背景
arm架构银河麒麟v10操作系统的环境需要部署TDengine时序数据库以及开发的应用程序,花了些时间看TDengine时序数据库发现没有k8s官方部署的yaml版本,只好自己使用自定义yaml编写个简陋版本的出来,以及搭配上应用程序来组合部署。
TDengine时序数据库
主要列出的是yaml文件
yaml
# TDengine 3.3.6.0 (ARM64/麒麟) 部署配置
# 适配 K8s 1.21,解决 taosadapter 配置解析 panic 问题
apiVersion: apps/v1
kind: Deployment
metadata:
name: tdengine
namespace: default # 可自定义命名空间(需提前创建:kubectl create ns tdengine)
labels:
app: tdengine
version: "3.3.6.0"
arch: aarch64
spec:
replicas: 1 # 单实例(TDengine单机部署,集群需改配置)
selector:
matchLabels:
app: tdengine
strategy:
type: Recreate # 避免多实例冲突,重建式更新
template:
metadata:
labels:
app: tdengine
version: "3.3.6.0"
arch: aarch64
spec:
hostname: tdengine-server # TDengine 节点标识(必填,影响集群通信)
containers:
- name: tdengine
image: tdengine/tdengine-ee-aarch64:3.3.6.0 # ARM64 架构镜像
imagePullPolicy: IfNotPresent # 优先使用本地镜像,避免重复拉取
ports:
- containerPort: 6030 # TDengine 核心服务端口
- containerPort: 6041 # taosadapter REST API 端口(关键)
- containerPort: 6043 # TDengine 集群管理端口
- containerPort: 6060 # TDengine Web 管理端口
- containerPort: 6040 # TDengine 订阅端口
# 环境变量(核心配置,避免默认值冲突)
env:
- name: TAOS_FQDN
value: "tdengine-server" # 必须与 hostname 一致
- name: TZ
value: "Asia/Shanghai" # 时区配置
- name: TAOS_ADAPTER_CONFIG
value: "/etc/taos/taosadapter.toml" # 指定合法配置文件路径
# 持久化存储挂载(数据/日志/配置)
volumeMounts:
- name: tdengine-data
mountPath: /var/lib/taos # TDengine 数据目录(持久化核心)
- name: tdengine-log
mountPath: /var/log/taos # 日志目录
- name: tdengine-config
mountPath: /etc/taos # 配置目录(含修复后的 taosadapter.toml)
# 健康检查(确保服务可用)
resources:
limits:
cpu: "2" # 最大CPU核心数
memory: 4Gi # 最大内存
requests:
cpu: "1" # 最小CPU核心数
memory: 2Gi # 最小内存
# 权限配置(解决目录读写权限问题)
securityContext:
runAsUser: 0 # 以 root 运行(TDengine 需读写系统目录)
runAsGroup: 0
privileged: false
# 初始化容器:提前修复 taosadapter.toml 配置(核心!解决 panic 问题)
initContainers:
- name: fix-taosadapter-config
image: tdengine/tdengine-ee-aarch64:3.3.6.0
command: ["/bin/sh", "-c"]
args:
- |
# 备份原有错误配置
mv /etc/taos/taosadapter.toml /etc/taos/taosadapter.toml.bak 2>/dev/null;
# 写入合法的 taosadapter 配置(无无效字符)
cat > /etc/taos/taosadapter.toml << 'EOF'
# TDengine taosadapter 3.3.6.0 合法配置
[core]
log-level = "info"
log-dir = "/var/log/taos"
[server]
http-port = 6041
bind-addr = "0.0.0.0"
enable-https = false
[taos]
host = "127.0.0.1"
port = 6030
username = "root"
password = "taosdata"
EOF
# 修复配置文件权限
chmod 644 /etc/taos/taosadapter.toml;
chown root:root /etc/taos/taosadapter.toml;
volumeMounts:
- name: tdengine-config
mountPath: /etc/taos
# 存储卷定义(hostPath 适合测试,生产建议替换为 PVC)
volumes:
- name: tdengine-data
hostPath:
path: /data/tdengine/data # 宿主机数据目录(需提前创建)
type: DirectoryOrCreate # 不存在则自动创建
- name: tdengine-log
hostPath:
path: /data/tdengine/log # 宿主机日志目录
type: DirectoryOrCreate
- name: tdengine-config
hostPath:
path: /data/tdengine/config # 宿主机配置目录
type: DirectoryOrCreate
---
# TDengine Service:暴露端口供集群内/外访问
apiVersion: v1
kind: Service
metadata:
name: tdengine-service
namespace: default
labels:
app: tdengine
spec:
type: NodePort # 外网访问用 NodePort,生产可改 LoadBalancer
selector:
app: tdengine # 匹配 Deployment 的 Pod 标签
ports:
- name: tdengine-core # 6030 核心端口
port: 6030
targetPort: 6030
nodePort: 30030 # 宿主机映射端口(30000-32767 范围内)
- name: taosadapter-api # 6041 REST API 端口
port: 6041
targetPort: 6041
nodePort: 30041
- name: tdengine-web # 6060 Web 管理端口
port: 6060
targetPort: 6060
nodePort: 30060
- name: tdengine-cluster # 6043 集群端口
port: 6043
targetPort: 6043
nodePort: 30043应用程序以及连接TDengine时序数据库
yaml
# tdservcers.yaml - 适配DDS通信+TDengine K8s服务(修复Service冲突)
apiVersion: apps/v1
kind: Deployment
metadata:
name: tdservcers
namespace: default
labels:
app: tdservcers
spec:
replicas: 1
selector:
matchLabels:
app: tdservcers
strategy:
type: Recreate
template:
metadata:
labels:
app: tdservcers
spec:
# 核心:恢复DDS必需的宿主机网络/进程/IPC
hostNetwork: true
hostPID: true
hostIPC: true
restartPolicy: Always
containers:
- name: tdservcers
image: tdservcers:latest
imagePullPolicy: IfNotPresent
env:
- name: SPRING_CONFIG_LOCATION
value: "file:/app/config/application.properties"
- name: TZ
value: "Asia/Shanghai"
- name: LD_LIBRARY_PATH
value: "/app/native:/usr/lib64:/lib64" # 增加系统库路径,解决native库加载
- name: LJDDS_LICENSE_FILE
value: "/app/ljddslicense.lic"
# 强制覆盖配置文件中的TDengine地址(优先级高于配置文件)
- name: SPRING_DATASOURCE_URL
value: "jdbc:TAOS-RS://tdengine-service:6041/monitor?timezone=Asia/Shanghai&charset=UTF-8&locale=en_US.UTF-8"
- name: SPRING_DATASOURCE_USERNAME
value: "root"
- name: SPRING_DATASOURCE_PASSWORD
value: "taosdata"
- name: TDENGINE_ADDR
value: "tdengine-service:6030"
# 容器端口(hostNetwork模式下映射到宿主机8080)
ports:
- name: http-8080
containerPort: 8080
hostPort: 8080
protocol: TCP
volumeMounts:
- name: app-config
mountPath: /app/config/application.properties
readOnly: true
- name: app-license
mountPath: /app/ljddslicense.lic
readOnly: true
- name: native-lib
mountPath: /app/native
readOnly: true
- name: dev-shm
mountPath: /dev/shm
readOnly: false
# 核心:DDS必需的特权模式(访问宿主机设备节点)
securityContext:
runAsUser: 0
runAsGroup: 0
privileged: true # 必须开启,否则DDS无法访问设备节点
allowPrivilegeEscalation: true
# 健康检查(适配DDS初始化耗时)
readinessProbe:
tcpSocket:
port: 8080
initialDelaySeconds: 120
periodSeconds: 10
failureThreshold: 5
timeoutSeconds: 5
livenessProbe:
tcpSocket:
port: 8080
initialDelaySeconds: 180
periodSeconds: 20
failureThreshold: 5
timeoutSeconds: 5
resources:
limits:
cpu: "2"
memory: 4Gi
requests:
cpu: "1"
memory: 2Gi
# 存储卷配置(确保DDS native库/许可证可访问)
volumes:
- name: app-config
hostPath:
path: /home/tdserver-deploy/application-prod.properties
type: File
- name: app-license
hostPath:
path: /home/tdserver-deploy/ljddslicense.lic
type: File
- name: native-lib
hostPath:
path: /home/tdserver-deploy/native
type: DirectoryOrCreate
- name: dev-shm
hostPath:
path: /dev/shm
type: Directory
# 强制调度到TDengine所在节点
affinity:
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- tdengine
topologyKey: kubernetes.io/hostname
tolerations:
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 300
- key: "node.kubernetes.io/not-ready"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 300
---
# tdservcers Service(修复NodePort+clusterIP冲突)
apiVersion: v1
kind: Service
metadata:
name: tdservcers-service
namespace: default
labels:
app: tdservcers
spec:
type: NodePort # 保留NodePort供外部访问
selector:
app: tdservcers
ports:
- name: app-port-8080
port: 8080 # Service端口
targetPort: 8080 # 容器端口
nodePort: 30080 # 宿主机映射端口
protocol: TCP
# 删除clusterIP: None,解决NodePort冲突服务使用DDS通信需要使用宿主机网络,然而主机的dns不能解析k8s的svc域名,所以这个不可行。
最佳的yaml连接方式是提供时序数据库服务的域名进行连接,折中的方案就是先把时序数据库启动,然后再更改SPRING_DATASOURCE_URL和TDENGINE_ADDR把地址改成主机IP进行连接。
虽然不能在yaml直接连接域名,但是CLUSTER-IP的方式是可以通信的,所以就变成了启动TDengine时序数据库,然后在应用程序的yaml里面把IP改成TDengine时序数据库的CLUSTER-IP,这样启动就能够完成链接而且不改svc文件地址是固定的不会随机分配。
启动完成后状态正常
