K8S conul部署
官网有Helm方式的安装文档(https://www.consul.io/docs/platform/k8s/index.html)
一,准备工作:
1,k8s环境
2,nfs服务器
二,创建PV
nfs_pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: kingsun.nfs1
spec:
capacity:
storage: 1Gi
accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Recycle
storageClassName: nfs
nfs:
path: /mnt/nfsdata
server: 196.1.210.140 ---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kingsun.nfs2
spec:
capacity:
storage: 1Gi
accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Recycle
storageClassName: nfs
nfs:
path: /mnt/nfsdata
server: 196.1.210.140
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kingsun.nfs3
spec:
capacity:
storage: 1Gi
accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Recycle
storageClassName: nfs
nfs:
path: /mnt/nfsdata
server: 196.1.210.140
执行:kubectl apply -f nfs_pv.yaml 创建pv(PersistentVolume)
三,将Consul使用端口通过Service暴露
PortService.yaml
apiVersion: v1
kind: Service
metadata:
name: consul
labels:
name: consul
spec:
type: ClusterIP
clusterIP: None
ports:
- name: http
port: 8500
targetPort: 8500
- name: https
port: 8443
targetPort: 8443
- name: rpc
port: 8400
targetPort: 8400
- name: serflan-tcp
protocol: "TCP"
port: 8301
targetPort: 8301
- name: serflan-udp
protocol: "UDP"
port: 8301
targetPort: 8301
- name: serfwan-tcp
protocol: "TCP"
port: 8302
targetPort: 8302
- name: serfwan-udp
protocol: "UDP"
port: 8302
targetPort: 8302
- name: server
port: 8300
targetPort: 8300
- name: consuldns
port: 8600
targetPort: 8600
selector:
app: consul
四,编辑ACL配置文件并保存到K8S ConfigMap
Acl.json
{"acl":{
"enabled":true,
"default_policy":"deny",
"enable_token_persistence":true,
"tokens":{
"master":"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c",
"agent":"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c"
}
}}
执行:kubectl create configmap --from-file Acl.json
查看configmap:kubectl get configmap -o yaml
PS G:\KingSun\Consul\Yaml> kubectl get configmap -o yaml
apiVersion: v1
items:
- apiVersion: v1
data:
Acl.json: "{\"acl\":{\r\n \"enabled\":true,\r\n \"default_policy\":\"deny\",\r\n
\"enable_token_persistence\":true,\r\n \"tokens\":{\r\n \"master\":\"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c\",\r\n
\ \"agent\":\"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c\"\r\n }\r\n}}"
kind: ConfigMap
metadata:
creationTimestamp: "2019-12-03T08:21:22Z"
name: consul-acl-config
namespace: default
resourceVersion: "771714"
selfLink: /api/v1/namespaces/default/configmaps/consul-acl-config
uid: 57507410-e0a2-4979-9c8b-731fe9dc62b8
kind: List
metadata:
resourceVersion: ""
selfLink: ""
五,编辑StateFulSet配置文件创建pod
StateFulSet.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: consul
spec:
selector:
matchLabels:
app: consul
serviceName: consul
replicas: 1
template:
metadata:
labels:
app: consul
spec:
#affinity:
# podAntiAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# - labelSelector:
# matchExpressions:
# - key: app
# operator: In
# values:
# - consul
# topologyKey: kubernetes.io/hostname
terminationGracePeriodSeconds: 10
volumes:
- name: config
configMap:
name: consul-acl-config
containers:
- name: consul
image: consul:latest
volumeMounts:
- name: config
mountPath: /consul/config
- name: data
mountPath: /consul/data
command:
- "/bin/sh"
- "-ec"
- |
exec /bin/consul agent \
-server \
-ui \
-advertise="$(PODIP)" \
-bind=0.0.0.0 \
-client=0.0.0.0 \
-bootstrap-expect=1 \
-data-dir=/consul/data \
-domain=cluster.local \
-retry-join=consul-0.consul.$(NAMESPACE).svc.cluster.local \
-disable-host-node-id \
-datacenter=ks \
-config-file=/consul/config/Acl.json
env:
- name: PODIP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: 8500
name: ui-port
- containerPort: 8400
name: alt-port
- containerPort: 53
name: udp-port
- containerPort: 8443
name: https-port
- containerPort: 8080
name: http-port
- containerPort: 8301
name: serflan
- containerPort: 8302
name: serfwan
- containerPort: 8600
name: consuldns
- containerPort: 8300
name: server
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
storageClassName: nfs
执行:kubectl apply -f StateFulSet.yaml
查看consul pod日志:kubectl logs consul-0
查看StateFulSet启动日志:kubectl describe StateFulSet consul
六,通过NodePort Service暴露consul ui
UiService.yaml
apiVersion: v1
kind: Service
metadata:
name: consul-ui
labels:
app: consul
spec:
selector:
app: consul
ports:
- name: consul-port
protocol: TCP
port: 80
nodePort: 32000
targetPort: 8500
type: NodePort
七,打开ui
先点击"acl"输入Acl.json中定义的master_token
K8S conul部署的更多相关文章
- 持续集成之应用k8s自动部署
持续集成之应用k8s自动部署 Intro 上次我们提到了docker容器化及自动化部署,这仅仅适合个人项目或者开发环境部署,如果要部署到生产环境,必然就需要考虑很多因素,比如访问量大了如何调整部署,如 ...
- k8s二进制部署
k8s二进制部署 1.环境准备 主机名 ip地址 角色 k8s-master01 10.0.0.10 master k8s-master02 10.0.0.11 master k8s-node01 1 ...
- Prometheus K8S中部署Alertmanager
Prometheus K8S中部署Alertmanager 设置告警和通知的主要步骤如下:一.部署Alertmanager二.配置Prometheus与Alertmanager通信三.配置告警 1. ...
- K8S CoreDNS部署失败,发现的一个问题
K8S CoreDNS部署失败,查看错误日志,提示如下 root >> kubectl get all --all-namespaces -o wide root >> kub ...
- Kubernetes之在k8s中部署Java应用
部署好了k8s以后 部署参考https://www.cnblogs.com/minseo/p/12055731.html 怎么在k8s部署应用 项目迁移到k8s平台是怎样的流程 1,制作镜像 2,控制 ...
- kubernetes之三 使用kubectl在k8s上部署应用
在上一篇中,我们学习了使用minikube来搭建k8s集群.k8s集群启动后,就可以在上面部署应用了.本篇,我们就来学习如何使用kubectl在k8s上部署应用. 学习之前,可以先从下面这篇博客上了解 ...
- Docker & k8s 系列三:在k8s中部署单个服务实例
本章将会讲解: pod的概念,以及如何向k8s中部署一个单体应用实例. 在上面的篇幅中,我们了解了docker,并制作.运行了docker镜像,然后将镜像发布至中央仓库了.然后又搭建了本机的k8s环境 ...
- 在k8s上部署日志系统elfk
日志系统elfk 前言 经过上周的技术预研,在本周一通过开会研究,根据公司的现有业务流量和技术栈,决定选择的日志系统方案为:elasticsearch(es)+logstash(lo)+filebea ...
- 优化:在k8s上部署的gitlab
gitlab组件图 gitlab在k8s上占用资源 # kubectl top pods -n default | grep git* gitlab-gitaly-0 9m 444Mi gitlab- ...
随机推荐
- Tcl条件语句
If {条件表达式1} { 执行语句1 } elseif {条件表达式2} { 执行语句2 } elseif {条件表达式3} { 执行语句3 } else { 执行语句4 } 注:elseif {条 ...
- 解决vs2010按ctrl+f5,调试窗口一闪而过的方法
vs2010调试按F5与按Ctrl+F5有什么区别 Ctrl F5测试运行后不自动推出控制台,直接按F5会自动退出去 解决vs2010按ctrl+f5,调试窗口一闪而过的方法 http://hi.ba ...
- USB安装ESXi出错,menu.c32 not a com32r image
USB安装EXSi出错,menu.c32 not a com32r image 不能进入安装界面. 提供提取的menu.c32 下载下来覆盖U盘根目录源文件 EXSi6.7测试可以用 文件csdn下载 ...
- springboot:redis反序列化发生类型转换错误
明明是同一个类,在反序列时报类型转换错误,真实奇怪.经查找资料,说是引入了devtools的缘故. 注释掉以下内容: <dependency> <groupId>org.spr ...
- Java 8 stream 经典示例
package org.study2.java8.stream; import org.junit.Test; import java.util.*; import java.util.stream. ...
- [LeetCode] 270. Closest Binary Search Tree Value 最近的二叉搜索树的值
Given a non-empty binary search tree and a target value, find the value in the BST that is closest t ...
- java开发异常Exception集锦
背景:整理开发过程中的异常问题 java.lang.Exception: No tests found matching 一般出现在新导入的工程中.在sts中通过open project的方式导入工程 ...
- 微服务架构下使用Spring Cloud Zuul作为网关将多个微服务整合到一个Swagger服务上
注意: 如果你正在研究微服务,那必然少不了服务之间的相互调用,哪么服务之间的接口以及api就必须生成系统的管理文档了.如果你希望更好的管理你的API,你希望有一个工具能一站式地解决API相关的所有事情 ...
- QT QML与C++混搭
"那些杀不死我的必使我更加强大"----尼采 QML与C++混合编程就是使用QML高效便捷地构建UI,而C++则用来实现业务逻辑和复杂算法. ML访问C++Qt集成了QML引擎和Q ...
- PHP计算两个坐标之间的距离
<?php /** * 计算两点之间的距离 * @param $lng1 经度1 * @param $lat1 纬度1 * @param $lng2 经度2 * @param $lat2 纬度2 ...