helm安装rabbitmq
bash
# 添加 Helm 存储库:
helm repo add bitnami https://charts.bitnami.com/bitnami && helm repo update
# 安装 RabbitMQ:
helm install my-rabbitmq bitnami/rabbitmq
# 验证安装:
kubectl get pods
# 端口转发以访问管理接口:
kubectl port-forward svc/my-rabbitmq 15672:15672
# 获取密码 用户名默认user
kubectl get secret --namespace default my-rabbitmq -o jsonpath="{.data.rabbitmq-password}" | base64 --decode
优化RabbitMQ配置
1. 内存和磁盘警报
RabbitMQ 可以在内存或磁盘空间不足时触发警报,这有助于防止崩溃。您可以在文件中配置这些警报rabbitmq.conf
bash
cat <<EOF > rabbitmq.conf
disk_free_limit.absolute = 2GB
vm_memory_high_watermark.absolute = 2GB
EOF
2. 队列和消息 TTL
设置队列和消息的生存时间 (TTL) 可以通过删除旧的、未使用的消息来帮助释放资源
bash
apiVersion: batch/v1
kind: Job
metadata:
name: rabbitmq-ttl-config
spec:
template:
spec:
containers:
- name: rabbitmq-ttl-config
image: bitnami/rabbitmq:latest
command: ["rabbitmqctl", "set_policy", "ttl", ".*", '{"message-ttl":60000}', "--apply-to", "queues"]
restartPolicy: OnFailure
3. 惰性Lazy队列
惰性队列可以通过将消息存储在磁盘上而不是 RAM 中来帮助更有效地管理内存使用
bash
rabbitmqctl set_policy Lazy "^lazy-queue" '{"queue-mode":"lazy"}'
4. 连接和频道限制
限制连接和通道的数量有助于防止资源耗尽
bash
rabbitmq.conf
listeners.tcp.default = 5672
listeners.tcp.backlog = 128
limits.connections = 2048
limits.channels = 2048
5. 配置 RabbitMQ 集群
将 RabbitMQ 节点集群化可以提高性能和弹性
bash
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: rabbitmq
spec:
serviceName: "rabbitmq"
replicas: 3
selector:
matchLabels:
app: rabbitmq
template:
metadata:
labels:
app: rabbitmq
spec:
containers:
- name: rabbitmq
image: bitnami/rabbitmq:latest
env:
- name: RABBITMQ_USE_LONGNAME
value: "true"
- name: RABBITMQ_NODENAME
value: "rabbit@$(HOSTNAME).rabbitmq.default.svc.cluster.local"
- name: RABBITMQ_ERLANG_COOKIE
value: "my-secret-cookie"
Kubernetes 中的资源管理
高效的资源管理对于优化 Kubernetes 上的 RabbitMQ 性能至关重要
1. 资源请求和限制
设置资源请求和限制可确保 RabbitMQ pod 拥有必要的资源,同时防止它们消耗过多
bash
apiVersion: v1
kind: Pod
metadata:
name: rabbitmq
spec:
containers:
- name: rabbitmq
image: bitnami/rabbitmq:latest
resources:
requests:
memory: "1Gi"
cpu: "500m"
limits:
memory: "2Gi"
cpu: "1"
2. 持久存储
使用持久性存储可确保数据持久性,为 RabbitMQ 配置持久卷声明 (PVC)
bash
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: rabbitmq-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
3. 节点亲和性和容忍度
使用节点亲和性和容忍度来控制 RabbitMQ pod 的调度位置,确保最佳性能
bash
apiVersion: apps/v1
kind: Deployment
metadata:
name: rabbitmq
spec:
template:
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/e2e-az-name
operator: In
values:
- e2e-az1
containers:
- name: rabbitmq
image: bitnami/rabbitmq:latest
Kubernetes 上监控 RabbitMQ
监控对于维护和优化 RabbitMQ 性能至关重要
1. Prometheus 和 Grafana
bash
使用 Helm 安装 Prometheus 和 Grafana:
helm install prometheus stable/prometheus· helm install grafana stable/grafana
配置 RabbitMQ 以导出指标:
rabbitmq-plugins enable rabbitmq_prometheus
设置 Prometheus 来抓取 RabbitMQ 指标
scrape_configs:
- job_name: 'rabbitmq'
static_configs:
- targets: ['<RABBITMQ_SERVICE>:9419']
2. 告警
设置警报以通知您性能问题或其他关键事件
bash
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: rabbitmq-alerts
spec:
groups:
- name: rabbitmq.rules
rules:
- alert: HighMemoryUsage
expr: rabbitmq_memory_used_bytes / rabbitmq_memory_limit_bytes > 0.9
for: 5m
labels:
severity: critical
annotations:
summary: "High memory usage on RabbitMQ"
description: "RabbitMQ memory usage is above 90% for more than 5 minutes."
Kubernetes 上扩展 RabbitMQ
有效扩展 RabbitMQ 可确保它能够处理不断增加的负载
1. 水平 Pod 自动扩缩器 (HPA)
Kubernetes HPA 可以根据 CPU 或内存使用情况自动扩展 RabbitMQ pod
bash
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: rabbitmq-hpa
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: rabbitmq
minReplicas: 1
maxReplicas: 10
targetCPUUtilizationPercentage: 80
2. RabbitMQ 集群
将 RabbitMQ 节点集群化有助于分散负载并提高弹性。确保您的集群配置支持动态添加和删除节点。
安全最佳实践
1. 启用 TLS 以实现 RabbitMQ 节点之间的安全通信。
bash
rabbitmq.conf
listeners.ssl.default = 5671
ssl_options.cacertfile = /path/to/ca_certificate.pem
ssl_options.certfile = /path/to/server_certificate.pem
ssl_options.keyfile = /path/to/server_key.pem
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = true
2.用户管理
实施强大的用户身份验证和授权机制
bash
rabbitmqctl add_user myuser mypassword
rabbitmqctl set_user_tags myuser administrator
rabbitmqctl set_permissions -p / myuser ".*" ".*" ".*"
3. 网络策略
使用 Kubernetes 网络策略来控制往返于 RabbitMQ 的流量
bash
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-rabbitmq
spec:
podSelector:
matchLabels:
app: rabbitmq
ingress:
- from:
- podSelector:
matchLabels:
app: my-app
ports:
- protocol: TCP
port: 5672
常见问题故障排除
1. CPU 或内存使用率过高
监控 RabbitMQ 指标以识别高资源使用率并调整资源限制或优化配置
2. 网络延迟
确保 RabbitMQ 节点和客户端之间的低延迟网络连接。检查网络瓶颈
3. 磁盘空间
定期监控磁盘空间使用情况并配置适当的磁盘警报
bash
rabbitmq.conf
disk_free_limit.relative = 1.5
高级优化技术
1. 使用分片
分片队列可以帮助在节点之间更均匀地分配负载
2. 自定义插件
开发和部署自定义 RabbitMQ 插件以扩展其功能和性能
3. 微调垃圾回收
优化 RabbitMQ 的 Erlang 垃圾收集器设置
cpp
rabbitmq.conf
vm_memory_high_watermark.relative = 0.6
参考资料:
https://medium.com/@nile.bits/optimizing-rabbitmq-performance-on-kubernetes-8c0a7ebc011b