歡迎關注我的公衆号:
目前剛開始寫一個月,一共寫了18篇原創文章,文章目錄如下:
istio多叢集探秘,部署了50次多叢集後我得出的結論
istio多叢集鍊路追蹤,附實操視訊
istio防故障利器,你知道幾個,istio新手不要讀,太難!
istio業務權限控制,原來可以這麼玩
istio實作非侵入壓縮,微服務之間如何實作壓縮
不懂envoyfilter也敢說精通istio系列-http-rbac-不要隻會用AuthorizationPolicy配置權限
不懂envoyfilter也敢說精通istio系列-02-http-corsFilter-不要隻會vs
不懂envoyfilter也敢說精通istio系列-03-http-csrf filter-再也不用再代碼裡寫csrf邏輯了
不懂envoyfilter也敢說精通istio系列http-jwt_authn-不要隻會RequestAuthorization
不懂envoyfilter也敢說精通istio系列-05-fault-filter-故障注入不止是vs
不懂envoyfilter也敢說精通istio系列-06-http-match-配置路由不隻是vs
不懂envoyfilter也敢說精通istio系列-07-負載均衡配置不止是dr
不懂envoyfilter也敢說精通istio系列-08-連接配接池和斷路器
不懂envoyfilter也敢說精通istio系列-09-http-route filter
不懂envoyfilter也敢說精通istio系列-network filter-redis proxy
不懂envoyfilter也敢說精通istio系列-network filter-HttpConnectionManager
不懂envoyfilter也敢說精通istio系列-ratelimit-istio ratelimit完全手冊
-----------------------------------------------------------------------------------------------------------------
statefulset:
StatefulSet是Kubernetes提供的管理有狀态應用的負載管理控制器API。
特點:
1.具有固定的網絡标記(主機名)
2.具有持久化存儲
3.需要按順序部署和擴充
4.需要按順序終止和删除
5.需要按順序滾動和更新
Headless service:
•在Deployment中,與之對應的服務是service,而在StatefulSet中與之對應的headless service
•StatefulSet在Headless Service的基礎上又為StatefulSet控制的每個Pod副本建立了一個DNS域名,這個域名的格式為:
$(podname).(headless server name)
FQDN: $(podname).(headless server name).namespace.svc.cluster.local
示例:
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web yum -y install rpcbind nfs-utils
vim /etc/exports
/nfs 192.168.198.0/24(rw,no_root_squash,no_all_squash,sync)
exportfs -rv
systemctl start rpcbind systemctl start nfs
mount -t nfs 192.168.198.156:/nfs /mnt
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
selector:
matchLabels:
app: nginx
serviceName: "nginx"
replicas: 3
template:
metadata:
labels:
app: nginx
spec:
terminationGracePeriodSeconds: 10
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web
volumeMounts:
- name: www
mountPath: /usr/share/nginx/html
volumeClaimTemplates:
- metadata:
name: www
spec:
accessModes: [ "ReadWriteOnce" ]
storageClassName: "nfs-sc"
resources:
requests:
storage: 10Mi 為什麼需要 headless service 無頭服務?:
•pod IP是變化的,是以是以Pod名稱來識别。pod名稱是pod唯一性的辨別符,必須持久穩定有效。這時候要用到無頭服務,它可以給每個Pod一個唯一的名稱 。
為什麼需要volumeClaimTemplate:
•statefulset的存儲卷就不能再用Pod模闆來建立了,于是statefulSet使用volumeClaimTemplate,稱為卷申請模闆,它會為每個Pod生成不同的pvc,并綁定pv, 進而實作各pod有專用存儲
podManagementPolicy:
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
podManagementPolicy: Parallel
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web updateStrategy:
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
updateStrategy:
type: OnDelete
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web partition:
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
updateStrategy:
type: RollingUpdate
rollingUpdate:
partition: 5
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web QoS:
apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web
resources:
requests:
cpu: 0.01
memory: 20Mi
limits:
cpu: 0.01
memory: 20Mi apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web
resources:
requests:
cpu: 0.01
memory: 20Mi apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web
resources:
requests:
cpu: 0.01
memory: 20Mi
limits:
cpu: 0.01
memory: 40Mi apiVersion: v1
kind: Service
metadata:
name: nginx
labels:
app: nginx
spec:
ports:
- port: 80
name: web
clusterIP: None
selector:
app: nginx
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: web
spec:
serviceName: "nginx"
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 80
name: web ![IO模型淺析-阻塞、非阻塞、IO複用、信号驅動、異步IO、同步IO[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)