将 Nacos 的凭据保存到 Secret
为 nacos 访问 mysql 的凭据 创建 secret。
apiVersion: v1
kind: Secret
metadata:
name: mysql-secret
namespace: tools
type: Opaque
data:
host: 127.0.0.1
port: 3306
user: temp_user
password: 123456
使用 ConfigMap 微调 Nacos 的配置
apiVersion: v1
kind: ConfigMap
metadata:
name: nacos
namespace: tools
data:
# 生产环境需要降低 Nacos 默认的 DEBUG 日志级别
nacos-logback.xml: "省略,请自行从 Nacos 的目录 /home/nacos/conf/nacos-logback.xml 拷贝下来修改"
使用 StatefulSet 创建 Nacos
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
app.kubernetes.io/name: nacos
app.kubernetes.io/component: spring-cloud
name: nacos
namespace: tools
spec:
podManagementPolicy: OrderedReady
replicas: 3
selector:
matchLabels:
app.kubernetes.io/name: nacos
app.kubernetes.io/component: spring-cloud
template:
metadata:
labels:
app.kubernetes.io/name: nacos
app.kubernetes.io/component: spring-cloud
spec:
containers:
- env:
- name: TZ
value: Asia/Shanghai
- name: MODE
value: cluster
- name: SPRING_DATASOURCE_PLATFORM
value: mysql
- name: MYSQL_SERVICE_HOST
valueFrom:
secretKeyRef:
key: host
name: mysql-secret
optional: false
- name: MYSQL_SERVICE_DB_NAME
value: nacos
- name: MYSQL_SERVICE_PORT
valueFrom:
secretKeyRef:
key: port
name: mysql-secret
optional: false
- name: MYSQL_SERVICE_USER
valueFrom:
secretKeyRef:
key: user
name: mysql-secret
optional: false
- name: MYSQL_SERVICE_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: mysql-secret
optional: false
- name: MYSQL_SERVICE_DB_PARAM
value: characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useSSL=false
- name: JVM_XMS
value: 256m
- name: JVM_XMX
value: 512m
- name: JVM_XMN
value: 256m
- name: NACOS_SERVERS
value: nacos-0.nacos.tools:8848 nacos-1.nacos.tools:8848 nacos-2.nacos.tools:8848
- name: NACOS_SERVER_PORT
value: "8848"
image: nacos/nacos-server:v2.0.4
imagePullPolicy: IfNotPresent
name: nacos
resources:
limits:
cpu: 250m
memory: 1Gi
requests:
cpu: 250m
memory: 1Gi
securityContext:
privileged: false
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /home/nacos/conf/nacos-logback.xml
name: logs
subPath: nacos-logback.xml
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: qcloudregistrykey
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 420
name: nacos
name: logs
updateStrategy:
rollingUpdate:
partition: 0
type: RollingUpdate将 Nacos 集群加入 nginx.conf
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx
namespace: tools
data:
nacos.conf: |-
upstream nacos {
server nacos-0.nacos.tools:8848;
server nacos-1.nacos.tools:8848;
server nacos-2.nacos.tools:8848;
}
server {
listen 8848;
server_name localhost;
location / {
proxy_pass http://nacos;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
add_header X-Cache $upstream_cache_status;
add_header Cache-Control no-cache;
}
}
nginx.conf: |-
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
accept_mutex on;
multi_accept on;
use epoll;
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
client_max_body_size 500m;
sendfile on;
gzip on;
keepalive_timeout 30;
include /etc/nginx/conf.d/*.conf;
}
stream {
upstream nacos-grpc-9848 {
server nacos-0.nacos.tools:9848;
server nacos-1.nacos.tools:9848;
server nacos-2.nacos.tools:9848;
}
upstream nacos-grpc-9849 {
server nacos-0.nacos.tools:9849;
server nacos-1.nacos.tools:9849;
server nacos-2.nacos.tools:9849;
}
server {
listen 9848;
proxy_connect_timeout 300s;
proxy_timeout 300s;
proxy_pass nacos-grpc-9848;
}
server {
listen 9849;
proxy_connect_timeout 300s;
proxy_timeout 300s;
proxy_pass nacos-grpc-9849;
}
}部署 Nginx 代理 Nacos 集群
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
app.kubernetes.io/name: nginx
app.kubernetes.io/component: load-balancer
name: nginx
namespace: tools
spec:
podManagementPolicy: OrderedReady
replicas: 1
selector:
matchLabels:
k8s-app: nginx
qcloud-app: nginx
template:
metadata:
labels:
app.kubernetes.io/name: nginx
app.kubernetes.io/component: load-balancer
spec:
containers:
- env:
- name: TZ
value: Asia/Shanghai
image: nginx:1.19.10
imagePullPolicy: IfNotPresent
name: nginx
resources:
limits:
cpu: 250m
memory: 512Mi
requests:
cpu: 250m
memory: 512Mi
securityContext:
privileged: false
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /etc/nginx/nginx.conf
name: nginx
subPath: nginx.conf
- mountPath: /var/log/nginx
name: logs
- mountPath: /etc/nginx/conf.d/nacos.conf
name: nginx-nacos
subPath: nacos.conf
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: qcloudregistrykey
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- configMap:
defaultMode: 420
items:
- key: nginx.conf
mode: 420
path: nginx.conf
name: nginx
name: nginx
- configMap:
defaultMode: 420
items:
- key: nacos.conf
mode: 420
path: nacos.conf
name: nginx
name: nginx-nacos
updateStrategy:
rollingUpdate:
partition: 0
type: RollingUpdate
本文由 Ivan Dong 创作,采用 知识共享署名4.0 国际许可协议进行许可
本站文章除注明转载/出处外,均为本站原创或翻译,转载前请务必署名
最后编辑时间为: Jun 13, 2023 at 10:08 am