尝试访问 minikube 集群中的 ActiveMQ 服务

【问题标题】:Trying to access ActiveMQ service in a minikube cluster尝试访问 minikube 集群中的 ActiveMQ 服务
【发布时间】:2019-06-20 07:32:13
【问题描述】:

在 minikube 测试环境中,我为 ActiveMQ(版本 5.14.5)定义了以下部署/服务(在 ArgoProj 中启动,因此模板略有不同):

  - name: amq-server-d
    resource:
      action: create
      manifest: |
        apiVersion: apps/v1
        kind: Deployment
        metadata:
          name: amq
        spec:
          selector:
            matchLabels:
              app: amq
              track: stable
          template:
            metadata:
              labels:
                app: amq
                track: stable
            spec:
              containers:
              - image: gms/activemq
                imagePullPolicy: Never
                name: amq
                ports:
                - containerPort: 61616
                - containerPort: 8161
                volumeMounts:
                - name: test-data
                  mountPath: /opt/activemq/data
                  readOnly: false  
                - name: test-conf
                  mountPath: /opt/activemq/conf
                  readOnly: false  
              volumes:
              - name: test-data
                hostPath:
                  path:   /Users/gms/development/nlp/nlpie/data/adapt/amq/data  
              - name: test-conf
                hostPath:
                  path:  /Users/gms/development/nlp/nlpie/data/adapt/amq/conf  


 - name: amq-server-s
    resource:
      action: create
      manifest: |
        apiVersion: v1
        kind: Service
        metadata:
          name: amq
          namespace: default
          labels:
            app: amq
        spec:
          selector:
            app: amq
          ports:
          - name: test1
            protocol: TCP
            port: 61616
            targetPort: 61616
          - name: test2
            protocol: TCP
            port: 8161
            targetPort: 8161

docker 镜像本身就可以正常工作,定义为:

FROM openjdk:8-jre

ENV ACTIVEMQ_VERSION 5.14.5
ENV ACTIVEMQ apache-activemq-$ACTIVEMQ_VERSION
ENV ACTIVEMQ_TCP=61616 ACTIVEMQ_AMQP=5672 ACTIVEMQ_STOMP=61613 ACTIVEMQ_MQTT=1883 ACTIVEMQ_WS=61614 ACTIVEMQ_UI=8161

ENV ACTIVEMQ_HOME /opt/activemq

RUN set -x && \
    curl -s -S https://archive.apache.org/dist/activemq/$ACTIVEMQ_VERSION/$ACTIVEMQ-bin.tar.gz | tar xvz -C /opt && \
    ln -s /opt/$ACTIVEMQ $ACTIVEMQ_HOME && \
    useradd -r -M -d $ACTIVEMQ_HOME activemq && \
    chown -R activemq:activemq /opt/$ACTIVEMQ && \
    chown -h activemq:activemq $ACTIVEMQ_HOME

USER activemq

WORKDIR $ACTIVEMQ_HOME
EXPOSE $ACTIVEMQ_TCP $ACTIVEMQ_AMQP $ACTIVEMQ_STOMP $ACTIVEMQ_MQTT $ACTIVEMQ_WS $ACTIVEMQ_UI

CMD ["/bin/sh", "-c", "bin/activemq console"]

这些工作正常并显示为服务和部署:

D20181472:nlp-adapt-kube gms$ kubectl get svc -o wide
NAME         TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)              AGE   SELECTOR
amq          ClusterIP   10.111.0.111   <none>        61616/TCP,8161/TCP   2s    app=amq
kubernetes   ClusterIP   10.96.0.1      <none>        443/TCP              24h   <none>


D20181472:nlp-adapt-kube gms$ kubectl get deploy -o wide
NAME   READY   UP-TO-DATE   AVAILABLE   AGE   CONTAINERS   IMAGES         SELECTOR
amq    0/1     1            0           33s   amq          gms/activemq   app=amq,track=stable

在集群内,我可以通过服务的名称和命名空间访问服务,ala:

kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
If you don't see a command prompt, try pressing enter.
dnstools# nslookup amq.default
Server:     10.96.0.10
Address:    10.96.0.10#53

Name:   amq.default.svc.cluster.local
Address: 10.111.0.111

但是,如果我尝试 curl 访问 tcp 协议端口 61616(由 ActiveMQ 用于远程连接,我相信默认情况下已启用),我会超时:

dnstools# curl amq.default:61616
curl: (7) Failed to connect to amq.default port 61616: Operation timed out

我在 kubernetes 集群本身上测试了curl,它正在返回响应:

dnstools# curl -k -d 'body=message' https://10.96.0.1:443
{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {

  },
  "status": "Failure",
  "message": "forbidden: User \"system:anonymous\" cannot post path \"/\"",
  "reason": "Forbidden",
  "details": {

  },
  "code": 403

AFAIK,minikube 中不应该启用任何需要为 AMQ 处理的防火墙规则,所以我不确定为什么这不起作用。我也尝试将NodePorts 用于 AMQ 服务,但这并没有帮助。任何建议都将受到欢迎!

【问题讨论】:

  • 问题出在kubectl get deploy的输出:AVAILABLE=0。没有处于就绪状态的 pod。用kubectl describe检查它们。
  • 果然出事了:D20181472:nlp-adapt-kube gms$ kubectl get pods NAME READY STATUS RESTARTS AGE amq-76ccdc4bb-f6sqn 0/1 CrashLoopBackOff 17 5h50m

标签: kubernetes dns port activemq minikube


【解决方案1】:

感谢@Laszlo Valko,由于权限错误,pod 似乎没有启动:

D20181472:nlp-adapt-kube gms$ kubectl logs amq-76ccdc4bb-mbkml
INFO: Loading '/opt/activemq/bin/env'
INFO: Using java '/docker-java-home/jre/bin/java'
INFO: Starting in foreground, this is just for debugging purposes (stop process by pressing CTRL+C)
INFO: Creating pidfile /opt/activemq/data/activemq.pid
bin/activemq: 484: bin/activemq: cannot create /opt/activemq/data/activemq.pid: Permission denied
Java Runtime: Oracle Corporation 1.8.0_181 /usr/lib/jvm/java-8-openjdk-amd64/jre
  Heap sizes: current=62976k  free=58715k  max=932352k
    JVM args: -Xms64M -Xmx1G -Djava.util.logging.config.file=logging.properties -Djava.security.auth.login.config=/opt/activemq/conf/login.config -Dcom.sun.management.jmxremote -Djava.awt.headless=true -Djava.io.tmpdir=/opt/activemq/tmp -Dactivemq.classpath=/opt/activemq/conf:/opt/activemq/../lib/: -Dactivemq.home=/opt/activemq -Dactivemq.base=/opt/activemq -Dactivemq.conf=/opt/activemq/conf -Dactivemq.data=/opt/activemq/data
Extensions classpath:
  [/opt/activemq/lib,/opt/activemq/lib/camel,/opt/activemq/lib/optional,/opt/activemq/lib/web,/opt/activemq/lib/extra]
ACTIVEMQ_HOME: /opt/activemq
ACTIVEMQ_BASE: /opt/activemq
ACTIVEMQ_CONF: /opt/activemq/conf
ACTIVEMQ_DATA: /opt/activemq/data
log4j:ERROR setFile(null,true) call failed.
java.io.FileNotFoundException: /opt/activemq/data/activemq.log (Permission denied)

设置为以 root 身份运行,现在一切正常:

dnstools# curl -o amq.default:61616
curl: no URL specified!
curl: try 'curl --help' or 'curl --manual' for more information
dnstools# curl  amq.default:61616
Warning: Binary output can mess up your terminal. Use "--output -" to tell
Warning: curl to output it to your terminal anyway, or consider "--output
Warning: <FILE>" to save to a file.
dnstools# curl  amq.default:61616 --output test.out
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   387    0   387    0     0  35181      0 --:--:-- --:--:-- --:--:-- 38700
dnstools# cat test.out
ActiveMQ
         m
          TcpNoDelayEnabledSizePrefixDisabled   CacheSize
                                                         ProviderName  ActiveMQStackTraceEnabledPlatformDetails HJVM: 1.8.0_181, 25.181-b13, Oracle Corporation, OS: Linux, 4.15.0, amd64
                                                                                                                                                                                         CacheEnabledTightEncodingEnabled
                          MaxFrameSize@MaxInactivityDurationu0 MaxInactivityDurationInitalDelay'ProviderVersion 5.14.5dnstools#


D20181472:nlp-adapt-kube gms$ kubectl logs amq-5bcc4fdfc5-8h7tt
INFO: Loading '/opt/activemq/bin/env'
INFO: Using java '/docker-java-home/jre/bin/java'
bin/activemq: 1: bin/activemq: ps: not found
INFO: Starting in foreground, this is just for debugging purposes (stop process by pressing CTRL+C)
INFO: Creating pidfile /opt/activemq/data/activemq.pid
Java Runtime: Oracle Corporation 1.8.0_181 /usr/lib/jvm/java-8-openjdk-amd64/jre
  Heap sizes: current=62976k  free=58715k  max=932352k
    JVM args: -Xms64M -Xmx1G -Djava.util.logging.config.file=logging.properties -Djava.security.auth.login.config=/opt/activemq/conf/login.config -Dcom.sun.management.jmxremote -Djava.awt.headless=true -Djava.io.tmpdir=/opt/activemq/tmp -Dactivemq.classpath=/opt/activemq/conf:/opt/activemq/../lib/: -Dactivemq.home=/opt/activemq -Dactivemq.base=/opt/activemq -Dactivemq.conf=/opt/activemq/conf -Dactivemq.data=/opt/activemq/data
Extensions classpath:
  [/opt/activemq/lib,/opt/activemq/lib/camel,/opt/activemq/lib/optional,/opt/activemq/lib/web,/opt/activemq/lib/extra]
ACTIVEMQ_HOME: /opt/activemq
ACTIVEMQ_BASE: /opt/activemq
ACTIVEMQ_CONF: /opt/activemq/conf
ACTIVEMQ_DATA: /opt/activemq/data
Loading message broker from: xbean:activemq.xml
 INFO | Refreshing org.apache.activemq.xbean.XBeanBrokerFactory$1@5f2108b5: startup date [Sun Jan 27 02:57:49 UTC 2019]; root of context hierarchy
 INFO | Using Persistence Adapter: KahaDBPersistenceAdapter[/opt/activemq/data/kahadb]
 INFO | KahaDB is version 6
 INFO | Recovering from the journal @1:503
 INFO | Recovery replayed 147 operations from the journal in 0.115 seconds.
 INFO | PListStore:[/opt/activemq/data/localhost/tmp_storage] started
 INFO | Apache ActiveMQ 5.14.5 (localhost, ID:amq-5bcc4fdfc5-8h7tt-46331-1548557870872-0:1) is starting
 INFO | Listening for connections at: tcp://amq-5bcc4fdfc5-8h7tt:61616?maximumConnections=1000&wireFormat.maxFrameSize=104857600
 INFO | Connector openwire started
 INFO | Listening for connections at: amqp://amq-5bcc4fdfc5-8h7tt:5672?maximumConnections=1000&wireFormat.maxFrameSize=104857600
 INFO | Connector amqp started
 INFO | Listening for connections at: stomp://amq-5bcc4fdfc5-8h7tt:61613?maximumConnections=1000&wireFormat.maxFrameSize=104857600
 INFO | Connector stomp started
 INFO | Listening for connections at: mqtt://amq-5bcc4fdfc5-8h7tt:1883?maximumConnections=1000&wireFormat.maxFrameSize=104857600
 INFO | Connector mqtt started
 WARN | ServletContext@o.e.j.s.ServletContextHandler@1e44b638{/,null,STARTING} has uncovered http methods for path: /
 INFO | Listening for connections at ws://amq-5bcc4fdfc5-8h7tt:61614?maximumConnections=1000&wireFormat.maxFrameSize=104857600
 INFO | Connector ws started
 INFO | Apache ActiveMQ 5.14.5 (localhost, ID:amq-5bcc4fdfc5-8h7tt-46331-1548557870872-0:1) started
 INFO | For help or more information please see: http://activemq.apache.org
 INFO | No Spring WebApplicationInitializer types detected on classpath
 INFO | ActiveMQ WebConsole available at http://0.0.0.0:8161/
 INFO | ActiveMQ Jolokia REST API available at http://0.0.0.0:8161/api/jolokia/
 INFO | Initializing Spring FrameworkServlet 'dispatcher'
 INFO | No Spring WebApplicationInitializer types detected on classpath
 INFO | jolokia-agent: Using policy access restrictor classpath:/jolokia-access.xml
 WARN | Transport Connection to: tcp://172.17.0.2:37578 failed: java.io.IOException: Frame size of 1 GB larger than max allowed 100 MB
 WARN | Transport Connection to: tcp://172.17.0.2:37848 failed: java.io.IOException: Frame size of 1 GB larger than max allowed 100 MB
 WARN | Transport Connection to: tcp://172.17.0.2:38082 failed: java.io.IOException: Frame size of 1 GB larger than max allowed 100 MB

【讨论】:

    猜你喜欢
    • 2020-01-14
    • 1970-01-01
    • 2018-07-23
    • 2022-08-13
    • 2020-12-16
    • 2015-12-13
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode