外观
KingBaseES Docker/K8s部署
随着容器技术和云原生架构的普及,将KingBaseES数据库部署到Docker和Kubernetes环境已成为越来越多企业的选择。本文将详细介绍KingBaseES在容器化环境中的部署方案。
Docker部署方案
1. Docker镜像构建
基础镜像选择
推荐使用的基础镜像:
- CentOS 7/8
- RHEL 7/8
- Ubuntu 20.04/22.04
Dockerfile编写
dockerfile
# 基于CentOS 7构建KingBaseES V8 R7镜像
FROM centos:7
# 设置环境变量
ENV KINGBASE_VERSION=V8R7C7
ENV KINGBASE_HOME=/opt/kingbase/ES/V8R7C7
ENV PGDATA=/opt/kingbase/data
ENV PATH=$PATH:$KINGBASE_HOME/bin
# 安装依赖包
RUN yum -y update && \
yum -y install epel-release && \
yum -y install wget gcc gcc-c++ make perl readline-devel zlib-devel openssl-devel && \
yum clean all
# 下载并安装KingBaseES
RUN wget -O /tmp/KingbaseES_V8R7C7_Lin64_install.iso http://your-repo-url/KingbaseES_V8R7C7_Lin64_install.iso && \
mkdir -p /mnt/iso && \
mount -o loop /tmp/KingbaseES_V8R7C7_Lin64_install.iso /mnt/iso && \
cd /mnt/iso && \
./install.sh -i silent -DAPP_BASE_INSTALL_PATH=/opt/kingbase -DAPP_SHARE_DIR=/opt/kingbase/share -DDB_INIT=Y -DDB_PORT=54321 -DDB_USER=system -DDB_PASSWORD=Kingbase123 && \
umount /mnt/iso && \
rm -rf /tmp/KingbaseES_V8R7C7_Lin64_install.iso
# 配置KingBaseES
RUN sed -i 's/^listen_addresses.*/listen_addresses = "*"/' $PGDATA/kingbase.conf && \
echo "host all all 0.0.0.0/0 trust" >> $PGDATA/pg_hba.conf
# 创建启动脚本
RUN echo '#!/bin/bash\n\nexec kdb5start -D $PGDATA -i' > /usr/local/bin/start-kingbase && \
chmod +x /usr/local/bin/start-kingbase
# 暴露端口
EXPOSE 54321
# 设置启动命令
CMD ["start-kingbase"]构建镜像
bash
docker build -t kingbase:v8r7 .2. 单容器部署
基本部署
bash
docker run -d \
--name kingbase \
-p 54321:54321 \
-v kingbase-data:/opt/kingbase/data \
kingbase:v8r7挂载外部配置文件
bash
docker run -d \
--name kingbase \
-p 54321:54321 \
-v /host/path/kingbase.conf:/opt/kingbase/data/kingbase.conf \
-v /host/path/pg_hba.conf:/opt/kingbase/data/pg_hba.conf \
-v kingbase-data:/opt/kingbase/data \
kingbase:v8r73. 主从复制部署
主库部署
bash
docker run -d \
--name kingbase-master \
-p 54321:54321 \
-e REPLICATION_MODE=master \
-e REPLICATION_USER=repl \
-e REPLICATION_PASSWORD=repl123 \
-v kingbase-master-data:/opt/kingbase/data \
kingbase:v8r7从库部署
bash
docker run -d \
--name kingbase-slave \
-p 54322:54321 \
-e REPLICATION_MODE=slave \
-e REPLICATION_MASTER_HOST=kingbase-master \
-e REPLICATION_MASTER_PORT=54321 \
-e REPLICATION_USER=repl \
-e REPLICATION_PASSWORD=repl123 \
-v kingbase-slave-data:/opt/kingbase/data \
--link kingbase-master \
kingbase:v8r7Kubernetes部署方案
1. StatefulSet部署
持久化存储配置
yaml
# storage-class.yaml
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: kingbase-storage-class
provisioner: kubernetes.io/aws-ebs # 根据实际环境选择provisioner
parameters:
type: gp2
fsType: ext4
reclaimPolicy: Retain
allowVolumeExpansion: true
---
# persistent-volume-claim.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kingbase-pvc
spec:
storageClassName: kingbase-storage-class
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 50GiStatefulSet部署配置
yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: kingbase
spec:
serviceName: kingbase
replicas: 3
selector:
matchLabels:
app: kingbase
template:
metadata:
labels:
app: kingbase
spec:
containers:
- name: kingbase
image: kingbase:v8r7
ports:
- containerPort: 54321
name: kingbase
env:
- name: KINGBASE_HOME
value: /opt/kingbase/ES/V8R7C7
- name: PGDATA
value: /opt/kingbase/data
volumeMounts:
- name: kingbase-data
mountPath: /opt/kingbase/data
- name: kingbase-config
mountPath: /opt/kingbase/data/kingbase.conf
subPath: kingbase.conf
- name: kingbase-hba
mountPath: /opt/kingbase/data/pg_hba.conf
subPath: pg_hba.conf
volumes:
- name: kingbase-config
configMap:
name: kingbase-config
- name: kingbase-hba
configMap:
name: kingbase-hba
volumeClaimTemplates:
- metadata:
name: kingbase-data
spec:
storageClassName: kingbase-storage-class
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 50Gi
---
# service.yaml
apiVersion: v1
kind: Service
metadata:
name: kingbase
spec:
selector:
app: kingbase
ports:
- port: 54321
targetPort: 54321
clusterIP: None
---
# configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: kingbase-config
data:
kingbase.conf: |
listen_addresses = "*"
port = 54321
max_connections = 1000
shared_buffers = 2GB
effective_cache_size = 4GB
maintenance_work_mem = 512MB
checkpoint_completion_target = 0.9
wal_buffers = 16MB
default_statistics_target = 100
random_page_cost = 1.1
effective_io_concurrency = 200
work_mem = 2MB
min_wal_size = 1GB
max_wal_size = 4GB
checkpoint_timeout = 30min
wal_compression = on
---
apiVersion: v1
kind: ConfigMap
metadata:
name: kingbase-hba
data:
pg_hba.conf: |
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
host all all 0.0.0.0/0 md5
host replication all 0.0.0.0/0 md52. 主从复制配置
主库配置
yaml
# kingbase-master-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: kingbase-master-config
data:
kingbase.conf: |
# 主库特有配置
wal_level = replica
max_wal_senders = 10
wal_keep_size = 1GB
hot_standby = on
max_replication_slots = 10从库配置
yaml
# kingbase-slave-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: kingbase-slave-config
data:
kingbase.conf: |
# 从库特有配置
hot_standby = on
max_standby_streaming_delay = 30s
wal_receiver_status_interval = 10s
hot_standby_feedback = on3. 服务暴露
NodePort服务
yaml
apiVersion: v1
kind: Service
metadata:
name: kingbase-nodeport
spec:
selector:
app: kingbase
type: NodePort
ports:
- port: 54321
targetPort: 54321
nodePort: 30001LoadBalancer服务
yaml
apiVersion: v1
kind: Service
metadata:
name: kingbase-loadbalancer
spec:
selector:
app: kingbase
type: LoadBalancer
ports:
- port: 54321
targetPort: 54321
loadBalancerIP: 10.0.0.100 # 可选,指定固定IP4. 监控和日志
Prometheus监控
yaml
# kingbase-exporter.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: kingbase-exporter
spec:
replicas: 1
selector:
matchLabels:
app: kingbase-exporter
template:
metadata:
labels:
app: kingbase-exporter
spec:
containers:
- name: kingbase-exporter
image: prometheuscommunity/postgres-exporter:v0.10.1
env:
- name: DATA_SOURCE_NAME
value: "postgresql://system:Kingbase123@kingbase:54321/test?sslmode=disable"
ports:
- containerPort: 9187
---
apiVersion: v1
kind: Service
metadata:
name: kingbase-exporter
spec:
selector:
app: kingbase-exporter
ports:
- port: 9187
targetPort: 9187日志收集
yaml
# fluentd-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: fluentd-config
data:
fluent.conf: |
<source>
@type tail
path /var/log/containers/kingbase-*.log
pos_file /var/log/fluentd-kingbase.pos
tag kingbase.*
<parse>
@type json
time_format %Y-%m-%dT%H:%M:%S.%NZ
</parse>
</source>
<match kingbase.*>
@type elasticsearch
host elasticsearch
port 9200
index_name kingbase-logs-%Y%m%d
type_name log
</match>版本差异(V8 R6 vs V8 R7)
V8 R6 容器化支持
- 容器化支持相对有限
- 安装过程需要较多手动干预
- 配置文件结构较为复杂
- 对Kubernetes的StatefulSet支持不够完善
- 缺乏官方容器镜像
V8 R7 容器化支持
- 增强了容器化支持
- 提供了更简洁的安装和配置方式
- 优化了配置文件结构,更适合容器环境
- 更好地支持Kubernetes StatefulSet
- 提供了官方容器镜像(部分版本)
- 支持环境变量配置
- 增强了日志输出,更适合容器日志收集
最佳实践
1. 持久化存储
- 使用Kubernetes StatefulSet + PersistentVolumeClaim管理持久化存储
- 选择合适的StorageClass,推荐使用SSD存储
- 合理设置存储容量,考虑未来数据增长
- 启用VolumeSnapshot功能,方便备份和恢复
2. 资源管理
- 为容器设置合理的资源限制(CPU、内存)
- 根据实际负载调整资源配置
- 使用Horizontal Pod Autoscaler实现自动扩缩容
- 为关键组件设置优先级和抢占策略
3. 网络配置
- 使用ClusterIP服务进行内部通信
- 对外暴露使用NodePort或LoadBalancer服务
- 启用网络策略,限制Pod间通信
- 考虑使用Service Mesh(如Istio)增强网络安全性
4. 安全配置
- 不使用默认密码,通过环境变量或Secret管理密码
- 启用SSL/TLS加密通信
- 限制容器的特权模式
- 使用最小权限原则配置容器
- 定期更新容器镜像,修复安全漏洞
5. 监控和告警
- 部署Prometheus + Grafana监控KingBaseES性能
- 配置日志收集,使用ELK或Loki栈
- 设置合理的告警规则,及时发现问题
- 监控存储使用率,避免磁盘空间不足
常见问题(FAQ)
Q1:Docker容器中如何访问KingBaseES?
A1:
bash
# 本地访问
docker exec -it kingbase ksql -U system -d test
# 外部访问
docker run -it --rm kingbase:v8r7 ksql -h <host-ip> -p 54321 -U system -d testQ2:Kubernetes中如何初始化KingBaseES集群?
A2:可以使用InitContainer或Job来初始化数据库:
yaml
initContainers:
- name: init-kingbase
image: kingbase:v8r7
command: ["bash", "-c", "if [ ! -f /opt/kingbase/data/PG_VERSION ]; then initdb -D /opt/kingbase/data; fi"]
volumeMounts:
- name: kingbase-data
mountPath: /opt/kingbase/dataQ3:如何处理容器化环境中的备份和恢复?
A3:
- 使用KingBaseES内置的备份工具(sys_rman)
- 结合Kubernetes CronJob实现定时备份
- 使用VolumeSnapshot进行存储级备份
- 考虑使用云原生备份解决方案(如Velero)
Q4:容器化环境中如何进行版本升级?
A4:
- 采用滚动升级策略
- 先升级从库,再升级主库
- 升级前进行充分测试
- 准备回滚方案
Q5:如何优化容器化KingBaseES的性能?
A5:
- 合理配置资源限制
- 使用高性能存储
- 优化KingBaseES配置参数
- 调整容器网络设置
- 启用JIT编译(V8 R7)
总结
容器化部署KingBaseES可以带来诸多好处,包括简化部署流程、提高资源利用率、增强可扩展性和便于管理。在实际部署过程中,需要根据业务需求和环境特点选择合适的部署方案,并遵循最佳实践。同时,要注意不同版本KingBaseES在容器化支持方面的差异,V8 R7相比V8 R6具有更好的容器化支持和云原生特性。