从零构建谷粒商城Kubernetes集群实战指南为什么选择Kubernetes部署谷粒商城在当今电商系统高并发、高可用的需求背景下传统单体架构已无法满足业务快速迭代和弹性扩展的需求。谷粒商城作为典型的分布式电商系统采用微服务架构设计天然适合容器化部署。而Kubernetes作为容器编排领域的事实标准能够为谷粒商城提供以下核心能力自动化运维自动处理服务部署、扩缩容和故障恢复资源优化智能调度容器资源提高服务器利用率环境一致性开发、测试、生产环境完全一致灰度发布支持金丝雀发布和蓝绿部署等高级发布策略环境准备与集群规划硬件资源配置建议节点类型数量CPU内存磁盘网络Master34核8GB50GB千兆Worker38核16GB100GB千兆系统配置优化# 关闭防火墙 systemctl stop firewalld systemctl disable firewalld # 禁用SELinux sed -i s/enforcing/disabled/ /etc/selinux/config setenforce 0 # 关闭Swap swapoff -a sed -ri s/.*swap.*/#/ /etc/fstab # 配置内核参数 cat /etc/sysctl.d/k8s.conf EOF net.bridge.bridge-nf-call-ip6tables 1 net.bridge.bridge-nf-call-iptables 1 EOF sysctl --system提示所有节点都需要执行上述系统配置确保环境一致性容器运行时与Kubernetes组件安装Docker安装与配置# 安装依赖 yum install -y yum-utils device-mapper-persistent-data lvm2 # 添加阿里云镜像源 yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo # 安装指定版本Docker yum install -y docker-ce-19.03.15 docker-ce-cli-19.03.15 containerd.io # 配置镜像加速 mkdir -p /etc/docker cat /etc/docker/daemon.json EOF { exec-opts: [native.cgroupdriversystemd], registry-mirrors: [https://chqac97z.mirror.aliyuncs.com] } EOF # 启动服务 systemctl daemon-reload systemctl restart docker systemctl enable dockerKubernetes组件安装# 添加阿里云Kubernetes源 cat /etc/yum.repos.d/kubernetes.repo EOF [kubernetes] nameKubernetes baseurlhttps://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled1 gpgcheck0 repo_gpgcheck0 EOF # 安装指定版本组件 yum install -y kubelet-1.17.3 kubeadm-1.17.3 kubectl-1.17.3 # 启动服务 systemctl enable kubelet systemctl start kubelet使用kubeadm初始化集群Master节点初始化kubeadm init \ --apiserver-advertise-address192.168.119.133 \ --image-repository registry.cn-hangzhou.aliyuncs.com/google_containers \ --kubernetes-version v1.17.3 \ --service-cidr10.96.0.0/16 \ --pod-network-cidr10.244.0.0/16初始化成功后按照提示配置kubectlmkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config节点加入集群使用初始化时输出的join命令将Worker节点加入集群kubeadm join 192.168.119.133:6443 --token gqb4j5.c6f3n7hd2gaif5bv \ --discovery-token-ca-cert-hash sha256:73746a1d5a5efbae299b1b96c363395f8e9dd08e69c7dd168abf41eff38aa064网络插件部署与问题排查Flannel网络插件安装kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml常见问题解决方案ImagePullBackOff错误手动下载flannel镜像并导入docker pull quay.io/coreos/flannel:v0.11.0-amd64 docker tag quay.io/coreos/flannel:v0.11.0-amd64 quay.io/coreos/flannel:v0.11.0-amd64CNI插件缺失下载CNI插件并部署wget https://github.com/containernetworking/plugins/releases/download/v0.8.6/cni-plugins-linux-amd64-v0.8.6.tgz mkdir -p /opt/cni/bin tar -zxvf cni-plugins-linux-amd64-v0.8.6.tgz -C /opt/cni/bin部署谷粒商城核心组件MySQL集群部署apiVersion: apps/v1 kind: StatefulSet metadata: name: mysql spec: serviceName: mysql replicas: 3 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: mysql:5.7 env: - name: MYSQL_ROOT_PASSWORD value: gulimall ports: - containerPort: 3306 volumeMounts: - name: mysql-data mountPath: /var/lib/mysql volumeClaimTemplates: - metadata: name: mysql-data spec: accessModes: [ReadWriteOnce] resources: requests: storage: 10GiRedis集群部署# 使用Helm快速部署Redis集群 helm install redis-cluster stable/redis-ha \ --set redis.replicas3 \ --set redis.passwordgulimall \ --set sentinel.enabledtrue服务暴露与监控Ingress控制器部署# 安装Nginx Ingress Controller helm install nginx-ingress stable/nginx-ingress \ --set controller.replicaCount2 \ --set controller.nodeSelector.beta\.kubernetes\.io/oslinux \ --set defaultBackend.nodeSelector.beta\.kubernetes\.io/oslinux监控系统部署# 部署Prometheus Operator helm install prometheus stable/prometheus-operator \ --set grafana.service.typeNodePort \ --set prometheus.service.typeNodePort集群运维最佳实践定期备份etcd数据ETCDCTL_API3 etcdctl --endpointshttps://127.0.0.1:2379 \ --cacert/etc/kubernetes/pki/etcd/ca.crt \ --cert/etc/kubernetes/pki/etcd/server.crt \ --key/etc/kubernetes/pki/etcd/server.key \ snapshot save snapshot.db节点维护命令# 安全驱逐节点上的Pod kubectl drain node-name --ignore-daemonsets # 节点维护完成后重新加入集群 kubectl uncordon node-name日志收集方案# 部署EFK日志系统 kubectl apply -f https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/es-statefulset.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/fluentd-es-ds.yaml kubectl apply -f https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/addons/fluentd-elasticsearch/kibana-deployment.yaml通过以上步骤我们完成了谷粒商城在Kubernetes集群上的完整部署。实际生产环境中还需要根据业务流量特点调整HPA策略、配置合理的Resource Quota以及完善监控告警体系。