绯诲垪鏂囩珷
- Nomad 绯诲垪鏂囩珷
姒傝堪
Nomad 鐨勭綉缁滃拰 Docker 鐨勪篃鏈夊緢澶т笉鍚? 鍜?K8s 鐨勬湁寰堝ぇ涓嶅悓. 鍙﹀, Nomad 涓嶅悓鐗堟湰(Nomad 1.3 鐗堟湰鍓嶅悗)鎴栨槸鍚﹂泦鎴?Consul 鍙?CNI 绛変笉鍚岀粍浠朵篃浼氬鑷寸綉缁滄ā寮忓悇涓嶇浉鍚? 鏈枃璇︾粏姊崇悊涓€涓?Nomad 鐨勪富瑕佸嚑绉嶇綉缁滄ā寮?/p>
鍦∟omad 1.3鍙戝竷涔嬪墠锛屽畠鑷韩骞朵笉鏀寔鍙戠幇闆嗙兢涓繍琛岀殑鍏朵粬搴旂敤绋嬪簭銆傚湪闆嗙兢涓皟搴︿换鍔℃椂锛岃繖鏄竴涓潪甯稿熀鏈殑瑕佹眰銆侼omad渚濊禆浜嶤onsul鏉ュ彂鐜板叾浠栤€滄湇鍔♀€濓紝骞朵负娉ㄥ唽鍜岃幏鍙栨湇鍔¤褰曟彁渚涗竴娴佺殑鏀寔锛岃繖浣垮緱浜嬫儏鍙樺緱鏇村鏄撱€侰onsul閫氳繃鍚勭鏈哄埗鎻愪緵璁板綍锛屼緥濡俁EST API锛孌NS鍜孋onsul妯℃澘锛岃繖浜涙ā鏉垮湪鍙互娉ㄥ叆鍒板簲鐢ㄧ▼搴忎腑鐨凣o妯℃澘涓憟鐜版湇鍔$殑纭垏IP/绔彛銆?/p>
瀛︿範 Nomad 鐨勪竴涓毦鐐瑰湪浜? Nomad 寰€寰€鍜?Consul 涓€璧疯繍琛? 閭d箞瀵逛簬杩欑鎯呭喌鏉ヨ锛屼竴涓富瑕佺殑瀛︿範鏇茬嚎鏄紝鎴戜滑蹇呴』棣栧厛浜嗚ВConsul鏄浣曞伐浣滅殑锛岄儴缃蹭竴涓狢onsul闆嗙兢, 鍚屾椂瑕佽瀺浼氳疮閫?2 涓蒋浠跺氨寰堥毦浜嗐€侼omad 1.3 瑙e喅浜嗚繖涓棶棰樼殑涓€閮ㄥ垎锛堝嵆涓嶉渶瑕佽繍琛孋onsul灏卞彲浠ヨ繘琛屽熀鏈殑鏈嶅姟鍙戠幇锛夛紝闈炲父閫傚悎鍒氬垰寮€濮嬩娇鐢ㄥ熀浜嶯omad鐨勭綉缁溿€?/p>
鍦烘櫙涓€: 鍦ㄤ富鏈轰笂鍏紑搴旂敤
浠庢渶绠€鍗曠殑鐢ㄤ緥寮€濮嬶細浣犳湁涓€涓?redis 瀹瑰櫒锛屼綘鎯虫妸瀹冩毚闇茬粰涓绘満銆?鐩稿綋浜庢垜浠兂瑕佸仛鐨?code>docker run鏄?锛?/p>
docker run --rm -p=6379 redis
姝ゅ懡浠ゅ叕寮€涓绘満涓婄殑鍔ㄦ€?/strong>绔彛銆傝鏌ョ湅绔彛鍙峰埌搴曟槸浠€涔堬紝鎮ㄥ彲浠ユ墽琛? 閭d箞, 鍦?Nomad 涓浉鍚岀殑鎿嶄綔濡備綍瀹炵幇 鍦ㄥ嚑琛岄厤缃腑锛屾垜浠湁涓€涓鍦ㄨ繍琛岀殑Docker瀹瑰櫒锛屽畠鍏紑浜嗕竴涓姩鎬佺鍙?30627: 鎴戜滑鍙互閫氳繃涓绘満涓婄殑 馃惥Warning锛?/p>
鍦? 涓€绉嶄笉澶父瑙佺殑鎯呭喌鏄皢搴旂敤绋嬪簭缁戝畾鍒颁富鏈轰笂鐨勯潤鎬佺鍙? 鍙渶鍦? 褰撴垜浠啀娆¢儴缃茬浉鍚岀殑鏂囦欢鏃讹紝鎴戜滑鍙互鐪嬪埌绔彛鍒嗛厤宸茬粡浠庡姩鎬佺鍙f洿鏀逛负鎴戜滑鍒嗛厤鐨勯潤鎬佺鍙c€備絾鏄敞鎰忛渶瑕佺‘淇濇病鏈夊叾浠栧簲鐢ㄧ▼搴忎睛鍚悓涓€鎺ュ彛鍜岀鍙o紝鍚﹀垯蹇呯劧浼氬鑷村啿绐併€?/p>
闈欐€佺鍙e吀鍨嬬殑浣跨敤鍦烘櫙灏辨槸: Ingress. 姣斿 Traefik 鍙互浣跨敤闈欐€佺鍙g洃鍚?80 鍜?443. 瀵逛簬杩欎釜鍦烘櫙锛屾垜浠亣璁炬湁涓€涓簲鐢ㄧ▼搴忛渶瑕佷笌Redis閫氫俊銆傚湪杩欎釜鍦烘櫙涓紝Redis鐢ㄩ€旀槸涓存椂缂撳瓨锛屾墍浠ュ彲浠ュ皢瀹冧滑閮ㄧ讲鍦ㄥ悓涓€涓?Group 涓€?/p>
涓€涓?Group 鍙互鍖呭惈澶氫釜 Task銆傝繖閲岄渶瑕佺煡閬撶殑閲嶈涓€鐐规槸锛屽悓涓€ Group 灏嗗缁堝叿鏈夎嚜宸辩殑鍏变韩缃戠粶鍛藉悕绌洪棿(绫讳技K8s涓璓od涓殑澶氫釜Container鍏锋湁鍏变韩缃戠粶鍛藉悕绌洪棿)銆傝繖鎰忓懗鐫€锛屽鏋滄偍鍦ㄧ粍涓湁2涓?Task锛屽垯瀹冧滑閮藉彲浠ヨ闂浉鍚岀殑缃戠粶鍛藉悕绌洪棿銆傝繖鍏佽涓や釜 Task 鍦ㄥ悓涓€缃戠粶鎺ュ彛涓婄浉浜掗€氫俊銆?/p>
璇︾粏璇存槑濡備笅: 濡傛灉鎮ㄨ浠庡熀浜?docker-compose 鐨勭幆澧冭縼绉伙紝浠ヤ笂閰嶇疆闈炲父閫傚悎(浣嗘槸瀹炵幇杩樻槸涓嶅悓, Nomad鍒╃敤浜嗕富鏈虹綉缁?锛屾偍鍙互灏嗘妯℃澘鐢ㄤ簬鎮ㄧ殑鏈嶅姟銆傝繖绉嶆柟娉曠殑鏈€澶ч檺鍒舵槸瀹冧娇鐢?strong>涓绘満缃戠粶docker ps 骞跺湪 PORTS 涓嬫壘鍒扮被浼间簬 0.0.0.0:49153->6379/tcp 鐨勮緭鍑恒€?/p>
$ redis-cli -p 49153
127.0.0.1:49153> ping
PONG
job "redis" {
type = "service"
group "redis" {
network {
mode = "host"
port "redis" {
to = 6379
}
}
task "redis" {
driver = "docker"
config {
image = "redis"
ports = ["redis"]
}
}
}
}
redis-cli 杩炴帴鍒板畠锛?/p>
$ redis-cli -p 30627
127.0.0.1:30627> ping
PONG
task.config 閮ㄥ垎涓湁 ports 寰堥噸瑕併€侼omad灏嗘淇℃伅浼犻€掔粰涓绘満涓婅繍琛岀殑 docker 瀹堟姢杩涚▼銆傚洜姝わ紝闄ら潪鎮ㄦ寚瀹氬湪瀹瑰櫒涓€氬憡鍝簺绔彛锛屽惁鍒欏畠涓嶄細鐭ラ亾鏄惁瑕佸叕寮€6379銆?/p>
鏆撮湶闈欐€佺鍙?/h3>
port 鍧椾腑娣诲姞涓€涓?static 琛岋細 network {
port "redis" {
static = 6379
}
}
鍦烘櫙浜? 涓庡悓涓€ Group 鍐呯殑 Redis 閫氫俊
job "hello" {
type = "service"
group "app" {
network {
mode = "host"
port "app" {
static = 8080
}
port "redis" {
static = 6379
}
}
task "redis" {
driver = "docker"
config {
network_mode = "host"
image = "redis"
ports = ["redis"]
}
}
task "app" {
driver = "docker"
env {
DEMO_REDIS_ADDR = "${NOMAD_ADDR_redis}"
}
config {
network_mode = "host"
image = "mrkaran/hello-app:1.0.0"
ports = ["app"]
}
}
}
}
app 鍜宼ask redis 銆傝繖鎰忓懗鐫€Nomad灏嗗湪鍚屼竴瀹㈡埛绔?/strong>涓婂叡鍚屽畾浣嶈繖涓や釜Task锛堝洜涓哄畠浠笉浠呭€惧悜浜庡叡浜浉鍚岀殑缃戠粶鍛藉悕绌洪棿锛岃€屼笖杩樺叡浜叕鍏卞垎閰嶇洰褰?杩欎娇寰楄法浠诲姟鍏变韩鏂囦欢鍙樺緱闈炲父瀹规槗锛夈€?/li>
NOMAD_ADDR_redis 鏉ヨ幏鍙?redis task 鐨?IP:Port 缁勫悎銆傝繖鍦ㄨ繍琛屾椂鐢盢omad娉ㄥ叆銆傛偍鍙互鍦ㄨ繖閲屾壘鍒拌繍琛屾椂鐜鍙橀噺鐨勫垪琛ㄣ€?/li>
鍦烘櫙涓? 璺ㄤ笉鍚岀殑 Group 杩涜閫氫俊
濡備笂鎵€杩? 濡傛灉鎮ㄦ湁鐩稿叧鐨?Task锛堝init task锛屾偍甯屾湜鍦?task 寮€濮嬪墠鑾峰彇鏂囦欢锛夛紝鍚屼竴涓?Group 寰堟湁鐢?绫讳技K8s Pod 鐨?init container)銆備絾鏄娇鐢?group 鐨勭己鐐规槸鎮ㄤ笉鑳界嫭绔嬪湴鎵╁睍 task銆傚湪涓婇潰鐨勪緥瀛愪腑锛屾垜浠皢Redis鍜孉pp鏀惧湪鍚屼竴涓?Group 涓紝浣嗚繖鎰忓懗鐫€濡傛灉浣犲鍔犲悓涓€涓?Group 鐨?count 鏉ユ墿灞?app锛屼綘鏈€缁堜篃浼氭墿灞昍edis瀹瑰櫒銆傝繖鏄笉鍙彇鐨勶紝鍥犱负Redis鍙兘涓嶉渶瑕佷笌搴旂敤绋嬪簭鎴愭瘮渚嬪湴鎵╁睍銆?/p>
鍒涘缓澶氫釜 Group 鐨勬柟娉曟槸灏嗕换鍔℃媶鍒嗗埌鍚勮嚜鐨勭粍涓細
job "hello" {
type = "service"
group "app" {
count = 1
network {
mode = "host"
port "app" {
static = 8080
}
}
task "app" {
driver = "docker"
env {
DEMO_REDIS_ADDR = "localhost:6379"
}
config {
image = "mrkaran/hello-app:1.0.0"
ports = ["app"]
}
}
}
group "redis" {
count = 1
network {
mode = "host"
port "redis" {
static = 6379
}
}
task "redis" {
driver = "docker"
config {
image = "redis"
ports = ["redis"]
}
}
}
}
鎻愪氦姝?Job 鍚庯紝鎮ㄥ皢鑾峰緱2涓垎閰岻D锛堟瘡涓?Group 浼氬垱寤轰竴涓?alloc 锛夈€傝繖閲岀殑鍏抽敭鐐规槸杩欎袱涓?Group 閮芥湁鑷繁鐨勭綉缁滃懡鍚嶇┖闂淬€傚洜姝わ紝鎴戜滑瀹為檯涓婃病鏈変换浣曟柟娉曞彲浠ヨ闂叾浠栧簲鐢ㄧ▼搴忥紙鎴戜滑涓嶈兘鍚戜笂闈㈣繖鏍蜂緷璧栦富鏈虹綉缁滐紝鍥犱负鏃犳硶淇濊瘉杩欎袱涓?Group 閮介儴缃插湪鍚屼竴涓妭鐐逛笂锛夈€?/p>
鐜板湪鐢变簬缁勬槸鍒嗗紑鐨勶紝 app 瀹瑰櫒涓嶇煡閬?redis 锛堝弽涔嬩害鐒讹級锛?/p>
env | grep NOMAD
NOMAD_REGION=global
NOMAD_CPU_LIMIT=4700
NOMAD_IP_app=127.0.0.1
NOMAD_JOB_ID=hello
NOMAD_TASK_NAME=app
NOMAD_SECRETS_DIR=/secrets
NOMAD_CPU_CORES=1
NOMAD_NAMESPACE=default
NOMAD_ALLOC_INDEX=0
NOMAD_ALLOC_DIR=/alloc
NOMAD_JOB_NAME=hello
NOMAD_HOST_IP_app=127.0.0.1
NOMAD_SHORT_ALLOC_ID=a9da72dc
NOMAD_DC=dc1
NOMAD_ALLOC_NAME=hello.app[0]
NOMAD_PORT_app=8080
NOMAD_GROUP_NAME=app
NOMAD_PARENT_CGROUP=nomad.slice
NOMAD_TASK_DIR=/local
NOMAD_HOST_PORT_app=8080
NOMAD_MEMORY_LIMIT=512
NOMAD_ADDR_app=127.0.0.1:8080
NOMAD_ALLOC_PORT_app=8080
NOMAD_ALLOC_ID=a9da72dc-94fc-6315-bb37-63cbeef153b9
NOMAD_HOST_ADDR_app=127.0.0.1:8080
鏈嶅姟鍙戠幇
app Group 闇€瑕佸湪杩炴帴鍒?redis 涔嬪墠鍙戠幇瀹冦€傛湁澶氱鏂规硶鍙互鍋氬埌杩欎竴鐐癸紝浣嗘垜浠皢浠嬬粛涓ょ鏇村父瑙佺殑鏍囧噯鏂规硶銆?/p>
浣跨敤 Nomad Native Service Discovery
杩欐槸鍦∟omad 1.3涓帹鍑虹殑鍔熻兘銆傚湪杩欐鍙戝竷涔嬪墠锛孨omad 涓嶅緱涓嶄緷闈?Consul 鏉ュ畬鎴愯繖涓€浠诲姟銆備絾鏄湁浜哊omad涓唴缃殑鍘熺敓鏈嶅姟鍙戠幇锛屼簨鎯呭氨绠€鍗曞浜嗐€傝鎴戜滑瀵逛綔涓氭枃浠惰繘琛屼互涓嬫洿鏀广€傚湪姣忎釜 Group 涓紝鎴戜滑灏嗘坊鍔犱竴涓?service 瀹氫箟锛?/p>
group "app" {
count = 1
network {
mode = "host"
port "app" {
to = 8080
}
}
service {
name = "app"
provider = "nomad"
port = "app"
}
// task is the same
}
group "redis" {
count = 1
network {
mode = "host"
port "redis" {
to = 6379
}
}
service {
name = "redis"
provider = "nomad"
port = "redis"
}
// task is the same
}
濡備笂锛屾垜浠坊鍔犱簡涓€涓柊鐨? 鎻愪氦浣滀笟鍚庯紝鎴戜滑鍙互浣跨敤 瑕佷簡瑙g壒瀹氭湇鍔$殑璇︾粏淇℃伅锛屾垜浠彲浠ヤ娇鐢? 濡備笂, 鎴戜滑鍙互鐪嬪埌姣忎釜鏈嶅姟涓殑鍔ㄦ€佺鍙e垎閰嶃€傝鍦ㄦ垜浠殑搴旂敤绋嬪簭涓娇鐢ㄦ閰嶇疆锛屾垜浠皢鍏舵ā鏉垮寲锛?/p>
鎴戜滑娣诲姞浜? 鍙渶璋冩暣 馃惥Warning: 娉ㄦ剰 鍓嶆彁鏄纭繚姝e湪杩愯Consul骞跺凡灏哊omad杩炴帴鍒板畠銆傚叿浣撹鍙傞槄璇ユ枃妗c€?/p>
鍏朵綑鐨勪簨鎯呭嚑涔庝繚鎸佷笉鍙樸€傚彧鐢?strong>涓よ浠g爜service 鍧楋紝骞跺垹闄や簡 static 绔彛銆傚綋鎴戜滑浣跨敤鏈嶅姟鍙戠幇鏃讹紝涓嶉渶瑕佺粦瀹氬埌闈欐€佺鍙?/strong>銆?/p>
nomad service list 鍛戒护纭繚鏈嶅姟宸叉敞鍐屽埌Nomad銆?/p>
nomad service list
Service Name Tags
app []
redis []
nomad service info锛?/p>
$ nomad service info app
Job ID Address Tags Node ID Alloc ID
hello 127.0.0.1:29948 [] d92224a5 5f2ac51f
$ nomad service info redis
Job ID Address Tags Node ID Alloc ID
hello 127.0.0.1:22300 [] d92224a5 8078c9a6
task "app" {
driver = "docker"
template {
data = <<EOH
{{ range nomadService "redis" }}
DEMO_REDIS_ADDR={{ .Address }}:{{ .Port }}
{{ end }}
EOH
destination = "secrets/config.env"
env = true
}
config {
image = "mrkaran/hello-app:1.0.0"
ports = ["app"]
}
}
template 鑺傦紝瀹冨皢鍦ㄥ鍣ㄤ腑鎻掑叆鐜鍙橀噺銆傛垜浠亶鍘?nomadService 骞惰幏鍙?redis 鏈嶅姟鐨勫湴鍧€鍜岀鍙c€傝繖浣垮緱鍏朵粬鑺傜偣涓婄殑浠诲姟鍙互鏂逛究鍦板彂鐜板郊姝ゃ€?/p>
浣跨敤 Consul 鏈嶅姟鍙戠幇
service 鍧椾腑鐨?provider 锛屾垜浠氨鍙互浣跨敤Consul浠g悊杩涜鏈嶅姟鍙戠幇銆?/p>
service {
name = "app"
provider = "consul"
port = "app"
}
task "app" {
driver = "docker"
template {
data = <<EOH
{{ range service "redis" }}
DEMO_REDIS_ADDR={{ .Address }}:{{ .Port }}
{{ end }}
EOH
range nomadService 涔熸敼涓轰簡 range service
鍙﹀, 浣跨敤Consul浼氭湁鏇村鐨?strong>浼樺娍锛?/p>
- 鍙互浣跨敤DNS鏌ヨ鏈嶅姟鐨勫湴鍧€锛?/li>
doggo redis.service.consul @tcp://127.0.0.1:8600
NAME TYPE CLASS TTL ADDRESS NAMESERVER
redis.service.consul. A IN 0s 172.20.10.3 127.0.0.1:8600
- 鍙敱Nomad浠ュ鐨勫簲鐢ㄧ▼搴忚闂€傚鏋?consul 琚玁omad闆嗙兢澶栫殑鍏朵粬搴旂敤绋嬪簭浣跨敤锛屽畠浠粛鐒跺彲浠ヨ幏寰楀搴旂殑鍦板潃锛堜娇鐢―NS鎴朢EST API锛?/li>
褰撶劧锛孨omad Native Service Discovery 闈炲父閫傚悎鏈湴/杈圭紭鐜璁剧疆锛岀敋鑷虫槸鐢熶骇涓殑杈冨皬鐢ㄤ緥锛屽洜涓哄畠涓嶅啀闇€瑕?Consul锛?/p>
鍦烘櫙鍥? 闄愬埗瀵规煇浜?Namespace 鐨勮闂?/h2>
Consul Service Mesh
鍦ㄤ笂杩版墍鏈夊満鏅腑锛屾垜浠彂鐜版湇鍔′細鏆撮湶缁欐湰鍦癗omad瀹㈡埛绔€傚鏋滄偍鍦ㄩ泦缇や笂杩愯澶氫釜 Namespace锛屾偍鍙兘甯屾湜鏍规湰涓嶅叕寮€瀹冧滑銆傛澶栵紝鎮ㄥ彲鑳藉笇鏈涜〃杈惧簲鐢ㄧ▼搴忓彲浠ヨ闂壒瀹氭湇鍔$殑缁嗙矑搴︽帶鍒躲€傛墍鏈夎繖浜涢兘鍙互閫氳繃鏈嶅姟缃戞牸瀹炵幇銆侼omad鎻愪緵浜嗕竴绉嶉€氳繃Consul Connect寤虹珛鈥滄湇鍔$綉鏍尖€濈殑鏂规硶銆侰onsul Connect鍙互杩涜mTLS鍜屾湇鍔℃巿鏉冦€傚湪寮曟搸鐩栦笅锛屽畠鏄竴涓笌鎮ㄧ殑搴旂敤绋嬪簭涓€璧疯繍琛岀殑Envoy浠g悊锛堟垨sidecar锛夈€?Consul 浠g悊涓烘偍閰嶇疆Envoy閰嶇疆锛屽洜姝よ繖涓€鍒囬兘闈炲父鏃犵紳銆?/p>
瑕佸仛鍒拌繖涓€鐐癸紝鎴戜滑棣栧厛闇€瑕佺殑鏄?bridge 缃戠粶妯″紡銆傛缃戠粶妯″紡瀹為檯涓婃槸涓€涓狢NI鎻掍欢锛岄渶瑕佸湪 /opt/cni/bin 涓崟鐙畨瑁呫€傛寜鐓ц繖閲屾彁鍒扮殑姝ラ:
network {
mode = "bridge"
port "redis" {
to = 6379
}
}
Redis 涓殑鏈嶅姟琚?Consul Connect Ingress 鎵€璋冪敤锛?/p>
service {
name = "redis"
provider = "consul"
port = "6379"
connect {
sidecar_service {}
}
}
杩欐槸涓€涓┖鍧楋紝鍥犱负鎴戜滑涓嶉渶瑕佸湪杩欓噷瀹氫箟浠讳綍涓婃父銆傚叾浣欏€煎皢涓洪粯璁ゅ€笺€?/p>
鎺ヤ笅鏉ワ紝鎴戜滑涓?app 鍒涘缓涓€涓湇鍔★紝杩欐槸涓€涓狢onsul Connect Egress锛?/p>
service {
name = "app"
provider = "consul"
port = "app"
connect {
sidecar_service {
proxy {
upstreams {
destination_name = "redis"
local_bind_port = 6379
}
}
}
}
}
杩欓噷鎴戜滑涓?redis 瀹氫箟涓€涓笂娓搞€傚湪杩欓噷锛屽綋 app 鎯宠涓巖edis閫氫俊鏃讹紝瀹冧細涓?localhost:6379 瀵硅瘽锛岃繖鏄疎nvoy sidecar姝e湪鐩戝惉鐨勬湰鍦扮鍙c€傛垜浠彲浠ヤ娇鐢?netstat 鏉ラ獙璇侊細
$ netstat -tulpvn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.2:19001 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:23237 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN -
tcp6 0 0 :::8080 :::* LISTEN 1/./hello.bin
娴侀噺浠庤繖涓鍙e彂閫佸埌瀹冮€氬憡鐨勭鍙d笂鐨勫彟涓€涓狤nvoy浠g悊锛堝苟涓擟onsul鑷姩閰嶇疆锛夈€傝Envoy浠g悊杩涗竴姝ュ皢娴侀噺鍙戦€佸埌绔彛6379涓婄殑 redis 瀹瑰櫒銆備唬鐞嗘祦閲忛€氳繃mTLS杩涜瀹夊叏鍔犲瘑骞舵巿鏉冿紙閫氳繃Consul Intentions -鏈枃涓嶅仛浠嬬粛锛夈€?/p>
鍦烘櫙浜? 鍚戞渶缁堢敤鎴峰叕寮€鏈嶅姟
鍦ㄧ涓€涓満鏅腑锛屾垜浠璁轰簡濡備綍浣跨敤闈欐€佺鍙c€備簨瀹炶瘉鏄庯紝濡傛灉浣犳兂瀹氫箟涓€涓猅raffic Ingress鏈嶅姟锛屽畠闈炲父鏈夌敤銆備笌K8s涓嶅悓鐨勬槸锛孨omad娌℃湁浠讳綍Ingress Controller锛屾墍浠ユ渶濂界殑鏂规硶鏄皢杩欎簺Web浠g悊浣滀负 system job 閮ㄧ讲鍦ㄦ瘡涓妭鐐逛笂锛堣繖鎰忓懗鐫€瀹冨彲浠ョ‘淇濆湪姣忎釜瀹㈡埛绔妭鐐逛笂杩愯锛夛紝骞跺皢瀹冧滑缁戝畾鍒伴潤鎬佺鍙o紙姣斿443/80锛夈€傜劧鍚庯紝閰嶇疆 LB 骞跺皢鎵€鏈塏omad鑺傜偣娉ㄥ唽涓?Target IP锛屽叾绔彛灏嗘槸鎮ㄥ畾涔夌殑闈欐€佺鍙c€傝繖浜汭ngress浠g悊锛堟瘮濡俆raefik/Nginx锛夊彲浠ラ€氳繃涓婇潰鎻愬埌鐨勪换浣曟ā寮忎笌鎮ㄧ殑搴旂敤绋嬪簭閫氫俊銆?/p>
馃摑Notes:
鍦ㄤ笂涓€绡囨枃绔犱腑, 鎴戜滑骞舵病鏈夐厤缃?LB 鍚庨潰瀵规帴鎵€鏈?Traefik.
鐩稿弽, 鎴戜滑鐩存帴璁块棶鏌愪竴涓壒瀹氳妭鐐圭殑 Traefik 鐨?80/443 绔彛.
閫氬父锛屾偍甯屾湜涓哄叆鍙d唬鐞嗕娇鐢ㄢ€滃熀浜庝富鏈衡€濈殑璺敱妯″紡鏉ュ仛鍑鸿矾鐢卞喅绛栥€?/p>
渚嬪锛屽鏋滄偍鏈変竴涓寚鍚慉LB鐨?a.example.org DNS璁板綍銆傜幇鍦紝褰撹姹傚埌杈続LB鏃讹紝瀹冧細杞彂鍒颁换浣曚竴涓猅raefik/NGINX銆備负浜嗕娇 NGINX 姝g‘鍦板皢娴侀噺璺敱鍒?code>a service锛屾偍鍙互浣跨敤鈥淗ost鈥濇姤澶淬€?/p>
鎬荤粨
杩欎簺鏄垜鎵€鐭ラ亾鐨勪竴浜涘父瑙佺殑缃戠粶妯″紡銆傜敱浜庡叾涓竴浜涙蹇靛苟涓嶆槸闈炲父绠€鍗曪紝鎴戝笇鏈涜В閲婃湁鍔╀簬甯︽潵涓€浜涙竻鏅般€?/p>
鍏充簬杩欎釜涓婚杩樻湁寰堝锛屾瘮濡?Consul Gateway 鍜屽绉岰NI锛屽畠浠彲浠ヨ皟鏁撮泦缇や腑鐨勭綉缁滅殑搴曞眰缁嗚妭锛屼絾杩欎簺閮芥槸涓€浜涢潪甯搁珮绾х殑涓婚锛岃秴鍑轰簡鏈枃鐨勮寖鍥淬€傚悗缁湁鏈轰細鍙互鍐嶅仛灞曞紑.
馃摎锔忓弬鑰冩枃妗?/h2>
- Understanding Nomad Networking Patterns - YouTube
- Understanding Networking in Nomad | Karan Sharma (mrkaran.dev)
涓変汉琛? 蹇呮湁鎴戝笀; 鐭ヨ瘑鍏变韩, 澶╀笅涓哄叕. 鏈枃鐢变笢椋庡井楦f妧鏈崥瀹?EWhisper.cn 缂栧啓.
涓変汉琛? 蹇呮湁鎴戝笀; 鐭ヨ瘑鍏变韩, 澶╀笅涓哄叕. 鏈枃鐢变笢椋庡井楦f妧鏈崥瀹?EWhisper.cn 缂栧啓.