這篇文章主要講解了“如何使用Rancher在Kubernetes上部署EMQ X集群”����,文中的講解內(nèi)容簡(jiǎn)單清晰�,易于學(xué)習(xí)與理解��,下面請(qǐng)大家跟著小編的思路慢慢深入,一起來(lái)研究和學(xué)習(xí)“如何使用Rancher在Kubernetes上部署EMQ X集群”吧!
成都創(chuàng)新互聯(lián)公司于2013年開始�,是專業(yè)互聯(lián)網(wǎng)技術(shù)服務(wù)公司,擁有項(xiàng)目成都網(wǎng)站設(shè)計(jì)�����、成都網(wǎng)站建設(shè)網(wǎng)站策劃��,項(xiàng)目實(shí)施與項(xiàng)目整合能力�����。我們以讓每一個(gè)夢(mèng)想脫穎而出為使命����,1280元漯河做網(wǎng)站,已為上家服務(wù),為漯河各地企業(yè)和個(gè)人服務(wù),聯(lián)系電話:13518219792
實(shí)驗(yàn)環(huán)境:
公有云環(huán)境:AWS EC2
操作系統(tǒng):ubuntu 16.04
Docker version:18.09.0
通過(guò)Rancher部署kubernetes集群
Rancher的安裝以及部署kubernetes集群的步驟推薦直接按照快速入門執(zhí)行����。
創(chuàng)建Rancher Api密鑰
EMQ X通過(guò)訪問(wèn)kube-apiserver來(lái)實(shí)現(xiàn)自動(dòng)集群功能,在Rancher中���,Rancher對(duì)kube-apiserver做了一層代理����,在訪問(wèn)kube-apiserver的時(shí)候必須提供用于向Rancher進(jìn)行身份驗(yàn)證的API密鑰。參考用戶手冊(cè)創(chuàng)建并保存API Key�����。本實(shí)驗(yàn)中創(chuàng)建的Access Key為:token-dksbl�,Secret Key為:pshhhf5cp8d5v5x7bzjdm82qfrwgx7f2bzksnr748j42xmbvvklbdz,組合成的Token為:token-dksbl:pshhhf5cp8d5v5x7bzjdm82qfrwgx7f2bzksnr748j42xmbvvklbdz
下載并配置kubectl
下載并安裝kubectl
進(jìn)入Rancher集群頁(yè)面�����,點(diǎn)擊Kubeconfig文件�。
將kubeconfig文件保存到~/.kube/config
執(zhí)行kubectl cluster-info驗(yàn)證配置是否成功
$ kubectl cluster-infoKubernetes master is running at https://13.125.244.172/k8s/clusters/c-vvgjq
KubeDNS is running at https://13.125.244.172/k8s/clusters/c-vvgjq/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
訪問(wèn)kube-apiserver
EMQ X通過(guò)訪問(wèn)kube-apiserver來(lái)實(shí)現(xiàn)自動(dòng)集群,kube-apiserver的地址可以查看~/.ssh/config文件或者執(zhí)行kubectl cluster-info獲取�����,本實(shí)驗(yàn)中kube-apiserver的地址為:https://13.125.244.172/k8s/clusters/c-vvgjq����。
直接訪問(wèn)kube-apiserver,可以看到會(huì)報(bào)錯(cuò)需要認(rèn)證�����。
$ curl -k https://13.125.244.172/k8s/clusters/c-vvgjq{"type":"error","status":"401","message":"must authenticate"}在頭部加上Authorization認(rèn)證則可以正常訪問(wèn)
$ curl -k -H 'Authorization: Bearer token-dksbl:pshhhf5cp8d5v5x7bzjdm82qfrwgx7f2bzksnr748j42xmbvvklbdz' https://13.125.244.172/k8s/clusters/c-vvgjq
編輯emqx.yaml
在Kubernetes 上安裝 EMQ X 系列文章之二 :EMQ X 自動(dòng)集群一文中分享了EMQ X部署kubernetes集群的yaml文件如下��,在Rancher上部署EMQ X集群的話需要稍加改動(dòng)。
$cat emqx.yaml
apiVersion: v1
kind: Service
metadata:
name: emqx
spec:
ports:
- port: 32333
nodePort: 32333
targetPort: emqx-dashboard
protocol: TCP
selector:
app: emqx
type: NodePort
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: emqx
labels:
app: emqx
spec:
replicas: 2
template:
metadata:
labels:
app: emqx
spec:
containers:
- name: emqx
image: emqx/emqx:latest
ports:
- name: emqx-dashboard
containerPort: 18083
env:
- name: EMQX_CLUSTER__DISCOVERY
value: k8s
- name: EMQX_NAME
value: emqx
- name: EMQX_CLUSTER__K8S__APISERVER
value: http://172.31.19.161:8080
- name: EMQX_CLUSTER__K8S__NAMESPACE
value: default
- name: EMQX_CLUSTER__K8S__SERVICE_NAME
value: emqx
- name: EMQX_CLUSTER__K8S__ADDRESS_TYPE
value: ip
- name: EMQX_CLUSTER__K8S__APP_NAME
value: emqx
tty: true
EMQ X可以讀取/var/run/secrets/kubernetes.io/serviceaccount/token文件中的內(nèi)容組合Authorization認(rèn)證訪問(wèn)kube-apiserver�����,所以只需要把Rancher的API Token通過(guò)Secret掛載到容器中就可以了�����。
Secret解決了密碼�����、token�����、密鑰等敏感數(shù)據(jù)的配置問(wèn)題����,而不需要把這些敏感數(shù)據(jù)暴露到鏡像或者Pod Spec中����。Secret可以以Volume或者環(huán)境變量的方式使用。
Secret有三種類型:
Service Account:用來(lái)訪問(wèn)Kubernetes API��,由Kubernetes自動(dòng)創(chuàng)建,并且會(huì)自動(dòng)掛載到Pod的/run/secrets/kubernetes.io/serviceaccount目錄中�����;
Opaque:base64編碼格式的Secret��,用來(lái)存儲(chǔ)密碼���、密鑰等��;
kubernetes.io/dockerconfigjson:用來(lái)存儲(chǔ)私有docker registry的認(rèn)證信息����。
首先對(duì)API Token做base64編碼
$ echo -n token-dksbl:pshhhf5cp8d5v5x7bzjdm82qfrwgx7f2bzksnr748j42xmbvvklbdz | base64 -w 0dG9rZW4tZGtzYmw6cHNoaGhmNWNwOGQ1djV4N2J6amRtODJxZnJ3Z3g3ZjJiemtzbnI3NDhqNDJ4bWJ2dmtsYmR6
在yaml文件中創(chuàng)建Secret
$vim emqx.yamlapiVersion: v1
kind: Secret
metadata:
name: emqx-secret
type: Opaque
data:
token: dG9rZW4tcGI2MjU6eDZ2eGJ0Y2NmdG1waGpseHR3NGNjdGN2d2txdzk5aDJzYmhxNHFtaDh5c2ZnbXd6dzJ0d2Rw
---
......
修改Deployment�,將環(huán)境變量中的EMQX_CLUSTER__K8S__APISERVER改為Rancher的Kube-apiserver的地址,增加volumeMounts
$vim emqx.yaml......
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: emqx
labels:
app: emqx
spec:
replicas: 2
template:
metadata:
labels:
app: emqx
spec:
volumes:
- name: emqx-secret
secret:
secretName: emqx-secret
containers:
- name: emqx
image: emqx/emqx:latest
ports:
- name: emqx-dashboard
containerPort: 18083
- name: emqx-http
containerPort: 8083
- name: emqx-mqtt
containerPort: 1883
env:
- name: EMQX_CLUSTER__DISCOVERY
value: k8s
- name: EMQX_NAME
value: emqx
- name: EMQX_CLUSTER__K8S__APISERVER
value: https://13.125.244.172/k8s/clusters/c-vvgjq
- name: EMQX_CLUSTER__K8S__NAMESPACE
value: default
- name: EMQX_CLUSTER__K8S__SERVICE_NAME
value: emqx
- name: EMQX_CLUSTER__K8S__ADDRESS_TYPE
value: ip
- name: EMQX_CLUSTER__K8S__APP_NAME
value: emqx
tty: true
volumeMounts:
- name: emqx-secret
mountPath: "/var/run/secrets/kubernetes.io/serviceaccount"
readOnly: true
部署EMQ X
查看修改后的emqx.yaml
$cat emqx.yamlapiVersion: v1
kind: Secret
metadata:
name: emqx-secret
type: Opaque
data:
token: dG9rZW4tcGI2MjU6eDZ2eGJ0Y2NmdG1waGpseHR3NGNjdGN2d2txdzk5aDJzYmhxNHFtaDh5c2ZnbXd6dzJ0d2Rw
---
apiVersion: v1
kind: Service
metadata:
name: emqx
spec:
ports:
- port: 32333
nodePort: 32333
targetPort: emqx-dashboard
protocol: TCP
selector:
app: emqx
type: NodePort
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: emqx
labels:
app: emqx
spec:
replicas: 2
template:
metadata:
labels:
app: emqx
spec:
volumes:
- name: emqx-secret
secret:
secretName: emqx-secret
containers:
- name: emqx
image: emqx/emqx:latest
ports:
- name: emqx-dashboard
containerPort: 18083
- name: emqx-http
containerPort: 8083
- name: emqx-mqtt
containerPort: 1883
env:
- name: EMQX_CLUSTER__DISCOVERY
value: k8s
- name: EMQX_NAME
value: emqx
- name: EMQX_CLUSTER__K8S__APISERVER
value: https://13.125.244.172/k8s/clusters/c-vvgjq
- name: EMQX_CLUSTER__K8S__NAMESPACE
value: default
- name: EMQX_CLUSTER__K8S__SERVICE_NAME
value: emqx
- name: EMQX_CLUSTER__K8S__ADDRESS_TYPE
value: ip
- name: EMQX_CLUSTER__K8S__APP_NAME
value: emqx
tty: true
volumeMounts:
- name: emqx-secret
mountPath: "/var/run/secrets/kubernetes.io/serviceaccount"
readOnly: true
部署EMQ X
$ kubectl create -f emqx.yamlsecret/emqx-secret created
service/emqx created
deployment.extensions/emqx created
查看狀態(tài)
$ kubectl get podsNAME READY STATUS RESTARTS AGE
emqx-67b5fcf4d-gwzfn 1/1 Running 0 36s
emqx-67b5fcf4d-rb7m6 1/1 Running 0 36s
集群成功
$ kubectl exec emqx-67b5fcf4d-gwzfn /opt/emqx/bin/emqx_ctl cluster statusCluster status: [{running_nodes,['emqx@10.42.1.24','emqx@10.42.2.19']}]使用Rancher Dashboard部署EMQ X(可選)
刪除剛剛部署的EMQ X
$ kubectl delete -f emqx.yamlsecret "emqx-secret" deleted
service "emqx" deleted
deployment.extensions "emqx" deleted
進(jìn)入Rancher集群工作負(fù)載頁(yè)面�,點(diǎn)擊導(dǎo)入YAML
在導(dǎo)入頁(yè)面將emqx.yaml文件的內(nèi)容復(fù)制進(jìn)去!
點(diǎn)擊導(dǎo)入,等待導(dǎo)入成功��。
感謝各位的閱讀�����,以上就是“如何使用Rancher在Kubernetes上部署EMQ X集群”的內(nèi)容了���,經(jīng)過(guò)本文的學(xué)習(xí)后��,相信大家對(duì)如何使用Rancher在Kubernetes上部署EMQ X集群這一問(wèn)題有了更深刻的體會(huì)���,具體使用情況還需要大家實(shí)踐驗(yàn)證����。這里是創(chuàng)新互聯(lián)����,小編將為大家推送更多相關(guān)知識(shí)點(diǎn)的文章,歡迎關(guān)注�����!
分享題目:如何使用Rancher在Kubernetes上部署EMQX集群
網(wǎng)站鏈接:
http://weahome.cn/article/ihpcoh.html
重慶分公司
重慶分公司
