rbac
Hazelcast uses Kubernetes API for auto-discovery. That is why you need to grant certain roles to your service account. You can do it by creating the following “rbac.yaml” file.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: default-cluster
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: view
subjects:
- kind: ServiceAccount
name: default
namespace: dmcca-spark-operator
deploy && svc
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
deployment.kubernetes.io/revision: '3'
k8s.kuboard.cn/ingress: 'false'
k8s.kuboard.cn/service: ClusterIP
k8s.kuboard.cn/workload: hazelcast
creationTimestamp: '2021-11-10T02:49:46Z'
generation: 5
labels:
k8s.kuboard.cn/layer: ''
k8s.kuboard.cn/name: hazelcast
managedFields:
- apiVersion: apps/v1
fieldsType: FieldsV1
fieldsV1:
'f:metadata':
'f:annotations':
.: {}
'f:k8s.kuboard.cn/ingress': {}
'f:k8s.kuboard.cn/service': {}
'f:k8s.kuboard.cn/workload': {}
'f:labels':
.: {}
'f:k8s.kuboard.cn/layer': {}
'f:k8s.kuboard.cn/name': {}
'f:spec':
'f:progressDeadlineSeconds': {}
'f:replicas': {}
'f:revisionHistoryLimit': {}
'f:selector': {}
'f:strategy':
'f:rollingUpdate':
.: {}
'f:maxSurge': {}
'f:maxUnavailable': {}
'f:type': {}
'f:template':
'f:metadata':
'f:labels':
.: {}
'f:k8s.kuboard.cn/layer': {}
'f:k8s.kuboard.cn/name': {}
'f:spec':
'f:affinity':
.: {}
'f:podAntiAffinity':
.: {}
'f:requiredDuringSchedulingIgnoredDuringExecution': {}
'f:containers':
'k:{"name":"hazelcast"}':
.: {}
'f:env':
.: {}
'k:{"name":"DNS_DOMAIN"}':
.: {}
'f:name': {}
'f:value': {}
'k:{"name":"POD_NAMESPACE"}':
.: {}
'f:name': {}
'f:value': {}
'f:image': {}
'f:imagePullPolicy': {}
'f:lifecycle': {}
'f:name': {}
'f:ports':
.: {}
'k:{"containerPort":5701,"protocol":"TCP"}':
.: {}
'f:containerPort': {}
'f:name': {}
'f:protocol': {}
'f:resources': {}
'f:terminationMessagePath': {}
'f:terminationMessagePolicy': {}
'f:dnsConfig': {}
'f:dnsPolicy': {}
'f:restartPolicy': {}
'f:schedulerName': {}
'f:securityContext':
.: {}
'f:seLinuxOptions': {}
'f:terminationGracePeriodSeconds': {}
manager: Mozilla
operation: Update
time: '2021-11-10T03:37:49Z'
- apiVersion: apps/v1
fieldsType: FieldsV1
fieldsV1:
'f:metadata':
'f:annotations':
'f:deployment.kubernetes.io/revision': {}
'f:status':
'f:availableReplicas': {}
'f:conditions':
.: {}
'k:{"type":"Available"}':
.: {}
'f:lastTransitionTime': {}
'f:lastUpdateTime': {}
'f:message': {}
'f:reason': {}
'f:status': {}
'f:type': {}
'k:{"type":"Progressing"}':
.: {}
'f:lastTransitionTime': {}
'f:lastUpdateTime': {}
'f:message': {}
'f:reason': {}
'f:status': {}
'f:type': {}
'f:observedGeneration': {}
'f:readyReplicas': {}
'f:replicas': {}
'f:unavailableReplicas': {}
'f:updatedReplicas': {}
manager: kube-controller-manager
operation: Update
time: '2021-11-10T03:37:49Z'
name: hazelcast
namespace: dmcca-spark-operator
resourceVersion: '109451958'
uid: d0523d40-6919-48b2-b8fe-5bc60ee6254c
spec:
progressDeadlineSeconds: 600
replicas: 3
revisionHistoryLimit: 10
selector:
matchLabels:
k8s.kuboard.cn/layer: ''
k8s.kuboard.cn/name: hazelcast
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
k8s.kuboard.cn/layer: ''
k8s.kuboard.cn/name: hazelcast
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector: {}
namespaces:
- dmcca-spark-operator
topologyKey: kubernetes.io/hostname
containers:
- env:
- name: DNS_DOMAIN
value: cluster.local
- name: POD_NAMESPACE
value: dmcca-spark-operator
image: '192.168.xxxx/lego/quay.io/pires/hazelcast-kubernetes:3.12.3'
imagePullPolicy: IfNotPresent
lifecycle: {}
name: hazelcast
ports:
- containerPort: 5701
name: hazelcast
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsConfig: {}
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
seLinuxOptions: {}
terminationGracePeriodSeconds: 30
---
apiVersion: v1
kind: Service
metadata:
annotations:
k8s.kuboard.cn/workload: hazelcast
creationTimestamp: '2021-11-10T02:49:46Z'
labels:
k8s.kuboard.cn/layer: ''
k8s.kuboard.cn/name: hazelcast
managedFields:
- apiVersion: v1
fieldsType: FieldsV1
fieldsV1:
'f:metadata':
'f:annotations':
.: {}
'f:k8s.kuboard.cn/workload': {}
'f:labels':
.: {}
'f:k8s.kuboard.cn/layer': {}
'f:k8s.kuboard.cn/name': {}
'f:spec':
'f:ports':
.: {}
'k:{"port":5701,"protocol":"TCP"}':
.: {}
'f:name': {}
'f:port': {}
'f:protocol': {}
'f:targetPort': {}
'f:selector':
.: {}
'f:k8s.kuboard.cn/layer': {}
'f:k8s.kuboard.cn/name': {}
'f:sessionAffinity': {}
'f:type': {}
manager: Mozilla
operation: Update
time: '2021-11-10T02:49:46Z'
name: hazelcast
namespace: dmcca-spark-operator
resourceVersion: '109398374'
uid: f2c7ad8b-fad8-48c1-93bc-c9e35358acc3
spec:
clusterIP: 10.97.63.178
clusterIPs:
- 10.97.63.178
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: hazelcast
port: 5701
protocol: TCP
targetPort: 5701
selector:
k8s.kuboard.cn/layer: ''
k8s.kuboard.cn/name: hazelcast
sessionAffinity: None
type: ClusterIP
環境變量選項
To configure Hazelcast inside of the Kubernetes cluster the following environment options can be used:
HAZELCAST_SERVICE - name of the Hazelcast service, declared in the Kubernetes service configuration. Default: hazelcast.
DNS_DOMAIN - domain name used inside of the cluster. Default: cluster.local.
POD_NAMESPACE - namespace in which hazelcast should be running. Default: default. Use the Downward API to set it automatically.
HC_GROUP_NAME - Hazelcast group name. Default: someGroup.
HC_GROUP_PASSWORD - Hazelcast group password. Default: someSecret.
HC_PORT - Port on which Hazelcast should be running.
HC_REST_ENABLED - Whether to enable Hazelcast REST API. Default: false.
![linux-svn解除安裝與安裝[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)