官网有Helm方式的安装文档(https://www.consul.io/docs/platform/k8s/index.html)

一,准备工作:

1,k8s环境

2,nfs服务器

二,创建PV

nfs_pv.yaml

apiVersion: v1
kind: PersistentVolume
metadata:
name: kingsun.nfs1
spec:
capacity:
storage: 1Gi
accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Recycle
storageClassName: nfs
nfs:
path: /mnt/nfsdata
server: 196.1.210.140 ---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kingsun.nfs2
spec:
capacity:
storage: 1Gi
accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Recycle
storageClassName: nfs
nfs:
path: /mnt/nfsdata
server: 196.1.210.140
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kingsun.nfs3
spec:
capacity:
storage: 1Gi
accessModes: ["ReadWriteMany","ReadWriteOnce","ReadOnlyMany"]
persistentVolumeReclaimPolicy: Recycle
storageClassName: nfs
nfs:
path: /mnt/nfsdata
server: 196.1.210.140

执行:kubectl apply -f nfs_pv.yaml 创建pv(PersistentVolume)

三,将Consul使用端口通过Service暴露

PortService.yaml

apiVersion: v1
kind: Service
metadata:
name: consul
labels:
name: consul
spec:
type: ClusterIP
clusterIP: None
ports:
- name: http
port: 8500
targetPort: 8500
- name: https
port: 8443
targetPort: 8443
- name: rpc
port: 8400
targetPort: 8400
- name: serflan-tcp
protocol: "TCP"
port: 8301
targetPort: 8301
- name: serflan-udp
protocol: "UDP"
port: 8301
targetPort: 8301
- name: serfwan-tcp
protocol: "TCP"
port: 8302
targetPort: 8302
- name: serfwan-udp
protocol: "UDP"
port: 8302
targetPort: 8302
- name: server
port: 8300
targetPort: 8300
- name: consuldns
port: 8600
targetPort: 8600
selector:
app: consul

四,编辑ACL配置文件并保存到K8S ConfigMap

Acl.json

{"acl":{
"enabled":true,
"default_policy":"deny",
"enable_token_persistence":true,
"tokens":{
"master":"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c",
"agent":"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c"
}
}}

执行:kubectl create configmap --from-file Acl.json

查看configmap:kubectl get configmap -o yaml

PS G:\KingSun\Consul\Yaml> kubectl get configmap -o yaml
apiVersion: v1
items:
- apiVersion: v1
data:
Acl.json: "{\"acl\":{\r\n \"enabled\":true,\r\n \"default_policy\":\"deny\",\r\n
\"enable_token_persistence\":true,\r\n \"tokens\":{\r\n \"master\":\"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c\",\r\n
\ \"agent\":\"8dc1eb67-1f5f-4e10-ad9d-5e58b047647c\"\r\n }\r\n}}"
kind: ConfigMap
metadata:
creationTimestamp: "2019-12-03T08:21:22Z"
name: consul-acl-config
namespace: default
resourceVersion: "771714"
selfLink: /api/v1/namespaces/default/configmaps/consul-acl-config
uid: 57507410-e0a2-4979-9c8b-731fe9dc62b8
kind: List
metadata:
resourceVersion: ""
selfLink: ""

五,编辑StateFulSet配置文件创建pod

StateFulSet.yaml

apiVersion: apps/v1
kind: StatefulSet
metadata:
name: consul
spec:
selector:
matchLabels:
app: consul
serviceName: consul
replicas: 1
template:
metadata:
labels:
app: consul
spec:
#affinity:
# podAntiAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# - labelSelector:
# matchExpressions:
# - key: app
# operator: In
# values:
# - consul
# topologyKey: kubernetes.io/hostname
terminationGracePeriodSeconds: 10
volumes:
- name: config
configMap:
name: consul-acl-config
containers:
- name: consul
image: consul:latest
volumeMounts:
- name: config
mountPath: /consul/config
- name: data
mountPath: /consul/data
command:
- "/bin/sh"
- "-ec"
- |
exec /bin/consul agent \
-server \
-ui \
-advertise="$(PODIP)" \
-bind=0.0.0.0 \
-client=0.0.0.0 \
-bootstrap-expect=1 \
-data-dir=/consul/data \
-domain=cluster.local \
-retry-join=consul-0.consul.$(NAMESPACE).svc.cluster.local \
-disable-host-node-id \
-datacenter=ks \
-config-file=/consul/config/Acl.json
env:
- name: PODIP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: 8500
name: ui-port
- containerPort: 8400
name: alt-port
- containerPort: 53
name: udp-port
- containerPort: 8443
name: https-port
- containerPort: 8080
name: http-port
- containerPort: 8301
name: serflan
- containerPort: 8302
name: serfwan
- containerPort: 8600
name: consuldns
- containerPort: 8300
name: server
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi
storageClassName: nfs

执行:kubectl apply -f StateFulSet.yaml

查看consul pod日志:kubectl logs consul-0

查看StateFulSet启动日志:kubectl describe StateFulSet consul

六,通过NodePort Service暴露consul ui

UiService.yaml

apiVersion: v1
kind: Service
metadata:
name: consul-ui
labels:
app: consul
spec:
selector:
app: consul
ports:
- name: consul-port
protocol: TCP
port: 80
nodePort: 32000
targetPort: 8500
type: NodePort

七,打开ui

先点击"acl"输入Acl.json中定义的master_token

K8S conul部署的更多相关文章

  1. 持续集成之应用k8s自动部署

    持续集成之应用k8s自动部署 Intro 上次我们提到了docker容器化及自动化部署,这仅仅适合个人项目或者开发环境部署,如果要部署到生产环境,必然就需要考虑很多因素,比如访问量大了如何调整部署,如 ...

  2. k8s二进制部署

    k8s二进制部署 1.环境准备 主机名 ip地址 角色 k8s-master01 10.0.0.10 master k8s-master02 10.0.0.11 master k8s-node01 1 ...

  3. Prometheus K8S中部署Alertmanager

    Prometheus K8S中部署Alertmanager 设置告警和通知的主要步骤如下:一.部署Alertmanager二.配置Prometheus与Alertmanager通信三.配置告警 1. ...

  4. K8S CoreDNS部署失败,发现的一个问题

    K8S CoreDNS部署失败,查看错误日志,提示如下 root >> kubectl get all --all-namespaces -o wide root >> kub ...

  5. Kubernetes之在k8s中部署Java应用

    部署好了k8s以后 部署参考https://www.cnblogs.com/minseo/p/12055731.html 怎么在k8s部署应用 项目迁移到k8s平台是怎样的流程 1,制作镜像 2,控制 ...

  6. kubernetes之三 使用kubectl在k8s上部署应用

    在上一篇中,我们学习了使用minikube来搭建k8s集群.k8s集群启动后,就可以在上面部署应用了.本篇,我们就来学习如何使用kubectl在k8s上部署应用. 学习之前,可以先从下面这篇博客上了解 ...

  7. Docker & k8s 系列三:在k8s中部署单个服务实例

    本章将会讲解: pod的概念,以及如何向k8s中部署一个单体应用实例. 在上面的篇幅中,我们了解了docker,并制作.运行了docker镜像,然后将镜像发布至中央仓库了.然后又搭建了本机的k8s环境 ...

  8. 在k8s上部署日志系统elfk

    日志系统elfk 前言 经过上周的技术预研,在本周一通过开会研究,根据公司的现有业务流量和技术栈,决定选择的日志系统方案为:elasticsearch(es)+logstash(lo)+filebea ...

  9. 优化:在k8s上部署的gitlab

    gitlab组件图 gitlab在k8s上占用资源 # kubectl top pods -n default | grep git* gitlab-gitaly-0 9m 444Mi gitlab- ...

随机推荐

  1. python 判断一个字符串组合后,是否在另一个字符串中

    code #coding=utf- def getdic(s): dic = {} for i in s: if (i not in dic): dic[i] = else: dic[i] += re ...

  2. VLAD算法浅析, BOF、FV比较

    划重点 ================================================= BOF.FV.VLAD等算法都是基于特征描述算子的特征编码算法,关于特征描述算子是以SIFT ...

  3. Kafka(四) —— KafkaProducer源码阅读

    一.doSend()方法 Kafka中的每一条消息都对应一个ProducerRecord对象. public class ProducerRecord<K, V> { private fi ...

  4. 安装OpenStack Queens版本的教程推荐

    为了加深对OpenStack的理解,需要自己分模块安装一次,之前都是用devstack安装,傻瓜式安装虽然方便,但是也减少了我对OpenStack理解的深度. 本人参考如下文档安装成功过 http:/ ...

  5. 银联高校极客挑战赛第一场 A.码队女朋友的王者之路[水题]

    目录 题目地址 题干 代码和解释 题目地址 计蒜客回顾比赛 码队女朋友的王者之路 题干 代码和解释 本题难度不大,但是一开始没有读懂题,以为净胜场次是确定的,没有"最高净胜场次"的 ...

  6. 退出状态、测试(test or [])、操作符、[]与[[]]区别

    一.退出状态 系统每执行一个命令,都会返回一个退出状态,若返回退出状态为0,表示命令执行成功, 若返回退出状态不为0,表示命令执行有错误. echo  $? 可以打印出退出状态. 例如:ls echo ...

  7. 生成Nginx服务器SSL证书和客户端证书

    Nginx服务器SSL证书 生成pass key 下面的命令用于生成一个2048bit的pass key, -passout pass:111111 用于避免交互式输入密码 [tomcat@a02 t ...

  8. android -------- RSA加密解密算法

    RSA加密算法是一种非对称加密算法.在公开密钥加密和电子商业中RSA被广泛使用 RSA公开密钥密码体制.所谓的公开密钥密码体制就是使用不同的加密密钥与解密密钥,是一种“由已知加密密钥推导出解密密钥在计 ...

  9. AnnotatedElementUtils.findMergedAnnotation作用

    // 在element上查询annotationType类型注解 // 将查询出的多个annotationType类型注解属性合并到查询的第一个注解中 // # 多个相同注解合并 org.spring ...

  10. cesharp 完美支持flash

    直接上代码: cefSettings.CefCommandLineArgs.Add("enable-npapi", "1"); //cefSettings.Ce ...