关于GCU、沐曦GPGPU、MLU、0卡V100资源4月7日恢复上架的公告>>> 关于共建具身智能开源数据集的倡议>>> 关于云脑任务中统一路径访问方式的公告>>> 关于将启智集群GPU资源迁移至智算集群的公告>>>
cubepy
/
cubepy
Not watched
10
2
Fork 0
Code
Releases 0 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 Commits
1 Branch
11 MiB
119 Download
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
cubepy/minikube
huolongshe d05fad9652 README.md 1 year ago
..
gpushare README.md 1 year ago
plugin_gpushare README.md 1 year ago
plugin_metrics README.md 1 year ago
plugin_nvidia_device README.md 1 year ago
service README.md 1 year ago
storage README.md 1 year ago
README.md README.md 1 year ago

README.md

Minikube环境部署

在将CubePy微服务框架及样例微服务应用部署至k8s云原生环境之前,可以先在单机上使用minikube进行部署测试。

一、开发环境准备

首先参照 根目录README文档 完成 CubePy 基础开发环境配置。

安装部署K8S测试集群

Minikube官方文档参见:https://minikube.sigs.k8s.io/docs/

建议使用 minikube v1.25.2 版本,集群搭建步骤如下:

  1. 如果使用 Ubuntu 16.4 ,需在每次重启系统后执行如下操作(Ubuntu 18.4/20.4 不需要):

    修改 /etc/resolv.conf 文件:
   将其中 “nameserver 127.0.x.x” 改为: “nameserver 114.114.114.114”

  2. 使用非root用户登录,配置其具有操作docker的权限:

    $ sudo usermod -aG docker $USER
$ newgrp docker

  3. 安装kubectl:

    $ curl -LO “https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl”
$ sudo install kubectl /usr/local/bin/kubectl

  4. 配置HostPath Volume持久化:

    $ sudo sysctl fs.protected_regular=0
$ sudo mkdir -p /var/tmp/hostpath-provisioner /tmp/hostpath-provisioner
$ sudo mount --bind /var/tmp/hostpath-provisioner /tmp/hostpath-provisioner
$ echo '/var/tmp/hostpath-provisioner /tmp/hostpath-provisioner none defaults,bind 0 0' |sudo tee -a /etc/fstab

  5. 拉取minikube依赖的镜像:

    $ docker pull registry.aliyuncs.com/google_containers/storage-provisioner:v5
$ docker tag registry.aliyuncs.com/google_containers/storage-provisioner:v5 registry.aliyuncs.com/google_containers/k8s-minikube/storage-provisioner:v5

  6. 安装minikube:

    $ curl -LO https://storage.googleapis.com/minikube/releases/v1.25.2/minikube-linux-amd64
$ sudo install minikube-linux-amd64 /usr/local/bin/minikube

  7. 启动minikube:

    如果以前启动过其他版本的minikube,需要先清除相关痕迹:

    $ minikube delete --all 
$ minikube delete
$ sudo rm -rf .kube/
$ sudo rm -rf .minikube/
$ sudo rm -rf /etc/kubernetes/
$ sudo rm /tmp/juju*
$ sudo rm /tmp/minikube*
$ sudo rm -rf /var/lib/minikube/

    然后执行如下命令其中minikube:

    $ sudo -E minikube start --driver=none --image-mirror-country=cn --image-repository=registry.aliyuncs.com/google_containers --insecure-registry "10.100.1.2" --install-addons false --extra-config=kubelet.cgroup-driver=systemd

    注意,上述 --insecure-registry 参数值需要替换成本机网卡的IP地址或地址段,例如192.168.1.x或192.168.1.0/24,请根据实际情况修改。

    等待显示:Done! kubectl is now configured to use "minikube" cluster and "default" namespace by default,表示集群启动完毕。然后执行:

    $ sudo chown -R $USER $HOME/.kube $HOME/.minikube

  8. 如果需要在k8s中使用GPU,可通过执行以下命令来配置gpushare(可选):

    $ sh ~/cubenet/cubepy/minikube/gpushare/deploy_gpushare.sh

  9. 配置metrics-server(可选):

    $ kubectl apply -f ~/cubenet/cubepy/minikube/plugin_metrics
$ kubectl -nkube-system patch deploy metrics-server --patch '{"spec":{"template":{"spec":{"containers":[{"name":"metrics-server","args":["--cert-dir=/tmp","--secure-port=4443","--kubelet-preferred-address-types=InternalIP,Hostname,InternalDNS,ExternalDNS,ExternalIP","--kubelet-use-node-status-port","--metric-resolution=15s","--kubelet-insecure-tls"]}]}}}}'

  10. 配置dashboard:

    $ minikube addons enable dashboard --images="Dashboard=dashboard:v2.5.1,MetricsScraper=metrics-scraper:v1.0.7"

  11. 配置远程连接权限:

    $ kubectl -nkube-system create sa remote-admin
$ kubectl create clusterrolebinding remote-admin --clusterrole=cluster-admin --serviceaccount=kube-system:remote-admin

  12. 启动dashboard界面:

    $ minikube dashboard

等待显示Opening http://127.0.0.1:3xxxx/api/v1/namespaces/kubernetes-dashboard/services/http:kubernetes-dashboard:/proxy/ in your default browser...,命令会自动调用浏览器打开dashboard。

如果未自动打开浏览器,请将上述URL复制到浏览器打开。

  1. 停止minkube:

    $ minikube stop

  2. 重启minikube集群:

    $ sudo -E minikube start
$ sudo chown -R $USER $HOME/.kube $HOME/.minikube

  3. 彻底删除minkube集群:

    $ minikube delete --all

二、安装Istio

  1. Istio的安装基于minikube,需要预先安装并启动好minikube。

  2. 安装Istio:

    $ wget https://github.com/istio/istio/releases/download/1.13.2/istio-1.13.2-linux-amd64.tar.gz --no-check-certificate
$ tar -xvf istio-1.13.2-linux-amd64.tar.gz
$ ./istio-1.13.2/bin/istioctl install --set hub=mirror.baidubce.com/istio -y
$ kubectl -nistio-system patch svc istio-ingressgateway --patch '{"spec":{"externalIPs":["'"$(minikube ip)"'"],"ports":[{"name":"nexus-ui","port":8081,"protocol":"TCP","targetPort":8081},{"name":"uaa-mysql","port":13306,"protocol":"TCP","targetPort":13306},{"name":"umm-mysql","port":13307,"protocol":"TCP","targetPort":13307}]}}'

  3. 安装prometheus、grafan、jaeger和kiali等遥测插件(可选,需要时安装)

    $ sed -i 's/image: "/image: "mirror.baidubce.com\//' istio-1.13.2/samples/addons/prometheus.yaml
$ sed -i 's/image: "/image: "mirror.baidubce.com\//' istio-1.13.2/samples/addons/grafana.yaml
$ sed -i 's/docker.io/mirror.baidubce.com/' istio-1.13.2/samples/addons/jaeger.yaml
$ sed -i 's/Always/IfNotPresent/' istio-1.13.2/samples/addons/kiali.yaml
$ sed -i '/external_services:/a\      grafana:\n        url: "http://'$(minikube ip)':15031"\n      tracing:\n        url: "http://'$(minikube ip)':15032/jaeger"' istio-1.13.2/samples/addons/kiali.yaml
$ kubectl apply -f istio-1.13.2/samples/addons/

    对外暴露遥测插件的端口:

    $ kubectl apply -f ~/cubenet/cubepy/minikube/telemetry/expose.yaml
$ kubectl -nistio-system patch svc istio-ingressgateway --patch '{"spec":{"ports":[{"name":"kiali","port":15029,"protocol":"TCP","targetPort":15029},{"name":"prometheus","port":15030,"protocol":"TCP","targetPort":15030},{"name":"grafana","port":15031,"protocol":"TCP","targetPort":15031},{"name":"tracing","port":15032,"protocol":"TCP","targetPort":15032}]}}'

    安装完成后,可以通过下列地址访问遥测插件:

    - Kiali:http://<命令minikube ip输出的地址>:15029
- Prometheus:http://<命令minikube ip输出的地址>:15030
- Grafana:http://<命令minikube ip输出的地址>:15031
- Jaeger:http://<命令minikube ip输出的地址>:15032

三、部署CubePy微服务

  1. 编译打包微服务docker镜像

    预先将CubePy源代码下载至当前帐号的 cubenet 目录之下,然后:

     $ cd ~/cubenet/cubepy/
 $ sh build-dockers.sh

  2. 修改 ./service/cubepy-configmap.yml 配置文件内容(参照其中相关注释)。

  3. 修改 ./service/ingressgateway.yml 配置文件,将其中出现的所有IP地址(例如:1092.168.1.2)替换成如下命令的输出值(通常为本机网卡IP地址):

    $ minikube ip

  4. 创建CubePy项目命名空间:

    $ kubectl create namespace cubenet
$ kubectl label namespace cubenet istio-injection=enabled

  5. 拉起平台运行需要用到的存储资源:

    $ kubectl apply -f ~/cubenet/cubepy/minikube/storage

  6. 拉起平台运行需要用到的其他资源和微服务:

    $ kubectl apply -f ~/cubenet/cubepy/minikube/service

  7. 配置Nexus服务器:

    等待nexus服务启动完成后,执行nexus自动配置操作:

    $ sh ~/cubenet/cubepy/minikube/service/nexus_configure_minikube.sh

    屏幕输出中出现如下JSON格式数据后,才表示配置成功(如不成功请多试几次):

        {
        "enabled" : true,
        "userId" : "anonymous",
        "realmName" : "NexusAuthorizingRealm"
    }

  8. 查看所有资源是否正常(也可在dashboard图形界面中查看):

    $ kubectl -ncubenet get cm,pvc,pv,deploy,po,svc,vs,gw -owide

  9. 在开发过程中,如某个微服务代码有更新,以uaa为例,打包新的uaa镜像之后需要执行如下命令来重启该微服务:

    $ kubectl -ncubenet delete pod -l app=uaa

  10. 在浏览器中输入如下地址打开CubePy平台页面:

    http://<命令 minikube ip 的输出值>

四、停止/重启微服务

  1. 停止并删除部署在Minikube中的CubePy微服务:

    $ kubectl delete -f ~/cubenet/cubepy/minikube/service

  2. 重启CubePy微服务:

    $ kubectl apply -f ~/cubenet/cubepy/minikube/service
Delete task

Are you sure you want to delete this task? Once this task is deleted, it cannot be recovered.

cancel
confirm

CubePy微服务框架——部署脚本和用户指南

Shell Python

Contributors (1)
All

Please read the following content carefully:

Dear OpenI User

Thank you for your continuous support to the Openl Qizhi Community AI Collaboration Platform. In order to protect your usage rights and ensure network security, we updated the Openl Qizhi Community AI Collaboration Platform Usage Agreement in January 2024. The updated agreement specifies that users are prohibited from using intranet penetration tools. After you click "Agree and continue", you can continue to use our services. Thank you for your cooperation and understanding.

For more agreement content, please refer to the《Openl Qizhi Community AI Collaboration Platform Usage Agreement》

Agree and continue
Disagree, exit