preface
Recently, I have been learning how to use K8S to build NACOS service and how to use it. I will record it and share it with you.
The preparatory work
- K8S: I use Ali Cloud ACK(Ali’s K8S service).
- Nacos-group /nacos-k8s/nacos-no-pvc-ingress.yaml/nacos-group/nacos-k8s/nacos-no-pvc-ingress.yaml/nacos-group/nacos-k8s/nacos-no-pvc-ingress.yaml/nacos-group/nacos-k8s/nacos-no-pvc-ingress.yaml
Begin to build
First let’s look at the file nacos-no-pcc-ingress.yaml
### Use your own database; ### API version: v1 kind: Service metadata: name: nacos-headless label: app: nacos-headless spec: APIVersion: v1 kind: Service metadata: name: nacos-headless label: app: nacos-headless spec: APIVersion: v1 kind: Service metadata: name: nacos-headless label: app: nacos-headless spec: type: ClusterIP clusterIP: None ports: - port: 8848 name: server targetPort: 8848 - port: 9848 name: Client-RPC targetPort: 9848 -Port: 9849 Name: Raft-RPC targetPort: 9849 ## Compliant with 1.4.x version of the election port -Port: 7848 Name: old-raft-rpc targetPort: 7848 selector: app: nacos --- apiVersion: v1 kind: ConfigMap metadata: name: nacos-cm data: MySQL. Host: "10.127.1.12" MySQL. Db. Name: "nacos_devtest" MySQL. Port: "3306" MySQL. User: "nacos" MySQL. "passwd" --- apiVersion: apps/v1 kind: StatefulSet metadata: name: nacos spec: serviceName: nacos-headless replicas: 3 template: metadata: labels: app: nacos annotations: pod.alpha.kubernetes.io/initialized: "true" spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: "app" operator: In values: - nacos topologyKey: "kubernetes.io/hostname" containers: - name: k8snacos imagePullPolicy: Always image: nacos/nacos-server:latest resources: requests: memory: "2Gi" cpu: "500m" ports: - containerPort: 8848 name: client - containerPort: 9848 name: client-rpc - containerPort: 9849 name: raft-rpc - containerPort: 7848 name: old-raft-rpc env: - name: NACOS_REPLICAS value: "3" - name: MYSQL_SERVICE_HOST valueFrom: configMapKeyRef: name: nacos-cm key: mysql.host - name: MYSQL_SERVICE_DB_NAME valueFrom: configMapKeyRef: name: nacos-cm key: mysql.db.name - name: MYSQL_SERVICE_PORT valueFrom: configMapKeyRef: name: nacos-cm key: mysql.port - name: MYSQL_SERVICE_USER valueFrom: configMapKeyRef: name: nacos-cm key: mysql.user - name: MYSQL_SERVICE_PASSWORD valueFrom: configMapKeyRef: name: nacos-cm key: mysql.password - name: MODE value: "cluster" - name: NACOS_SERVER_PORT value: "8848" - name: PREFER_HOST_MODE value: "hostname" - name: NACOS_SERVERS value: "nacos-0.nacos-headless.default.svc.cluster.local:8848 nacos-1.nacos-headless.default.svc.cluster.local:8848 nacos-2.nacos-headless.default.svc.cluster.local:8848" selector: matchLabels: app: nacos --- # ------------------- App Ingress ------------------- # apiVersion: extensions/v1beta1 kind: Ingress metadata: name: nacos-headless namespace: default spec: rules: - host: nacos-web.nacos-demo.com http: paths: - path: / backend: serviceName: nacos-headless servicePort: server
Then we changed the above configuration file to be our own.
- 1. Ingress supports HTTPS, but the process of applying for a free HTTPS certificate with cert-manager is as follows:
- Deploy cert – manager
- Create ClusterIssuer
- Create the Ingress resource object
- 2, Ingress configuration HTTP automatically jump to HTTPS, using
nginx.ingress.kubernetes.io/force-ssl-redirect: 'true'
annotations - Mysql > configMap (configMap)
- StatefulSet will have at least 2 replicas in cluster mode, otherwise it will not work
- 5. StatefulSet sets memory, CPU and mode
Memory, CPU:
- name: k8snacos
imagePullPolicy: Always
image: nacos/nacos-server:latest
resources:
requests:
memory: "256Mi"
cpu: "250m"
Mode:
-name: MODE #, value: "standalone" #, value: "cluster" value: "cluster"
Nothing else needs to be changed, as follows:
# reference: / Users/zhangwei/Development/com. Making/nacos - k8s/deploy/nacos/nacos - no - PVC - ingress. Yaml apiVersion: extensions/v1beta1 kind: Ingress metadata: name: nacos-headless namespace: default annotations: Kubernetes. IO/ingress. Class: nginx # add cert - manager. IO/cluster - issuer annotation cert - manager. IO/cluster - issuer: "letsencrypt-prod-http01" nginx.ingress.kubernetes.io/service-weight: 'nginx. Ingress. Kubernetes. IO/force - SSL - redirect:' true 'spec: add SSL certificate # TLS: - hosts: # Replace your domain name with -baidu.com secretName: server-seaurl-tls rules: -host: demo.nacos.com HTTP: paths: -path: /nacos backend: serviceName: nacos-headless servicePort: server --- apiVersion: v1 kind: Service metadata: name: nacos-headless labels: app: nacos-headless spec: type: ClusterIP # headless service clusterIP: None ports: - port: 8848 name: server targetPort: 8848 - port: 9848 name: client-rpc targetPort: 9848 - port: 9849 name: raft-rpc targetPort: Name: old-raft-rpc targetPort: 7848 Selector: app: nacos -- apiVersion: v1 kind: ConfigMap metadata: name: nacos-cm data: mysql.host: "your-aliyun-rds-host" mysql.db.name: "nacos" mysql.port: "3306" mysql.user: "username" mysql.password: "password" --- apiVersion: apps/v1 kind: StatefulSet metadata: name: Nacos class: serviceName: nacos-headless # Replicas: 3 template: metadata: Labels: app: nacos annotations: pod.alpha.kubernetes.io/initialized: "true" spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: "app" operator: In values: - nacos topologyKey: "kubernetes.io/hostname" containers: - name: k8snacos imagePullPolicy: Always image: nacos/nacos-server:latest resources: requests: memory: "256Mi" cpu: "250m" ports: - containerPort: 8848 name: client - containerPort: 9848 name: client-rpc - containerPort: 9849 name: raft-rpc - containerPort: 7848 name: Old-raft-rpc env: -name: NACOS_REPLICAS # set to 1 in single mode, 3 in cluster mode value: "3" -name: ValueFrom: configMapKeyRef: name: nacos-cm key: mysql. host-name: mysql. host-name: mysql. host-name MYSQL_SERVICE_DB_NAME valueFrom: configMapKeyRef: name: nacos-cm key: mysql.db.name - name: MYSQL_SERVICE_PORT valueFrom: configMapKeyRef: name: nacos-cm key: mysql.port - name: MYSQL_SERVICE_USER valueFrom: configMapKeyRef: name: nacos-cm key: mysql.user - name: MYSQL_SERVICE_PASSWORD valueFrom: configMapKeyRef: name: nacos-cm key: mysql.password - name: NACOS_SERVER_PORT value: "8848" - name: NACOS_APPLICATION_PORT value: "8848" - name: PREFER_HOST_MODE value: "hostname" - name: Nacos_Servers # Set the stand-alone mode to nacos-0.xxxx. For cluster mode, add: nacos-1.xxxx and nacos-2.xxxxx value: "nacos-0.nacos-headless.default.svc.cluster.local:8848 nacos-1.nacos-headless.default.svc.cluster.local:8848 Nacos - 2. Nacos - headless. Default. SVC. Cluster. The local: 8848 "- the name: MODE # standalone deployment, value:" standalone "# cluster deployment, value: "cluster" value: "cluster" selector: matchLabels: app: nacos
Then execute the command to create the NaCos service:
kubectl apply -f nacos.yaml
Check the command to see if it was successful
kubectl get StatefulSet
kubectl get ingress
kubectl get svc
kubectl get pod
From the figure, we can see that the deployment of NaCos service is successful. Let’s visit:
conclusion
1. First of all, let’s understand what Service headless is, which is type: ClusterIP and ClusterIP: Nacos-headless: None of the DNS services, so you can only access your Service via DNS
Matters needing attention
1. If there is a problem with only one copy in cluster mode, at least two replicas
———— 2021-7-5 update is available
Deployment good after, I found that the local development environment can’t start the micro service registry ingress nacos domain name: https://demo.nacos.com/nacos. Ingress does not need to configure path: /nacos. Instead, it should use path: /, probably because you added/nacos, then also added a nacos k8s to find, turned out to be https://demo.nacos.com/nacos/nacos (I guess), so the final ingress should be:
apiVersion: extensions/v1beta1 kind: Ingress metadata: name: nacos-headless namespace: default annotations: Kubernetes. IO/ingress. Class: nginx # add cert - manager. IO/cluster - issuer annotation cert - manager. IO/cluster - issuer: "letsencrypt-prod-http01" nginx.ingress.kubernetes.io/service-weight: 'nginx. Ingress. Kubernetes. IO/force - SSL - redirect:' true 'spec: add SSL certificate # TLS: - hosts: # Replace your domain name with -baidu.com secretName: server-seaurl-tls rules: -host: demo.nacos.com HTTP: paths: -path: / backend: serviceName: nacos-headless servicePort: server
To summarize, the local development environment dev is accessed by using the domain name https://demo.nacos.com, while the test environment test is accessed by using the microservices deployed by K8S, such as gateways, which can only be accessed by using the service address exposed by K8S DNS, such as: http://nacos-headless.default.svc.cluster.local:8848, remember! Different environments use different nacos addresses!!
reference
K8S Deploy Nacos Microservice K8S Deploy Nacos Single Node Error Server is DOWN now, please try again later! To solve the problem of using DNS and Headless Service in Kubernetes to discover the running POD K8S container choreography