在 Linux x86_64 上创建一个 Cassandra 数据存储
您可以安装 Cassandra 操作程序并设置数据存储器。
准备工作
确保已准备好联机和脱机主机以从外部存储库中拉取映像。 此外,请确保添加了正确的 Helm 存储库。
如需更多信息,请参阅 “准备安装数据存储 ”。
Cassandra 用于部署的操作系统版本和镜像标签
置顶的 Helm Chart 或操作程序版本需要以下映像。
| 平台 | 操作程序版本 | Helm Chart 版本 | 带有标记的图像 |
|---|---|---|---|
| Linux® x86_64 | 1.29.0 | 0.63.1 | artifact-public.instana.io/self-hosted-images/3rd-party/operator/cass-operator: 1.29.0_v0.39.0artifact-public.instana.io/self-hosted-images/3rd-party/datastore/system-logger: 1.29.0_v0.23.0artifact-public.instana.io/self-hosted-images/3rd-party/datastore/k8ssandra-client: 0.8.9_v0.32.0artifact-public.instana.io/self-hosted-images/3rd-party/datastore/cassandra: 4.1.10_v0.38.0 |
创建安全上下文约束(在线和离线)
如果您使用的是 Red Hat® OpenShift® 集群,请在部署 Cassandra 操作员之前创建一个安全上下文约束(SCC)资源。 在线和离线部署都需要 SCC 资源。
要创建 SCC 资源,请完成以下步骤:
创建文件,例如
cassandra-scc.yaml,如下所示:apiVersion: security.openshift.io/v1 kind: SecurityContextConstraints metadata: name: cassandra-scc runAsUser: type: MustRunAs uid: 999 seLinuxContext: type: RunAsAny fsGroup: type: RunAsAny allowHostDirVolumePlugin: false allowHostNetwork: true allowHostPorts: true allowPrivilegedContainer: false allowHostIPC: true allowHostPID: true readOnlyRootFilesystem: false users: - system:serviceaccount:instana-cassandra:cass-operator - system:serviceaccount:instana-cassandra:cassandra通过运行以下命令来应用该文件:
kubectl apply -f cassandra-scc.yaml
在线安装 Cassandra
要在在线环境中安装Cassandra数据存储,请完成以下步骤:
创建
instana-cassandra名称空间。kubectl create namespace instana-cassandra创建服务
cassandra账户。kubectl create serviceaccount cassandra -n instana-cassandra创建映像拉取私钥。 使用您自己的下载密钥更新
<download_key>值。kubectl create secret docker-registry instana-registry --namespace instana-cassandra \ --docker-username=_ \ --docker-password=<download_key> \ --docker-server=artifact-public.instana.io安装 Cassandra 操作程序。
helm install cass-operator instana/cass-operator -n instana-cassandra --version=0.63.1 --set securityContext.runAsGroup=999 --set securityContext.runAsUser=999 --set image.registry=artifact-public.instana.io --set image.repository=self-hosted-images/3rd-party/operator/cass-operator --set image.tag=1.29.0_v0.39.0 --set imagePullSecrets[0].name=instana-registry --set appVersion=1.29.0 --set imageConfig.systemLogger=artifact-public.instana.io/self-hosted-images/3rd-party/datastore/system-logger:1.29.0_v0.23.0 --set imageConfig.k8ssandraClient=artifact-public.instana.io/self-hosted-images/3rd-party/datastore/k8ssandra-client:0.8.9_v0.32.0创建一个名为 YAML 的文件,例如
cassandra.yaml,其中包含 Cassandra 配置。apiVersion: cassandra.datastax.com/v1beta1 kind: CassandraDatacenter metadata: name: cassandra spec: clusterName: instana serverType: cassandra serverImage: artifact-public.instana.io/self-hosted-images/3rd-party/datastore/cassandra:4.1.10_v0.38.0 systemLoggerImage: artifact-public.instana.io/self-hosted-images/3rd-party/datastore/system-logger:1.29.0_v0.23.0 k8ssandraClientImage: artifact-public.instana.io/self-hosted-images/3rd-party/datastore/k8ssandra-client:0.8.9_v0.32.0 serverVersion: "4.1.10" imagePullPolicy: Always podTemplateSpec: spec: serviceAccountName: cassandra imagePullSecrets: - name: instana-registry containers: - name: cassandra managementApiAuth: insecure: {} size: 3 allowMultipleNodesPerWorker: false resources: requests: cpu: 2000m memory: 8Gi limits: cpu: 4000m memory: 16Gi storageConfig: cassandraDataVolumeClaimSpec: accessModes: - ReadWriteOnce resources: requests: storage: 100Gi config: jvm-server-options: initial_heap_size: "4G" max_heap_size: "8G" additional-jvm-opts: - -Dcassandra.allow_unsafe_aggressive_sstable_expiration=true cassandra-yaml: authenticator: org.apache.cassandra.auth.PasswordAuthenticator authorizer: org.apache.cassandra.auth.CassandraAuthorizer role_manager: org.apache.cassandra.auth.CassandraRoleManager memtable_flush_writers: 8 auto_snapshot: false gc_warn_threshold_in_ms: 10000 otc_coalescing_strategy: DISABLED memtable_allocation_type: offheap_objects num_tokens: 256 drop_compact_storage_enabled: true完成 部署和验证 Cassandra (联机和脱机)中的步骤。
离线安装 Cassandra
要在脱机环境中安装 Cassandra 操作程序,请完成以下步骤:
如果在 准备安装时尚未从外部注册表中拉取 Cassandra 映像,那么可以立即拉取这些映像。 在防御主机上运行以下命令。 然后,将这些图像复制到位于物理隔离环境中的 Instana 主机上。
docker pull artifact-public.instana.io/self-hosted-images/3rd-party/operator/cass-operator:1.29.0_v0.39.0
docker pull artifact-public.instana.io/self-hosted-images/3rd-party/datastore/system-logger:1.29.0_v0.23.0
docker pull artifact-public.instana.io/self-hosted-images/3rd-party/datastore/k8ssandra-client:0.8.9_v0.32.0
docker pull artifact-public.instana.io/self-hosted-images/3rd-party/datastore/cassandra:4.1.10_v0.38.0
请在您的 Instana 主机上完成以下步骤。
将映像重新标记到内部映像注册表。
docker tag artifact-public.instana.io/self-hosted-images/3rd-party/operator/cass-operator:1.29.0_v0.39.0 <internal-image-registry>/operator/cass-operator:1.29.0_v0.39.0 docker tag artifact-public.instana.io/self-hosted-images/3rd-party/datastore/system-logger:1.29.0_v0.23.0 <internal-image-registry>/datastore/system-logger:1.29.0_v0.23.0 docker tag artifact-public.instana.io/self-hosted-images/3rd-party/datastore/k8ssandra-client:0.8.9_v0.32.0 <internal-image-registry>/datastore/k8ssandra-client:0.8.9_v0.32.0 docker tag artifact-public.instana.io/self-hosted-images/3rd-party/datastore/cassandra:4.1.10_v0.38.0 <internal-image-registry>/datastore/cassandra:4.1.10_v0.38.0将映像推送到防御主机上的内部映像注册表。
docker push <internal-image-registry>/operator/cass-operator:1.29.0_v0.39.0 docker push <internal-image-registry>/datastore/system-logger:1.29.0_v0.23.0 docker push <internal-image-registry>/datastore/k8ssandra-client:0.8.9_v0.32.0 docker push <internal-image-registry>/datastore/cassandra:4.1.10_v0.38.0创建
instana-cassandra名称空间。kubectl create namespace instana-cassandra创建服务
cassandra账户。kubectl create serviceaccount cassandra -n instana-cassandra可选:如果内部图像注册表需要身份验证,请创建图像拉取密钥。
kubectl create secret docker-registry <secret_name> --namespace instana-cassandra \ --docker-username=<registry_username> \ --docker-password=<registry_password> \ --docker-server=<internal-image-registry>:<internal-image-registry-port> \ --docker-email=<registry_email>安装 Cassandra 操作程序。 如果您在上一步中创建了图像拉取秘密,请在以下命令中添加
--set imagePullSecrets[0].name="<internal-image-registry-pull-secret>"。helm install cass-operator cass-operator-0.63.1.tgz -n instana-cassandra --version=0.63.1 --set securityContext.runAsGroup=999 --set securityContext.runAsUser=999 --set image.registry=<internal-image-registry> --set image.repository=operator/cass-operator --set image.tag=1.29.0_v0.39.0 --set appVersion=1.29.0 --set imageConfig.systemLogger=<internal-image-registry>/datastore/system-logger:1.29.0_v0.23.0 --set imageConfig.k8ssandraClient=<internal-image-registry>/datastore/k8ssandra-client:0.8.9_v0.32.0创建一个名为 YAML 的文件,例如
cassandra.yaml,其中包含 Cassandra 配置。apiVersion: cassandra.datastax.com/v1beta1 kind: CassandraDatacenter metadata: name: cassandra spec: clusterName: instana serverType: cassandra serverImage: <internal-image-registry>/datastore/cassandra:4.1.10_v0.38.0 systemLoggerImage: <internal-image-registry>/datastore/system-logger:1.29.0_v0.23.0 k8ssandraClientImage: <internal-image-registry>/datastore/k8ssandra-client:0.8.9_v0.32.0 serverVersion: "4.1.10" imagePullPolicy: Always podTemplateSpec: spec: # Optional: if you created an image pull secret for your internal registry, uncomment the following lines and update the image pull secret information. # imagePullSecrets: # - name: <internal-image-registry-pull-secret> serviceAccountName: cassandra containers: - name: cassandra managementApiAuth: insecure: {} size: 3 allowMultipleNodesPerWorker: false resources: requests: cpu: 2000m memory: 8Gi limits: cpu: 4000m memory: 16Gi storageConfig: cassandraDataVolumeClaimSpec: accessModes: - ReadWriteOnce resources: requests: storage: 100Gi config: jvm-server-options: initial_heap_size: "4G" max_heap_size: "8G" additional-jvm-opts: - -Dcassandra.allow_unsafe_aggressive_sstable_expiration=true cassandra-yaml: authenticator: org.apache.cassandra.auth.PasswordAuthenticator authorizer: org.apache.cassandra.auth.CassandraAuthorizer role_manager: org.apache.cassandra.auth.CassandraRoleManager memtable_flush_writers: 8 auto_snapshot: false gc_warn_threshold_in_ms: 10000 otc_coalescing_strategy: DISABLED memtable_allocation_type: offheap_objects num_tokens: 256 drop_compact_storage_enabled: true完成 部署和验证 Cassandra (联机和脱机)中的步骤。
部署和验证 Cassandra (在线和离线)
注意: 部署 Cassandra 时, CassandraDatacenter 默认会创建一个超级用户,例如
<clustername>-superuser。 该值 <clustername> 是在 文件 cassandra.yaml 中 部分 .spec.clusterName 中指定的。 在下面的命令中,以 secret instana-superuser name 为例。要部署 Cassandra 实例并创建数据存储器,请完成以下步骤:
通过运行以下命令来部署 Cassandra 。
kubectl apply -f cassandra.yaml --namespace=instana-cassandra检索
instana-superuser的密码。kubectl get secret instana-superuser -n instana-cassandra --template='{{index .data.password | base64decode}}' && echo将密码存储在
config.yaml文件中。 将<RETRIEVED_FROM_SECRET>替换为上一步中获取的密码。datastoreConfigs: ... cassandraConfigs: - user: instana-superuser password: <RETRIEVED_FROM_SECRET> adminUser: instana-superuser adminPassword: <RETRIEVED_FROM_SECRET> ...验证 Cassandra 数据存储的部署。
kubectl get all -n instana-cassandra如果成功部署了 Cassandra 数据存储器,那么该命令的结果可能是以下输出:
NAME READY STATUS RESTARTS AGE pod/cass-operator-57dcc8884f-92knc 1/1 Running 0 36m pod/instana-cassandra-default-sts-0 2/2 Running 0 26m pod/instana-cassandra-default-sts-1 2/2 Running 0 26m pod/instana-cassandra-default-sts-2 2/2 Running 0 26m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/cass-operator-webhook-service ClusterIP 192.168.1.55 <none> 443/TCP 36m service/instana-cassandra-additional-seed-service ClusterIP None <none> <none> 26m service/instana-cassandra-all-pods-service ClusterIP None <none> 9042/TCP,8080/TCP,9103/TCP,9000/TCP 26m service/instana-cassandra-service ClusterIP None <none> 9042/TCP,9142/TCP,8080/TCP,9103/TCP,9000/TCP 26m service/instana-seed-service ClusterIP None <none> <none> 26m NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/cass-operator 1/1 1 1 36m NAME DESIRED CURRENT READY AGE replicaset.apps/cass-operator-57dcc8884f 1 1 1 36m NAME READY AGE statefulset.apps/instana-cassandra-default-sts 3/3 26m