4小时Dapr+.NET 5+K8S 的实战 https://ke.qq.com/course/4000292?tuin=1271860f
Dapr进阶虚拟机集群实战(非K8S) https://ke.qq.com/course/4002149?tuin=1271860f
工作原理
为了实现在k8s上安装Dapr,Dapr需要部署dapr-sidecar-injector
、dapr-operator
、dapr-placement
和dapr-sentry
服务。
- dapr-operator: 管理组件(state stores, pub/subs, etc.)
- dapr-sidecar-injector: 将 Dapr 注入 annotated pods,并添加环境变量
DAPR_HTTP_PORT
和DAPR_GRPC_PORT
,以使用户定义的应用程序能够轻松地与 Dapr Sidecar通信,而无需硬编码 Dapr 端口值。 - dapr-placement: 将 actor 实例映射到 pods。
- dapr-sentry: 管理服务之间的mTLS并作为证书颁发机构。
2.安装K8s集群
通常使用以下方法本地安装的K8S集群
我本地已经安装好了这两种,这次使用kubeadm 1.20版本演示dapr
3.将Frontend和Backend build成docker Image
vs中分别右击Frontend和Backend,添加Docker支持,即可生成对应的Dockerfile,修改暴露端口
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging. FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base WORKDIR /app EXPOSE 5001 FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build WORKDIR /src COPY ["FrontEnd/FrontEnd.csproj", "FrontEnd/"] RUN dotnet restore "FrontEnd/FrontEnd.csproj" COPY . . WORKDIR "/src/FrontEnd" RUN dotnet build "FrontEnd.csproj" -c Release -o /app/build FROM build AS publish RUN dotnet publish "FrontEnd.csproj" -c Release -o /app/publish FROM base AS final WORKDIR /app COPY --from=publish /app/publish . ENTRYPOINT ["dotnet", "FrontEnd.dll"]
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging. FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base WORKDIR /app EXPOSE 5000 FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build WORKDIR /src COPY ["BackEnd/BackEnd.csproj", "BackEnd/"] RUN dotnet restore "BackEnd/BackEnd.csproj" COPY . . WORKDIR "/src/BackEnd" RUN dotnet build "BackEnd.csproj" -c Release -o /app/build FROM build AS publish RUN dotnet publish "BackEnd.csproj" -c Release -o /app/publish FROM base AS final WORKDIR /app COPY --from=publish /app/publish . ENTRYPOINT ["dotnet", "BackEnd.dll"]
通过以下命令Build Image
docker build -t frontend -f ./FrontEnd/Dockerfile .
docker build -t backend -f ./BackEnd/Dockerfile .
4.将Docker Image推送到仓库
我使用阿里云私有仓库来上传镜像,创建frontend和backend两个库
按照以下提示步骤将frontend和backend Image上传到指定库
5.让k8s使用私有仓库拉取镜像
k8s主节点登录阿里云私库
docker login --username=xxx registry.cn-beijing.aliyuncs.com
docker登录之后,会把密钥存到一个配置文件,通过下面命令拿到base64编码信息
cat ~/.docker/config.json | base64
新建ali-docker-repo.yaml,.dockerconfigjson就是上一步得到的base64
[root@k8s-master dapr-demo]# cat ali-docker-repo.yaml apiVersion: v1 kind: Secret metadata: name: ali-key type: kubernetes.io/dockerconfigjson data: .dockerconfigjson: ewoJImF1dGhzIjogewoJCSJyZWdpc3RyeS5jbi1iZWlqaW5nLmFsaXl1bmNzLmNvbSI6IHs..............
apply secret
[root@k8s-master dapr-demo]# kubectl apply -f ali-docker-repo.yaml
6.安装Dapr CLI
下面命令将DaprCLI安装到 /usr/local/bin
wget -q https://raw.githubusercontent.com/dapr/cli/master/install/install.sh -O - | /bin/bash
7.验证Dapr CLI
dapr
8.初始化Dapr
首先,请确保你的机器已经安装了 Helm 3 。
然后,添加 Helm 库并更新
helm repo add dapr https://dapr.github.io/helm-charts/ helm repo update # See which chart versions are available helm search repo dapr --devel --versions
将 Dapr 图表安装在你的集群的 dapr-system
命名空间中。
helm upgrade --install dapr dapr/dapr \ --version=1.2 \ --namespace dapr-system \ --create-namespace \ --wait
验证安装
[root@k8s-master dapr-demo]# kubectl get pods --namespace dapr-system NAME READY STATUS RESTARTS AGE dapr-dashboard-58b4647996-828n8 1/1 Running 2 9d dapr-operator-85bdd7d89d-5d8dw 1/1 Running 19 9d dapr-placement-server-0 1/1 Running 3 9d dapr-sentry-76bfc5f7c7-vn2qt 1/1 Running 2 9d dapr-sidecar-injector-786645f444-dmzm7 1/1 Running 2 9d
9.配置状态存储和订阅发布组件
我们仍然通过helm安装redis,因为redis是statefulset,因此需要先把redis依赖的storageclass和pv创建好
新建redis-storage-class.yaml
[root@k8s-master dapr-demo]# cat redis-storage-class.yaml kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: local-storage-redis provisioner: kubernetes.io/no-provisioner volumeBindingMode: WaitForFirstConsumer
apply storageclass
[root@k8s-master dapr-demo]# kubectl apply -f redis-storage-class.yaml
由于我们即将安装的redis,使用默认的storageclass,我们需要把我们刚刚新建的storageclass置为默认
kubectl patch storageclass local-storage-redis -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
因为我们即将安装的redis集群有四个节点,我们需新建四个pv,新建文件redis-pv.yaml
apiVersion: v1 kind: PersistentVolume metadata: name: local-pv-redis spec: capacity: storage: 8Gi # volumeMode field requires BlockVolume Alpha feature gate to be enabled. volumeMode: Filesystem accessModes: - ReadWriteOnce storageClassName: local-storage-redis persistentVolumeReclaimPolicy: Retain local: path: /local-storage/redis nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - k8s-node1 --- apiVersion: v1 kind: PersistentVolume metadata: name: local-pv-redis2 spec: capacity: storage: 8Gi # volumeMode field requires BlockVolume Alpha feature gate to be enabled. volumeMode: Filesystem accessModes: - ReadWriteOnce storageClassName: local-storage-redis persistentVolumeReclaimPolicy: Retain local: path: /local-storage/redis nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - k8s-node1 --- apiVersion: v1 kind: PersistentVolume metadata: name: local-pv-redis3 spec: capacity: storage: 8Gi # volumeMode field requires BlockVolume Alpha feature gate to be enabled. volumeMode: Filesystem accessModes: - ReadWriteOnce storageClassName: local-storage-redis persistentVolumeReclaimPolicy: Retain local: path: /local-storage/redis nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - k8s-node1 --- apiVersion: v1 kind: PersistentVolume metadata: name: local-pv-redis4 spec: capacity: storage: 8Gi # volumeMode field requires BlockVolume Alpha feature gate to be enabled. volumeMode: Filesystem accessModes: - ReadWriteOnce storageClassName: local-storage-redis persistentVolumeReclaimPolicy: Retain local: path: /local-storage/redis nodeAffinity: required: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/hostname operator: In values: - k8s-node1
因为我们指定了四个pv调度在k8s-node1上,所以需要去node1上新建挂载目录/local-storage/redis
mkdir /local-storage cd /local-storage mkdir /redis
apply pv
kubectl apply -f redis-pv.yaml
安装redis到集群
helm repo add bitnami https://charts.bitnami.com/bitnami helm repo update helm install redis bitnami/redis
查看redis pod
[root@k8s-master dapr-demo]# kubectl get pod redis-master-0 1/1 Running 0 141m redis-replicas-0 1/1 Running 0 141m redis-replicas-1 1/1 Running 0 141m redis-replicas-2 1/1 Running 0 140m
创建storestate组件,新建redis-state.yaml
[root@k8s-master dapr-demo]# cat redis-state.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: statestore namespace: default spec: type: state.redis version: v1 metadata: - name: redisHost value: redis-master.default.svc.cluster.local:6379 - name: redisPassword secretKeyRef: name: redis key: redis-password - name: actorStateStore value: "true"
新建pubsub组件
[root@k8s-master dapr-demo]# cat redis-pubsub.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: pubsub namespace: default spec: type: pubsub.redis version: v1 metadata: - name: redisHost value: redis-master.default.svc.cluster.local:6379 - name: redisPassword secretKeyRef: name: redis key: redis-password
apply statestore和pubsub
kubectl apply -f redis-state.yaml
kubectl apply -f redis-pubsub.yaml
验证
[root@k8s-master dapr-demo]# kubectl get component.dapr.io NAME AGE pubsub 135m statestore 135m
10.分别为frontend和backend新建deployment
在 Kubernetes 集群中部署和运行启用 Dapr 的应用程序非常简单,只需向 deployment 方案添加一些annotations
[root@k8s-master dapr-demo]# cat frontend.yaml apiVersion: apps/v1 kind: Deployment metadata: name: frontend labels: app: frontend spec: replicas: 1 selector: matchLabels: app: frontend template: metadata: labels: app: frontend annotations: dapr.io/enabled: "true" dapr.io/app-id: "frontend" dapr.io/app-port: "5001" spec: imagePullSecrets: - name: ali-key containers: - name: frontend image: registry.cn-beijing.aliyuncs.com/chester-dapr/frontend:latest ports: - containerPort: 5001 imagePullPolicy: Always
[root@k8s-master dapr-demo]# cat backend.yaml apiVersion: apps/v1 kind: Deployment metadata: name: backend labels: app: backend spec: replicas: 1 selector: matchLabels: app: backend template: metadata: labels: app: backend annotations: dapr.io/enabled: "true" dapr.io/app-id: "backend" dapr.io/app-port: "5000" spec: imagePullSecrets: - name: ali-key containers: - name: backend image: registry.cn-beijing.aliyuncs.com/chester-dapr/backend:latest ports: - containerPort: 5000 imagePullPolicy: Always
分别apply backend和frontend
[root@k8s-master dapr-demo]# kubectl apply -f frontend.yaml
[root@k8s-master dapr-demo]# kubectl apply -f backend.yaml
查看pod
[root@k8s-master dapr-demo]# kubectl get pod NAME READY STATUS RESTARTS AGE backend-7fff74f544-f6xms 2/2 Running 0 134m frontend-5c479c9948-tmz5k 2/2 Running 0 99m redis-master-0 1/1 Running 0 147m redis-replicas-0 1/1 Running 0 147m redis-replicas-1 1/1 Running 0 146m redis-replicas-2 1/1 Running 0 146m
11.验证
为frontend创建service
[root@k8s-master dapr-demo]# cat frontend-service.yaml apiVersion: v1 kind: Service metadata: name: frontend-svc spec: type: NodePort selector: app: frontend ports: - port: 5001 targetPort: 5001 nodePort: 31111
采用nodeport方式暴露31111端口,apply service
kubectl apply -f frontend-service.yaml
访问http://192.168.43.150:31111/Dapr,其中192.168.43.150是宿主机ip,结果显示访问成功,k8s部署dapr成功
最后:整个教程的源码