1. dubbo微服務架構
微服務提供者集群: 暴露服務的服務提供方
微服務消費者集群: 調用遠程服務的服務消費方
注冊中心: 微服務提供者集群注冊, 微服務消費者集群訂閱, 微服務消費者集群通過RPC協議調用微服務提供者集群
Monitor: 統計服務的調用次數和調用時間的監控中心
部署的基本流程為 git推送代碼到jenkins, jenkins編譯代碼並打包鏡像推送到鏡像倉庫, 然后通過kubectl或者helm操作k8s的YAML文件部署服務
用戶訪問的基本流程為用戶訪問ingress, ingress代理微服務消費者集群, ingress得到響應后, 再將數據返回給用戶
2. 部署zookeeper集群
- Zookeeper是Dubbo微服務集群的注冊中心
- zookeeper高可用機制和etcd集群一致
- 需要jdk環境
2.1 基礎架構
| 主機名 | 角色 | ip |
|---|---|---|
| hdss200.host.com | harbor,zk1 | 192.168.31.200 |
| hdss12.host.com | zk2 | 192.168.31.12 |
| hdss11.host.com | dns, zk3 | 192.168.31.11 |
2.2 安裝jdk1.8
jdk下載地址: https://www.oracle.com/java/technologies/javase/javase-jdk8-downloads.html
- 解壓文件到指定目錄
mkdir -p /usr/java
tar -xf jdk-8u261-linux-x64.tar.gz -C /usr/java/
cd /usr/java/
- 加入環境變量
vim /etc/profile
export JAVA_HOME=/usr/java/jdk1.8.0_261
export PATH=$JAVA_HOME/bin:$PATH
export CLASSPATH=$CLASSPATH:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar
source /etc/profile
- 查看java版本
java -version
2.3 安裝zookeeper
zookeeper 下載地址: https://archive.apache.org/dist/zookeeper/
2.3.1 解壓,配置
- 解壓文件到指定位置
wget https://archive.apache.org/dist/zookeeper/zookeeper-3.4.14/zookeeper-3.4.14.tar.gz
tar xf zookeeper-3.4.14.tar.gz -C /opt/
- 創建zookeeper 數據目錄 和 日志目錄
cd /opt/
mkdir -p /data/zookeeper/data /data/zookeeper/logs
- 編寫配置文件
cp /opt/zookeeper-3.4.14/conf/zoo_sample.cfg /opt/zookeeper-3.4.14/conf/zoo.cfg
vim /opt/zookeeper-3.4.14/conf/zoo.cfg
tickTime=2000
initLimit=10
syncLimit=5
dataDir=/data/zookeeper/data
dataLogDir=/data/zookeeper/logs
clientPort=2181
server.1=zk1.od.com:2888:3888
server.2=zk2.od.com:2888:3888
server.3=zk3.od.com:2888:3888
2.3.2 myid
`192.168.31.200
echo 1 > /data/zookeeper/data/myid
192.168.31.12
echo 2 > /data/zookeeper/data/myid
192.168.31.11
echo 3 > /data/zookeeper/data/myid
2.3.3 做dns解析
vim /var/named/od.com.zone
$ORIGIN od.com.
$TTL 600 ; 10 minutes
@ IN SOA dns.od.com. dnsadmin.od.com. (
2020072401 ; serial
10800 ; refresh (3 hours)
900 ; retry (15 minutes)
604800 ; expire (1 week)
86400 ; minimun (1 day)
)
NS dns.od.com.
$TTL 60 ; 1 minute
dns A 192.168.31.11
harbor A 192.168.31.200
zk1 A 192.168.31.200
zk2 A 192.168.31.12
zk3 A 192.168.31.11
systemctl restart named
- 檢查dns
2.3.4 依次啟動zookeeper
- 啟動服務
/opt/zookeeper-3.4.14/bin/zkServer.sh start
- 檢查端口
netstat -ntulp|grep 2181
- 檢查zookeeper集群的主從狀態
/opt/zookeeper-3.4.14/bin/zkServer.sh status
3. 部署jenkins
官網: https://www.jenkins.io/download/
dockerhub: https://hub.docker.com/r/jenkins/jenkins
3.1 准備鏡像
docker pull jenkins/jenkins:2.190.3-centos
docker tag jenkins/jenkins:2.190.3-centos harbor.od.com/public/jenkins:2.190.3-centos
docker push harbor.od.com/public/jenkins:2.190.3-centos
建議使用 2.190.3版本, 2.235.3,2.235.4版本, 使用jenkins打包成的鏡像, 會將底包里面的腳本修改, 導致服務起不來
3.2 自定義Dockerfile
- 創建目錄
mkdir -p /data/dockerfile/jenkins
- 切換目錄
cd /data/dockerfile/jenkins
- 創建密鑰對
ssh-keygen -t rsa -b 2048 -C '1392263019@qq.com' -N "" -f /root/.ssh/id_rsa
- 准備dockerfile文件
cd /data/dockerfile/jenkins
cp /root/.docker/config.json .
cp /root/.ssh/id_rsa .
wget https://get.helm.sh/helm-v3.1.0-linux-amd64.tar.gz
tar -xf helm-v3.1.0-linux-amd64.tar.gz
vim Dockerfile
FROM harbor.od.com/public/jenkins:2.235.4-lts
USER root
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai' >/etc/timezone
ADD linux-amd64/helm /usr/bin
ADD id_rsa /root/.ssh/id_rsa
ADD config.json /root/.docker/config.json
ADD get-docker.sh /get-docker.sh
RUN cat /etc/os-release
RUN echo " StrictHostKeyChecking no" >> /etc/ssh/ssh_config && /get-docker.sh --mirror Aliyun
3.3 制作自定義鏡像
docker build --no-cache . -t harbor.od.com/infra/jenkins4helm:2.190.3-centos
-
測試下鏡像
需要先把公鑰放到gitee上
docker run --rm harbor.od.com/infra/jenkins4helm:2.190.3-centos ssh -T git@gitee.com
3.4 創建infra倉庫
3.5 創建kubernetes 命名空間以及私有倉庫infra的secret
kubectl create ns infra
kubectl create secret docker-registry harbor --docker-server=harbor.od.com --docker-username=admin --docker-password=Harbor12345 -n infra
3.6 推送鏡像
docker push harbor.od.com/infra/jenkins4helm:2.190.3-centos
3.7 准備nfs共享存儲
所有運算節點安裝nfs-utils, 並啟動服務
yum -y install nfs-utils
- 配置nfs服務
192.168.31.200
echo '/data/jenkins 192.168.31.0/24(rw,no_root_squash)' >> /etc/exports
- 啟動nfs服務
systemctl start rpcbind &&systemctl enable rpcbind
systemctl start nfs && systemctl enable nfs
- 查看nfs服務
exportfs -v
- 創建目錄jenkins_home
mkdir /data/jenkins/jenkins_home/
3.8 准備資源
- dp.yaml
kind: Deployment
apiVersion: apps/v1
metadata:
name: jenkins
namespace: infra
labels:
name: jenkins
spec:
replicas: 1
selector:
matchLabels:
name: jenkins
template:
metadata:
labels:
app: jenkins
name: jenkins
spec:
volumes:
- name: data
nfs:
server: hdss200
path: /data/jenkins/jenkins_home
- name: docker
hostPath:
path: /run/docker.sock
imagePullSecrets:
- name: harbor
containers:
- name: jenkins
image: harbor.od.com/infra/jenkins:2.235.3
securityContext:
runAsUser: 0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
protocol: TCP
env:
- name: JAVA_OPTS
value: -Xmx512m -Xms512m -Dhudson.security.csrf.GlobalCrumbIssuerConfiguration.DISABLE_CSRF_PROTECTION=true
volumeMounts:
- name: data
mountPath: /var/jenkins_home
- name: docker
mountPath: /run/docker.sock
- svc.yaml
kind: Service
apiVersion: v1
metadata:
name: jenkins
namespace: infra
spec:
ports:
- protocol: TCP
port: 80
targetPort: 8080
selector:
app: jenkins
- ingress.yaml
kind: Ingress
apiVersion: extensions/v1beta1
metadata:
name: jenkins
namespace: infra
annotations:
kubernetes.io/ingress.class: intranet4public
spec:
rules:
- host: jenkins.od.com
http:
paths:
- path: /
backend:
serviceName: jenkins
servicePort: 80
3.9 部署資源
kubectl apply -f dp.yaml
kubectl apply -f svc.yaml
kubectl apply -f ingress.yaml
- 查看資源
kubectl get all -n infra
kubectl get ing -n infra
3.10 解析域名
將域名 jenkins.od.com 設定了 kubernetes.io/ingress.class: intranet4public , 指定了ingress為 設定了參數為 intranet4public 的ingress, 所以在本機的C:\Windows\System32\drivers\etc\hosts將域名解析為 192.168.31.41 jenkins.od.com
3.11 瀏覽器訪問
瀏覽器輸入 http://jenkins.od.com/
3.12 初始配置jenkins
- 輸入初始密碼
cat secrets/initialAdminPassword
- 將所有的插件都取消勾選
3.13 創建管理者用戶
用戶名 admin
密碼 admin123
3.14 允許匿名用戶有讀權限
3.15 配置國內鏡像源
192.168.31.200
cd /data/jenkins/jenkins_home/updates/
sed -i 's/updates.jenkins-ci.org\/download/mirrors.tuna.tsinghua.edu.cn\/jenkins/g' default.json
sed -i 's/www.google.com/www.baidu.com/g' default.json
執行完重啟pod
3.16 安裝插件 Blue Ocean
Manage Jenkins - Manage Plugins
3.17 驗證jenkins pod
- 進入pod, 選擇在pod中運行
- 查看用戶, 時間, docker容器, 是否能登入harbor倉庫, 是否能通過ssh連接gitee
4. maven安裝
下載地址: https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/
maven官網: http://maven.apache.org/index.html
192.168.31.200
4.1 下載
wget https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz
tar -xf apache-maven-3.6.3-bin.tar.gz -C /data/jenkins/jenkins_home/
mv /data/jenkins/jenkins_home/apache-maven-3.6.3/ /data/jenkins/jenkins_home/maven-3.6.3-8u242
4.2 設置國內鏡像源
/data/jenkins/jenkins_home/maven-3.6.3-8u242/conf/settings.xml
<mirror>
<id>aliyunmaven</id>
<mirrorOf>*</mirrorOf>
<name>阿里雲公共倉庫</name>
<url>https://maven.aliyun.com/repository/public</url>
</mirror>
5. 制作dubbo微服務的底包鏡像
192.168.31.200
5.1 准備dockerfile用到的文件
- 拉取基礎鏡像 jre8:8u112
mkdir -p cd /data/dockerfile/jre8
docker pull docker.io/stanleyws/jre8:8u112
docker tag stanleyws/jre8:8u112 harbor.od.com/public/jre:8u112
docker push harbor.od.com/public/jre:8u112
cd /data/dockerfile/jre8
- jmx_javaagent-0.3.1.jar
wget https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.3.1/jmx_prometheus_javaagent-0.3.1.jar -O jmx_javaagent-0.3.1.jar
- config.yml
---
rules:
- pattern: '.*'
- entrypoint.sh
#!/bin/bash
M_OPTS="-Duser.timezone=Asia/Shanghai -javaagent:/opt/prom/jmx_javaagent-0.3.1.jar=$(hostname -i):$(M_PORT:-"12346"):/opt/prom/config.yml"
C_OPTS=$(C_OPTS)
JAR_BALL=$(JAR_BALL)
exec java -jar $(M_OPTS) $(C_OPTS) $(JAR_BALL)
chmod +x entrypoint.sh
- 目錄結構
/data/dockerfile/jre8/
├── config.yml
├── Dockerfile
├── entrypoint.sh
└── jmx_javaagent-0.3.1.jar
5.2 編寫dockerfile
/data/dockerfile/jre8/Dockerfile
FROM harbor.od.com/public/jre:8u112
RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && echo 'Asia/Shanghai >/etc/timezone'
ADD config.yml /opt/prom/config.yml
ADD jmx_javaagent-0.3.1.jar /opt/prom
WORKDIR /opt/project_dir
ADD entrypoint.sh /entrypoint.sh
CMD ["/entrypoint.sh"]
5.3 制作鏡像
docker build . -t harbor.od.com/base/jre8:8u112
