暂无图片
暂无图片
暂无图片
暂无图片
暂无图片
首页 / Kubernetes部署Nacos集成PostgreSQL,打造微服务治理新标杆打造微服务治理新标杆

Kubernetes部署Nacos集成PostgreSQL,打造微服务治理新标杆打造微服务治理新标杆

Linux运维智行录 2024-12-31
268

在当今的云计算时代,微服务架构已经成为构建复杂应用的主流模式。为了支持这一架构,我们需要一个强大而灵活的服务发现和配置管理平台。Nacos以其卓越的功能和易用性成为众多开发者的首选。同时,选择PostgreSQL作为其后端数据库,不仅保障了数据的安全性和持久性,还提升了系统的性能。本文将详细介绍如何在Kubernetes环境中部署Nacos,并将其数据存储集成到PostgreSQL中,帮助您快速搭建起一套高效稳定的微服务平台。

Nacos高可用架构图


01
先决条件

1、Kubernetes集群可用

2、StorageClass存储类可用

3、Ingress Controller可用

4、PostgreSQL集群可用


02
初始化nacos表结构

1、下载初始化脚本

$ sudo mkdir etc/kubernetes/addons/nacos
$ sudo curl -L -o etc/kubernetes/addons/nacos/nacos-pg.sql https://github.com/wuchubuzai2018/nacos-datasource-extend-plugins/raw/refs/heads/main/nacos-datasource-plugin-ext/nacos-postgresql-datasource-plugin-ext/src/main/resources/schema/nacos-pg.sql

2、postgresql创建库并授权

$ CREATE USER nacos WITH PASSWORD '123456';
$ CREATE DATABASE nacos_prod OWNER nacos;

3、导入数据

$ psql -h 172.139.20.188 -p 9999 -U nacos -W nacos_prod < etc/kubernetes/addons/nacos/nacos-pg.sql


03
部署Nacos服务

1、创建命名空间

$ kubectl create ns nacos

2、创建Nacos配置文件

$ cat <<'EOF' | sudo tee etc/kubernetes/addons/nacos/application.properties > dev/null
#*************** Spring Boot Related Configurations ***************#
#server.servlet.contextPath=/nacos
server.error.include-message=ALWAYS
server.port=8848

#*************** Network Related Configurations ***************#

#*************** Config Module Related Configurations ***************#
spring.sql.init.platform=postgresql
db.num=1
db.url.0=jdbc:postgresql://172.139.20.188:9999/nacos_prod?tcpKeepAlive=true&reWriteBatchedInserts=true&ApplicationName=nacos_java
db.user.0=nacos
db.password.0=123456
db.pool.config.connectionTimeout=30000
db.pool.config.validationTimeout=10000
db.pool.config.maximumPoolSize=20
db.pool.config.minimumIdle=2
db.pool.config.driverClassName=org.postgresql.Driver
nacos.config.push.maxRetryTime=50

#*************** Naming Module Related Configurations ***************#

#*************** CMDB Module Related Configurations ***************#

#***********Metrics for tomcat **************************#
server.tomcat.mbeanregistry.enabled=true

#***********Expose prometheus and health **************************#
management.metrics.export.elastic.enabled=false
management.metrics.export.influx.enabled=false

#*************** Access Log Related Configurations ***************#
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.rotate=true
server.tomcat.accesslog.file-date-format=.yyyy-MM-dd-HH
server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b %D %{User-Agent}i %{Request-Source}i
server.tomcat.basedir=file:.

#*************** Access Control Related Configurations ***************#
nacos.security.ignore.urls=/,/error,/**/*.css,/**/*.js,/**/*.html,/**/*.map,/**/*.svg,/**/*.png,/**/*.ico,/console-ui/public/**,/v1/auth/**,/v1/console/health/**,/actuator/**,/v1/console/server/**
nacos.core.auth.system.type=nacos
nacos.core.auth.enabled=true
nacos.core.auth.caching.enabled=true
nacos.core.auth.enable.userAgentAuthWhite=false
nacos.core.auth.server.identity.key=authKey
nacos.core.auth.server.identity.value=shigzh
nacos.core.auth.plugin.nacos.token.cache.enable=false
nacos.core.auth.plugin.nacos.token.expire.seconds=18000
nacos.core.auth.plugin.nacos.token.secret.key=MjA4OTcxNjAtYWE5MS00YmQwLTkxYWQtOTIzMTYyNGE3OWExCg==

#*************** Control Plugin Related Configurations ***************#

#*************** Config Change Plugin Related Configurations ***************#

#*************** Istio Related Configurations ***************#
nacos.istio.mcp.server.enabled=false

#*************** Core Related Configurations ***************#

#*************** JRaft Related Configurations ***************#

#*************** Distro Related Configurations ***************#

#*************** Grpc Configurations ***************#
EOF

$ kubectl create configmap nacos-config --from-file=application.properties=/etc/kubernetes/addons/nacos/application.properties -n nacos 
configmap/nacos-config created

Tip:上述基于默认配置文件适配postgresql 以及开启鉴权参数。

适配postgresql参数:

  • spring.sql.init.platform

  • db.url

  • db.pool.config.driverClassName

开启鉴权参数:

  • nacos.core.auth.enabled

  • nacos.core.auth.server.identity.key  # 服务之间使用的,不是登录用户信息

  • nacos.core.auth.server.identity.value # 服务之间使用的,不是登录用户信息

  • nacos.core.auth.plugin.nacos.token.secret.key # 原字符32位+且要base64编码

3、下载nacos连接postgresql驱动

$ sudo curl -o etc/kubernetes/addons/nacos/nacos-postgresql-plugin-1.0.0.jar -L https://github.com/wuchubuzai2018/nacos-datasource-extend-plugins/releases/download/1.0.0/nacos-postgresql-plugin-1.0.0.jar
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100 1216k  100 1216k    0     0   780k      0  0:00:01  0:00:01 --:--:-- 5600k

4、部署Nacos服务

$ cat <<'EOF' | sudo tee etc/kubernetes/addons/nacos/deploy.yml > dev/null
---
apiVersion: v1
kind: Service
metadata:
  name: nacos
  namespace: nacos
spec:
  ports:
    - port: 8848
      name: server
      targetPort: 8848
    - port: 9848
      name: client-rpc
      targetPort: 9848
    - port: 9849
      name: raft-rpc
      targetPort: 9849
    ## 兼容1.4.x版本的选举端口
    - port: 7848
      name: old-raft-rpc
      targetPort: 7848
  selector:
    app: nacos
---
apiVersion: v1
kind: Service
metadata:
  name: nacos-headless
  namespace: nacos
spec:
  publishNotReadyAddresses: true 
  ports:
    - port: 8848
      name: server
      targetPort: 8848
    - port: 9848
      name: client-rpc
      targetPort: 9848
    - port: 9849
      name: raft-rpc
      targetPort: 9849
    ## 兼容1.4.x版本的选举端口
    - port: 7848
      name: old-raft-rpc
      targetPort: 7848
  clusterIP: None
  selector:
    app: nacos
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: nacos
  namespace: nacos
spec:
  replicas: 3
  podManagementPolicy: Parallel
  serviceName: nacos-headless
  selector:
    matchLabels:
      app: nacos
  template:
    metadata:
      labels:
        app: nacos
      annotations:
        pod.alpha.kubernetes.io/initialized: "true"
    spec:
      affinity:
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: "app"
                operator: In
                values:
                - nacos
            topologyKey: "kubernetes.io/hostname"
      initContainers:
      - name: peer-finder-plugin-install
        image: core.jiaxzeng.com/library/nacos/nacos-peer-finder-plugin:1.1
        imagePullPolicy: Always
        volumeMounts:
        - mountPath: home/nacos/plugins/peer-finder
          name: data
          subPath: peer-finder
      containers:
      - name: nacos
        imagePullPolicy: Always
        image: core.jiaxzeng.com/library/nacos/nacos-server:v2.4.3-slim
        resources:
          requests:
            memory: "2Gi"
            cpu: "500m"
        startupProbe:
          failureThreshold: 12
          httpGet:
            path: v1/console/health/readiness
            port: 8848
            scheme: HTTP
          initialDelaySeconds: 60
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 10
        livenessProbe:
          httpGet:
            path: v1/console/health/readiness
            port: 8848
          timeoutSeconds: 10
          successThreshold: 1
          periodSeconds: 5
          failureThreshold: 3
        ports:
        - containerPort: 8848
          name: client-port
        - containerPort: 9848
          name: client-rpc
        - containerPort: 9849
          name: raft-rpc
        - containerPort: 7848
          name: old-raft-rpc
        env:
        - name: NACOS_REPLICAS
          value: "3"
        - name: SERVICE_NAME
          value: "nacos-headless"
        - name: DOMAIN_NAME
          value: "cluster.local"
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        - name: NACOS_SERVER_PORT
          value: "8848"
        - name: NACOS_APPLICATION_PORT
          value: "8848"
        - name: PREFER_HOST_MODE
          value: "hostname"
        volumeMounts:
        - name: data
          mountPath: home/nacos/plugins/peer-finder
          subPath: peer-finder
        - name: data
          mountPath: home/nacos/data
          subPath: data
        - name: data
          mountPath: home/nacos/logs
          subPath: logs
        - mountPath: home/nacos/conf/application.properties
          name: config
          subPath: application.properties
      volumes:
      - configMap:
          defaultMode: 420
          name: nacos-config
        name: config
  volumeClaimTemplates:
  - metadata:
      name: data
    spec:
      accessModes: [ "ReadWriteMany" ]
      storageClassName: "ceph-fs-storage"
      resources:
        requests:
          storage: 8Gi
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    cert-manager.io/cluster-issuer: "selfsigned-cluster-issuer"
  name: nacos
  namespace: nacos
spec:
  ingressClassName: nginx
  rules:
  - host: nacos.jiaxzeng.com
    http:
      paths:
      - pathType: Prefix
        path: 
        backend:
          service:
            name: nacos
            port:
              number: 8848
  tls:
  - secretName: nacos.jiaxzeng.com-tls
    hosts:
    - nacos.jiaxzeng.com
EOF

$ kubectl apply -f etc/kubernetes/addons/nacos/deploy.yml
service/nacos created
service/nacos-headless created
statefulset.apps/nacos created
ingress.networking.k8s.io/nacos created

5、拷贝postgresql驱动到容器

for i in `seq 0 2`;do
  kubectl -n nacos cp etc/kubernetes/addons/nacos/nacos-postgresql-plugin-1.0.0.jar nacos-${i}:plugins/peer-finder
done


04
验证


命令行方式


$ kubectl -n nacos get pod,svc,pvc,ingress
NAME          READY   STATUS    RESTARTS   AGE
pod/nacos-0   1/1     Running   0          93s
pod/nacos-1   1/1     Running   0          92s
pod/nacos-2   1/1     Running   0          92s

NAME                     TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                               AGE
service/nacos            ClusterIP   10.110.115.106   <none>        8848/TCP,9848/TCP,9849/TCP,7848/TCP   73s
service/nacos-headless   ClusterIP   None             <none>        8848/TCP,9848/TCP,9849/TCP,7848/TCP   73s

NAME                                 STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      AGE
persistentvolumeclaim/data-nacos-0   Bound    pvc-a08d8647-9dbd-4696-9966-718586e39cac   8Gi        RWX            ceph-fs-storage   16m
persistentvolumeclaim/data-nacos-1   Bound    pvc-265c6035-8886-4344-bcd7-3f3ffacddc73   8Gi        RWX            ceph-fs-storage   11m
persistentvolumeclaim/data-nacos-2   Bound    pvc-833ac0e3-b53c-4eac-9951-13e8bbf33e31   8Gi        RWX            ceph-fs-storage   11m

NAME                              CLASS   HOSTS                ADDRESS          PORTS     AGE
ingress.networking.k8s.io/nacos   nginx   nacos.jiaxzeng.com   10.109.195.237   80, 443   73s




浏览器页面验证


Tip:默认密码:nacos/nacos


05
总结

通过上述步骤,我们不仅可以在Kubernetes中成功部署Nacos,还能借助PostgreSQL的强大功能保证数据的安全性和一致性。这不仅增强了系统的可靠性,也使得微服务的开发和运维变得更加简单高效。对于正在探索微服务治理方案的企业来说,这样的组合无疑是一个极具吸引力的选择。希望这篇文章能为您提供有价值的参考,帮助您构建出更加稳固的微服务架构。


别忘了,关注我们的公众号,获取更多关于容器技术和云原生领域的深度洞察和技术实战,让我们携手在技术的海洋中乘风破浪!

END

postgresqlnacoskubernetesconfig
文章转载自Linux运维智行录,如果涉嫌侵权,请发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。

评论