工作原理

为了实现在k8s上安装Dapr，Dapr需要部署dapr-sidecar-injector、dapr-operator、dapr-placement和dapr-sentry服务。

• dapr-operator: 管理组件(state stores, pub/subs, etc.)

• dapr-sidecar-injector: 将 Dapr 注入 annotated pods，并添加环境变量 DAPR_HTTP_PORT 和 DAPR_GRPC_PORT，以使用户定义的应用程序能够轻松地与 Dapr Sidecar通信，而无需硬编码 Dapr 端口值。

• dapr-placement: 将 actor 实例映射到 pods。

• dapr-sentry: 管理服务之间的mTLS并作为证书颁发机构。

2.安装K8s集群

通常使用以下方法本地安装的K8S集群

• k8s-for-docker-desktop

• kubeadm

我本地已经安装好了这两种，这次使用kubeadm 1.20版本演示dapr

3.将Frontend和Backend build成docker Image

vs中分别右击Frontend和Backend，添加Docker支持，即可生成对应的Dockerfile，修改暴露端口

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 5001FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build
WORKDIR /src
COPY ["FrontEnd/FrontEnd.csproj", "FrontEnd/"]
RUN dotnet restore "FrontEnd/FrontEnd.csproj"
COPY . .
WORKDIR "/src/FrontEnd"
RUN dotnet build "FrontEnd.csproj" -c Release -o /app/buildFROM build AS publish
RUN dotnet publish "FrontEnd.csproj" -c Release -o /app/publishFROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "FrontEnd.dll"]

#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 5000FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build
WORKDIR /src
COPY ["BackEnd/BackEnd.csproj", "BackEnd/"]
RUN dotnet restore "BackEnd/BackEnd.csproj"
COPY . .
WORKDIR "/src/BackEnd"
RUN dotnet build "BackEnd.csproj" -c Release -o /app/buildFROM build AS publish
RUN dotnet publish "BackEnd.csproj" -c Release -o /app/publishFROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "BackEnd.dll"]

通过以下命令Build Image

docker build -t frontend -f  ./FrontEnd/Dockerfile .docker build -t backend -f  ./BackEnd/Dockerfile .

4.将Docker Image推送到仓库

我使用阿里云私有仓库来上传镜像，创建frontend和backend两个库

按照以下提示步骤将frontend和backend Image上传到指定库

5.让k8s使用私有仓库拉取镜像

k8s主节点登录阿里云私库

docker login --username=xxx registry.cn-beijing.aliyuncs.com

docker登录之后，会把密钥存到一个配置文件，通过下面命令拿到base64编码信息

cat ~/.docker/config.json | base64

新建ali-docker-repo.yaml，.dockerconfigjson就是上一步得到的base64

[root@k8s-master dapr-demo]# cat ali-docker-repo.yaml
apiVersion: v1
kind: Secret
metadata:name: ali-key
type: kubernetes.io/dockerconfigjson
data:.dockerconfigjson: ewoJImF1dGhzIjogewoJCSJyZWdpc3RyeS5jbi1iZWlqaW5nLmFsaXl1bmNzLmNvbSI6IHs..............

apply secret

[root@k8s-master dapr-demo]# kubectl apply -f ali-docker-repo.yaml

6.安装Dapr CLI

下面命令将DaprCLI安装到 /usr/local/bin

wget -q https://raw.githubusercontent.com/dapr/cli/master/install/install.sh -O - | /bin/bash

7.验证Dapr CLI

dapr

8.初始化Dapr

首先，请确保你的机器已经安装了 Helm 3 。

然后，添加 Helm 库并更新

helm repo add dapr https://dapr.github.io/helm-charts/
helm repo update
# See which chart versions are available
helm search repo dapr --devel --versions

将 Dapr 图表安装在你的集群的 dapr-system命名空间中。

helm upgrade --install dapr dapr/dapr \
--version=1.2 \
--namespace dapr-system \
--create-namespace \
--wait

验证安装

[root@k8s-master dapr-demo]# kubectl get pods --namespace dapr-system
NAME                                     READY   STATUS    RESTARTS   AGE
dapr-dashboard-58b4647996-828n8          1/1     Running   2          9d
dapr-operator-85bdd7d89d-5d8dw           1/1     Running   19         9d
dapr-placement-server-0                  1/1     Running   3          9d
dapr-sentry-76bfc5f7c7-vn2qt             1/1     Running   2          9d
dapr-sidecar-injector-786645f444-dmzm7   1/1     Running   2          9d

9.配置状态存储和订阅发布组件

我们仍然通过helm安装redis，因为redis是statefulset，因此需要先把redis依赖的storageclass和pv创建好

新建redis-storage-class.yaml

[root@k8s-master dapr-demo]# cat redis-storage-class.yaml
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:name: local-storage-redis
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer

apply storageclass

[root@k8s-master dapr-demo]# kubectl apply -f redis-storage-class.yaml

由于我们即将安装的redis，使用默认的storageclass，我们需要把我们刚刚新建的storageclass置为默认

kubectl patch storageclass local-storage-redis -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

因为我们即将安装的redis集群有四个节点，我们需新建四个pv，新建文件redis-pv.yaml

apiVersion: v1
kind: PersistentVolume
metadata:name: local-pv-redis
spec:capacity:storage: 8Gi# volumeMode field requires BlockVolume Alpha feature gate to be enabled.volumeMode: FilesystemaccessModes:- ReadWriteOncestorageClassName: local-storage-redispersistentVolumeReclaimPolicy: Retainlocal:path: /local-storage/redisnodeAffinity:required:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/hostnameoperator: Invalues:- k8s-node1---
apiVersion: v1
kind: PersistentVolume
metadata:name: local-pv-redis2
spec:capacity:storage: 8Gi# volumeMode field requires BlockVolume Alpha feature gate to be enabled.volumeMode: FilesystemaccessModes:- ReadWriteOncestorageClassName: local-storage-redispersistentVolumeReclaimPolicy: Retainlocal:path: /local-storage/redisnodeAffinity:required:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/hostnameoperator: Invalues:- k8s-node1---
apiVersion: v1
kind: PersistentVolume
metadata:name: local-pv-redis3
spec:capacity:storage: 8Gi# volumeMode field requires BlockVolume Alpha feature gate to be enabled.volumeMode: FilesystemaccessModes:- ReadWriteOncestorageClassName: local-storage-redispersistentVolumeReclaimPolicy: Retainlocal:path: /local-storage/redisnodeAffinity:required:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/hostnameoperator: Invalues:- k8s-node1---
apiVersion: v1
kind: PersistentVolume
metadata:name: local-pv-redis4
spec:capacity:storage: 8Gi# volumeMode field requires BlockVolume Alpha feature gate to be enabled.volumeMode: FilesystemaccessModes:- ReadWriteOncestorageClassName: local-storage-redispersistentVolumeReclaimPolicy: Retainlocal:path: /local-storage/redisnodeAffinity:required:nodeSelectorTerms:- matchExpressions:- key: kubernetes.io/hostnameoperator: Invalues:- k8s-node1

因为我们指定了四个pv调度在k8s-node1上，所以需要去node1上新建挂载目录/local-storage/redis

mkdir /local-storage
cd /local-storage
mkdir /redis

apply pv

kubectl apply -f redis-pv.yaml

安装redis到集群

helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install redis bitnami/redis

查看redis pod

[root@k8s-master dapr-demo]# kubectl get pod
redis-master-0              1/1     Running   0          141m
redis-replicas-0            1/1     Running   0          141m
redis-replicas-1            1/1     Running   0          141m
redis-replicas-2            1/1     Running   0          140m

创建storestate组件，新建redis-state.yaml

[root@k8s-master dapr-demo]# cat redis-state.yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:name: statestorenamespace: default
spec:type: state.redisversion: v1metadata:- name: redisHostvalue: redis-master.default.svc.cluster.local:6379- name: redisPasswordsecretKeyRef:name: rediskey: redis-password- name: actorStateStorevalue: "true"

新建pubsub组件

[root@k8s-master dapr-demo]# cat redis-pubsub.yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:name: pubsubnamespace: default
spec:type: pubsub.redisversion: v1metadata:- name: redisHostvalue: redis-master.default.svc.cluster.local:6379- name: redisPasswordsecretKeyRef:name: rediskey: redis-password

apply statestore和pubsub

kubectl apply -f redis-state.yaml
kubectl apply -f redis-pubsub.yaml

验证

[root@k8s-master dapr-demo]# kubectl get component.dapr.io
NAME         AGE
pubsub       135m
statestore   135m

10.分别为frontend和backend新建deployment

在 Kubernetes 集群中部署和运行启用 Dapr 的应用程序非常简单，只需向 deployment 方案添加一些annotations

[root@k8s-master dapr-demo]# cat frontend.yaml
apiVersion: apps/v1
kind: Deployment
metadata:name: frontendlabels:app: frontend
spec:replicas: 1selector:matchLabels:app: frontendtemplate:metadata:labels:app: frontendannotations:dapr.io/enabled: "true"dapr.io/app-id: "frontend"dapr.io/app-port: "5001"spec:imagePullSecrets:- name: ali-keycontainers:- name: frontendimage: registry.cn-beijing.aliyuncs.com/chester-dapr/frontend:latestports:- containerPort: 5001imagePullPolicy: Always

[root@k8s-master dapr-demo]# cat backend.yaml
apiVersion: apps/v1
kind: Deployment
metadata:name: backendlabels:app: backend
spec:replicas: 1selector:matchLabels:app: backendtemplate:metadata:labels:app: backendannotations:dapr.io/enabled: "true"dapr.io/app-id: "backend"dapr.io/app-port: "5000"spec:imagePullSecrets:- name: ali-keycontainers:- name: backendimage: registry.cn-beijing.aliyuncs.com/chester-dapr/backend:latestports:- containerPort: 5000imagePullPolicy: Always

分别apply backend和frontend

[root@k8s-master dapr-demo]# kubectl apply -f frontend.yaml
[root@k8s-master dapr-demo]# kubectl apply -f backend.yaml

查看pod

[root@k8s-master dapr-demo]# kubectl get pod
NAME                        READY   STATUS    RESTARTS   AGE
backend-7fff74f544-f6xms    2/2     Running   0          134m
frontend-5c479c9948-tmz5k   2/2     Running   0          99m
redis-master-0              1/1     Running   0          147m
redis-replicas-0            1/1     Running   0          147m
redis-replicas-1            1/1     Running   0          146m
redis-replicas-2            1/1     Running   0          146m

11.验证

为frontend创建service

[root@k8s-master dapr-demo]# cat frontend-service.yaml
apiVersion: v1
kind: Service
metadata:name: frontend-svc
spec:type: NodePortselector:app: frontendports:- port: 5001targetPort: 5001nodePort: 31111

采用nodeport方式暴露31111端口，apply service

kubectl apply -f frontend-service.yaml

访问http://192.168.43.150:31111/Dapr，其中192.168.43.150是宿主机ip，结果显示访问成功，k8s部署dapr成功

最后：整个教程的源码

https://github.com/cysnet/dapr-aspnetcore-demo

相关文章：

• Dapr实战（一） 基础概念与环境搭建

• Dapr + .NET Core实战（二） 服务调用

• Dapr + .NET Core实战（三）状态管理

• Dapr + .NET 实战（四）发布和订阅

• Dapr + .NET 实战（五）Actor

• Dapr + .NET 实战（六）绑定

• Dapr + .NET 实战（七）Secrets

• Dapr + .NET 实战（八）服务监测

• Dapr + .NET 实战（九）本地调试

• 为什么 Dapr 如此令人兴奋