go-micro使用kubernetes服务注册中心

go-micro使用kubernetes服务注册中心

go-micro部署到kubernetes环境，可以选择kubernetes注册中心插件，减少组件依赖简化运维。

主要工作

go-微服务端

RBAC问题

如果kubernetes开启了RBAC，在部署服务时需要配置RBAC，包括micro web、micro api服务，否则服务注册/发现将失败

2019/06/27 12:54:13 K8s: request failed with code 403
2019/06/27 12:54:13 K8s: request failed with body:
2019/06/27 12:54:13 {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"pods \"micro-web-79545546b4-p5vbt\" is forbidden: User \"system:serviceaccount:default:default\" cannot patch resource \"pods\" in API group \"\" in the namespace \"default\"","reason":"Forbidden","details":{"name":"micro-web-79545546b4-p5vbt","kind":"pods"},"code":403}
2019/06/27 12:54:13 Server register error: K8s: error

RBAC yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: micro-services
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: micro-registry
rules:
- apiGroups:
  - ""
  resources:
  - pods
  verbs:
  - list
  - patch
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: micro-registry
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: micro-registry
subjects:
- kind: ServiceAccount
  name: micro-services
  namespace: default

服务指定Service Account

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  namespace: default
  name: micro-api
spec:
  replicas: 1
  template:
    metadata:
      labels:
        name: micro-api
    spec:
    serviceAccountName: micro-services   #这里加上
      containers:
      - name: api
        command: [
                "/micro",
                "--server=rpc",
                "--broker=http",
                "--transport=http",
                "--selector=cache",
                "--enable_stats",
                "api"
            ]
        image: qianxunke/micro-demo:k8s
        imagePullPolicy: Always
        ports:
        - containerPort: 8080
          name: api-port