M" fi fi printf "$(date) ==== Starting ==== \n" cd `dirname $0`/.. chmod 755 $SERVICE_NAME".jar" ./$SERVICE_NAME".jar" start rc=$?; if [[ $rc != 0 ]]; then echo "$(date) Failed to start $SERVICE_NAME.jar, return code: $rc" exit $rc; fi tail -f /dev/null1、SERVER_PORT=${SERVER_PORT:=8080}
官方原配置文件:ERVER_PORT=${SERVER_PORT:=8090(默认端口启动是8090),官方文档是因为怕configservice跟adminservice安装在一个物理机上,导致都占用8080。我们修改成8080(SERVER_PORT=${SERVER_PORT:=8080}),因为我们是容器,网络空间互相隔离,都有自己单独的service资源,单独的pod。但其实改不改无所谓,只是为了统一,改成8080。
2、增加了APOLLO_ADMIN_SERVICE_NAME=$(hostname -i)
3、修改了jvm
4、删除
5、添加
3.2、制作adminservice的Docker镜像
[root@7-200 scripts]# cd /data/dockerfile/apollo-adminservice/
[root@hdss7-200 apollo-adminservice]# vi Dockerfile
FROM harbor.od.com:180/public/jre8:8u112
ENV VERSION 1.5.1
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\
echo "Asia/Shanghai" > /etc/timezone
ADD apollo-adminservice-${VERSION}.jar /apollo-adminservice/apollo-adminservice.jar
ADD config/ /apollo-adminservice/config
ADD scripts/ /apollo-adminservice/scripts
CMD ["/apollo-adminservice/scripts/startup.sh"][root@hdss7-200 apollo-adminservice]# docker build . -t harbor.od.com:180/infra/apollo-adminservice:v1.5.1
[root@hdss7-200 apollo-adminservice]# docker login harbor.od.com:180
[root@hdss7-200 apollo-adminservice]# docker push harbor.od.com:180/infra/apollo-adminservice:v1.5.1
3.3、配置资源配置清单
[root@hdss7-200 apollo-configservice]# mkdir /data/k8s-yaml/apollo-adminservice;cd /data/k8s-yaml/apollo-adminservice
[root@hdss7-200 apollo-configservice]# vi cm.yaml # 把application-github.properties写成ConfigMap,方便k8s资源直接调用,并且appId=100003172一定跟其他的组件,如configservice不一致# appId 与 configservice、portal 不一致 apiVersion: v1 kind: ConfigMap metadata: name: apollo-adminservice-cm namespace: infra data: application-github.properties: | spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloConfigDB?characterEncoding=utf8 spring.datasource.username = apolloconfig spring.datasource.password = 123456 eureka.service.url = http://config.od.com/eureka app.properties: | appId=100003172
[root@hdss7-200 apollo-adminservice]# vi deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: apollo-adminservice
namespace: infra
labels:
name: apollo-adminservice
spec:
replicas: 1
selector:
matchLabels:
name: apollo-adminservice
template:
metadata:
labels:
app: apollo-adminservice
name: apollo-adminservice
spec:
volumes:
- name: configmap-volume
configMap:
name: apollo-adminservice-cm
containers:
- name: apollo-adminservice
image: harbor.od.com:180/infra/apollo-adminservice:v1.5.1
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: configmap-volume
mountPath: /apollo-adminservice/config
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600adminservice的作用,只针对为Portal(配置网页)对接组件,它负责将Portal的信息存入configDB。那么Portal如何连接adminservice。Apollo软件起初创建的时候,不是为了在k8s内运作,而是可以用二进制部署在物理机中。所以Portal也继承了Apollo的思想,通过连接注册中心去注册,进而找到adminservice和adminservice的pod的IP。所以给他serive资源,adminservice也不会通过service资源跟Portal进行连接。Portal通过remote/CALLAPI(远程调用接口Remote Produce Call(rpc))去跟adminservice的pod的IP交互,所以adminservice不用提供http、Restful(Restful接口每次调用时,都需要编写http请求),不需要ingress
3.4 、应用配置资源清单
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-adminservice/cm.yaml
configmap/apollo-adminservice-cm created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-adminservice/deployment.yaml
deployment.extensions/apollo-adminservice created3.5 、查看状态
[root@hdss7-21 ~]# curl http://config.od.com/info 有反馈信息说名服务正常
{"git":{"commit":{"time":{"seconds":1573275854,"nanos":0},"id":"c9eae54"},"branch":"1.5.1"}}[root@hdss7-21 ~]#
注:configservice、adminservice都可以扩容,都为无状态应用,没有需要落盘。而且eurkal可支持连接多个configservice、adminservice。eurkal本身也支持高可用机制,不管多少configservice、adminservice存入mysql数据都是一份。
4、交付Portal
4.1、准备二进制包
下载:https://github.com/ctripcorp/apollo/releases/download/v1.5.1/apollo-portal-1.5.1-github.zip
[root@hdss7-200 apollo-configservice]# cd /opt/src/
[root@hdss7-200 src]# rz apollo-portal-1.5.1-github.zip
[root@hdss7-200 src]# mkdir /data/dockerfile/apollo-portal
[root@hdss7-200 src]# unzip -o apollo-portal-1.5.1-github.zip -d /data/dockerfile/apollo-portal
[root@hdss7-200 src]# cd /data/dockerfile/apollo-portal/
[root@hdss7-200 apollo-portal]# ll
-rwxr-xr-x. 1 root root 42342196 11月 9 2019 apollo-portal-1.5.1.jar
-rwxr-xr-x. 1 root root 1183429 11月 9 2019 apollo-portal-1.5.1-sources.jar
-rw-r--r--. 1 root root 57 4月 20 2017 apollo-portal.conf
drwxr-xr-x. 2 root root 94 1月 17 15:36 config
drwxr-xr-x. 2 root root 43 10月 1 2019 scripts[root@hdss7-200 apollo-portal]# rm -f apollo-portal-1.5.1-sources.jar
[root@hdss7-200 apollo-portal]# rm -f apollo-portal.conf
[root@hdss7-200 apollo-portal]# rm -f scripts/shutdown.sh
[root@hdss7-200 apollo-portal]# cd config/
[root@hdss7-200 config]# ll
-rw-r--r--. 1 root root 234 11月 9 2019 apollo-env.properties
-rw-r--r--. 1 root root 218 11月 9 2019 application-github.properties
-rw-r--r--. 1 root root 30 4月 20 2017 app.properties[root@hdss7-200 config]# cat app.properties
appId=100003173
jdkVersion=1.8[root@hdss7-200 config]# cat application-github.properties # 数据库连接串,其中目前连接那个数据库这些配置不用改,后续直接配置成ConfigMap
# DataSource
spring.datasource.url = jdbc:mysql://fill-in-the-correct-server:3306/ApolloPortalDB?characterEncoding=utf8
spring.datasource.username = FillInCorrectUser
spring.datasource.password = FillInCorrectPassword4.2、制作ApolloPortalDB
注意:Portal连接的数据库是ApolloPortalDB,而并非是之前导入的ApolloConfigDB,所以要导入ApolloPortalDB数据。
4.2.1、导入ApolloPortalDB
下载数据库脚本:如果raw能打开就用wget,如果raw打不开,下载源码https://github.com/ctripcorp/apollo/blob/1.5.1/scripts/db/migration/portaldb/V1.0.0__initialization.sql
[root@hdss7-11 ~]# mkdir -p /root/migration/portaldb;cd /root/migration/portaldb
[root@hdss7-11 portaldb]# rz V1.0.0__initialization.sql
[root@hdss7-11 portaldb]# mv V1.0.0__initialization.sql apolloportal.sql
[root@hdss7-11 portaldb]# mysql -uroot -p
MariaDB [ApolloPortalDB]> source ./apolloportal.sql
MariaDB [ApolloPortalDB]> show databases;
+--------------------+
| Database |
+--------------------+
| ApolloConfigDB |
| ApolloPortalDB |
| information_schema |
| mysql |
| performance_schema |
+--------------------+
5 rows in set (0.00 sec)4.2.2、给ApolloPortalDB数据库创建用户授权
给ApolloPortalDB数据库用户授权,方便Portal管理使用
MariaDB [(none)]> grant INSERT,DELETE,UPDATE,SELECT on ApolloPortalDB.* to "apolloportal"@"10.4.7.%" identified by "123456";
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> select user,host from mysql.user;
+--------------+-----------+
| user | host |
+--------------+-----------+
| apolloconfig | 10.4.7.% |
| apolloportal | 10.4.7.% |
| root | 127.0.0.1 |
| root | ::1 |
| | hdss7-11 |
| root | hdss7-11 |
| | localhost |
| root | localhost |
+--------------+-----------+
4.2.3、修改初始数据
部门列表,会在创建项目的时候使用到,查看默认样例列表
MariaDB [ApolloPortalDB]> use ApolloPortalDB; MariaDB [ApolloPortalDB]> select * from ServerConfig\G; *************************** 2. row *************************** Id: 2 Key: organizations Value: [{"orgId":"TEST1","orgName":"样例部门1"},{"orgId":"TEST2","orgName":"样例部门2"}] Comment: 部门列表 IsDeleted: DataChange_CreatedBy: default DataChange_CreatedTime: 2021-01-17 15:54:31 DataChange_LastModifiedBy:执行以下命令修改为自己的部门列表
MariaDB [ApolloPortalDB]> update ApolloPortalDB.ServerConfig set ServerConfig.Value='[{"orgId":"Jerry01","orgName":"Linux学院"},{"orgId":"Jerry02","orgName":"云计算"}]' where ServerConfig.Key="organizations";查看列表
MariaDB [ApolloPortalDB]> select * from ServerConfig\G; *************************** 2. row *************************** Id: 2 Key: organizations Value: [{"orgId":"Jerry01","orgName":"Linux学院"},{"orgId":"Jerry02","orgName":"云计算"}] Comment: 部门列表 IsDeleted: DataChange_CreatedBy: default DataChange_CreatedTime: 2021-01-17 15:54:31 DataChange_LastModifiedBy: DataChange_LastTime: 2021-01-17 16:22:27
4.3、配置Portal的meta service
Portal的meta service就是apollo-env.properties文件内容,是portal连接的环境列表,我们用配置中心就是用一套配置中心管理不同环境,其中apollo-env.properties 里面,dev开发环境、fat测试环境、uat愈发环境、lpt性能测试环境、pro生产环境,在不分环境的时候,先只用一个dev。
[root@hdss7-200 ]# cd /data/dockerfile/apollo-portal/config
[root@hdss7-200 config]# cat apollo-env.properties # 不用改,后续直接配置成ConfigMap
local.meta=http://localhost:8080
dev.meta=http://fill-in-dev-meta-server:8080
fat.meta=http://fill-in-fat-meta-server:8080
uat.meta=http://fill-in-uat-meta-server:8080
lpt.meta=${lpt_meta}
pro.meta=http://fill-in-pro-meta-server:80804.4、更新startup.sh
[root@hdss7-200 ]# cd /data/dockerfile/apollo-portal/scripts
[root@hdss7-200 scripts]# vi startup.sh # 建议直接用,不要在源文件改
#!/bin/bash
SERVICE_NAME=apollo-portal
## Adjust log dir if necessary
LOG_DIR=/opt/logs/apollo-portal-server
## Adjust server port if necessary
SERVER_PORT=${SERVER_PORT:=8080}
APOLLO_PORTAL_SERVICE_NAME=$(hostname -i)
# SERVER_URL="http://localhost:$SERVER_PORT"
SERVER_URL="http://${APOLLO_PORTAL_SERVICE_NAME}:${SERVER_PORT}"
## Adjust memory settings if necessary
#export JAVA_OPTS="-Xms2560m -Xmx2560m -Xss256k -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=384m -XX:NewSize=1536m -XX:MaxNewSize=1536m -XX:SurvivorRatio=8"
## Only uncomment the following when you are using server jvm
#export JAVA_OPTS="$JAVA_OPTS -server -XX:-ReduceInitialCardMarks"
########### The following is the same for configservice, adminservice, portal ###########
export JAVA_OPTS="$JAVA_OPTS -XX:ParallelGCThreads=4 -XX:MaxTenuringThreshold=9 -XX:+DisableExplicitGC -XX:+ScavengeBeforeFullGC -XX:SoftRefLRUPolicyMSPerMB=0 -XX:+ExplicitGCInvokesConcurrent -XX:+PrintGCDetails -XX:+HeapDumpOnOutOfMemoryError -XX:-OmitStackTraceInFastThrow -Duser.timezone=Asia/Shanghai -Dclient.encoding.override=UTF-8 -Dfile.encoding=UTF-8 -Djava.security.egd=file:/dev/./urandom"
export JAVA_OPTS="$JAVA_OPTS -Dserver.port=$SERVER_PORT -Dlogging.file=$LOG_DIR/$SERVICE_NAME.log -XX:HeapDumpPath=$LOG_DIR/HeapDumpOnOutOfMemoryError/"
# Find Java
if [[ -n "$JAVA_HOME" ]] && [[ -x "$JAVA_HOME/bin/java" ]]; then
javaexe="$JAVA_HOME/bin/java"
elif type -p java > /dev/null 2>&1; then
javaexe=$(type -p java)
elif [[ -x "/usr/bin/java" ]]; then
javaexe="/usr/bin/java"
else
echo "Unable to find Java"
exit 1
fi
if [[ "$javaexe" ]]; then
version=$("$javaexe" -version 2>&1 | awk -F '"' '/version/ {print $2}')
version=$(echo "$version" | awk -F. '{printf("%03d%03d",$1,$2);}')
# now version is of format 009003 (9.3.x)
if [ $version -ge 011000 ]; then
JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace"
elif [ $version -ge 010000 ]; then
JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace"
elif [ $version -ge 009000 ]; then
JAVA_OPTS="$JAVA_OPTS -Xlog:gc*:$LOG_DIR/gc.log:time,level,tags -Xlog:safepoint -Xlog:gc+heap=trace"
else
JAVA_OPTS="$JAVA_OPTS -XX:+UseParNewGC"
JAVA_OPTS="$JAVA_OPTS -Xloggc:$LOG_DIR/gc.log -XX:+PrintGCDetails"
JAVA_OPTS="$JAVA_OPTS -XX:+UseConcMarkSweepGC -XX:+UseCMSCompactAtFullCollection -XX:+UseCMSInitiatingOccupancyOnly -XX:CMSInitiatingOccupancyFraction=60 -XX:+CMSClassUnloadingEnabled -XX:+CMSParallelRemarkEnabled -XX:CMSFullGCsBeforeCompaction=9 -XX:+CMSClassUnloadingEnabled -XX:+PrintGCDateStamps -XX:+PrintGCApplicationConcurrentTime -XX:+PrintHeapAtGC -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=5M"
fi
fi
printf "$(date) ==== Starting ==== \n"
cd `dirname $0`/..
chmod 755 $SERVICE_NAME".jar"
./$SERVICE_NAME".jar" start
rc=$?;
if [[ $rc != 0 ]];
then
echo "$(date) Failed to start $SERVICE_NAME.jar, return code: $rc"
exit $rc;
fi
tail -f /dev/null跟之前configservice、adminservice的startup.sh一样:
1、SERVER_PORT=${SERVER_PORT:=8070}
官方原配置文件:ERVER_PORT=${SERVER_PORT:=8070(默认端口启动是8070),官方文档是因为怕configservice、adminservice跟portal安装在一个物理机上,导致都占用8080。我们修改成8080(SERVER_PORT=${SERVER_PORT:=8080}),因为我们是容器,网络空间互相隔离,都自己单独的service资源,单独的pod,但其实改不改无所谓,只是为了统一,改成8080。
2、增加了APOLLO_PORTAL_SERVICE_NAME=$(hostname -i)
3、修改了jvm
4、删除
5、添加
4.5、制作portal的Docker镜像
[root@7-200 apollo-portal]# cd /data/dockerfile/apollo-portal
[root@hdss7-200 apollo-portal]# vi Dockerfile
FROM harbor.od.com:180/public/jre8:8u112
ENV VERSION 1.5.1
RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime &&\
echo "Asia/Shanghai" > /etc/timezone
ADD apollo-portal-${VERSION}.jar /apollo-portal/apollo-portal.jar
ADD config/ /apollo-portal/config
ADD scripts/ /apollo-portal/scripts
CMD ["/apollo-portal/scripts/startup.sh"][root@hdss7-200 apollo-portal]# docker build . -t harbor.od.com:180/infra/apollo-portal:v1.5.1
[root@hdss7-200 apollo-portal]# docker login harbor.od.com:180
[root@hdss7-200 apollo-portal]# docker push harbor.od.com:180/infra/apollo-portal:v1.5.1
4.6、准备资源配置清单
[root@hdss7-200 apollo-portal]# mkdir /data/k8s-yaml/apollo-portal;cd /data/k8s-yaml/apollo-portal
[root@hdss7-200 apollo-portal]# vi cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: apollo-portal-cm
namespace: infra
data:
application-github.properties: |
spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloPortalDB?characterEncoding=utf8
spring.datasource.username = apolloportal
spring.datasource.password = 123456
app.properties: |
appId=100003173
apollo-env.properties: |
dev.meta=http://config.od.com[root@hdss7-200 apollo-portal]# vi deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: apollo-portal
namespace: infra
labels:
name: apollo-portal
spec:
# 当前的负载均衡方式(IPVS-nq) 不支持多台 portal,否则会出现会话异常
replicas: 1
selector:
matchLabels:
name: apollo-portal
template:
metadata:
labels:
app: apollo-portal
name: apollo-portal
spec:
volumes:
- name: configmap-volume
configMap:
name: apollo-portal-cm
containers:
- name: apollo-portal
image: harbor.od.com:180/infra/apollo-portal:v1.5.1
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: configmap-volume
mountPath: /apollo-portal/config
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600[root@hdss7-200 apollo-portal]# vi service.yaml
apiVersion: v1
kind: Service
metadata:
name: apollo-portal
namespace: infra
spec:
ports:
- protocol: TCP
port: 8080
targetPort: 8080
selector:
app: apollo-portal[root@hdss7-200 apollo-portal]# vi ingress.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: apollo-portal
namespace: infra
spec:
rules:
- host: portal.od.com
http:
paths:
- path: /
backend:
serviceName: apollo-portal
servicePort: 8080
4.7、配置protal.od.com域名
[root@hdss7-11 ~]# vi /var/named/od.com.zone
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com. dnsadmin.od.com. (
2020010511 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
harbor A 10.4.7.200
k8s-yaml A 10.4.7.200
traefik A 10.4.7.10
dashboard A 10.4.7.10
zk1 A 10.4.7.11
zk2 A 10.4.7.12
zk3 A 10.4.7.21
jenkins A 10.4.7.10
dubbo-monitor A 10.4.7.10
demo A 10.4.7.10
config A 10.4.7.10
mysql A 10.4.7.11
portal A 10.4.7.10 [root@hdss7-11 ~]# systemctl restart named
[root@hdss7-11 ~]# dig -t A portal.od.com @10.4.7.11 +short
10.4.7.10
4.8 、应用配置资源清单
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-portal/cm.yaml
configmap/apollo-portal-cm created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-portal/deployment.yaml
deployment.extensions/apollo-portal created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-portal/service.yaml
service/apollo-portal created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-portal/ingress.yaml
ingress.extensions/apollo-portal created4.9 、查看状态
访问portal.od.com
5 、 Apollo Portal使用
5.1、基础配置
1、修改apollo密码
点击用户管理,输入新的密码,提交
2、系统参数
维护的是ApolloPortalDB.ServerConfig表,他就是配置ServerConfig表的可视化管理界面
3、把ServerConfig表的Key: organizations输入进去查询后显示当前的数值,在里面可以编辑然后保存
4、系统信息
5.2、使用Apollo创建提供者项目
5.2.1、创建Apollo提供者项目
先给Dubbo服务的提供者创建一个项目,这里注意AppId名字是,微服务调用Dubbo时的标识,也就是jenkins流水线构建dubbo服务的时候app_name的名字。一般为开发提供,AppId可以英文、数字、中横线,不支持中文,需要唯一性。
报错:
提交后查看报错了,通过删除dubbo-demo-service的项目后重新构建还是一样。通过报错提示query did not return a unique result2,百度后应该为数据库中存在两个相同的对象导致了此异常, “query did not return a unique result: xxxx”后边xxx会报出数据库中有多少个相同的对象。去数据库查看果不其然,在表中有两条数据删除一个就能解决。由于表不多,每个表都看
删除容器重启后发现无问题
5.2.2、配置提供者参数
先查看源码代码,切换到Apollo分支,dubbo.registry、dubbo.port为代码里面声明的函数,代码中提示把zk的注册中心的地址、Dubbo启动的端口分别用占位符dubbo.registry、dubbo.port给替换了。也就是代码到时候会拉取环境变量dubbo.registry、dubbo.port的值,Apollo协助把值传给环境变量。在配置Monitor到K8S,dubbo-monitor-simple/conf/dubbo_origin.properties 写到过
所以在portal页面点击dubbo-demo-service
在dubbo-demo-service里将要分别构建dubbo.registry、dubbo.port的配置项,点击新增配置
参数一:key:dubbo.registry Value:zookeeper://zk1.od.com:2181 Comment:dubbo服务的注册中心地址,声明发布到DEV环境,点击提交
参数二:key:dubbo.port Value:20880 Comment:dubbo服务提供者的监听端口,声明发布到DEV环境,点击提交
提交后是未发布
5.2.3、发布参数
时间是自己生成的,Comment描述,然后提交
5.2.4、构建Dubbo镜像
既然要让提供者用到Apollo配置中心(dubbo-demo-service)的参数,源代码必须声明(dubbo.registry=${dubbo.registry}、dubbo.port=${dubbo.port}),这样提供者才能从环境变量中获取dubbo.registry、dubbo.port,才能动态的修改连接那个zk跟那个端口,之前部署的Dubbo镜像没有声明(dubbo.registry=${dubbo.registry}、dubbo.port=${dubbo.port}),所以需要重新构建Dubbo镜像,调用Apollo分支,使用jenkins重新构建
问题:Build后,Console Output上从网上downloads一些东西
答:因为使用的Apollo分支编译代码中,Apollo分支依赖了很多新的jar包,有这些jar包才能去编译项目,所以把Apollo依赖的那些包都拉倒了项目中,这就是为什么项目源代码很小20~30M,但是编译出来很大。注,虽然我们使用jre等底包,底包只是为我们java要启动需要的最基础组件,而并非是编译。
5.2.5、修改配置资源清单
[root@hdss7-200 ~]# cd /data/k8s-yaml/dubbo-demo-service/
[root@hdss7-200 dubbo-demo-service]# vi dp.yaml # 修改两处,一处是image源,一处是增加C_OPTS
spec:
containers:
- name: dubbo-demo-service
image: harbor.od.com:180/app/dubbo-demo-service:apollo_210124_1614
ports:
- containerPort: 20880
protocol: TCP
env:
- name: JAR_BALL
value: dubbo-server.jar
- name: C_OPTS
value: -Denv=dev -Dapollo.meta=http://config.od.com
imagePullPolicy: IfNotPresent
在上一篇文章的时候,制作JRE镜像底包中,我们编写了Dockerfile,Dockerfile最后中执行["/entrypoint.sh"],这entrypoint.sh中声明了,C_OPTS=${C_OPTS},说明脚本中的C_OPTS从环境变量中获取。而上述的dp.yaml中增加声明,容器启动后,设置环境变量C_OPTS = -Denv=dev -Dapollo.meta=http://config.od.com。
C_OPTS = -Denv=dev -Dapollo.meta=http://config.od.com分析解释:
-D代表参数
env=dev 代表是连接Apollo的dev测试环境
apollo.meta=http://config.od.com 代表连接那个Apollo
整体的意思相当于我容器启动后,给C_OPTS传递一个字符串,通过执行exec java -jar ${M_OPTS} ${C_OPTS} ${JAR_BALL},也就是java -jar -Denv=dev -Dapollo.meta=http://config.od.com,从Apollo的configDB中获取数据。把dubbo.registry 、dubbo.port数值取出来,放入环境变量中。为什么这么写(-Denv=dev -Dapollo.meta=http://config.od.com),是java格式让我们这么写的。
5.2.6、应用配置资源清单
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/dubbo-demo-service/dp.yaml
启动后从容器日志中也可以看到连接了Apollo
从实例列表中也可以看到有一个连接dubbo-demo-service进来 
如果给dubbo-demo-service容器扩容2个,就会看到实例列表就是两个
在dubbo-monitor中查看注册的消费者,他的端口是20880。(4个Provides,每一个实例两个接口)
把dubbo.port端口修改为20881端口,如果修改后生效,说明容器可以根据Apollo配置中心的数据进行修改。
删除容器,重启容器。(如果Apollo没有配置监听器,动态的监听从Apollo拉取最新的配置,并生效。只有删除容器,重启容器)
5.3、使用Apollo创建消费者项目
5.3.1、配置消费者参数
5.3.2、创建Apollo消费者项目
AppId一定要是上述代码配置的app.id=dubbo-demo-web 一致,这个是连接点
由上述代码配置的key:dubbo.registry Value:zookeeper://zk2.od.com:2181 Comment:dubbo服务的消费者注册中心地址,声明发布到DEV环境,点击提交
5.3.3、发布参数
5.3.4、构建Dubbo镜像
5.3.5、修改配置资源清单
[root@hdss7-200 ]#cd /data/k8s-yaml/dubbo-demo-consumer
[root@hdss7-200 dubbo-demo-consumer]# vi deployment.yaml 修改image、name: C_OPTS
- name: dubbo-demo-consumer
image: harbor.od.com:180/app/dubbo-demo-consumer:apollo_210124_1635
ports:
- containerPort: 8080
protocol: TCP
- containerPort: 20880
protocol: TCP
env:
- name: JAR_BALL
value: dubbo-client.jar
- name: C_OPTS
value: -Denv=dev -Dapollo.meta=http://config.od.com
imagePullPolicy: IfNotPresent
imagePullSecrets:
5.3.6、应用配置资源清单
[root@hdss7-200 ~]# kubectl apply -f http://k8s-yaml.od.com/dubbo-demo-consumer/deployment.yaml
5.3.7、查看状态
http://demo.od.com/hello?name=apollo
6 、实战使用apollo分环境管理dubbo服务
真正使用apollo并不只是进行配置的修改,最主要让环境列表丰富起来。能让同一份容器不做任何改变,让他在测试环境起来,生产环境也能起来,测试环境去连接测试环境的apollo,生产环境去连接生产环境的apollo。他们都在数据库做区别保存
环境准备
1、关闭上述Dubbo-demo-service、Dubbo-demo-consumer配置,节约资源
2、删除apollo-portal 已经创建的dubbo-demo-service、dubbo-demo-web 项目。因为还是使用之前的dubbo项目进行实验,而在Apollo中又不能动态的增加环境列表,而Apollo的(AppId)名称必须跟后端的dubbo项目名字一致,否则无法连接,所以需要删除重新增加环境配置。
3、把创建的apollo-portal 、apollo-adminservice、apollo-configservice都缩容0,节约资源
Apollo环境搭建
6.1、创建各自的zk域名、命名空间
6.1.1、创建各自的zk域名
[root@hdss7-11 ~]# vi /var/named/od.com.zone 测试环境zk-test 连接10.4.7.11的zk。生产环境zk-prod 连接10.4.7.12的zk。
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com. dnsadmin.od.com. (
2020010512 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
harbor A 10.4.7.200
k8s-yaml A 10.4.7.200
traefik A 10.4.7.10
dashboard A 10.4.7.10
zk1 A 10.4.7.11
zk2 A 10.4.7.12
zk3 A 10.4.7.21
jenkins A 10.4.7.10
dubbo-monitor A 10.4.7.10
demo A 10.4.7.10
config A 10.4.7.10
mysql A 10.4.7.11
portal A 10.4.7.10
zk-test A 10.4.7.11
zk-prod A 10.4.7.12
[root@hdss7-11 ~]# systemctl restart named
[root@hdss7-11 ~]# dig -t A zk-test.od.com +short
10.4.7.11
[root@hdss7-11 ~]# dig -t A zk-prod.od.com +short
10.4.7.12
6.1.2、创建各自的命名空间
[root@hdss7-21 ~]# kubectl create ns test
namespace/test created
[root@hdss7-21 ~]# kubectl create secret docker-registry harbor --docker-server=harbor.od.com:180 --docker-username=admin --docker-password=Harbor12345 -n test
secret/harbor created
[root@hdss7-21 ~]# kubectl create ns prod
namespace/prod created
[root@hdss7-21 ~]# kubectl create secret docker-registry harbor --docker-server=harbor.od.com:180 --docker-username=admin --docker-password=Harbor12345 -n prod
secret/harbor created
6.2、创建各自的数据库及配置
不管有多少环境,都可以在apollo-portal区分,所以apollo-portal还是准备一份。但是apollo-adminservice、apollo-configservice 区分环境,不公用,需要按照环境各自创建。而且各自apollo-adminservice、apollo-configservice连接的数据库是各自的数据库。进行分库操作,后期要用到elk分环境收集日志
6.2.1、创建测试环境数据库
[root@hdss7-11 ~]# vi apolloconfig.sql # vi 修改apolloconfig.sql,数据库改成ApolloConfigTestDB
[root@hdss7-11 ~]# mysql -uroot -p < apolloconfig.sql
[root@hdss7-11 ~]# mysql -uroot -p
修改ApolloConfigTestDB.ServerConfig表,连接eureka的时候是config-test.od.com。生产环境有生产环境的eureka域名,测试环境有测试环境的eureka域名
MariaDB [(none)]> select * from ApolloConfigTestDB.ServerConfig\G;
*************************** 1. row ***************************
Id: 1
Key: eureka.service.url
Cluster: default
Value: http://localhost:8080/eureka/
Comment: Eureka服务Url,多个service以英文逗号分隔
IsDeleted:
DataChange_CreatedBy: default
DataChange_CreatedTime: 2021-01-16 12:40:40
DataChange_LastModifiedBy:
DataChange_LastTime: 2021-01-16 12:40:40
*************************** 2. row ***************************
修改语句
MariaDB [(none)]> update ApolloConfigTestDB.ServerConfig set ServerConfig.Value="http://config-test.od.com/eureka" where ServerConfig.Key="eureka.service.url";6.2.2、创建生产环境数据库
[root@hdss7-11 ~]# vi apolloconfig.sql # 两个库用一个数据库实例,无问题。生产不是这样的,是分开的。portal也是有自己的独立的环境
[root@hdss7-11 ~]# mysql -uroot -p < apolloconfig.sql
[root@hdss7-11 ~]# mysql -uroot -p
修改ApolloConfigProdDB.ServerConfig表,连接eureka的时候是config-prod.od.com。生产环境有生产环境的eureka域名,测试环境有测试环境的eureka域名
MariaDB [(none)]> select * from ApolloConfigProdDB.ServerConfig\G;
*************************** 1. row ***************************
Id: 1
Key: eureka.service.url
Cluster: default
Value: http://localhost:8080/eureka/
Comment: Eureka服务Url,多个service以英文逗号分隔
IsDeleted:
DataChange_CreatedBy: default
DataChange_CreatedTime: 2021-01-16 12:40:40
DataChange_LastModifiedBy:
DataChange_LastTime: 2021-01-16 12:40:40
*************************** 2. row ***************************
修改语句
MariaDB [(none)]> update ApolloConfigProdDB.ServerConfig set ServerConfig.Value="http://config-prod.od.com/eureka" where ServerConfig.Key="eureka.service.url";6.2.3、授权
MariaDB [ApolloConfigDB]> grant INSERT,DELETE,UPDATE,SELECT on ApolloConfigTestDB.* to "apolloconfig"@"10.4.7.%" identified by "123456";
MariaDB [ApolloConfigDB]> grant INSERT,DELETE,UPDATE,SELECT on ApolloConfigProdDB.* to "apolloconfig"@"10.4.7.%" identified by "123456";6.2.4、修改apollo-portal的ServerConfig
修改可支持的环境列表,目前只是支持dev,现在还要支持fat(测试)、pro(生产)、在1.4版本中必须这么写。高版本不确定可不可以写test、prod
MariaDB [ApolloPortalDB]> select * from ApolloPortalDB.ServerConfig\G;
Id: 1
Key: apollo.portal.envs
Value: dev
Comment: 可支持的环境列表
IsDeleted:
DataChange_CreatedBy: default
DataChange_CreatedTime: 2021-01-17 15:54:31
DataChange_LastModifiedBy:
DataChange_LastTime: 2021-01-17 16:22:27
*************************** 2. row ***************************
MariaDB [ApolloPortalDB]> update ApolloPortalDB.ServerConfig set Value='fat,pro' where Id=1;
6.2.5 、创建各自的数据库域名
[root@hdss7-11 ~]# vi /var/named/od.com.zone
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com. dnsadmin.od.com. (
2020010513 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
harbor A 10.4.7.200
k8s-yaml A 10.4.7.200
traefik A 10.4.7.10
dashboard A 10.4.7.10
zk1 A 10.4.7.11
zk2 A 10.4.7.12
zk3 A 10.4.7.21
jenkins A 10.4.7.10
dubbo-monitor A 10.4.7.10
demo A 10.4.7.10
config A 10.4.7.10
mysql A 10.4.7.11
portal A 10.4.7.10
zk-test A 10.4.7.11
zk-prod A 10.4.7.12
config-test A 10.4.7.10
config-prod A 10.4.7.10
[root@hdss7-11 ~]# systemctl restart named
[root@hdss7-11 ~]# dig -t A config-test.od.com +short
10.4.7.10
[root@hdss7-11 ~]# dig -t A config-prod.od.com +short
10.4.7.10
6.3 、修改apollo-portal的cm列表应用
[root@hdss7-200 apollo-portal]# cd /data/k8s-yaml/apollo-portal
[root@hdss7-200 apollo-portal]# vi cm.yaml 增加 fat.meta=http://config-test.od.com 、pro.meta=http://config-prod.od.com
apiVersion: v1
kind: ConfigMap
metadata:
name: apollo-portal-cm
namespace: infra
data:
application-github.properties: |
spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloPortalDB?characterEncoding=utf8
spring.datasource.username = apolloportal
spring.datasource.password = 123456
app.properties: |
appId=100003173
apollo-env.properties: |
fat.meta=http://config-test.od.com
pro.meta=http://config-prod.od.com应用cm.yaml
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/apollo-portal/cm.yaml
configmap/apollo-portal-cm created
6.4 、交付各自的apollo-configservice
6.4.1 、交付test的apollo-configservice
配置资源清单
[root@hdss7-200 ~]# cd /data/k8s-yaml/
[root@hdss7-200 k8s-yaml]# mkdir -pv test/{apollo-configservice,apollo-adminservice,dubbo-demo-service,dubbo-demo-consumer}
mkdir: created directory ‘test’
mkdir: created directory ‘test/apollo-configservice’
mkdir: created directory ‘test/apollo-adminservice’
mkdir: created directory ‘test/dubbo-demo-service’
mkdir: created directory ‘test/dubbo-demo-consumer’
[root@hdss7-200 k8s-yaml]# mkdir -pv prod/{apollo-configservice,apollo-adminservice,dubbo-demo-service,dubbo-demo-consumer}
mkdir: created directory ‘prod’
mkdir: created directory ‘prod/apollo-configservice’
mkdir: created directory ‘prod/apollo-adminservice’
mkdir: created directory ‘prod/dubbo-demo-service’
mkdir: created directory ‘prod/dubbo-demo-consumer’
[root@hdss7-200 ~]# cd /data/k8s-yaml/test/apollo-configservice
[root@hdss7-200 apollo-configservice]# vi cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: apollo-configservice-cm
namespace: test
data:
application-github.properties: |
# DataSource
spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloConfigTestDB?characterEncoding=utf8
spring.datasource.username = apolloconfig
spring.datasource.password = 123456
eureka.service.url = http://config-test.od.com/eureka
app.properties: |
appId=100003171[root@hdss7-200 apollo-configservice]# vi deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: apollo-configservice
namespace: test
labels:
name: apollo-configservice
spec:
replicas: 1
selector:
matchLabels:
name: apollo-configservice
template:
metadata:
labels:
app: apollo-configservice
name: apollo-configservice
spec:
volumes:
- name: configmap-volume
configMap:
name: apollo-configservice-cm
containers:
- name: apollo-configservice
image: harbor.od.com:180/infra/apollo-configservice:v1.5.1
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: configmap-volume
mountPath: /apollo-configservice/config
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600[root@hdss7-200 apollo-configservice]# vi service.yaml
kind: Service
apiVersion: v1
metadata:
name: apollo-configservice
namespace: test
spec:
ports:
- protocol: TCP
port: 8080
targetPort: 8080
selector:
app: apollo-configservice[root@hdss7-200 apollo-configservice]# vi ingress.yaml
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: apollo-configservice
namespace: test
spec:
rules:
- host: config-test.od.com
http:
paths:
- path: /
backend:
serviceName: apollo-configservice
servicePort: 8080应用配置资源清单
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/test/apollo-configservice/cm.yaml
configmap/apollo-configservice-cm created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/test/apollo-configservice/deployment.yaml
deployment.extensions/apollo-configservice created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/test/apollo-configservice/service.yaml
service/apollo-configservice created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/test/apollo-configservice/ingress.yaml
ingress.extensions/apollo-configservice created
访问config-test.od.com
6.4.2 、交付prod的apollo-configservice
[root@hdss7-200 ~]# cd /data/k8s-yaml/prod/apollo-configservice
[root@hdss7-200 apollo-configservice]# vi cm.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: apollo-configservice-cm
namespace: prod
data:
application-github.properties: |
# DataSource
spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloConfigProdDB?characterEncoding=utf8
spring.datasource.username = apolloconfig
spring.datasource.password = 123456
eureka.service.url = http://config-prod.od.com/eureka
app.properties: |
appId=100003171[root@hdss7-200 apollo-configservice]# vi deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: apollo-configservice
namespace: prod
labels:
name: apollo-configservice
spec:
replicas: 1
selector:
matchLabels:
name: apollo-configservice
template:
metadata:
labels:
app: apollo-configservice
name: apollo-configservice
spec:
volumes:
- name: configmap-volume
configMap:
name: apollo-configservice-cm
containers:
- name: apollo-configservice
image: harbor.od.com:180/infra/apollo-configservice:v1.5.1
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: configmap-volume
mountPath: /apollo-configservice/config
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600[root@hdss7-200 apollo-configservice]# vi service.yaml
kind: Service
apiVersion: v1
metadata:
name: apollo-configservice
namespace: prod
spec:
ports:
- protocol: TCP
port: 8080
targetPort: 8080
selector:
app: apollo-configservice[root@hdss7-200 apollo-configservice]# vi ingress.yaml
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: apollo-configservice
namespace: prod
spec:
rules:
- host: config-prod.od.com
http:
paths:
- path: /
backend:
serviceName: apollo-configservice
servicePort: 8080应用资源配置清单
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/prod/apollo-configservice/cm.yaml
configmap/apollo-configservice-cm created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/prod/apollo-configservice/deployment.yaml
deployment.extensions/apollo-configservice created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/prod/apollo-configservice/service.yaml
service/apollo-configservice created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/prod/apollo-configservice/ingress.yaml
ingress.extensions/apollo-configservice created
访问config-prod.od.com
6.5 、交付各自的apollo-adminservice
6.5.1 、交付test的apollo-adminservice
[root@hdss7-200 ~]# cd /data/k8s-yaml/test/apollo-adminservice
[root@hdss7-200 apollo-adminservice]# vi cm.yaml
# appId 与 configservice、portal 不一致 apiVersion: v1 kind: ConfigMap metadata: name: apollo-adminservice-cm namespace: test data: application-github.properties: | spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloConfigTestDB?characterEncoding=utf8 spring.datasource.username = apolloconfig spring.datasource.password = 123456 eureka.service.url = http://config-test.od.com/eureka app.properties: | appId=100003172
[root@hdss7-200 apollo-adminservice]# vi deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: apollo-adminservice
namespace: test
labels:
name: apollo-adminservice
spec:
replicas: 1
selector:
matchLabels:
name: apollo-adminservice
template:
metadata:
labels:
app: apollo-adminservice
name: apollo-adminservice
spec:
volumes:
- name: configmap-volume
configMap:
name: apollo-adminservice-cm
containers:
- name: apollo-adminservice
image: harbor.od.com:180/infra/apollo-adminservice:v1.5.1
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: configmap-volume
mountPath: /apollo-adminservice/config
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600应用配置资源清单
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/test/apollo-adminservice/cm.yaml
configmap/apollo-adminservice-cm created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/test/apollo-adminservice/deployment.yaml
deployment.extensions/apollo-adminservice created
6.5.2 、交付prod的apollo-adminservice
[root@hdss7-200 ~]# cd /data/k8s-yaml/prod/apollo-adminservice
[root@hdss7-200 apollo-adminservice]# vi cm.yaml
# appId 与 configservice、portal 不一致 apiVersion: v1 kind: ConfigMap metadata: name: apollo-adminservice-cm namespace: prod data: application-github.properties: | spring.datasource.url = jdbc:mysql://mysql.od.com:3306/ApolloConfigProdDB?characterEncoding=utf8 spring.datasource.username = apolloconfig spring.datasource.password = 123456 eureka.service.url = http://config-prod.od.com/eureka app.properties: | appId=100003172
[root@hdss7-200 apollo-adminservice]# vi deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: apollo-adminservice
namespace: prod
labels:
name: apollo-adminservice
spec:
replicas: 1
selector:
matchLabels:
name: apollo-adminservice
template:
metadata:
labels:
app: apollo-adminservice
name: apollo-adminservice
spec:
volumes:
- name: configmap-volume
configMap:
name: apollo-adminservice-cm
containers:
- name: apollo-adminservice
image: harbor.od.com:180/infra/apollo-adminservice:v1.5.1
ports:
- containerPort: 8080
protocol: TCP
volumeMounts:
- name: configmap-volume
mountPath: /apollo-adminservice/config
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600应用配置资源清单
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/prod/apollo-adminservice/cm.yaml
configmap/apollo-adminservice-cm created
[root@hdss7-21 ~]# kubectl apply -f http://k8s-yaml.od.com/prod/apollo-adminservice/deployment.yaml
deployment.extensions/apollo-adminservice created
6.6 、查看apollo-portal
6.6.1 、启动infra空间的apollo-portal 缩容1
6.6.2 、查看apollo-portal的系统参数,搜索apollo.portal.envs
交付Dubbo服务
Dubbo服务分别交付到连接两个环境,去连接apollo。
6.7、配置Apollo的Dubbo服务提供者
6.7.1、交付Dubbo服务提供者到测试环境
创建后发现两个环境,点击后右边的application会切换
注:如果发现只有FAT、或者只有FRO、或者环境列表为空
查看系统信息
系统提示出了什么问题
按照图上显示,由于访问http://config-prod.od.com 报错502 Bad Gateway。如果按照本文操作提示此问题,考虑route、iptables,都无问题后,重新查看apollo-configservice的配置文件,重新apply -f、重启一个新的容器,然后通过IP:8080无问题后,在http://config-prod.od.com访问
FAT环境----新增配置(dubbo.registry)(zookeeper://zk-test.od.com:2181)(测试环境dubbo服务提供者注册中心地址)----FAT----提交
FAT环境----新增配置(dubbo.port)(20880)(测试环境dubbo服务提供者监听的端口)----FAT----提交
点击发布测试环境下的参数
6.7.2、交付Dubbo服务提供者到生产环境
点击PRO切换环境
FAT环境----新增配置(dubbo.registry)(zookeeper://zk-prod.od.com:2181)(生产环境dubbo服务提供者注册中心地址)----Prod----提交
FAT环境----新增配置(dubbo.port)(20880)(生产环境dubbo服务提供者监听的端口)----Prod----提交
点击发布生产环境下的参数
6.8、配置Apollo的Dubbo服务消费者
6.8.1、交付Dubbo服务消费者到测试环境
FAT环境----新增配置(dubbo.registry)(zookeeper://zk-test.od.com:2181)(测试环境dubbo服务消费者注册中心地址)----FAT----提交
点击发布测试环境下的参数
6.7.2、交付Dubbo服务消费者到生产环境
点击PRO切换环境
FAT环境----新增配置(dubbo.registry)(zookeeper://zk-test.od.com:2181)(生产环境dubbo服务消费者注册中心地址)----Prod----提交
点击发布生产环境下的参数
6.9、配置dubbo服务连接测试环境
6.9.1、配置dubbo-demo-service的资源配置清单
[root@hdss7-200 ~]# cd /data/k8s-yaml/test/dubbo-demo-service/
[root@hdss7-200 dubbo-demo-service]# vi dp.yaml 其中image不用修改了,因为之前已经构建了apollo镜像。修改C_OPTS,让它掉用的环境变量不一样
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: dubbo-demo-service
namespace: test
labels:
name: dubbo-demo-service
spec:
replicas: 1
selector:
matchLabels:
name: dubbo-demo-service
template:
metadata:
labels:
app: dubbo-demo-service
name: dubbo-demo-service
spec:
containers:
- name: dubbo-demo-service
image: harbor.od.com:180/app/dubbo-demo-service:apollo_210124_1614
ports:
- containerPort: 20880
protocol: TCP
env:
- name: JAR_BALL
value: dubbo-server.jar
- name: C_OPTS
value: -Denv=fat -Dapollo.meta=http://config-test.od.com
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 6006.9.2、应用资源配置清单
[root@hdss7-21 /]# kubectl apply -f http://k8s-yaml.od.com/test/dubbo-demo-service/dp.yaml
deployment.extensions/dubbo-demo-service created
6.9.3、查看dubbo-monitor
修改dubbo-monitor的condfigmap,使其连接test环境的zk (需要删除容器重新构建)
6.9.4、配置dubbo-demo-consumer的资源配置清单
[root@hdss7-200 ~]# cd /data/k8s-yaml/test/dubbo-demo-consumer/
[root@hdss7-200 dubbo-demo-consumer]# vi deployment.yaml 其中image不用修改了,因为之前已经构建了apollo镜像。修改C_OPTS,让它掉用的环境变量不一样
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: dubbo-demo-consumer
namespace: test
labels:
name: dubbo-demo-consumer
spec:
replicas: 1
selector:
matchLabels:
name: dubbo-demo-consumer
template:
metadata:
labels:
app: dubbo-demo-consumer
name: dubbo-demo-consumer
spec:
containers:
- name: dubbo-demo-consumer
image: harbor.od.com:180/app/dubbo-demo-consumer:apollo_210124_1635
ports:
- containerPort: 8080
protocol: TCP
- containerPort: 20880
protocol: TCP
env:
- name: JAR_BALL
value: dubbo-client.jar
- name: C_OPTS
value: -Denv=fat -Dapollo.meta=http://config-test.od.com
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600[root@hdss7-200 dubbo-demo-consumer]# vi service.yaml
kind: Service
apiVersion: v1
metadata:
name: dubbo-demo-consumer
namespace: test
spec:
ports:
- protocol: TCP
port: 8080
targetPort: 8080
selector:
app: dubbo-demo-consumer[root@hdss7-200 dubbo-demo-consumer]# vi ingress.yaml 域名也需要修改 demo-test.od.com
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: dubbo-demo-consumer
namespace: test
spec:
rules:
- host: demo-test.od.com
http:
paths:
- path: /
backend:
serviceName: dubbo-demo-consumer
servicePort: 8080新增域名:
[root@hdss7-11 ~]# vi /var/named/od.com.zone
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com. dnsadmin.od.com. (
2020010514 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
harbor A 10.4.7.200
k8s-yaml A 10.4.7.200
traefik A 10.4.7.10
dashboard A 10.4.7.10
zk1 A 10.4.7.11
zk2 A 10.4.7.12
zk3 A 10.4.7.21
jenkins A 10.4.7.10
dubbo-monitor A 10.4.7.10
demo A 10.4.7.10
config A 10.4.7.10
mysql A 10.4.7.11
portal A 10.4.7.10
zk-test A 10.4.7.11
zk-prod A 10.4.7.12
config-test A 10.4.7.10
config-prod A 10.4.7.10
demo-test A 10.4.7.10[root@hdss7-11 ~]# systemctl restart named
6.9.5、应用资源配置清单
[root@hdss7-21 /]# kubectl apply -f http://k8s-yaml.od.com/test/dubbo-demo-consumer/deployment.yaml
deployment.extensions/dubbo-demo-service created
[root@hdss7-21 /]# kubectl apply -f http://k8s-yaml.od.com/test/dubbo-demo-consumer/service.yaml
deployment.extensions/dubbo-demo-service created
[root@hdss7-21 /]# kubectl apply -f http://k8s-yaml.od.com/test/dubbo-demo-consumer/ingress.yaml
deployment.extensions/dubbo-demo-service created
6.9.6、查看dubbo-monitor
6.9.7、查看http://demo-test.od.com/hello?name=apollo
6.10、配置dubbo服务连接生产环境
6.9.1、配置生产环境的域名
[root@hdss7-11 ~]# vi /var/named/od.com.zone
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com. dnsadmin.od.com. (
2020010515 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimum (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 10.4.7.11
harbor A 10.4.7.200
k8s-yaml A 10.4.7.200
traefik A 10.4.7.10
dashboard A 10.4.7.10
zk1 A 10.4.7.11
zk2 A 10.4.7.12
zk3 A 10.4.7.21
jenkins A 10.4.7.10
dubbo-monitor A 10.4.7.10
demo A 10.4.7.10
config A 10.4.7.10
mysql A 10.4.7.11
portal A 10.4.7.10
zk-test A 10.4.7.11
zk-prod A 10.4.7.12
config-test A 10.4.7.10
config-prod A 10.4.7.10
demo-test A 10.4.7.10
demo-prod A 10.4.7.10[root@hdss7-11 ~]# systemctl restart named
6.9.2、配置dubbo-demo-service的资源配置清单
[root@hdss7-200 ~]# cd /data/k8s-yaml/prod/dubbo-demo-service/
[root@hdss7-200 dubbo-demo-service]# vi dp.yaml 其中image不用修改了,因为之前已经构建了apollo镜像。修改C_OPTS,让它掉用的环境变量不一样
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: dubbo-demo-service
namespace: prod
labels:
name: dubbo-demo-service
spec:
replicas: 1
selector:
matchLabels:
name: dubbo-demo-service
template:
metadata:
labels:
app: dubbo-demo-service
name: dubbo-demo-service
spec:
containers:
- name: dubbo-demo-service
image: harbor.od.com:180/app/dubbo-demo-service:apollo_210124_1614
ports:
- containerPort: 20880
protocol: TCP
env:
- name: JAR_BALL
value: dubbo-server.jar
- name: C_OPTS
value: -Denv=pro -Dapollo.meta=http://apollo-configservice:8080
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600连接Apollo的格式是(-Denv=pro -Dapollo.meta=http://config-prod.od.com),还有没有其他的写法?答案是有的,可以写(-Denv=pro -Dapollo.meta=http://apollo-configservice:8080)
因为在test的名命空间下,有一个svc叫apollo-configservice
因为我的dubbo-demo-service是一个交付到k8s集群里面服务,而这个apollo-configservice也是交付到k8s集群里面服务,k8s中集群内不同名称空间可以互相通讯(因为他们是靠name.namespace区分的)所以可以写value: -Denv=pro -Dapollo.meta=http://apollo-configservice.test.svc.cluster.local:8080 ,由于都在test名称空间(同一个名称空间可以用短域名),所以可以写value: -Denv=pro -Dapollo.meta=http://apollo-configservice:8080,也不用走ingress。而且这种写法比(-Denv=pro -Dapollo.meta=http://config-prod.od.com)处理速度更快,因为config-prod.od.com在集群内部无法解析,需要通过coredns到上层解析,抛给10.4.7.10,然后还的通过 ingress进入集群内部,虽然是内网应用,消耗虽然不大,但还是多过了一层反向代理
6.10.3、应用资源配置清单
[root@hdss7-21 /]# kubectl apply -f http://k8s-yaml.od.com/prod/dubbo-demo-service/dp.yaml
deployment.extensions/dubbo-demo-service created
6.10.4、配置dubbo-demo-consumer的资源配置清单
[root@hdss7-200 ~]# cd /data/k8s-yaml/prod/dubbo-demo-consumer/
[root@hdss7-200 dubbo-demo-consumer]# vi deployment.yaml 其中image不用修改了,因为之前已经构建了apollo镜像。修改C_OPTS,让它掉用的环境变量不一样
kind: Deployment
apiVersion: extensions/v1beta1
metadata:
name: dubbo-demo-consumer
namespace: prod
labels:
name: dubbo-demo-consumer
spec:
replicas: 1
selector:
matchLabels:
name: dubbo-demo-consumer
template:
metadata:
labels:
app: dubbo-demo-consumer
name: dubbo-demo-consumer
spec:
containers:
- name: dubbo-demo-consumer
image: harbor.od.com:180/app/dubbo-demo-consumer:apollo_210124_1635
ports:
- containerPort: 8080
protocol: TCP
- containerPort: 20880
protocol: TCP
env:
- name: JAR_BALL
value: dubbo-client.jar
- name: C_OPTS
value: -Denv=pro -Dapollo.meta=http://apollo-configservice:8080
imagePullPolicy: IfNotPresent
imagePullSecrets:
- name: harbor
restartPolicy: Always
terminationGracePeriodSeconds: 30
securityContext:
runAsUser: 0
schedulerName: default-scheduler
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
revisionHistoryLimit: 7
progressDeadlineSeconds: 600[root@hdss7-200 dubbo-demo-consumer]# vi service.yaml
kind: Service
apiVersion: v1
metadata:
name: dubbo-demo-consumer
namespace: prod
spec:
ports:
- protocol: TCP
port: 8080
targetPort: 8080
selector:
app: dubbo-demo-consumer[root@hdss7-200 dubbo-demo-consumer]# vi ingress.yaml
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: dubbo-demo-consumer
namespace: prod
spec:
rules:
- host: demo-prod.od.com
http:
paths:
- path: /
backend:
serviceName: dubbo-demo-consumer
servicePort: 80806.10.5、应用资源配置清单
[root@hdss7-21 /]# kubectl apply -f http://k8s-yaml.od.com/prod/dubbo-demo-consumer/deployment.yaml
deployment.extensions/dubbo-demo-service created
[root@hdss7-21 /]# kubectl apply -f http://k8s-yaml.od.com/prod/dubbo-demo-consumer/service.yaml
deployment.extensions/dubbo-demo-service created
[root@hdss7-21 /]# kubectl apply -f http://k8s-yaml.od.com/prod/dubbo-demo-consumer/ingress.yaml
deployment.extensions/dubbo-demo-service created
6.10.6、查看http://demo-prod.od.com/hello?name=apollo
迭代项目
1、修改代码--commit
2、查看commit_id
3、使用jenkins发代码
4、先在测试环境测试,修改test下的提供者调用的image,重启容器
5、查看测试环境http://demo-test.od.com/hello?name=apollo
6、测试环境无问题,投入生产环境,修改prod下的消费者调用的image,重启容器