K8S簡(jiǎn)單部署

--- apiVersion: v1 data:mysql.db.name: nacosmysql.password: nacosmysql.port: "3306"mysql.user: rootmysql.host: mysql kind: ConfigMap metadata:name: nacos-cm--- apiVersion: v1 kind: Service metadata:name: nacos-hslabels:app: nacos spec:ports:- port: 8848name: serverprotocol: TCPtargetPort: 8848clusterIP: Noneselector:app: nacostype: ClusterIP --- apiVersion: v1 kind: Service metadata:name: nacos-svclabels:app: nacos spec:ports:- port: 8848name: serverprotocol: TCPtargetPort: 8848selector:app: nacostype: ClusterIP --- apiVersion: route.openshift.io/v1 kind: Route metadata:labels:app: nacosname: nacosspec:host: nacos-X.X.Xport:targetPort: serverto:kind: Servicename: nacos-svcweight: 100wildcardPolicy: None --- apiVersion: apps/v1 kind: StatefulSet metadata:name: nacos spec:podManagementPolicy: OrderedReadyreplicas: 3revisionHistoryLimit: 10selector:matchLabels:app.kubernetes.io/instance: nacosapp.kubernetes.io/name: nacosserviceName: nacos-hstemplate:metadata:labels:app.kubernetes.io/instance: nacosapp.kubernetes.io/name: nacosapp: nacosspec:containers:- env:- name: JVM_XMXvalue: 3500m- name: MODEvalue: hostname - name: PREFER_HOST_MODEvalue: hostname- name: NACOS_SERVERSvalue: 'nacos-0.nacos-hs:8848 nacos-1.nacos-hs:8848 nacos-2.nacos-hs:8848'- name: SPRING_DATASOURCE_PLATFORMvalue: mysql- name: NACOS_AUTH_CACHE_ENABLEvalue: "true"- name: NACOS_REPLICASvalue: "3"- name: SERVICE_NAMEvalue: nacos-hs- name: DOMAIN_NAMEvalue: cluster.local- name: POD_NAMESPACEvalueFrom:fieldRef:apiVersion: v1fieldPath: metadata.namespace- name: MYSQL_SERVICE_HOSTvalueFrom:configMapKeyRef:key: mysql.hostname: nacos-cm - name: MYSQL_SERVICE_DB_NAMEvalueFrom:configMapKeyRef:key: mysql.db.namename: nacos-cm- name: MYSQL_SERVICE_PORTvalueFrom:configMapKeyRef:key: mysql.portname: nacos-cm- name: MYSQL_SERVICE_USERvalueFrom:configMapKeyRef:key: mysql.username: nacos-cm- name: MYSQL_SERVICE_PASSWORDvalueFrom:configMapKeyRef:key: mysql.passwordname: nacos-cm- name: NACOS_APPLICATION_PORTvalue: "8848"image: nacos/nacos-server:1.4.1.0imagePullPolicy: IfNotPresentname: nacosports:- containerPort: 8848name: httpprotocol: TCP- containerPort: 7848name: rpcprotocol: TCPresources:limits:cpu: 800mmemory: 4GiterminationMessagePath: /dev/termination-logterminationMessagePolicy: File dnsPolicy: ClusterFirstrestartPolicy: AlwaysschedulerName: default-schedulersecurityContext: {}terminationGracePeriodSeconds: 30updateStrategy:rollingUpdate:partition: 0type: RollingUpdate

簡(jiǎn)單部署，需要指定節(jié)點(diǎn)的配置信息，并且不需要綁定目錄

K8S可擴(kuò)容縮容部署

--- apiVersion: v1 data:mysql.db.name: nacosmysql.password: nacosmysql.port: "3306"mysql.user: rootmysql.host: mysql-0 kind: ConfigMap metadata:name: nacos-cm--- apiVersion: v1 kind: Service metadata:name: nacos-hslabels:app: nacos spec:ports:- port: 8848name: serverprotocol: TCPtargetPort: 8848clusterIP: Noneselector:app: nacostype: ClusterIP --- apiVersion: v1 kind: Service metadata:name: nacos-svclabels:app: nacos spec:ports:- port: 8848name: serverprotocol: TCPtargetPort: 8848selector:app: nacostype: ClusterIP --- apiVersion: route.openshift.io/v1 kind: Route metadata:labels:app: nacosname: nacosspec:host: nacos.apps.XXXXport:targetPort: serverto:kind: Servicename: nacos-svcweight: 100wildcardPolicy: None --- apiVersion: apps/v1 kind: StatefulSet metadata:name: nacos spec:podManagementPolicy: OrderedReadyreplicas: 3revisionHistoryLimit: 10selector:matchLabels:app.kubernetes.io/instance: nacosapp.kubernetes.io/name: nacosserviceName: nacos-hstemplate:metadata:labels:app.kubernetes.io/instance: nacosapp.kubernetes.io/name: nacosapp: nacosspec:containers:- env:- name: JVM_XMXvalue: 3500m- name: MODEvalue: hostname - name: SPRING_DATASOURCE_PLATFORMvalue: mysql- name: NACOS_AUTH_CACHE_ENABLEvalue: "true"- name: NACOS_REPLICASvalue: "3"- name: SERVICE_NAMEvalue: nacos-hs- name: DOMAIN_NAMEvalue: cluster.local- name: POD_NAMESPACEvalueFrom:fieldRef:apiVersion: v1fieldPath: metadata.namespace- name: PREFER_HOST_MODEvalue: hostname- name: MYSQL_SERVICE_HOSTvalueFrom:configMapKeyRef:key: mysql.hostname: nacos-cm - name: MYSQL_SERVICE_DB_NAMEvalueFrom:configMapKeyRef:key: mysql.db.namename: nacos-cm- name: MYSQL_SERVICE_PORTvalueFrom:configMapKeyRef:key: mysql.portname: nacos-cm- name: MYSQL_SERVICE_USERvalueFrom:configMapKeyRef:key: mysql.username: nacos-cm- name: MYSQL_SERVICE_PASSWORDvalueFrom:configMapKeyRef:key: mysql.passwordname: nacos-cm- name: NACOS_SERVER_PORTvalue: "8848"- name: NACOS_APPLICATION_PORTvalue: "8848"image: nacos/nacos-server:1.4.1-unprivilegedimagePullPolicy: Alwaysname: nacosports:- containerPort: 8848name: httpprotocol: TCP- containerPort: 7848name: rpcprotocol: TCPresources:limits:cpu: 1500mmemory: 4GiterminationMessagePath: /dev/termination-logterminationMessagePolicy: FilevolumeMounts:- mountPath: /home/nacos/plugins/peer-findername: plugindir- mountPath: /home/nacos/dataname: datadir- mountPath: /home/nacos/logsname: logdirdnsPolicy: ClusterFirstinitContainers:- image: nacos/nacos-peer-finder-plugin:1.0imagePullPolicy: Alwaysname: peer-finder-plugin-installresources: {}terminationMessagePath: /dev/termination-logterminationMessagePolicy: FilevolumeMounts:- mountPath: /home/nacos/plugins/peer-findername: plugindirrestartPolicy: AlwaysschedulerName: default-schedulersecurityContext: {}terminationGracePeriodSeconds: 30volumes:- configMap:defaultMode: 420items:- key: application.propertiespath: application.propertiesname: nacos-configname: nacos-configupdateStrategy:rollingUpdate:partition: 0type: RollingUpdatevolumeClaimTemplates:- apiVersion: v1kind: PersistentVolumeClaimmetadata:name: datadirspec:accessModes:- ReadWriteOnceresources:requests:storage: 2GistorageClassName: "rook-cephfs" #存儲(chǔ)類名，改為集群中已存在的volumeMode: Filesystem- apiVersion: v1kind: PersistentVolumeClaimmetadata:name: plugindirspec:accessModes:- ReadWriteOnceresources:requests:storage: 2GistorageClassName: "rook-cephfs" #存儲(chǔ)類名，改為集群中已存在的volumeMode: Filesystem- apiVersion: v1kind: PersistentVolumeClaimmetadata:name: logdirspec:accessModes:- ReadWriteOnceresources:requests:storage: 2GistorageClassName: "rook-cephfs" #存儲(chǔ)類名，改為集群中已存在的volumeMode: Filesystem

鏡像說(shuō)明

查看YAML文件可知官方教程使用的初始化容器鏡像是：nacos/nacos-peer-finder-plugin:1.0，鏡像則是：nacos/nacos-server:latest

• nacos-peer-finder-plugin

  這個(gè)鏡像唯一的作用是安裝 peer-finder插件相關(guān)的腳本到指定目錄（plugins/peer-finder/），結(jié)束后就死亡。peer-finder插件的功能是輪詢（1秒）指定的k8s service ，如果service下面的pod地址列表發(fā)生變化，則重新寫入cluster.conf文件，以便實(shí)現(xiàn)nacos的動(dòng)態(tài)擴(kuò)容。

• nacos-server
  nacos本體鏡像，鏡像啟動(dòng)時(shí)，除了啟動(dòng)自身的服務(wù)外，還會(huì)同時(shí)調(diào)用peer-finder-plugin-install 安裝好的腳本啟動(dòng)peer-finder。

容器運(yùn)行原理

Nacos集群節(jié)點(diǎn)信息保存在cluster.conf文件中，在k8s環(huán)境下不再需要手動(dòng)去更改cluster.conf文件來(lái)維護(hù)集群，必須使用k8s的機(jī)制去完成自動(dòng)擴(kuò)縮容。其實(shí)是peer-finder-plugin 和 上面說(shuō)的自動(dòng)輪詢cluster.conf機(jī)制來(lái)達(dá)到的。

通過(guò)Helm使用官方的chart包部署的nacos集群，每一個(gè)pod有兩個(gè)容器：

• peer-finder-plugin-install : 是一個(gè)initContainers ，這個(gè)鏡像唯一的作用是安裝 peer-finder插件相關(guān)的腳本到指定目錄（plugins/peer-finder/），結(jié)束后就死亡。
• nacos-cluster：nacos本體鏡像，鏡像啟動(dòng)時(shí)，除了啟動(dòng)自身的服務(wù)外，還會(huì)同時(shí)調(diào)用peer-finder-plugin-install 安裝好的腳本啟動(dòng)peer-finder（nacos dockerfile）
  peer-finder這個(gè)插件很簡(jiǎn)單，使用go語(yǔ)言寫的一個(gè)定時(shí)輪詢的程序，

peer-finder輪詢（1秒）指定的k8s service ，如果service下面的pod地址列表發(fā)生變化，則重新寫入cluster.conf文件。這里的k8s service就必須是headless類型的了，因?yàn)橹挥薪馕鰄eadless提供的域名，才能獲取所有pod的地址列表。

pod啟動(dòng)順序如下：

nacos客戶端訪問(wèn)：

探針

zookeeper-ready

附錄

參考

hub：https://registry.hub.docker.com/r/nacos/nacos-server

項(xiàng)目地址：https://github.com/nacos-group/nacos-k8s.git

https://nacos.io/zh-cn/docs/use-nacos-with-kubernetes.html

nacos環(huán)境隔離：https://nacos.io/zh-cn/blog/address-server.html

nacos集群原理

客戶端與集群的交互

首先需要聲明的是Nacos Cluster雖然內(nèi)部使用了Raft協(xié)議，但是對(duì)于Nacos客戶端，Cluster實(shí)例是無(wú)狀態(tài)的?？蛻舳伺渲眉旱刂酚袃煞N方式：

• 1.通過(guò)配置serverAddr列表，客戶端將訪問(wèn)集群時(shí)，隨機(jī)從列表中選擇一個(gè)實(shí)例訪問(wèn)：

NamingService configService = NacosFactory.createNamingService("10.22.0.137:30253,10.22.0.137:30254,10.22.0.137:30255");

當(dāng)然，一般情況下我們并不會(huì)直接配置Nacos實(shí)例的IP，可用用域名，以便能動(dòng)態(tài)發(fā)現(xiàn)。

• 2.通過(guò)Properties配置endpoint，定時(shí)訪問(wèn)，感知集群變化，并隨機(jī)從接口返回的列表中選擇一個(gè)實(shí)例訪問(wèn)，客戶端會(huì)與Endpoint創(chuàng)建LONG PULL。

Properties properties = new Properties(); properties.put(PropertyKeyConst.ENDPOINT,"10.18.90.16"); properties.put(PropertyKeyConst.ENDPOINT_PORT,"8850");NamingService configService = NacosFactory.createNamingService(properties);

• endpoint環(huán)境隔離最佳實(shí)踐

節(jié)點(diǎn)發(fā)現(xiàn)

只需要在部署Nacos 實(shí)例時(shí)，在conf/cluster.conf 中把自己和集群內(nèi)其它實(shí)例的地址整合到一起即可，cluster.conf文件可以是這樣：

ip1:8848 ip2:8848 ip3:8848

這樣就構(gòu)成了集群。Nacos實(shí)例會(huì)輪詢cluster.conf 文件，以保證集群在有新的實(shí)例加入時(shí)能相互發(fā)現(xiàn)以實(shí)現(xiàn)實(shí)例的擴(kuò)縮容，具體代碼實(shí)現(xiàn)在（com.alibaba.nacos.naming.cluster.ServerListManager.ServerListUpdater）。

nacos-server 鏡像啟動(dòng)腳本及配置文件

• 啟動(dòng)腳本
  容器內(nèi)文件位置：/home/nacos/bin/docker-startup.sh

  #!/bin/bash #set -x 執(zhí)行指令后，會(huì)先顯示該指令及所下的參數(shù)。 set -x # 這里定義了一些環(huán)境變量 export DEFAULT_SEARCH_LOCATIONS="classpath:/,classpath:/config/,file:./,file:./config/" export CUSTOM_SEARCH_LOCATIONS=${DEFAULT_SEARCH_LOCATIONS},file:${BASE_DIR}/conf/,${BASE_DIR}/init.d/ export CUSTOM_SEARCH_NAMES="application,custom" export MEMBER_LIST="" # 這里定義了插件的目錄 PLUGINS_DIR="/home/nacos/plugins/peer-finder" # 如果目錄不存在 則加載${NACOS_SERVERS}到$CLUSTER_CONF 存在則啟動(dòng)插件 function print_servers(){if [[ ! -d "${PLUGINS_DIR}" ]]; thenecho "" > "$CLUSTER_CONF"for server in ${NACOS_SERVERS}; doecho "$server" >> "$CLUSTER_CONF"doneelsebash $PLUGINS_DIR/plugin.shsleep 30fi } #=========================================================================================== # JVM Configuration #=========================================================================================== # 這里檢查啟動(dòng)模式：standalone 單機(jī)模式 其他則為集群模式 if [[ "${MODE}" == "standalone" ]]; thenJAVA_OPT="${JAVA_OPT} -Xms${JVM_XMS} -Xmx${JVM_XMX} -Xmn${JVM_XMN}"JAVA_OPT="${JAVA_OPT} -Dnacos.standalone=true" else # 是否啟用內(nèi)嵌存儲(chǔ)模式if [[ "${EMBEDDED_STORAGE}" == "embedded" ]]; thenJAVA_OPT="${JAVA_OPT} -DembeddedStorage=true"fiJAVA_OPT="${JAVA_OPT} -server -Xms${JVM_XMS} -Xmx${JVM_XMX} -Xmn${JVM_XMN} -XX:MetaspaceSize=${JVM_MS} -XX:MaxMetaspaceSize=${JVM_MMS}" # 是否開(kāi)啟遠(yuǎn)程調(diào)試if [[ "${NACOS_DEBUG}" == "y" ]]; thenJAVA_OPT="${JAVA_OPT} -Xdebug -Xrunjdwp:transport=dt_socket,address=9555,server=y,suspend=n"fiJAVA_OPT="${JAVA_OPT} -XX:-OmitStackTraceInFastThrow -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=${BASE_DIR}/logs/java_heapdump.hprof"JAVA_OPT="${JAVA_OPT} -XX:-UseLargePages"print_servers fi#=========================================================================================== # Setting system properties #=========================================================================================== # set mode that Nacos Server function of split if [[ "${FUNCTION_MODE}" == "config" ]]; thenJAVA_OPT="${JAVA_OPT} -Dnacos.functionMode=config" elif [[ "${FUNCTION_MODE}" == "naming" ]]; thenJAVA_OPT="${JAVA_OPT} -Dnacos.functionMode=naming" fi # set nacos server ip if [[ ! -z "${NACOS_SERVER_IP}" ]]; thenJAVA_OPT="${JAVA_OPT} -Dnacos.server.ip=${NACOS_SERVER_IP}" fiif [[ ! -z "${USE_ONLY_SITE_INTERFACES}" ]]; thenJAVA_OPT="${JAVA_OPT} -Dnacos.inetutils.use-only-site-local-interfaces=${USE_ONLY_SITE_INTERFACES}" fiif [[ ! -z "${PREFERRED_NETWORKS}" ]]; thenJAVA_OPT="${JAVA_OPT} -Dnacos.inetutils.preferred-networks=${PREFERRED_NETWORKS}" fiif [[ ! -z "${IGNORED_INTERFACES}" ]]; thenJAVA_OPT="${JAVA_OPT} -Dnacos.inetutils.ignored-interfaces=${IGNORED_INTERFACES}" fi### If turn on auth system: if [[ ! -z "${NACOS_AUTH_ENABLE}" ]]; thenJAVA_OPT="${JAVA_OPT} -Dnacos.core.auth.enabled=${NACOS_AUTH_ENABLE}" fiif [[ "${PREFER_HOST_MODE}" == "hostname" ]]; thenJAVA_OPT="${JAVA_OPT} -Dnacos.preferHostnameOverIp=true" fiJAVA_OPT="${JAVA_OPT} -Dnacos.member.list=${MEMBER_LIST}"JAVA_MAJOR_VERSION=$($JAVA -version 2>&1 | sed -E -n 's/.* version "([0-9]*).*$/\1/p') if [[ "$JAVA_MAJOR_VERSION" -ge "9" ]] ; thenJAVA_OPT="${JAVA_OPT} -cp .:${BASE_DIR}/plugins/cmdb/*.jar:${BASE_DIR}/plugins/mysql/*.jar"JAVA_OPT="${JAVA_OPT} -Xlog:gc*:file=${BASE_DIR}/logs/nacos_gc.log:time,tags:filecount=10,filesize=102400" elseJAVA_OPT="${JAVA_OPT} -Djava.ext.dirs=${JAVA_HOME}/jre/lib/ext:${JAVA_HOME}/lib/ext:${BASE_DIR}/plugins/health:${BASE_DIR}/plugins/cmdb:${BASE_DIR}/plugins/mysql"JAVA_OPT="${JAVA_OPT} -Xloggc:${BASE_DIR}/logs/nacos_gc.log -verbose:gc -XX:+PrintGCDetails -XX:+PrintGCDateStamps -XX:+PrintGCTimeStamps -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=10 -XX:GCLogFileSize=100M" fiJAVA_OPT="${JAVA_OPT} -Dnacos.home=${BASE_DIR}" JAVA_OPT="${JAVA_OPT} -jar ${BASE_DIR}/target/nacos-server.jar" JAVA_OPT="${JAVA_OPT} ${JAVA_OPT_EXT}" JAVA_OPT="${JAVA_OPT} --spring.config.location=${CUSTOM_SEARCH_LOCATIONS}" JAVA_OPT="${JAVA_OPT} --spring.config.name=${CUSTOM_SEARCH_NAMES}" JAVA_OPT="${JAVA_OPT} --logging.config=${BASE_DIR}/conf/nacos-logback.xml" JAVA_OPT="${JAVA_OPT} --server.max-http-header-size=524288"echo "nacos is starting,you can check the ${BASE_DIR}/logs/start.out" echo "$JAVA ${JAVA_OPT}" > ${BASE_DIR}/logs/start.out 2>&1 & nohup $JAVA ${JAVA_OPT} > ${BASE_DIR}/logs/start.out 2>&1 < /dev/null

• 配置文件
  容器內(nèi)文件位置：/home/nacos/conf/application.properties

server.servlet.contextPath=${SERVER_SERVLET_CONTEXTPATH:/nacos} server.contextPath=/nacos server.port=${NACOS_APPLICATION_PORT:8848} # 數(shù)據(jù)源類型 spring.datasource.platform=${SPRING_DATASOURCE_PLATFORM:""} nacos.cmdb.dumpTaskInterval=3600 nacos.cmdb.eventTaskInterval=10 nacos.cmdb.labelTaskInterval=300 nacos.cmdb.loadDataAtStart=false db.num=${MYSQL_DATABASE_NUM:1} db.url.0=jdbc:mysql://${MYSQL_SERVICE_HOST}:${MYSQL_SERVICE_PORT:3306}/${MYSQL_SERVICE_DB_NAME}?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useSSL=${MYSQL_SSL_ENABLE:false} db.url.1=jdbc:mysql://${MYSQL_SERVICE_HOST}:${MYSQL_SERVICE_PORT:3306}/${MYSQL_SERVICE_DB_NAME}?characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true&useSSL=${MYSQL_SSL_ENABLE:false} db.user=${MYSQL_SERVICE_USER} db.password=${MYSQL_SERVICE_PASSWORD} ### The auth system to use, currently only 'nacos' is supported: nacos.core.auth.system.type=${NACOS_AUTH_SYSTEM_TYPE:nacos}### The token expiration in seconds: nacos.core.auth.default.token.expire.seconds=${NACOS_AUTH_TOKEN_EXPIRE_SECONDS:18000}### The default token: nacos.core.auth.default.token.secret.key=${NACOS_AUTH_TOKEN:SecretKey012345678901234567890123456789012345678901234567890123456789}### Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay. nacos.core.auth.caching.enabled=${NACOS_AUTH_CACHE_ENABLE:false}server.tomcat.accesslog.enabled=${TOMCAT_ACCESSLOG_ENABLED:false} server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b %D # default current work dir server.tomcat.basedir= ## spring security config ### turn off security nacos.security.ignore.urls=/,/error,/**/*.css,/**/*.js,/**/*.html,/**/*.map,/**/*.svg,/**/*.png,/**/*.ico,/console-fe/public/**,/v1/auth/**,/v1/console/health/**,/actuator/**,/v1/console/server/** # metrics for elastic search management.metrics.export.elastic.enabled=false management.metrics.export.influx.enabled=falsenacos.naming.distro.taskDispatchThreadCount=10 nacos.naming.distro.taskDispatchPeriod=200 nacos.naming.distro.batchSyncKeyCount=1000 nacos.naming.distro.initDataRatio=0.9 nacos.naming.distro.syncRetryDelay=5000 nacos.naming.data.warmup=true

參數(shù)

namedescriptionoption

MODE	cluster/standalone	cluster/standalone default cluster
NACOS_SERVERS	nacos cluster address	eg. ip1:port1 ip2:port2 ip3:port3
PREFER_HOST_MODE	啟動(dòng)Nacos集群按域名解析還是IP	hostname/ip default ip
NACOS_APPLICATION_PORT	Nacos 端口	default 8848
NACOS_SERVER_IP	custom nacos server ip when network was mutil-network
SPRING_DATASOURCE_PLATFORM	standalone support mysql	mysql / empty default empty
MYSQL_SERVICE_HOST	mysql host
MYSQL_SERVICE_PORT	mysql database port	default : 3306
MYSQL_SERVICE_DB_NAME	mysql database name
MYSQL_SERVICE_USER	username of database
MYSQL_SERVICE_PASSWORD	password of database
MYSQL_DATABASE_NUM	It indicates the number of database	default :1
MYSQL_SERVICE_DB_PARAM	Database url parameter	default : characterEncoding=utf8&connectTimeout=1000&socketTimeout=3000&autoReconnect=true
JVM_XMS	-Xms	default :2g
JVM_XMX	-Xmx	default :2g
JVM_XMN	-Xmn	default :1g
JVM_MS	-XX:MetaspaceSize	default :128m
JVM_MMS	-XX:MaxMetaspaceSize	default :320m
NACOS_DEBUG	enable remote debug	y/n default :n
TOMCAT_ACCESSLOG_ENABLED	server.tomcat.accesslog.enabled	default :false
NACOS_AUTH_SYSTEM_TYPE	The auth system to use, currently only ‘nacos’ is supported	default :nacos
NACOS_AUTH_ENABLE	If turn on auth system	default :false
NACOS_AUTH_TOKEN_EXPIRE_SECONDS	The token expiration in seconds	default :18000
NACOS_AUTH_TOKEN	The default token	default :SecretKey012345678901234567890123456789012345678901234567890123456789
NACOS_AUTH_CACHE_ENABLE	Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay.	default : false
MEMBER_LIST	Set the cluster list with a configuration file or command-line argument	eg:192.168.16.101:8847?raft_port=8807,192.168.16.101?raft_port=8808,192.168.16.101:8849?raft_port=8809
EMBEDDED_STORAGE	Use embedded storage in cluster mode without mysql	embedded default : none
NACOS_AUTH_CACHE_ENABLE	nacos.core.auth.caching.enabled	default : false
NACOS_AUTH_USER_AGENT_AUTH_WHITE_ENABLE	nacos.core.auth.enable.userAgentAuthWhite	default : false
NACOS_AUTH_IDENTITY_KEY	nacos.core.auth.server.identity.key	default : serverIdentity
NACOS_AUTH_IDENTITY_VALUE	nacos.core.auth.server.identity.value	default : security
NACOS_SECURITY_IGNORE_URLS	nacos.security.ignore.urls	default : /,/error,/**/*.css,/**/*.js,/**/*.html,/**/*.map,/**/*.svg,/**/*.png,/**/*.ico,/console-fe/public/**,/v1/auth/**,/v1/console/health/**,/actuator/**,/v1/console/server/**

如果以上配置不滿足要求，可以通過(guò)掛載文件方式實(shí)現(xiàn)。掛載文件到 /home/nacos/init.d/ 目錄下 custom.properties文件，優(yōu)先級(jí)比application.properties文件高。

nacos端口

nacos默認(rèn)使用8848對(duì)外提供服務(wù)，7848 用于節(jié)點(diǎn)直接的通信，例如選舉leader。

解決K8S/openshift等限制以root賬戶運(yùn)行問(wèn)題

如果K8S/openshift限制以root賬戶運(yùn)行，則nacos中的tomcat會(huì)啟動(dòng)失敗，在 /home/nacos/logs/start.out 中記錄以下錯(cuò)誤：

2021-03-09 18:22:23,496 INFO Nacos is starting...2021-03-09 18:22:23,771 INFO Nacos Log files: /home/nacos/logs2021-03-09 18:22:23,771 INFO Nacos Log files: /home/nacos/conf2021-03-09 18:22:23,771 INFO Nacos Log files: /home/nacos/data2021-03-09 18:22:23,774 ERROR Startup errors : {}org.springframework.context.ApplicationContextException: Unable to start web server; nested exception is org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcatat org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.onRefresh(ServletWebServerApplicationContext.java:156)at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:544)at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141)at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:744)at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:391)at org.springframework.boot.SpringApplication.run(SpringApplication.java:312)at org.springframework.boot.SpringApplication.run(SpringApplication.java:1215)at org.springframework.boot.SpringApplication.run(SpringApplication.java:1204)at com.alibaba.nacos.Nacos.main(Nacos.java:35)

解決方法是創(chuàng)建一個(gè)賬戶nacos，并且把 /home/nacos目錄owner改為nacos，并設(shè)置ENTRYPOINT

Dockerfile

From nacos/nacos-server:1.4.1 RUN useradd nacos -u 1000 && chown -R nacos /home/nacosENTRYPOINT ["bin/docker-startup.sh"] docker build -t nacos/nacos-server:1.4.1-unprivilege ./

總結(jié)

以上是生活随笔為你收集整理的K8S-statefulset-nacos的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。