A blog microservices written in Golang, which can be deployed in an Istio-enabled kubernetes cluster. If you’re using this demo, please ★Star this repository to show your interest!
This demo refers to the following project layout:
- gRPC Go implementation of gRPC
- GORM The fantastic ORM library for Go
- DTM Go implementation of Distributed Transaction Management Framework
- Jaeger open source, end-to-end distributed tracing
- Prometheus Monitoring system
- Grafana Operational dashboards
- Kiali The Console for Istio Service Mesh
- Kubernetes Production-Grade Container Orchestration
- Istio The leading service mesh
Command | Description |
---|---|
make init |
go install protoc-gen-*, wire, migrate and mockgen |
make protoc |
generate *pb.go |
make wire |
generate wire_gen.go |
make mock |
generate mock file |
make test |
go test |
make migrate-up |
migrate up databases |
make migrate-down |
migrate down databases |
make migrate-refresh |
migrate down and up databases |
make blog-server |
start blog server in local |
make user-server |
start user server in local |
make post-server |
start post server in local |
make comment-server |
start comment server in local |
make auth-server |
start auth server in local |
make dtm-server |
start dtm server in local,please see the dtm docs |
make docker-build |
build docker images |
make kube-deploy |
deploy blog, user, post, comment, auth and dtm server in kubernetes cluster |
make kube-delete |
delete all servers in kubernetes cluster |
make kube-redeploy |
redeploy all servers in kubernetes cluster (⚠ not including database servers️) |
This is a list of development environment in local for macOS:
- docker-desktop >= 4.13.1
- kubernetes >= 1.25.2
- istioctl >= 1.15.3
- protobuf >= 21.8
- go >= 1.19
- mysql >= 8.0
Install the Docker Desktop,and enable Kubernetes cluster, See the docker docs
# install Go
brew install go
# install MySQL without a root password
brew install mysql
# install Protobuf
brew install protobuf
# install Buf
brew install bufbuild/buf/buf
# install istioctl
brew install istioctl
# ensure you change the context so that kubectl is pointing to docker-desktop
kubectl config use-context docker-desktop
# install and enable istio
istioctl install -y
kubectl label namespace default istio-injection=enabled
# build docker images
make docker-build
# deploy all services
make kube-deploy
Get All Pod Resources:
kubectl get pods -A
Returns:
NAMESPACE NAME READY STATUS RESTARTS AGE
default auth-server-678f9d4b4-lhkf8 2/2 Running 0 101s
default blog-server-6475d7bdd5-6t9jk 2/2 Running 0 101s
default comment-db-59665d87f8-plswq 2/2 Running 0 101s
default comment-server-857445775b-qkpm5 2/2 Running 3 (74s ago) 100s
default dtm-db-cb8c45698-qms8q 2/2 Running 0 102s
default dtm-server-c548d67cc-xcv2z 2/2 Running 0 102s
default post-db-867f5f85db-zz64g 2/2 Running 0 101s
default post-server-5448dc5b67-mdhcc 2/2 Running 4 (54s ago) 101s
default user-db-fcfd47bf8-dh9kp 2/2 Running 0 101s
default user-server-78688485b8-zf5tc 2/2 Running 3 (76s ago) 101s
istio-system grafana-6ccd56f4b6-tp84j 1/1 Running 0 100s
istio-system istio-egressgateway-67dc4b96cd-2gm6s 1/1 Running 5 13d
istio-system istio-ingressgateway-68d897fbcd-thvt9 1/1 Running 5 13d
istio-system istiod-66dc55cd96-r6cnv 1/1 Running 5 13d
istio-system jaeger-9dd685668-wdzsz 1/1 Running 0 100s
istio-system kiali-79b86ff5bc-jh6v8 1/1 Running 0 100s
istio-system prometheus-64fd8ccd65-4c5nc 2/2 Running 0 99s
kube-system coredns-558bd4d5db-5nlbz 1/1 Running 5 13d
kube-system coredns-558bd4d5db-m46lb 1/1 Running 5 13d
kube-system etcd-docker-desktop 1/1 Running 13 13d
kube-system kube-apiserver-docker-desktop 1/1 Running 13 13d
kube-system kube-controller-manager-docker-desktop 1/1 Running 13 13d
kube-system kube-proxy-mj6x8 1/1 Running 5 13d
kube-system kube-scheduler-docker-desktop 1/1 Running 13 13d
kube-system storage-provisioner 1/1 Running 11 13d
kube-system vpnkit-controller 1/1 Running 177 (2m56s ago) 13d
Get All Service Resources:
kubectl get services -A
Returns:
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default auth-server ClusterIP 10.99.64.145 <none> 50054/TCP,8054/TCP,9054/TCP 15m
default blog-server ClusterIP 10.96.207.114 <none> 50050/TCP,8050/TCP,9050/TCP 15m
default comment-db ClusterIP 10.99.195.67 <none> 3306/TCP 15m
default comment-server ClusterIP 10.96.179.191 <none> 50053/TCP,9053/TCP 15m
default dtm-db ClusterIP 10.106.31.52 <none> 3306/TCP 15m
default dtm-server ClusterIP 10.99.170.244 <none> 36790/TCP,36789/TCP 15m
default kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 13d
default post-db ClusterIP 10.103.103.106 <none> 3306/TCP 15m
default post-server ClusterIP 10.96.232.141 <none> 50052/TCP,9052/TCP 15m
default user-db ClusterIP 10.99.144.168 <none> 3306/TCP 15m
default user-server ClusterIP 10.100.66.36 <none> 50051/TCP,9051/TCP 15m
istio-system grafana ClusterIP 10.105.48.42 <none> 3000/TCP 15m
istio-system istio-egressgateway ClusterIP 10.99.128.200 <none> 80/TCP,443/TCP 13d
istio-system istio-ingressgateway LoadBalancer 10.101.116.168 localhost 15021:30898/TCP,80:32417/TCP,443:32343/TCP,31400:32210/TCP,15443:31544/TCP 13d
istio-system istiod ClusterIP 10.108.250.181 <none> 15010/TCP,15012/TCP,443/TCP,15014/TCP 13d
istio-system jaeger-collector ClusterIP 10.103.107.169 <none> 14268/TCP,14250/TCP,9411/TCP 15m
istio-system kiali ClusterIP 10.111.157.82 <none> 20001/TCP,9090/TCP 15m
istio-system prometheus ClusterIP 10.100.104.250 <none> 9090/TCP 15m
istio-system tracing ClusterIP 10.108.139.227 <none> 80/TCP,16685/TCP 15m
istio-system zipkin ClusterIP 10.101.235.179 <none> 9411/TCP 15m
kube-system kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP,9153/TCP 13d
Install the BloomRPC, select the api/protobuf/blog/v1/blog.proto
file and start making
requests! No extra steps or configuration needed.
Sign Up:
Create a post:
blog-microservices's People
Forkers
zhuyu huntersudo guochopper playbear668 hitszgo ang-ld coder279 zhu531254635 zhyfreefly jsoq zbw7415604 frank1o1 zxm1124 wuzhanfly ifnk andylixunan lambogreny j2eeliao gzhh summerlm bridgecrew-perf6 ja7ad ttttttyranitar edcornejo tiptok kuainiao kshenfu echemoo liqianjie art-vandelay-sec bluecoffee-sg lixiaojun2914 skeleton1231 faozimipa liyun329 lampt-uit avary plum330 mihirboseblog-microservices's Issues
update rest please my teacher
Istio 虚拟服务和 CORS
根据 GitHub 项目中反馈的问题,gRPC网关不直接支持跨源资源共享(Cross-Origin Resource Sharing, CORS)策略。因此,我使用虚拟服务资源的 CorsPolicy 配置将CORS的职责转移给了Istio。这使得CORS比硬编码到服务代码中 (如使用 https://github.com/rs/cors) 更容易管理。
关于jwt鉴权拦截器
请教一下,为什么对于JWT token的鉴权interceptor中您使用了jwt manager而不是去请求auth service中的validate token方法,这其中有什么特殊的考量吗?谢谢!
gRPC 拦截器顺序的设置
各个拦截器的放置顺序就显得非常重要,比如为啥 panic 拦截器要放在第一个位置?如果放在后面的位置,那么假设前面拦截器运行过程中发生了 panic,就无法捕获到异常了。同理,需要对错误进行处理的拦截器,如果放置的位置不合适,获取不到相关的错误,那么该拦截器就无意义了(比如对于客户端的 breaker 熔断 / 超时重试 / 参数检查拦截器的位置,一般而言,是按照先检查输入参数 -> 熔断拦截器 -> 超时重试的顺序,因为熔断需要检查超时错误,但是对于参数校验错误就不关心)
https://pandaychen.github.io/2019/11/23/GRPC-INTERCEPTOR-APPLY/
linux (debian10) 下部署踩坑 (学习)
安装 k8s
我本来的系统是 archlinux ,但是 手动装 k8s 装不上…… 后来看到 一个脚本
https://github.com/lework/kainstall 这个 支持 centos ubuntu 和 debian 安装 ,我就 在 本机装了 个 virtualbox ,下载了 debian 的 vdi 虚拟机 文件 装好了 debian 的虚拟机
然后按照 文档说的 下载 好 离线包 和 sh 开始安装
$ bash kainstall-debian.sh init \
--master 10.168.1.250 \ # 这个master 就 是 k8s 的大脑 (也是我的这台虚拟机)
--worker 10.168.1.251,10.168.1.253 \ # 这行可以 去掉 ,因为我电脑内存跑这三个虚拟机 后就没有多少了 ……
--user root \ # 操作系统的 用户名(我虚拟机都设置了 root)
--password root \ # 操作系统的 密码 (我虚拟机都设置了 root)
--port 22 \
--offline-file 1.23.1_debian10.tgz # 这个是 k8s 离线包 因为k8s 下载的话 不翻墙 下不动 ,人家贴心的准备了离线包
装完后 没有 error 都是info 就是 k8s 安装成功了
看下 node
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-master-node1 Ready control-plane,master 8h v1.23.1
为了操作方便 shell 使用 了 zsh , 可以 搭配 k8s 官方的 zsh 框架 进行 补全 https://kubernetes.io/zh/docs/tasks/tools/included/optional-kubectl-configs-zsh/
(zsh 配置 可以 百度,有很多文章教怎么配)
安装 docker buildx
作者 的 dockerfile 里面 带有 $TARGETPLATFORM TARGETARCH TARGETOS 等参数 ,在debian 里面 跑
make docker-build 会报错
询问作者得知要安装 docker buildx https://docs.docker.com/buildx/working-with-buildx/#manual-download
需要在 https://github.com/docker/buildx/releases/tag/v0.7.1 这里面 下载 对应版本 的 可执行文件
然后 把 他 移动到 $HOME/.docker/cli-plugins 这个目录里面 记得改名叫 docker-buildx 并给 可执行权限
然后 运行 docker buildx install 安装 docker-buildx
$ docker build --help
Usage: docker buildx build [OPTIONS] PATH | URL | -
Start a build
可以看到 docker buildx build 就是成功 了
另外 make docker-build 的时候 下载 go 依赖包很慢 需要 给go 加上 国内 源 ,
当运行 go download 的时候 我这里也会报错
可以 把 go download 这一行整行删除 ,因为go build 的时候 也会 下载依赖包的
我这里把 go download 这一行删除 能跑过,不删除 就 报错 ……
安装 istio
先在istio 下载界面 下载 压缩包 https://github.com/istio/istio/releases/tag/1.13.0
解压 后 cd 进去
$ cd istio-1.13.0/bin 找到bin 目录
$ ll
.rwxr-xr-x 95M root 14 Feb 16:28 istioctl
$ cp istioctl /usr/bin/istioctl 把可执行文件 复制到 /usr/bin/istioctl 就可以 全局 使用 了
$ whereis istioctl
istioctl: /usr/bin/istioctl
然后执行
istioctl install --set profile=default -y
安装
创建持久化存储的一些文件
作者 的 mysql.yaml 我这里 没有办法 跑 ,user-db post-db 等 pod 起不来
kubectl describe pod user-db-6b8765cdd5-qzzqh
查看 event
Warning FailedScheduling 110s default-scheduler 0/1 nodes are available: 1 persistentvolumeclaim "user-db" not found.
Warning FailedScheduling 30s (x3 over 109s) default-scheduler 0/1 nodes are available: 1 pod has unbound immediate PersistentVolumeClaims.
说却 pvc ,问了作者才知道 他 苹果 的 pv sc 都是配好的…… linux 下 没有默认的 要自己配置 才行
先创建 sc
sc.yaml
# sc 抽象层的磁盘 类型
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: local-storage # sc 名字
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer
因为项目有 4 个 mysql.yaml 所以创建 4 个 对应的pv
以 user-pv.yaml 为例 ,别的都是 metadata.name 换个对应的 名字就行了
apiVersion: v1
kind: PersistentVolume
metadata:
name: user-pv # 这里 对应 comment pvc 的话就 叫 comment-pv
labels:
type: local
spec:
storageClassName: local-storage # sc 名称
capacity:
storage: 10Gi
accessModes: # 卷可以被一个节点以读写方式挂载
- ReadWriteOnce
local: # 节点上面 挂在 pv 的 路径
path: "/mnt/data"
nodeAffinity: # 指定 哪一个节点来 放pv 挂载的 路径
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- k8s-master-node1 # 这个node 可以根据 kubectl get node 获取 节点名字
接着修改 作者 的 mysql.yaml 加上 两行 分别绑定 sc 和对应 的 pv
然后 在 执行 make kube-deploy
命令 部署
执行 k get pods -o wide
查看容器 可以 看到 至少有一 个 db 是 跑起来 了…… 别的全失败 了,去看看原因 ……
边学习边写 , 没有写完 ,后面 在写 ……
gRPC 转 Rest 的几种实现
- 业务代码中使用 gRPC Gateway
- 使用 Istio Envoy Filter: gRPC-JSON Transcoder
- 使用 Kong 等网关的 gRPC-gateway 插件
- 业务代码中使用 Gin 等 Web 框架自行实现一个 HTTP Server,内部的业务逻辑与 gRPC 复用
关于发送请求,返回 UNAVAILABLE: Trying to connect an http1.x server
想问下大家有没有碰到这种情况,所有 pods 和 services 都正常的情况下,使用 bloomrpc 访问服务返回下面这样的错误:
{
"error": "14 UNAVAILABLE: Trying to connect an http1.x server"
}
尝试搜索一些解决方法,但是没能找到
附上环境:
Docker Desktop for Mac
Context docker-desktop
Kubernetes version v1.22.5
BloomRPC 1.5.3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.