Istio Ingress Gateway 在 Kubernetes 上为 Strimzi Apache Kafka 提供服务
Istio Ingress Gateway to serve Strimzi Apache Kafka on Kubernetes
我有一个关于如何使用 Istio Ingress Gateway 配置 Strimzi Kafka Operator 以服务于 bootstrap 和代理服务的问题。
我已将 Istio 部署到以下网关和虚拟服务,以服务器 bootstrap 和代理:
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
annotations:
name: strimzi-kafka-gw-broker
namespace: strimzi
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- myserver
port:
name: https
number: 9094
protocol: HTTP2
tls:
mode: SIMPLE
credentialName: myserver-tls
---
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
annotations:
name: strimzi-kafka-gw-bootstrap
namespace: strimzi
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- myserver
port:
name: tls-9093
number: 9093
protocol: TLS
tls:
mode: SIMPLE
credentialName: myserver-tls
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
annotations:
name: strimzi-kafka-vs-broker
namespace: strimzi
spec:
gateways:
- strimzi-kafka-gw-broker
hosts:
- my-server
http:
- match:
- uri:
prefix: /
route:
- destination:
host: kafka-cluster-01-kafka-brokers
port:
number: 9092
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
annotations:
name: strimzi-kafka-vs-bootstrap
namespace: strimzi
spec:
gateways:
- strimzi-kafka-gw-bootstrap
hosts:
- my-server
tcp:
- match:
- port: 9093
route:
- destination:
host: kafka-cluster-01-kafka-bootstrap
port:
number: 9092
问题是,当我通过 Kubernetes 中的 Strimzi Kafka operator 部署 Kafka 资源时,我需要将代理的广告地址和广告端口设置为通过 Ingress 使用的 kafka 客户端,它还会创建一个Istio 同一端口上的侦听器无法为同一端口提供服务。
Stimzi Kafka 资源:
apiVersion: kafka.strimzi.io/v1beta2
kind: Kafka
metadata:
name: kafka-cluster-01
spec:
kafka:
version: 3.1.0
replicas: 2
listeners:
- name: internal
port: 9092
type: internal
tls: false
configuration:
brokers:
- broker: 0
advertisedHost: my-server
advertisedPort: 9094
- broker: 1
advertisedHost: my-server
advertisedPort: 9094
- broker: 2
advertisedHost: my-server
advertisedPort: 9094
config:
offsets.topic.replication.factor: 2
transaction.state.log.replication.factor: 2
transaction.state.log.min.isr: 2
default.replication.factor: 2
min.insync.replicas: 2
inter.broker.protocol.version: "3.1"
receive.message.max.bytes: 1513486160
advertised: my-server
storage:
type: jbod
volumes:
- id: 0
type: persistent-claim
size: 100Gi
deleteClaim: false
zookeeper:
replicas: 1
storage:
type: persistent-claim
size: 100Gi
deleteClaim: false
entityOperator:
topicOperator: {}
userOperator: {}
如何告诉 Kafka (Strimzi) 为代理使用广告地址和端口,而不在其上创建侦听器以在其前面使用 Ingress (Istio)?
我在 Strimzi 的文档中没有找到这个。
谢谢。
我现在也绕过慢。问题是,我使用了 Strimzi Operator 部署的 kubernetes 服务 kafka-cluster-01-kafka-brokers,但它像我的两个 kafka 代理之间的负载平衡器一样工作,所以它有时会在我的主题中请求错误的分区,而请求的代理没有持有.在为每个 broker pod 安装专用服务后,我能够在前面使用 Istio 完全获得一个工作的 kafka 队列。
我只需要以某种方式告诉 Stimzi 操作员,如何为每个 pod 部署专用服务并分别标记 pods。
我有一个关于如何使用 Istio Ingress Gateway 配置 Strimzi Kafka Operator 以服务于 bootstrap 和代理服务的问题。
我已将 Istio 部署到以下网关和虚拟服务,以服务器 bootstrap 和代理:
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
annotations:
name: strimzi-kafka-gw-broker
namespace: strimzi
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- myserver
port:
name: https
number: 9094
protocol: HTTP2
tls:
mode: SIMPLE
credentialName: myserver-tls
---
apiVersion: networking.istio.io/v1beta1
kind: Gateway
metadata:
annotations:
name: strimzi-kafka-gw-bootstrap
namespace: strimzi
spec:
selector:
istio: ingressgateway
servers:
- hosts:
- myserver
port:
name: tls-9093
number: 9093
protocol: TLS
tls:
mode: SIMPLE
credentialName: myserver-tls
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
annotations:
name: strimzi-kafka-vs-broker
namespace: strimzi
spec:
gateways:
- strimzi-kafka-gw-broker
hosts:
- my-server
http:
- match:
- uri:
prefix: /
route:
- destination:
host: kafka-cluster-01-kafka-brokers
port:
number: 9092
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
annotations:
name: strimzi-kafka-vs-bootstrap
namespace: strimzi
spec:
gateways:
- strimzi-kafka-gw-bootstrap
hosts:
- my-server
tcp:
- match:
- port: 9093
route:
- destination:
host: kafka-cluster-01-kafka-bootstrap
port:
number: 9092
问题是,当我通过 Kubernetes 中的 Strimzi Kafka operator 部署 Kafka 资源时,我需要将代理的广告地址和广告端口设置为通过 Ingress 使用的 kafka 客户端,它还会创建一个Istio 同一端口上的侦听器无法为同一端口提供服务。
Stimzi Kafka 资源:
apiVersion: kafka.strimzi.io/v1beta2
kind: Kafka
metadata:
name: kafka-cluster-01
spec:
kafka:
version: 3.1.0
replicas: 2
listeners:
- name: internal
port: 9092
type: internal
tls: false
configuration:
brokers:
- broker: 0
advertisedHost: my-server
advertisedPort: 9094
- broker: 1
advertisedHost: my-server
advertisedPort: 9094
- broker: 2
advertisedHost: my-server
advertisedPort: 9094
config:
offsets.topic.replication.factor: 2
transaction.state.log.replication.factor: 2
transaction.state.log.min.isr: 2
default.replication.factor: 2
min.insync.replicas: 2
inter.broker.protocol.version: "3.1"
receive.message.max.bytes: 1513486160
advertised: my-server
storage:
type: jbod
volumes:
- id: 0
type: persistent-claim
size: 100Gi
deleteClaim: false
zookeeper:
replicas: 1
storage:
type: persistent-claim
size: 100Gi
deleteClaim: false
entityOperator:
topicOperator: {}
userOperator: {}
如何告诉 Kafka (Strimzi) 为代理使用广告地址和端口,而不在其上创建侦听器以在其前面使用 Ingress (Istio)?
我在 Strimzi 的文档中没有找到这个。
谢谢。
我现在也绕过慢。问题是,我使用了 Strimzi Operator 部署的 kubernetes 服务 kafka-cluster-01-kafka-brokers,但它像我的两个 kafka 代理之间的负载平衡器一样工作,所以它有时会在我的主题中请求错误的分区,而请求的代理没有持有.在为每个 broker pod 安装专用服务后,我能够在前面使用 Istio 完全获得一个工作的 kafka 队列。
我只需要以某种方式告诉 Stimzi 操作员,如何为每个 pod 部署专用服务并分别标记 pods。