一、Helm方式部署¶
设置环境变量
# 配置安装helm软件的名称
export SKYWALKING_RELEASE_NAME=skywalking
# 配置skywalking安装到k8s的命名空间
export SKYWALKING_RELEASE_NAMESPACE=devops
# 配置helm仓库名称
export REPO=skywalking
helm添加仓库
$ helm repo add ${REPO} https://apache.jfrog.io/artifactory/skywalking-helm
把skywalking安装包拉取下来
$ helm pull ${REPO}/skywalking --untar
单机部署es
[root@master01 ~]# cd /root/8
[root@master01 8]# vim elasticsearch-alone.yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elasticsearch
namespace: devops
spec:
replicas: 1
selector:
matchLabels:
app: elasticsearch
serviceName: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
containers:
- env:
- name: ES_JAVA_OPTS
value: -Xms2048m -Xmx2048m
- name: node.data
value: "true"
- name: node.master
value: "true"
- name: path.data
value: /usr/share/elasticsearch/data
# 自定义集群名
- name: cluster.name
value: es-cluster
# 定义节点名,使用metadata.name名称
- name: node.name
valueFrom:
fieldRef:
fieldPath: metadata.name
# 初始化集群时,ES从中选出master节点
- name: cluster.initial_master_nodes
# 对应metadata.name名称加编号,编号从0开始
value: "elasticsearch-0"
- name: discovery.zen.minimum_master_nodes
value: "1"
# 发现节点的地址,discovery.seed_hosts的值应包括所有master候选节点
# 如果discovery.seed_hosts的值是一个域名,且该域名解析到多个IP地址,那么es将处理其所有解析的IP地址。
- name: discovery.seed_hosts
value: "elasticsearch"
name: elasticsearch
image: registry.cn-hangzhou.aliyuncs.com/abroad_images/elasticsearch:7.17.4
imagePullPolicy: IfNotPresent
lifecycle:
postStart:
exec:
command:
- /bin/sh
- -c
- |
sysctl -w vm.max_map_count=262144
ulimit -l unlimited
ulimit -n 65536
chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/data
ports:
- containerPort: 9200
name: 9200tcp2
protocol: TCP
- containerPort: 9300
name: 9300tcp2
protocol: TCP
resources:
limits:
cpu: "2"
memory: 4Gi
requests:
cpu: "1"
memory: 2Gi
# 设置挂载目录
volumeMounts:
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
# 对应容器中volumeMounts.name
name: elasticsearch-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 50Gi
storageClassName: nfs-storage
---
apiVersion: v1
kind: Service
metadata:
name: elasticsearch
namespace: devops
spec:
clusterIP: None
ports:
- name: elasticsearch-in
port: 9300
protocol: TCP
targetPort: 9300
- name: elasticsearch-out
port: 9200
protocol: TCP
targetPort: 9200
selector:
app: elasticsearch
type: ClusterIP
# 部署
[root@master01 8]# kaf elasticsearch-alone.yaml
# 验证
[root@master01 8]# kgp -n devops
单机部署遇到的问题:
# pod处于CrashLoopBackOff状态
[root@master01 8]# kgp -n devops | grep elasticsearch
NAME READY STATUS RESTARTS AGE
elasticsearch-0 0/1 CrashLoopBackOff 6 (3m12s ago) 11m
解决方法:
# 查看日志报错内容
ERROR: [1] bootstrap checks failed. You must address the points described in the following [1] lines before starting Elasticsearch.
bootstrap check failure [1] of [1]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
ERROR: Elasticsearch did not exit normally - check the logs at /usr/share/elasticsearch/logs/es-cluster.log
# 解决方法
# 1. 临时生效(重启失效)
sudo sysctl -w vm.max_map_count=262144
# 2. 永久生效(所有节点执行)
echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
# 3. 删除重建即可
[root@master01 8]# k delete -f elasticsearch-alone.yaml
[root@master01 8]# kaf elasticsearch-alone.yaml
# 4. 查看pod状态
[root@master01 8]# kgp -n devops | grep elasticsearch
elasticsearch-0 1/1 Running 0 5m21s
修改values.yaml
[root@master01 ~]# cd /root/8/skywalking/
[root@master01 skywalking]# vim values.yaml
# 修改第8行,设置密码为空
8 password:
# 修改第11行,设置用户名为elastic
11 user: elastic
# 修改第12行,修改enabled: true为enabled: false
12 enabled: false
# 修改第14行,设置Xmx为3g
14 esJavaOpts: -Xmx3g -Xms1g
# 修改第23行,替换镜像为国内镜像
23 image: registry.cn-hangzhou.aliyuncs.com/github_images1024/elasticsearch
# 修改第26行,修改镜像tag
26 imageTag: 7.5.1
# 修改第49行,修改为enabled: true,开启持久化
49 enabled: true
# 修改第83行,设置副本数为1
83 replicas: 1
# 修改第124行,设置存储大小为50Gi
124 storage: 50Gi
# 修改第132行,替换镜像为国内镜像
132 image: registry.cn-hangzhou.aliyuncs.com/abroad_images/busybox
# 修改第144行,替换镜像为国内镜像
144 repository: registry.cn-hangzhou.aliyuncs.com/github_images1024/skywalking-oap-server
# 修改第145行,修改镜像tag
145 tag: 8.9.0
# 修改第154行,设置副本数为1
154 replicas: 1
# 修改第158行,设置storageType为elasticsearch
158 storageType: elasticsearch
# 修改第166行,替换镜像为国内镜像
166 repository: registry.cn-hangzhou.aliyuncs.com/github_images1024/skywalking-satellite
# 修改第167行,修改镜像tag
167 tag: v1.2.0
# 修改第185行,替换镜像为国内镜像
185 repository: registry.cn-hangzhou.aliyuncs.com/github_images1024/skywalking-ui
# 修改第186行,修改镜像tag
186 tag: 8.9.0
# 完整配置文件
[root@master01 ~]# cd /root/8/skywalking/
[root@master01 skywalking]# vim values.yaml
elasticsearch:
antiAffinity: hard
antiAffinityTopologyKey: kubernetes.io/hostname
clusterHealthCheckParams: wait_for_status=green&timeout=1s
clusterName: elasticsearch
config:
host: elasticsearch
password:
port:
http: 9200
user: elastic
enabled: false
esConfig: {}
esJavaOpts: -Xmx3g -Xms1g
esMajorVersion: ""
extraEnvs: []
extraInitContainers: ""
extraVolumeMounts: ""
extraVolumes: ""
fsGroup: ""
fullnameOverride: ""
httpPort: 9200
image: registry.cn-hangzhou.aliyuncs.com/github_images1024/elasticsearch
imagePullPolicy: IfNotPresent
imagePullSecrets: []
imageTag: 7.17.3
ingress:
annotations: {}
enabled: false
hosts:
- chart-example.local
path: /
tls: []
initResources: {}
keystore: []
labels: {}
lifecycle: {}
masterService: ""
masterTerminationFix: false
maxUnavailable: 1
minimumMasterNodes: 2
nameOverride: ""
networkHost: 0.0.0.0
nodeAffinity: {}
nodeGroup: master
nodeSelector: {}
persistence:
annotations: {}
enabled: true
podAnnotations: {}
podManagementPolicy: Parallel
podSecurityContext:
fsGroup: 1000
runAsUser: 1000
podSecurityPolicy:
create: false
name: ""
spec:
fsGroup:
rule: RunAsAny
privileged: true
runAsUser:
rule: RunAsAny
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
volumes:
- secret
- configMap
- persistentVolumeClaim
priorityClassName: ""
protocol: http
rbac:
create: false
serviceAccountName: ""
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 3
timeoutSeconds: 5
replicas: 1
resources:
limits:
cpu: 1000m
memory: 2Gi
requests:
cpu: 100m
memory: 2Gi
roles:
data: "true"
ingest: "true"
master: "true"
schedulerName: ""
secretMounts: []
securityContext:
capabilities:
drop:
- ALL
runAsNonRoot: true
runAsUser: 1000
service:
annotations: {}
httpPortName: http
labels: {}
labelsHeadless: {}
nodePort: ""
transportPortName: transport
type: ClusterIP
sidecarResources: {}
sysctlInitContainer:
enabled: true
sysctlVmMaxMapCount: 262144
terminationGracePeriod: 120
tolerations: []
transportPort: 9300
updateStrategy: RollingUpdate
volumeClaimTemplate:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 50Gi
esInit:
nodeAffinity: {}
nodeSelector: {}
tolerations: []
fullnameOverride: ""
imagePullSecrets: []
initContainer:
image: registry.cn-hangzhou.aliyuncs.com/abroad_images/busybox
tag: "1.30"
nameOverride: ""
oap:
antiAffinity: soft
dynamicConfigEnabled: false
env: null
envoy:
als:
enabled: false
image:
pullPolicy: IfNotPresent
repository: registry.cn-hangzhou.aliyuncs.com/github_images1024/skywalking-oap-server
tag: 8.9.0
initEs: true
javaOpts: -Xmx2g -Xms2g
name: oap
nodeAffinity: {}
nodeSelector: {}
ports:
grpc: 11800
rest: 12800
replicas: 1
resources: {}
service:
type: ClusterIP
storageType: elasticsearch
tolerations: []
satellite:
antiAffinity: soft
enabled: false
env: null
image:
pullPolicy: IfNotPresent
repository: registry.cn-hangzhou.aliyuncs.com/github_images1024/skywalking-satellite
tag: v1.2.0
name: satellite
nodeAffinity: {}
nodeSelector: {}
podAnnotations: null
ports:
grpc: 11800
prometheus: 1234
replicas: 1
resources: {}
service:
type: ClusterIP
tolerations: []
serviceAccounts:
oap: null
ui:
image:
pullPolicy: IfNotPresent
repository: registry.cn-hangzhou.aliyuncs.com/github_images1024/skywalking-ui
tag: 8.9.0
ingress:
annotations: {}
enabled: false
hosts: []
path: /
tls: []
name: ui
nodeAffinity: {}
nodeSelector: {}
replicas: 1
service:
annotations: {}
externalPort: 80
internalPort: 8080
type: ClusterIP
tolerations: []
部署&&升级
# 安装部署
[root@master01 ~]# cd /root/8
[root@master01 8]# helm install skywalking skywalking -n devops --values ./skywalking/values.yaml
# 安装部署完验证
[root@master01 8]# kgp -n devops | grep skywalking
skywalking-es-init-gncc7 0/1 Completed 0 2m20s
skywalking-oap-5f45c8df5-49nn9 1/1 Running 0 2m20s
skywalking-ui-59d6d469b8-9mlg4 1/1 Running 0 2m20s
# 更新
$ helm upgrade skywalking skywalking -n devops --values ./skywalking/values.yaml
# 卸载
$ helm uninstall skywalking -ndevops
创建基于helm方式的ingress
[root@master01 ~]# vim /root/8/skywalking/skywalking-ing.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: devops
name: skywalking-ingress
spec:
ingressClassName: nginx
rules:
- host: skywalking.zhang-qing.com
http:
paths:
- pathType: Prefix
backend:
service:
name: skywalking-ui
port:
number: 8080
path: /
# 应用
[root@master01 ~]# kaf /root/8/skywalking/skywalking-ing.yaml
# 验证
[root@master01 8]# kgi -n devops
NAME CLASS HOSTS ADDRESS PORTS AGE
skywalking-ingress nginx skywalking.zhang-qing.com 10.0.0.11 80 100s