Fatal编程技术网
  • kubernetes/
  • Kubernetes 检索Ignite吊舱IP地址失败

Kubernetes 检索Ignite吊舱IP地址失败

kubernetes ignite

Kubernetes 检索Ignite吊舱IP地址失败,kubernetes,ignite,Kubernetes,Ignite,我正在尝试使用GoogleKubernetes引擎运行ApacheIgnite集群 在完成教程之后,这里有一些yaml文件 首先,我创建一个服务- 点火服务。yaml apiVersion: v1 kind: Service metadata: # Name of Ignite Service used by Kubernetes IP finder. # The name must be equal to TcpDiscoveryKubernetesIpFinder.serviceN

我正在尝试使用GoogleKubernetes引擎运行ApacheIgnite集群

在完成教程之后,这里有一些yaml文件

首先,我创建一个服务- 点火服务。yaml

apiVersion: v1
kind: Service
metadata:
  # Name of Ignite Service used by Kubernetes IP finder. 
  # The name must be equal to TcpDiscoveryKubernetesIpFinder.serviceName.
  name: ignite
  namespace: default
spec:
  clusterIP: None # custom value.
  ports:
    - port: 9042 # custom value.
  selector:
    # Must be equal to one of the labels set in Ignite pods'
    # deployement configuration.
    app: ignite

kubectl create-f ignite service.yaml

其次,我为我的ignite节点创建一个部署ignite deployment.yaml

apiVersion: v1
kind: Service
metadata:
  # Name of Ignite Service used by Kubernetes IP finder. 
  # The name must be equal to TcpDiscoveryKubernetesIpFinder.serviceName.
  name: ignite
  namespace: default
spec:
  clusterIP: None # custom value.
  ports:
    - port: 9042 # custom value.
  selector:
    # Must be equal to one of the labels set in Ignite pods'
    # deployement configuration.
    app: ignite
Ignite吊舱部署的Kubernetes配置示例。 
kubectl create-f ignite deployment.yaml

之后,我检查我的案例中运行的吊舱的状态。但是,当我检查任何pod的日志时,我得到以下错误:

java.io.IOException: Server returned HTTP response code: 403 for URL: https://kubernetes.default.svc.cluster.local:443/api/v1/namespaces/default/endpoints/ignite
我尝试过的事情:-

  • 我遵循这一点使集群工作。但是在步骤4中,当我运行守护程序yaml文件时,我得到以下错误
    • 错误:验证“daemon.yaml”时出错:验证数据时出错:ValidationError(DaemonSet.spec.template.spec):io.k8s.api.core.v1.PodSpec中缺少必需字段“containers”;如果选择忽略这些错误,请使用--validate=false关闭验证
    
有人能指出我在这里可能犯的错误吗
    

    谢谢。
    步骤1:
    kubectl apply-f ignite service.yaml
    (带您所问的文件)
    
第2步:
    kubectl应用-f点燃rbac.yaml
    
ignite-rbac.yaml如下所示:
    

    apiVersion: v1
kind: ServiceAccount
metadata:
  name: ignite
  namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: ignite-endpoint-access
  namespace: default
  labels:
    app: ignite
rules:
  - apiGroups: [""]
    resources: ["endpoints"]
    resourceNames: ["ignite"]
    verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: ignite-role-binding
  namespace: default
  labels:
    app: ignite
subjects:
  - kind: ServiceAccount
    name: ignite
roleRef:
  kind: Role
  name: ignite-endpoint-access
  apiGroup: rbac.authorization.k8s.io

    
步骤3:
    kubectl apply-f ignite deployment.yaml
    (与您的文件非常类似,我只添加了一行,
    servicecomport:ignite
    

    apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  # Custom Ignite cluster's name.
  name: ignite-cluster
  namespace: default
spec:
  # A number of Ignite pods to be started by Kubernetes initially.
  replicas: 2
  template:
    metadata:
      labels:
        app: ignite
    spec:
      serviceAccount: ignite  ## Added line
      containers:
        # Custom Ignite pod name.
      - name: ignite-node
        image: apacheignite/ignite:2.4.0
        env:
        - name: OPTION_LIBS
          value: ignite-kubernetes
        - name: CONFIG_URI
          value: https://raw.githubusercontent.com/apache/ignite/master/modules/kubernetes/config/example-kube.xml
        ports:
        # Ports to open.
        # Might be optional depending on your Kubernetes environment.
        - containerPort: 11211 # REST port number.
        - containerPort: 47100 # communication SPI port number.
        - containerPort: 47500 # discovery SPI port number.
        - containerPort: 49112 # JMX port number.
        - containerPort: 10800 # SQL port number.

    
这应该可以正常工作。我在吊舱的日志(
    kubectl logs-f ignite cluster xx yy
    )中找到了这一点,显示两个吊舱成功地相互定位:
    

    [13:42:00] Ignite node started OK (id=f89698d6)
[13:42:00] Topology snapshot [ver=1, servers=1, clients=0, CPUs=1, offheap=0.72GB, heap=1.0GB]
[13:42:00] Data Regions Configured:
[13:42:00]   ^-- default [initSize=256.0 MiB, maxSize=740.8 MiB, persistenceEnabled=false]
[13:42:01] Topology snapshot [ver=2, servers=2, clients=0, CPUs=2, offheap=1.4GB, heap=2.0GB]
[13:42:01] Data Regions Configured:
[13:42:01]   ^-- default [initSize=256.0 MiB, maxSize=740.8 MiB, persistenceEnabled=false]

    

    clusterrole和clusterrolebinding也适用于这种情况吗?会,但没有必要。clusterrole和clusterrolebinding适用于应用程序需要在群集范围内访问某些资源的情况。例如,入口控制器需要访问所有名称空间中的所有入口对象,而不仅仅是特定名称空间中的所有入口对象。所有这些都会点燃需要的是能够在同一服务中找到它的对等点;我们可以授予更多访问权限,但这会带来麻烦。比如说,我们授予ignite群集管理权限。这是可行的,但如果ignite中存在安全漏洞,恶意参与者将能够轻松接管整个群集。现在我已经在我的GKE上运行ignite群集。但我需要连接我的spark客户端/作业才能访问ignite服务器。你对此有什么想法吗?发布一个新问题并尽可能详细地说明,包括你尝试过的内容、错误等。请检查此处