k8s中statefulset如何做pod负载均衡?
How to do pod load balancing with statefulset in k8s?
从文档中,可以发现有一个 Stable Network ID 功能可用于 Pod NDS:
https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id
我试过了
service.yaml
---
apiVersion: v1
kind: Service
metadata:
labels:
app: logstash
name: logstash
spec:
selector:
app: logstash
ports:
- name: "5044"
port: 5044
targetPort: 5044
statefulset.yaml
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: logstash
spec:
serviceName: "logstash"
selector:
matchLabels:
app: logstash
updateStrategy:
type: RollingUpdate
replicas: 2
template:
metadata:
labels:
app: logstash
spec:
containers:
- name: logstash
image: docker.elastic.co/logstash/logstash:7.10.0
resources:
limits:
memory: 2Gi
ports:
- containerPort: 5044
volumeMounts:
- name: config-volume
mountPath: /usr/share/logstash/config
- name: logstash-pipeline-volume
mountPath: /usr/share/logstash/pipeline
command: ["/bin/sh","-c"]
args:
- bin/logstash -f /usr/share/logstash/pipeline/logstash.conf;
volumes:
- name: config-volume
configMap:
name: configmap-logstash
items:
- key: logstash.yml
path: logstash.yml
- name: logstash-pipeline-volume
configMap:
name: configmap-logstash
items:
- key: logstash.conf
path: logstash.conf
configmap.yaml
---
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap-filebeat
labels:
k8s-app: filebeat
data:
filebeat.yml: |-
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/lib/nginx/access.json
output.logstash:
hosts: ["logstash-0.logstash.default.svc.cluster.local:5044", "logstash-1.logstash.default.svc.cluster.local:5044"]
loadbalance: true
Filebeat 正在使用此配置部署到守护进程中。
这行不通。从 filebeat 的日志中得到:
2020-12-22T02:10:34.395Z WARN [transport] transport/tcp.go:52 DNS lookup failure "logstash-1.logstash.default.svc.cluster.local": lookup logstash-1.logstash.default.svc.cluster.local: no such host
如果使用这个配置,它可以工作:
output.logstash:
hosts: ["logstash.default.svc.cluster.local:5044"]
为什么在使用 Pod DNS 格式时会导致 DNS lookup failure 问题?使用此功能还有其他条件吗?那怎么办?
另请注意 StatefulSet documentation:
As mentioned in the limitations section, you are responsible for creating the Headless Service responsible for the network identity of the pods.
因此您有责任为 pods 创建 Headless Services,例如logstash-0 和 logstash-1.
从文档中,可以发现有一个 Stable Network ID 功能可用于 Pod NDS:
https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-network-id
我试过了
service.yaml
---
apiVersion: v1
kind: Service
metadata:
labels:
app: logstash
name: logstash
spec:
selector:
app: logstash
ports:
- name: "5044"
port: 5044
targetPort: 5044
statefulset.yaml
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: logstash
spec:
serviceName: "logstash"
selector:
matchLabels:
app: logstash
updateStrategy:
type: RollingUpdate
replicas: 2
template:
metadata:
labels:
app: logstash
spec:
containers:
- name: logstash
image: docker.elastic.co/logstash/logstash:7.10.0
resources:
limits:
memory: 2Gi
ports:
- containerPort: 5044
volumeMounts:
- name: config-volume
mountPath: /usr/share/logstash/config
- name: logstash-pipeline-volume
mountPath: /usr/share/logstash/pipeline
command: ["/bin/sh","-c"]
args:
- bin/logstash -f /usr/share/logstash/pipeline/logstash.conf;
volumes:
- name: config-volume
configMap:
name: configmap-logstash
items:
- key: logstash.yml
path: logstash.yml
- name: logstash-pipeline-volume
configMap:
name: configmap-logstash
items:
- key: logstash.conf
path: logstash.conf
configmap.yaml
---
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap-filebeat
labels:
k8s-app: filebeat
data:
filebeat.yml: |-
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/lib/nginx/access.json
output.logstash:
hosts: ["logstash-0.logstash.default.svc.cluster.local:5044", "logstash-1.logstash.default.svc.cluster.local:5044"]
loadbalance: true
Filebeat 正在使用此配置部署到守护进程中。
这行不通。从 filebeat 的日志中得到:
2020-12-22T02:10:34.395Z WARN [transport] transport/tcp.go:52 DNS lookup failure "logstash-1.logstash.default.svc.cluster.local": lookup logstash-1.logstash.default.svc.cluster.local: no such host
如果使用这个配置,它可以工作:
output.logstash:
hosts: ["logstash.default.svc.cluster.local:5044"]
为什么在使用 Pod DNS 格式时会导致 DNS lookup failure 问题?使用此功能还有其他条件吗?那怎么办?
另请注意 StatefulSet documentation:
As mentioned in the limitations section, you are responsible for creating the Headless Service responsible for the network identity of the pods.
因此您有责任为 pods 创建 Headless Services,例如logstash-0 和 logstash-1.