Shulou(Shulou.com)06/02 Report--

This article describes how the Kepler cloud platform installs dependencies.

What is Kplcloud?

Kplcloud is a lightweight PaaS platform based on Kubernetes, which manages applications through a visual interface to reduce the accuracy of application containerization, thus reducing the time cost of application containerization.

Kplcloud has been running steadily for nearly two years in Yixin, Fortune and other teams. At present, the platform has run hundreds of applications and nearly 1000 containers in the production environment.

1. Namespace

It is recommended that Kepler-related services be separated into a proprietary Namespace to create a new space in Kubernetes. You can create the space by executing the following command

$kubectl create namespace kpaas

Or execute the following command:

$kubectl apply-f install/kubernetes/namespace.yaml II. Configuration of persistent storage 2.1 related configuration of persistent storage

NFS is used here for persistence, and if you have your own persistence scheme, you don't have to use the change scheme.

$kubectl apply-f install/kubernetes/storage/serviceaccount.yaml$ kubectl apply-f install/kubernetes/storage/rbac.yaml$ kubectl apply-f install/kubernetes/storage/provisioner.yaml$ kubectl apply-f install/kubernetes/storage/stroageclass.yaml2.2 needs to adjust provisioner

Adjust the service address and path according to your own environment.

Volumes:- name: kpl-nfs-client-root nfs: server: 172.16.0.4 path: "/ home/data" containers:- name: kpl-nfs-client-provisioner image: quay.io/external_storage/nfs-client-provisioner:latest env:-name: PROVISIONER_NAME value: fuseim.pri/ifs-name: NFS_SERVER value: 172.16.0.4-name: NFS_PATH value: "/ home/data"

Third, install Redis single point

For the convenience of demonstration, redis also uses the docker version deployed on the kubernetes cluster. In the real environment, please use a separate redis server or cluster.

If you have not initialized the persistent storage, please configure the storage class here before installing the Redis service.

3.1 install $kubectl apply-f install/kubernetes/redis/statefulset.yaml$ kubectl apply-f install/kubernetes/redis/service.yaml$ kubectl apply-f install/kubernetes/redis/configmap.yaml

The configuration information of redis is written in configmap statefulset.yaml

The official redis exists by default in the / data directory, so we need to configure the persistent storage target under the / data directory.

4. Install Consul cluster

If you have a stand-alone Consul cluster or do not want to use Consul, you do not need to execute the following command. The following command installs the docker version of the consul cluster on your kubernetes cluster as long as there is persistent storage before.

If you have not initialized the persistent storage, please configure the storage class here before installing the consul cluster.

4.1 install $kubectl apply-f install/kubernetes/consul/configmap.yaml$ kubectl apply-f install/kubernetes/consul/service.yaml$ kubectl apply-f install/kubernetes/consul/statefulset.yaml$ kubectl apply-f install/kubernetes/consul/ingress.yaml

We deploy the cluster in the way of StatefulSet. If you already have a persistent storage class, modify storageClassName to your storage class package.

Ingress.yaml provides access to external access

Configuration file for configmap.yaml consul cluster server

4.2 Notes

You may need to pay attention to this kubernetes affinity issue. If your kubernetes is a single point, please use the commented-out code below. No, the service will not be able to start.

Affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution:-labelSelector: matchLabels: app: consul component: server topologyKey: kubernetes.io/hostname# # single node uses this # preferredDuringSchedulingIgnoredDuringExecution:#-wight: 10 percent podAffinityTerm:# topologyKey: kubernetes.io/hostname 5. Install the RabbitMQ service

For the convenience of demonstration, the docker version used by rabbitmq is deployed on the kubernetes cluster. In the real environment, please use a separate rabbitmq server.

If you have not initialized the persistent storage, please configure the storage class here before installing the rabbitMQ service.

5.1 install $kubectl apply-f install/kubernetes/rabbitmq/statefulset.yaml$ kubectl apply-f install/kubernetes/rabbitmq/service.yaml

Stateful service: statefulset.yaml entry: ingress.yaml

Kpass needs to be created in rabbitmq:

Vhost: kplcloudExchanges: kplcloud-exchangeUser: kplcloudRoutingKey: kplcloud

6. Install Mysql service 6.1 mysql

For the convenience of demonstration, the docker version used by mysql is deployed on the kubernetes cluster. In the real environment, please use a separate mysql server.

If you have not initialized the persistent storage, please configure the storage class here before installing the mysql service.

6.2 install $kubectl apply-f install/kubernetes/mysql/statefulset.yaml$ kubectl apply-f install/kubernetes/mysql/service.yamlMYSQL_ROOT_PASSWORD: mysql username MYSQL_ROOT_PASSWORD: mysql password

Statefulset.yaml

This project needs to create a database: kplcloud

7. Install ELK

Logstash and ES have higher requirements for machines, so it is recommended that an independent ELK cluster be used to collect and analyze logs.

If you have to use the elk version of Docker and deploy it in the Kubernetes cluster, if you do not have the initial persistent storage, initialize the persistent storage first. Please configure the storage class here before installing the relevant services.

ELK mainly includes Elasticsearch, Logstash and Kibana services. Kibana and logstash can be done on Deployment. Full ES needs to be persisted because log data is stored on ES.

$kubectl apply-f install/kubernetes/elk/elasticsearch.yaml$ kubectl apply-f install/kubernetes/elk/logstash.yaml$ kubectl apply-f install/kubernetes/elk/kibana.yaml$ kubectl apply-f install/kubernetes/elk/ ingress.yaml8, install Harbor

Don't run the image warehouse on the kubernetes cluster, and it doesn't seem to run. Find a server with a large capacity that installs Docker to build it.

For the startup mode of installation, please see the official instructions: https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md

8.1 installation

Download the Harbor installation file. I am dealing with it offline. If you cannot download it, please add an agent.

$https://storage.googleapis.com/harbor-releases/release-1.8.0/harbor-offline-installer-v1.8.1.tgz8.2 decompress $tar-zxvf harbor-offline-installer-v1.8.1.tgz8.3 configuration harbor file harbor.conf## Configuration file of Harbor# hostname sets the access address, can use ip, domain name, cannot be set to 127.0.0.1 or localhosthostname = hub.kpaas.nsini.com# access protocol. The default is http. You can also set https. If you set https, nginx ssl needs to set onui_url_protocol = http# mysql database root user default password root123. In practice, modify db_password = root123max_job_workers = 3 customize_crt = onssl_cert = / data/cert/server.crtssl_cert_key = / data/cert/server.keysecretkey_path = / dataadmiral_url = NA# email setting After email_identity = email_server = smtp.mydomain.comemail_server_port = 25email_username = sample_admin@mydomain.comemail_password = admin email_ssl = false# is used to start Harbor, the password for administrator UI login is Harbor12345harbor_admin_password = Harbor12345# authentication. Multiple authentication methods are supported here, such as LADP, this storage, and database authentication. The default is db_auth,mysql database authentication auth_mode = db_auth# LDAP authentication configuration item # ldap_url = ldaps://ldap.mydomain.com#ldap_searchdn = uid=searchuser,ou=people,dc=mydomain,dc=com#ldap_search_pwd = password#ldap_basedn = (objectClass=person) # ldap_uid = uid # ldap_scope = 3 # ldap_timeout = whether to enable self-registration self_registration = on# Token validity time Default is 30 minutes token_expiration = 3 minutes user creates project permission control, default is everyone (everyone), can also be set to adminonly (administrator only) project_creation_restriction = everyoneverify_remote_cert = on8.4 start Harbor, directly execute. / install.sh or docker-composer can be installed by $. / install.sh$ docker-compose start IX, Prometheus

If you do not have the initial persistent storage, initialize the persistent storage first. Please configure the storage class here before installing the relevant services.

Prometheus needs to store data locally, so persistent storage needs to be mounted.

$kubectl apply-f install/kubernetes/prometheus/deployment.yaml$ kubectl apply-f install/kubernetes/prometheus/ingress.yaml$ kubectl apply-f install/kubernetes/prometheus/configmap.yaml$ kubectl apply-f install/kubernetes/prometheus/serviceaccount.yaml$ kubectl apply-f install/kubernetes/prometheus/service.yaml$ kubectl apply-f install/kubernetes/prometheus/persistentvolumeclaim.yaml9.1 related configuration

The configmap.yaml file has five files:

Etcd3.rules.ymlkube-state-metrics_rules.ymlkubelet_rule.ymlkubernetes_rule.ymlprometheus.yml

The above four files are referenced in prometheus. If you have new rules, you can add them here.

Alerting is configured in the prometheus.yml file by default. If you have your own alarm management platform, you can modify the address. If you still want to use alertmanager, please see install AlertManager.

10. Install and configure alertmanager

Alertmanager mainly receives alert data from prometheus.

10.1 installation

You can install independently without using Docker, and the following example is deployed on a kubernetes cluster.

$kubectl apply-f install/kubernetes/alertmanager/deployment.yaml$ kubectl apply-f install/kubernetes/alertmanager/ingress.yaml$ kubectl apply-f install/kubernetes/alertmanager/configmap.yaml$ kubectl apply-f install/kubernetes/alertmanager/service.yaml10.2 related configuration

Here, the alarm information is sent to the kplcloud platform by the way of webhook, and the data processing received by kplcloud is incorporated into rabbitmq.

ApiVersion: v1data: config.yml: |-global: route: group_by: ['alertname',' cluster', 'service'] group_wait: 30s group_interval: 5m repeat_interval: 10m receiver: webhook receivers:-name:' webhook' webhook_configs:-url: 'http://kplcloud:8080/public/prometheus/alerts'kind: ConfigMapmetadata: name: alertmanager

The data processed by kplcloud is finally pushed to the corresponding users and platforms according to the corresponding rules.

11. Install kpaas$ git clone github.com/kplcloud/kplcloud.git11.1 Docker$ docker pull kplcloud/kplcloud:latest11.2 kubernetes

Basic service installation: install.md

If your other services are ready, you can directly execute the following command to deploy Kepler cloud platform on kubernetes.

$kubectl apply-f install/kubernetes/kpaas/configmap.yaml$ kubectl apply-f install/kubernetes/kpaas/deployment.yaml$ kubectl apply-f install/kubernetes/kpaas/service.yaml$ kubectl apply-f install/kubernetes/kpaas/ingress.yaml

If you have a private repository, remember to execute it on the master node:

$kubectl create secret generic regcred-- from-file=.dockerconfigjson=/root/.docker/config.json-- type=kubernetes.io/dockerconfigjson-n default

Create it under each namespace, so that K8s has the permission to pull the image of the private repository.

Deployment needs to add imagePullSecrets:

ImagePullSecrets:- name: regcred open source address: Github: https://github.com/kplcloud/kplcloudDocument: https://docs.nsini.comDemo: https://kplcloud.nsini.com

Author: pleasant Jinke-Wealth Technology Department-Innovation team

Source: Yixin Institute of Technology

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.