一. 使用statefulset部署rabbitmq集群
在部署集群之前需要为集群创建一个Storage Class(存储类)来作为集群数据的持久化后端。本例中使用ceph作为后端存储,在创建存储类之前需要先搭建好,并保证在k8s集群各个节点上均能挂载该ceph存储。
1.创建命名空间rabbit-mq
# cat rabbit-mq.yaml
---
apiVersion: v1
kind: Namespace
metadata:
name: rabbit-mq
# kubectl apply -f rabbit-mq.yaml
2. Service Account是Kubernetes Pod中的程序用于访问Kubernetes API的Account(账号),它为Pod中的程序提供访问Kubernetes API的身份标识。下面我们创建rabbitmq Pod的ServiceAccount,并针对Kubernetes的endpoint资源做授权,创建相关的role和rolebinding。
在Kubernetes上创建rabbitmq这个ServiceAccount以及相关的role和rolebinding.创建如下的rabbitmq.rbac.yaml文件
# cat rabbitmq.rbac.yaml
---
apiVersion: v1
kind: ServiceAccount #集群访问apiserver的凭证
metadata:
name: rabbitmq
namespace: rabbit-mq
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: endpoint-reader
namespace: rabbit-mq
rules:
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get"]
---
kind: RoleBinding #将角色绑定
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: endpoint-reader
namespace: rabbit-mq
subjects:
- kind: ServiceAccount
name: rabbitmq
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: endpoint-reader
# kubectl apply -f rabbitmq.rbac.yaml
[root@master rabbitmq]# kubectl get ServiceAccount -n rabbit-mq
NAME SECRETS AGE
default 1 60m
rabbitmq 1 60m
3. 创建访问rabbitmq集群的service,创建rabbitmq.service.yaml
# cat rabbitmq.service.yaml
---
kind: Service
apiVersion: v1
metadata:
name: rabbitmq-headless
namespace: rabbit-mq
spec:
clusterIP: None
publishNotReadyAddresses: true
ports:
- name: amqp
port: 5672
- name: http
port: 15672
selector:
app: rabbitmq
---
kind: Service
apiVersion: v1
metadata:
namespace: rabbit-mq
name: rabbitmq-service
spec:
ports:
- name: http
protocol: TCP
port: 15672
nodePort: 35672 #管理web界面
- name: amqp
protocol: TCP
port: 5672
targetPort: 5672
nodePort: 35671
selector:
app: rabbitmq
type: NodePort
# kubectl create -f rabbitmq.service.yaml
[root@master rabbitmq]# kubectl get svc -n rabbit-mq
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
rabbitmq-headless ClusterIP None <none> 5672/TCP,15672/TCP 58m
rabbitmq-service NodePort 10.111.143.240 <none>