k8s搭建consul集群
本文主要通过k8s集群搭建Consul集群
满足条件:
1. 有一个部署好的k8s集群
2. 集群内部支持DNS服务
3.最好对consul及配置有相应的了解
consul学习参考文章:https://blog.csdn.net/skh2015java/article/details/108853881
部署
1. 部署一个Service
# consul-server-service.yaml
apiVersion: v1
kind: Service
metadata:
name: consul-server
labels:
name: consul-server
spec:
selector:
name: consul-server
ports:
- name: http
port: 8500
targetPort: 8500
- name: https
port: 8443
targetPort: 8443
- name: rpc
port: 8400
targetPort: 8400
- name: serf-lan-tcp
protocol: "TCP"
port: 8301
targetPort: 8301
- name: serf-lan-udp
protocol: "UDP"
port: 8301
targetPort: 8301
- name: serf-wan-tcp
protocol: "TCP"
port: 8302
targetPort: 8302
- name: serf-wan-udp
protocol: "UDP"
port: 8302
targetPort: 8302
- name: server
port: 8300
targetPort: 8300
- name: consul-dns
port: 8600
targetPort: 8600
kubect create -f consul-server-service.yaml
用于通过dns查找agent pod
2.以StatefulSet方式部署3个有状态的Consul Server
# consul-server.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: consul-server
labels:
name: consul-server
spec:
serviceName: consul-server
selector:
matchLabels:
name: consul-server
replicas: 3
template:
metadata:
labels:
name: consul-server
spec:
terminationGracePeriodSeconds: 10
containers:
- name: consul
image: consul:latest
imagePullPolicy: IfNotPresent
args:
- "agent"
- "-server"
- "-bootstrap-expect=3"
- "-ui"
- "-data-dir=/consul/data"
- "-bind=0.0.0.0"
- "-client=0.0.0.0"
- "-advertise=$(POD_IP)"
- "-retry-join=consul-server-0.consul-server.$(NAMESPACE).svc.cluster.local"
- "-retry-join=consul-server-1.consul-server.$(NAMESPACE).svc.cluster.local"
- "-retry-join=consul-server-2.consul-server.$(NAMESPACE).svc.cluster.local"
- "-domain=cluster.local"
- "-disable-host-node-id"
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: 8500
name: http
- containerPort: 8400
name: rpc
- containerPort: 8443
name: https-port
- containerPort: 8301
name: serf-lan
- containerPort: 8302
name: serf-wan
- containerPort: 8600
name: consul-dns
- containerPort: 8300
name: server
kubect create -f consul-server.yaml
3个consul server正常运行
3.对外NodePort方式对外暴露服务端口
# consul-server-http.yaml
apiVersion: v1
kind: Service
metadata:
name: consul-server-http
spec:
selector:
name: consul-server
type: NodePort
ports:
- protocol: TCP
port: 8500
targetPort: 8500
nodePort: 30098
name: consul-server-tcp
kubectl create -f consul-server-http.yaml
对外暴露节点端口是30098
通过控制台访问
consul-server-0是leader节点,共有3个Server节点
4.以daemonSet方式在工作节点上部署client
#consul-client.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: consul-client
labels:
name: consul-client
spec:
selector:
matchLabels:
name: consul-client
template:
metadata:
labels:
name: consul-client
spec:
containers:
- name: consul
image: consul:latest
imagePullPolicy: IfNotPresent
args:
- "agent"
- "-data-dir=/consul/data"
- "-bind=0.0.0.0"
- "-client=0.0.0.0"
- "-advertise=$(POD_IP)"
- "-retry-join=consul-server-0.consul-server.$(NAMESPACE).svc.cluster.local"
- "-retry-join=consul-server-1.consul-server.$(NAMESPACE).svc.cluster.local"
- "-retry-join=consul-server-2.consul-server.$(NAMESPACE).svc.cluster.local"
- "-domain=cluster.local"
- "-disable-host-node-id"
env:
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
lifecycle:
postStart:
exec:
command:
- /bin/sh
- -c
- consul reload
preStop:
exec:
command:
- /bin/sh
- -c
- consul leave
volumeMounts:
- name: consul-data-dir
mountPath: /consul/data
ports:
- containerPort: 8500
hostPort: 8500
name: http
- containerPort: 8400
name: rpc
- containerPort: 8443
name: https
- containerPort: 8301
name: serf-lan
- containerPort: 8302
name: serf-wan
- containerPort: 8600
name: consul
- containerPort: 8300
name: server
volumes:
- name: consul-data-dir
hostPath:
path: /Users/xuan/desktop/consul/data
type: DirectoryOrCreate
kubectl create -f consul-client.yaml
创建client
通过控制台可以看到有两个client加入了集群
整个Consul集群已经搭建完成