工作原理

為了實現在k8s上安裝Dapr,Dapr需要部署dapr-sidecar-injectordapr-operatordapr-placementdapr-sentry服務。

  • dapr-operator: 管理元件(state stores, pub/subs, etc.)
  • dapr-sidecar-injector: 將 Dapr 注入 annotated pods,並新增環境變數 DAPR_HTTP_PORT 和 DAPR_GRPC_PORT,以使使用者定義的應用程式能夠輕鬆地與 Dapr Sidecar通訊,而無需硬編碼 Dapr 埠值。
  • dapr-placement: 將 actor 例項對映到 pods。
  • dapr-sentry: 管理服務之間的mTLS並作為證書頒發機構。

2.安裝K8s叢集

通常使用以下方法本地安裝的K8S叢集

我本地已經安裝好了這兩種,這次使用kubeadm 1.20版本演示dapr

3.將Frontend和Backend build成docker Image

vs中分別右擊Frontend和Backend,新增Docker支援,即可生成對應的Dockerfile,修改暴露

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.

FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 5001 FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build
WORKDIR /src
COPY ["FrontEnd/FrontEnd.csproj", "FrontEnd/"]
RUN dotnet restore "FrontEnd/FrontEnd.csproj"
COPY . .
WORKDIR "/src/FrontEnd"
RUN dotnet build "FrontEnd.csproj" -c Release -o /app/build FROM build AS publish
RUN dotnet publish "FrontEnd.csproj" -c Release -o /app/publish FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "FrontEnd.dll"]
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.

FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 5000 FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build
WORKDIR /src
COPY ["BackEnd/BackEnd.csproj", "BackEnd/"]
RUN dotnet restore "BackEnd/BackEnd.csproj"
COPY . .
WORKDIR "/src/BackEnd"
RUN dotnet build "BackEnd.csproj" -c Release -o /app/build FROM build AS publish
RUN dotnet publish "BackEnd.csproj" -c Release -o /app/publish FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "BackEnd.dll"]

通過以下命令Build Image

docker build -t frontend -f  ./FrontEnd/Dockerfile .

docker build -t backend -f  ./BackEnd/Dockerfile .

4.將Docker Image推送到倉庫

我使用阿里雲私有倉庫來上傳映象,建立frontend和backend兩個庫

按照以下提示步驟將frontend和backend Image上傳到指定庫

5.讓k8s使用私有倉庫拉取映象

k8s主節點登入阿里雲私庫

docker login --username=xxx registry.cn-beijing.aliyuncs.com

docker登入之後,會把金鑰存到一個配置檔案,通過下面命令拿到base64編碼資訊

cat ~/.docker/config.json | base64

新建ali-docker-repo.yaml,.dockerconfigjson就是上一步得到的base64

[root@k8s-master dapr-demo]# cat ali-docker-repo.yaml
apiVersion: v1
kind: Secret
metadata:
name: ali-key
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: ewoJImF1dGhzIjogewoJCSJyZWdpc3RyeS5jbi1iZWlqaW5nLmFsaXl1bmNzLmNvbSI6IHs..............

apply secret

[root@k8s-master dapr-demo]# kubectl apply -f ali-docker-repo.yaml

6.安裝Dapr CLI

下面命令將DaprCLI安裝到 /usr/local/bin

wget -q https://raw.githubusercontent.com/dapr/cli/master/install/install.sh -O - | /bin/bash

7.驗證Dapr CLI

dapr

8.初始化Dapr

首先,請確保你的機器已經安裝了 Helm 3 。

然後,新增 Helm 庫並更新

helm repo add dapr https://dapr.github.io/helm-charts/
helm repo update
# See which chart versions are available
helm search repo dapr --devel --versions

將 Dapr 圖表安裝在你的叢集的 dapr-system名稱空間中。

helm upgrade --install dapr dapr/dapr \
--version=1.2 \
--namespace dapr-system \
--create-namespace \
--wait

驗證安裝

[root@k8s-master dapr-demo]# kubectl get pods --namespace dapr-system
NAME READY STATUS RESTARTS AGE
dapr-dashboard-58b4647996-828n8 1/1 Running 2 9d
dapr-operator-85bdd7d89d-5d8dw 1/1 Running 19 9d
dapr-placement-server-0 1/1 Running 3 9d
dapr-sentry-76bfc5f7c7-vn2qt 1/1 Running 2 9d
dapr-sidecar-injector-786645f444-dmzm7 1/1 Running 2 9d

9.配置狀態儲存和訂閱釋出元件

我們仍然通過helm安裝redis,因為redis是statefulset,因此需要先把redis依賴的storageclasspv建立好

新建redis-storage-class.yaml

[root@k8s-master dapr-demo]# cat redis-storage-class.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: local-storage-redis
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer

apply storageclass

[root@k8s-master dapr-demo]# kubectl apply -f redis-storage-class.yaml

由於我們即將安裝的redis,使用預設的storageclass,我們需要把我們剛剛新建的storageclass置為預設

kubectl patch storageclass local-storage-redis -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

因為我們即將安裝的redis叢集有四個節點,我們需新建四個pv,新建檔案redis-pv.yaml

apiVersion: v1
kind: PersistentVolume
metadata:
name: local-pv-redis
spec:
capacity:
storage: 8Gi
# volumeMode field requires BlockVolume Alpha feature gate to be enabled.
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
storageClassName: local-storage-redis
persistentVolumeReclaimPolicy: Retain
local:
path: /local-storage/redis
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- k8s-node1 ---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-pv-redis2
spec:
capacity:
storage: 8Gi
# volumeMode field requires BlockVolume Alpha feature gate to be enabled.
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
storageClassName: local-storage-redis
persistentVolumeReclaimPolicy: Retain
local:
path: /local-storage/redis
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- k8s-node1 ---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-pv-redis3
spec:
capacity:
storage: 8Gi
# volumeMode field requires BlockVolume Alpha feature gate to be enabled.
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
storageClassName: local-storage-redis
persistentVolumeReclaimPolicy: Retain
local:
path: /local-storage/redis
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- k8s-node1 ---
apiVersion: v1
kind: PersistentVolume
metadata:
name: local-pv-redis4
spec:
capacity:
storage: 8Gi
# volumeMode field requires BlockVolume Alpha feature gate to be enabled.
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
storageClassName: local-storage-redis
persistentVolumeReclaimPolicy: Retain
local:
path: /local-storage/redis
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- k8s-node1

因為我們指定了四個pv排程在k8s-node1上,所以需要去node1上新建掛載目錄/local-storage/redis

mkdir /local-storage
cd /local-storage
mkdir /redis

apply pv

kubectl apply -f redis-pv.yaml

安裝redis到叢集

helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install redis bitnami/redis

檢視redis pod

[root@k8s-master dapr-demo]# kubectl get pod
redis-master-0 1/1 Running 0 141m
redis-replicas-0 1/1 Running 0 141m
redis-replicas-1 1/1 Running 0 141m
redis-replicas-2 1/1 Running 0 140m

建立storestate元件,新建redis-state.yaml

[root@k8s-master dapr-demo]# cat redis-state.yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: statestore
namespace: default
spec:
type: state.redis
version: v1
metadata:
- name: redisHost
value: redis-master.default.svc.cluster.local:6379
- name: redisPassword
secretKeyRef:
name: redis
key: redis-password
- name: actorStateStore
value: "true"

新建pubsub元件

[root@k8s-master dapr-demo]# cat redis-pubsub.yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: pubsub
namespace: default
spec:
type: pubsub.redis
version: v1
metadata:
- name: redisHost
value: redis-master.default.svc.cluster.local:6379
- name: redisPassword
secretKeyRef:
name: redis
key: redis-password

apply statestore和pubsub

kubectl apply -f redis-state.yaml
kubectl apply -f redis-pubsub.yaml

驗證

[root@k8s-master dapr-demo]# kubectl get component.dapr.io
NAME AGE
pubsub 135m
statestore 135m

10.分別為frontend和backend新建deployment

在 Kubernetes 叢集中部署和執行啟用 Dapr 的應用程式非常簡單,只需向 deployment 方案新增一些annotations

[root@k8s-master dapr-demo]# cat frontend.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: frontend
labels:
app: frontend
spec:
replicas: 1
selector:
matchLabels:
app: frontend
template:
metadata:
labels:
app: frontend
annotations:
dapr.io
/enabled: "true"
dapr.io/app-id: "frontend"
dapr.io/app-port: "5001"

spec:
imagePullSecrets:
- name: ali-key
containers:
- name: frontend
image: registry.cn-beijing.aliyuncs.com/chester-dapr/frontend:latest
ports:
- containerPort: 5001
imagePullPolicy: Always
[root@k8s-master dapr-demo]# cat backend.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
labels:
app: backend
spec:
replicas: 1
selector:
matchLabels:
app: backend
template:
metadata:
labels:
app: backend
annotations:
dapr.io
/enabled: "true"
dapr.io/app-id: "backend"
dapr.io/app-port: "5000"

spec:
imagePullSecrets:
- name: ali-key
containers:
- name: backend
image: registry.cn-beijing.aliyuncs.com/chester-dapr/backend:latest
ports:
- containerPort: 5000
imagePullPolicy: Always

分別apply backend和frontend

[root@k8s-master dapr-demo]# kubectl apply -f frontend.yaml
[root@k8s-master dapr-demo]# kubectl apply -f backend.yaml

檢視pod

[root@k8s-master dapr-demo]# kubectl get pod
NAME READY STATUS RESTARTS AGE
backend-7fff74f544-f6xms 2/2 Running 0 134m
frontend-5c479c9948-tmz5k 2/2 Running 0
99m
redis-master-0 1/1 Running 0 147m
redis-replicas-0 1/1 Running 0 147m
redis-replicas-1 1/1 Running 0 146m
redis-replicas-2 1/1 Running 0 146m

11.驗證

為frontend建立service

[root@k8s-master dapr-demo]# cat frontend-service.yaml
apiVersion: v1
kind: Service
metadata:
name: frontend-svc
spec:
type: NodePort
selector:
app: frontend
ports:
- port: 5001
targetPort: 5001
nodePort: 31111

採用nodeport方式暴露31111埠,apply service

kubectl apply -f frontend-service.yaml

訪問http://192.168.43.150:31111/Dapr,其中192.168.43.150是宿主機ip,結果顯示訪問成功,k8s部署dapr成功

最後:整個教程的原始碼

https://github.com/cysnet/dapr-aspnetcore-demo