背景:
后端程序团队筹备一波流 springcloud 架构, 配置核心用了阿里开源的 nacos。不出意外的要高一个 sentinel 做测试了 …..。做一个 demo 开始搞一下吧。
kubernetes 下面搭建 sentinel 的案例较少。看下眼还是 springcloud 全家桶的多点。阿里开源的这一套还是少点。百度或者 Google 搜寻 sentinel 根本进去的都是 redis 哨兵模式 … 有点难过。
注:搭建形式能够参照:https://blog.csdn.net/fenglailea/article/details/92436337?utm_term=k8s%E9%83%A8%E7%BD%B2Sentinel&utm_medium=distribute.pc_aggpage_search_result.none-task-blog-2~all~sobaiduweb~default-0-92436337&spm=3001.4430。
一. 搭建 sentinel-dashboard:
1. 自定义创立 sentinel-dashboard image 镜像
嗯 很天经地义了不喜爱用 docker 镜像这名词了。还是用 image 吧。下面援用的博客中 1.6.1 的版本吧?搭建跑了下犯了强迫症,最新的版本是 1.8.1 依据 foxiswho 大佬的配置文件进行批改下镜像。
vim Dockerfile
FROM openjdk:11.0.3-jdk-stretch
MAINTAINER foxiswho@gmail.com
ARG version
ARG port
# sentinel version
ENV SENTINEL_VERSION ${version:-1.8.1}
#PORT
ENV PORT ${port:-8858}
ENV JAVA_OPT=""
#
ENV PROJECT_NAME sentinel-dashboard
ENV SERVER_HOST localhost
ENV SERVER_PORT 8858
ENV USERNAME sentinel
ENV PASSWORD sentinel
# sentinel home
ENV SENTINEL_HOME /opt/
ENV SENTINEL_LOGS /opt/logs
#tme zone
RUN rm -rf /etc/localtime \
&& ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
# create logs
RUN mkdir -p ${SENTINEL_LOGS}
# get the version
#RUN cd / \
# && wget https://github.com/alibaba/Sentinel/releases/download/${SENTINEL_VERSION}/sentinel-dashboard-${SENTINEL_VERSION}.jar -O sentinel-dashboard.jar \
# && mv sentinel-dashboard.jar ${SENTINEL_HOME} \
# && chmod -R +x ${SENTINEL_HOME}/*jar
# test file
COPY sentinel-dashboard.jar ${SENTINEL_HOME}
# add scripts
COPY scripts/* /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh \
&& ln -s /usr/local/bin/docker-entrypoint.sh /opt/docker-entrypoint.sh
#
RUN chmod -R +x ${SENTINEL_HOME}/*jar
VOLUME ${SENTINEL_LOGS}
WORKDIR ${SENTINEL_HOME}
EXPOSE ${PORT} 8719
CMD java ${JAVA_OPT} -jar sentinel-dashboard.jar
ENTRYPOINT ["docker-entrypoint.sh"]
注:大佬的 Dockerfile 中 裸露的端口是 8200,因为看 sentinel 对外裸露端口都是 8518 我就把 dockerfile 批改了。而后把 https://github.com/alibaba/Sentinel/releases 下载了 1.8.1 版本的 jar 包改名为 sentinel-dashboard.jar 放在当前目录
dc 目录能够疏忽,原我的项目 copy 自 https://github.com/foxiswho/docker-sentinel
cat scripts/docker-entrypoint.sh
#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#===========================================================================================
# Java Environment Setting
#===========================================================================================
error_exit ()
{
echo "ERROR: $1 !!"
exit 1
}
[! -e "$JAVA_HOME/bin/java"] && JAVA_HOME=$HOME/jdk/java
[! -e "$JAVA_HOME/bin/java"] && JAVA_HOME=/usr/java
[! -e "$JAVA_HOME/bin/java"] && error_exit "Please set the JAVA_HOME variable in your environment, We need java(x64)!"
export JAVA_HOME
export JAVA="$JAVA_HOME/bin/java"
export BASE_DIR=$(dirname $0)/..
export CLASSPATH=.:${BASE_DIR}/conf:${CLASSPATH}
#===========================================================================================
# JVM Configuration
#===========================================================================================
# Get the max heap used by a jvm, which used all the ram available to the container.
if [-z "$MAX_POSSIBLE_HEAP"]
then
MAX_POSSIBLE_RAM_STR=$(java -XX:+UnlockExperimentalVMOptions -XX:MaxRAMFraction=1 -XshowSettings:vm -version 2>&1 | awk '/Max\. Heap Size \(Estimated\): [0-9KMG]+/{print $5}')
MAX_POSSIBLE_RAM=$MAX_POSSIBLE_RAM_STR
CAL_UNIT=${MAX_POSSIBLE_RAM_STR: -1}
if ["$CAL_UNIT" == "G" -o "$CAL_UNIT" == "g"]; then
MAX_POSSIBLE_RAM=$(echo ${MAX_POSSIBLE_RAM_STR:0:${#MAX_POSSIBLE_RAM_STR}-1} `expr 1 \* 1024 \* 1024 \* 1024` | awk '{printf"%d",$1*$2}')
elif ["$CAL_UNIT" == "M" -o "$CAL_UNIT" == "m"]; then
MAX_POSSIBLE_RAM=$(echo ${MAX_POSSIBLE_RAM_STR:0:${#MAX_POSSIBLE_RAM_STR}-1} `expr 1 \* 1024 \* 1024` | awk '{printf"%d",$1*$2}')
elif ["$CAL_UNIT" == "K" -o "$CAL_UNIT" == "k"]; then
MAX_POSSIBLE_RAM=$(echo ${MAX_POSSIBLE_RAM_STR:0:${#MAX_POSSIBLE_RAM_STR}-1} `expr 1 \* 1024` | awk '{printf"%d",$1*$2}')
fi
MAX_POSSIBLE_HEAP=$[MAX_POSSIBLE_RAM/4]
fi
# Dynamically calculate parameters, for reference.
Xms=$MAX_POSSIBLE_HEAP
Xmx=$MAX_POSSIBLE_HEAP
Xmn=$[MAX_POSSIBLE_HEAP/2]
# Set for `JAVA_OPT`.
JAVA_OPT="${JAVA_OPT} -server"
if [x"${MAX_POSSIBLE_HEAP_AUTO}" = x"auto" ];then
JAVA_OPT="${JAVA_OPT} -Xms${Xms} -Xmx${Xmx} -Xmn${Xmn}"
fi
#-XX:+UseCMSCompactAtFullCollection
#JAVA_OPT="${JAVA_OPT} -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=70 -XX:+CMSParallelRemarkEnabled -XX:SoftRefLRUPolicyMSPerMB=0 -XX:+CMSClassUnloadingEnabled -XX:SurvivorRatio=8"
#JAVA_OPT="${JAVA_OPT} -verbose:gc -Xloggc:/dev/shm/rmq_srv_gc.log -XX:+PrintGCDetails"
#JAVA_OPT="${JAVA_OPT} -XX:-OmitStackTraceInFastThrow"
#JAVA_OPT="${JAVA_OPT} -XX:-UseLargePages"
#JAVA_OPT="${JAVA_OPT} -Djava.ext.dirs=${JAVA_HOME}/jre/lib/ext:${BASE_DIR}/lib"
#JAVA_OPT="${JAVA_OPT} -Xdebug -Xrunjdwp:transport=dt_socket,address=9555,server=y,suspend=n"
JAVA_OPT="${JAVA_OPT} -Dserver.port=${PORT}"
JAVA_OPT="${JAVA_OPT} -Dcsp.sentinel.log.dir=${SENTINEL_LOGS}"
JAVA_OPT="${JAVA_OPT} -Djava.security.egd=file:/dev/./urandom"
JAVA_OPT="${JAVA_OPT} -Dproject.name=${PROJECT_NAME}"
JAVA_OPT="${JAVA_OPT} -Dcsp.sentinel.app.type=1"
JAVA_OPT="${JAVA_OPT} -Dsentinel.dashboard.auth.username=${USERNAME}"
JAVA_OPT="${JAVA_OPT} -Dsentinel.dashboard.auth.password=${PASSWORD}"
JAVA_OPT="${JAVA_OPT} -Dcsp.sentinel.dashboard.server=${SERVER_HOST:-localhost}:${SERVER_PORT:-8558}"
JAVA_OPT="${JAVA_OPT} ${JAVA_OPT_EXT}"
JAVA_OPT="${JAVA_OPT} -jar sentinel-dashboard.jar"
JAVA_OPT="${JAVA_OPT} -cp ${CLASSPATH}"
echo "JAVA_OPT============"
echo "JAVA_OPT============"
echo "JAVA_OPT============"
echo $JAVA_OPT
$JAVA ${JAVA_OPT} $@
仍然抄的大佬的启动文件。然而留神 … 大佬这里也写死了端口 8200…. 记得批改
嗯 开始 build 镜像
docker build -t ccr.ccs.tencentyun.com/xxxx/sentinel:1.8.1 .
docker push ccr.ccs.tencentyun.com/xxxx/sentinel:1.8.1
对了 我是不是能够用 crictl 命令操作一下?crictl ctr 不反对 build…….. 后续是不是能够思考用
buildkit 构建镜像?
2. 在 kubernetes 集群中部署 sentinel
在 Kubernetes 1.20.5 搭建 nacos 中建设了 nacos namespace. sentinel 也部署在 sentinel 命名空间了没有做太多的简单配置。这边都是简略跑起来的 demo,先跑通流程
1. 部署 configmap
cat config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: sentinel-cm
data:
sentinel.server.host: "sentinel"
sentinel.server.port: "8858"
sentinel.dashboard.auth.username: "sentinel111111"
sentinel.dashboard.auth.password: "W3$ti$aifffdfGEqjf.xOkZ"
注:这里的 sentinel.server.host 我这里间接写的是服务名,还没有呈现什么异样启动了。失常是不是该输出一个 fqdn? sentinel.nacos.svc.cluster.local 这样的呢?(当然了 我的 domain 不是 cluster.local).
kubectl apply -f config.yaml -n nacos
2 部署 sentinel statefulset
cat pod.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: sentinel
labels:
app: sentinel
spec:
serviceName: sentinel
replicas: 1
selector:
matchLabels:
app: sentinel
template:
metadata:
labels:
app: sentinel
spec:
containers:
- name: sentinel
image: ccr.ccs.tencentyun.com/XXXX/sentinel:1.8.1
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 450m
memory: 1024Mi
requests:
cpu: 400m
memory: 1024Mi
env:
- name: TZ
value: Asia/Shanghai
- name: JAVA_OPT_EXT
value: "-Dserver.servlet.session.timeout=7200"
- name: SERVER_HOST
valueFrom:
configMapKeyRef:
name: sentinel-cm
key: sentinel.server.host
- name: SERVER_PORT
valueFrom:
configMapKeyRef:
name: sentinel-cm
key: sentinel.server.port
- name: USERNAME
valueFrom:
configMapKeyRef:
name: sentinel-cm
key: sentinel.dashboard.auth.username
- name: PASSWORD
valueFrom:
configMapKeyRef:
name: sentinel-cm
key: sentinel.dashboard.auth.password
ports:
- containerPort: 8858
- containerPort: 8719
volumeMounts:
- name: vol-log
mountPath: /opt/logs
volumes:
- name: vol-log
hostPath:
path: /www/k8s/foxdev/sentinel/logs
type: Directory
kubectl apply -f pod.yaml -n nacos
留神:偷懒了 volumes 挂载不想搞了原本就是测试的 在三个 work 节点都搞了 /www/k8s/foxdev/sentinel/logs 目录. 间接复制 foxiswho 的配置了根本。
3. 部署 service 服务
cat svc.yaml
apiVersion: v1
kind: Service
metadata:
name: sentinel
labels:
app: sentinel
spec:
type: ClusterIP
ports:
- port: 8858
targetPort: 8858
name: web
- port: 8719
targetPort: 8719
name: api
selector:
app: sentinel
kubectl apply -f svc -n nacos
4. 验证服务是否失常
kubectl get pod,svc -n nacos
kubectl logs -f sentinel-0 -n nacos
5. ingress 对外裸露 sentinel dashboard
cat ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: sentinel-http
namespace: nacos
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: web
spec:
rules:
- host: sentinel.saynaihe.com
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: sentinel
port:
number: 8858
输出 configmap 中设置的用户名明码
进入控制台:
实时监控,申请链路 流控规定和降级规定这几个名词集体就很喜爱的样子 ….. 前面再去钻研下应用。