Kubernetes 1.20.5搭建sentinel

背景：

后端程序团队准备一波流springcloud架构,配置中心用了阿里开源的nacos。不出意外的要高一个sentinel做测试了…。做一个demo开始搞一下吧。
kubernetes上面搭建sentinel的案例较少。看下眼还是springcloud全家桶的多点。阿里开源的这一套还是少点。百度或者Google搜索 sentinel基本出来的都是redis哨兵模式…有点忧伤。
注：搭建方式可以参照：https://blog.csdn.net/fenglailea/article/details/92436337?utm_term=k8s%E9%83%A8%E7%BD%B2Sentinel&utm_medium=distribute.pc_aggpage_search_result.none-task-blog-2allsobaiduweb~default-0-92436337&spm=3001.4430。

一. 搭建sentinel-dashboard:1.自定义创建sentinel-dashboard image镜像

嗯 很理所当然了不喜欢用docker镜像这名词了。还是用image吧。上面引用的博客中1.6.1的版本吧 ？搭建跑了下犯了强迫症，最新的版本是1.8.1根据foxiswho大佬的配置文件进行修改下镜像。
vim Dockerfile

FROM openjdk:11.0.3-jdk-stretchMAINTAINER foxiswho@gmail.comARG versionARG port# sentinel versionENV SENTINEL_VERSION ${version:-1.8.1}#PORTENV PORT ${port:-8858}ENV JAVA_OPT=""#ENV PROJECT_NAME sentinel-dashboardENV SERVER_HOST localhostENV SERVER_PORT 8858ENV USERNAME sentinelENV PASSWORD sentinel# sentinel homeENV SENTINEL_HOME  /opt/ENV SENTINEL_LOGS  /opt/logs#tme zoneRUN rm -rf /etc/localtime \&& ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime# create logsRUN mkdir -p ${SENTINEL_LOGS}# get the version#RUN cd /  \# && wget https://github.com/alibaba/Sentinel/releases/download/${SENTINEL_VERSION}/sentinel-dashboard-${SENTINEL_VERSION}.jar -O sentinel-dashboard.jar \# && mv sentinel-dashboard.jar ${SENTINEL_HOME} \# && chmod -R +x ${SENTINEL_HOME}/*jar# test f    
ileCOPY sentinel-dashboard.jar ${SENTINEL_HOME}# add scriptsCOPY scripts/* /usr/local/bin/RUN chmod +x /usr/local/bin/docker-entrypoint.sh \&& ln -s /usr/local/bin/docker-entrypoint.sh /opt/docker-entrypoint.sh#RUN chmod -R +x ${SENTINEL_HOME}/*jarVOLUME ${SENTINEL_LOGS}WORKDIR  ${SENTINEL_HOME}EXPOSE ${PORT} 8719CMD java ${JAVA_OPT} -jar sentinel-dashboard.jarENTRYPOINT ["docker-entrypoint.sh"]

注： 大佬的Dockerfile中 暴露的端口是8200，由于看sentinel对外暴露端口都是8518我就把dockerfile修改了。然后把https://github.com/alibaba/Sentinel/releases下载了1.8.1版本的jar包改名为sentinel-dashboard.jar 放在当前目录


dc目录可以忽略，原项目copy自https://github.com/foxiswho/docker-sentinel
cat scripts/docker-entrypoint.sh

#!/bin/bash# Licensed to the Apache Software Foundation (ASF) under one or more# contributor license agreements.  See the NOTICE file distributed with# this work for additional information regarding copyright ownership.# The ASF licenses this file to You under the Apache License, Version 2.0# (the "License"); you may not use this file except in compliance with# the License.  You may obtain a copy of the License at##     http://www.apache.org/licenses/LICENSE-2.0## Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an "AS IS" BASIS,# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.# See the License for the specific language governing permissions and# limitations under the License.#===========================================================================================# Java Environment Setting#===========================================================================================error_exit (){    echo "ERROR: $1 !!"    exit 1}[ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=$HOME/jdk/java[ ! -e "$JAVA_HOME/bin/java" ] && JAVA_HOME=/usr/java[ ! -e "$JAVA_HOME/bin/java" ] && error_exit "Please set the JAVA_HOME variable in your environment, We need java(x64)!"export JAVA_HOMEexport JAVA="$JAVA_HOME/bin/java"export BASE_DIR=$(dirname $0)/..export CLASSPATH=.:${BASE_DIR}/conf:${CLASSPATH}#===========================================================================================# JVM Configuration#===========================================================================================# Get the max heap used by a jvm, which used all the ram available to the container.if [ -z "$MAX_POSSIBLE_HEAP" ]thenMAX_POSSIBLE_RAM_STR=$(java -XX:+UnlockExperimentalVMOptions -XX:MaxRAMFraction=1 -XshowSettings:vm -version 2>&1 | awk '/Max\. Heap Size \(Estimated\): [0-9KMG]+/{ print $5}')MAX_POSSIBLE_RAM=$MAX_POSSIBLE_RAM_STRCAL_UNIT=${MAX_POSSIBLE_RAM_STR: -1}if [ "$CAL_UNIT" == "G" -o "$CAL_UNIT" == "g" ]; thenMAX_POSSIBLE_RAM=$(echo ${MAX_POSSIBLE_RAM_STR:0:${#MAX_POSSIBLE_RAM_STR}-1} `expr 1 \* 1024 \* 1024 \* 1024` | awk '{printf "%d",$1*$2}')elif [ "$CAL_UNIT" == "M" -o "$CAL_UNIT" == "m" ]; thenMAX_POSSIBLE_RAM=$(echo ${MAX_POSSIBLE_RAM_STR:0:${#MAX_POSSIBLE_RAM_STR}-1} `expr 1 \* 1024 \* 1024` | awk '{printf "%d",$1*$2}')elif [ "$CAL_UNIT" == "K" -o "$CAL_UNIT" == "k" ]; thenMAX_POSSIBLE_RAM=$(echo ${MAX_POSSIBLE_RAM_STR:0:${#MAX_POSSIBLE_RAM_STR}-1} `expr 1 \* 1024` | awk '{printf "%d",$1*$2}')fiMAX_POSSIBLE_HEAP=$[MAX_POSSIBLE_RAM/4]fi# Dynamically calculate parameters, for reference.Xms=$MAX_POSSIBLE_HEAPXmx=$MAX_POSSIBLE_HEAPXmn=$[MAX_POSSIBLE_HEAP/2]# Set for `JAVA_OPT`.JAVA_OPT="${JAVA_OPT} -server "if [ x"${MAX_POSSIBLE_HEAP_AUTO}" = x"auto" ];then    JAVA_OPT="${JAVA_OPT} -Xms${Xms} -Xmx${Xmx} -Xmn${Xmn}"fi#-XX:+UseCMSCompactAtFullCollection#JAVA_OPT="${JAVA_OPT} -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=70 -XX:+CMSParallelRemarkEnabled -XX:SoftRefLRUPolicyMSPerMB=0 -XX:+CMSClassUnloadingEnabled -XX:SurvivorRatio=8 "#JAVA_OPT="${JAVA_OPT} -verbose:gc -Xloggc:/dev/shm/rmq_srv_gc.log -XX:+PrintGCDetails"#JAVA_OPT="${JAVA_OPT} -XX:-OmitStackTraceInFastThrow"#JAVA_OPT="${JAVA_OPT}  -XX:-UseLargePages"#JAVA_OPT="${JAVA_OPT} -Djava.ext.dirs=${JAVA_HOME}/jre/lib/ext:${BASE_DIR}/lib"#JAVA_OPT="${JAVA_OPT} -Xdebug -Xrunjdwp:transport=dt_socket,address=9555,server=y,suspend=n"JAVA_OPT="${JAVA_OPT} -Dserver.port=${PORT} "JAVA_OPT="${JAVA_OPT} -Dcsp.sentinel.log.dir=${SENTINEL_LOGS} "JAVA_OPT="${JAVA_OPT} -Djava.security.egd=file:/dev/./urandom"JAVA_OPT="${JAVA_OPT} -Dproject.name=${PROJECT_NAME} "JAVA_OPT="${JAVA_OPT} -Dcsp.sentinel.app.type=1 "JAVA_OPT="${JAVA_OPT} -Dsentinel.dashboard.auth.username=${USERNAME} "JAVA_OPT="${JAVA_OPT} -Dsentinel.dashboard.auth.password=${PASSWORD} "JAVA_OPT="${JAVA_OPT} -Dcsp.sentinel.dashboard.server=${SERVER_HOST:-localhost}:${SERVER_PORT:-8558} "JAVA_OPT="${JAVA_OPT} ${JAVA_OPT_EXT}"JAVA_OPT="${JAVA_OPT} -jar sentinel-dashboard.jar "JAVA_OPT="${JAVA_OPT} -cp ${CLASSPATH}"echo "JAVA_OPT============"echo "JAVA_OPT============"echo "JAVA_OPT============"echo $JAVA_OPT$JAVA ${JAVA_OPT} $@

依然抄的大佬的启动文件。但是注意…大佬这里也写死了端口8200…记得修改

嗯 开始build镜像

docker build -t ccr.ccs.tencentyun.com/xxxx/sentinel:1.8.1 .docker push ccr.ccs.tencentyun.com/xxxx/sentinel:1.8.1

对了 我是不是可以用crictl命令操作一下？crictl ctr 不支持build…后续是不是可以考虑用
buildkit 构建镜像？

2. 在kubernetes集群中部署sentinel

在Kubernetes 1.20.5搭建nacos中建立了nacos namespace. sentinel也部署在sentinel命名空间了没有做太多的复杂配置。这边都是简单跑起来的demo，先跑通流程

1. 部署configmap

cat config.yaml

apiVersion: v1kind: ConfigMapmetadata:  name: sentinel-cmdata:  sentinel.server.host: "sentinel"  sentinel.server.port: "8858"  sentinel.dashboard.auth.username: "sentinel111111"  sentinel.dashboard.auth.password: "W3$ti$aifffdfGEqjf.xOkZ"

注：这里的sentinel.server.host 我这里直接写的是服务名，还没有出现什么异常启动了。正常是不是该输入一个fqdn? sentinel.nacos.svc.cluster.local 这样的呢？（当然了 我的domain不是cluster.local）.

kubectl apply -f config.yaml -n nacos

2 部署 sentinel statefulset

cat pod.yaml

apiVersion: apps/v1kind: StatefulSetmetadata:  name: sentinel  labels:    app: sentinelspec:  serviceName: sentinel  replicas: 1  selector:    matchLabels:      app: sentinel  template:    metadata:      labels:        app: sentinel    spec:      containers:        - name: sentinel          image: ccr.ccs.tencentyun.com/XXXX/sentinel:1.8.1          imagePullPolicy: IfNotPresent          resources:            limits:              cpu: 450m              memory: 1024Mi            requests:              cpu: 400m              memory: 1024Mi          env:            - name: TZ              value: Asia/Shanghai            - name: JAVA_OPT_EXT              value: "-Dserver.servlet.session.timeout=7200 "            - name: SERVER_HOST              valueFrom:                configMapKeyRef:                  name: sentinel-cm                  key: sentinel.server.host            - name: SERVER_PORT              valueFrom:                configMapKeyRef:                  name: sentinel-cm                  key: sentinel.server.port            - name: USERNAME              valueFrom:                  configMapKeyRef:                    name: sentinel-cm                    key: sentinel.dashboard.auth.username            - name: PASSWORD              valueFrom:                  configMapKeyRef:                    name: sentinel-cm                    key: sentinel.dashboard.auth.password          ports:            - containerPort: 8858            - containerPort: 8719          volumeMounts:            - name: vol-log              mountPath: /opt/logs      volumes:        - name: vol-log          hostPath:            path: /www/k8s/foxdev/sentinel/logs            type: Directory

kubectl  apply -f pod.yaml -n nacos

注意：偷懒了 volumes挂载不想搞了本来就是测试的 在三个work节点都搞了/www/k8s/foxdev/sentinel/logs目录.直接复制foxiswho的配置了基本。

3. 部署service服务

cat svc.yaml

apiVersion: v1kind: Servicemetadata:  name: sentinel  labels:    app: sentinelspec:  type: ClusterIP  ports:    - port: 8858      targetPort: 8858      name: web    - port: 8719      targetPort: 8719      name: api  selector:    app: sentinel

kubectl apply -f svc -n nacos

4. 验证服务是否正常

kubectl get pod,svc -n nacoskubectl logs -f sentinel-0 -n nacos

5. ingress 对外暴露sentinel dashboard

cat ingress.yaml

apiVersion: networking.k8s.io/v1kind: Ingressmetadata:  name: sentinel-http  namespace: nacos  annotations:    kubernetes.io/ingress.class: traefik      traefik.ingress.kubernetes.io/router.entrypoints: webspec:  rules:  - host: sentinel.saynaihe.com     http:      paths:      - pathType: Prefix        path: /        backend:          service:            name: sentinel            port:              number: 8858

输入 configmap中设置的用户名密码

进入控制台：

实时监控，请求链路 流控规则和降级规则这几个名词个人就很喜欢的样子…后面再去研究下使用。