Huawei Cloud Deployment Manual
1 Introduction¶
1.1 Document Description¶
This document mainly describes the deployment on Huawei Cloud, introducing the complete steps from resource planning and configuration to deploying Guance and running it.
Note:
- This document uses dataflux.cn as the main domain name example. Replace it with the corresponding domain name during actual deployment.
1.2 Key Terms¶
| Term | Description |
|---|---|
| Launcher | A WEB application used for deploying and installing Guance. Follow the steps of the Launcher service to complete the installation and upgrade of Guance. |
| Operations Machine | A machine with kubectl installed that is in the same network as the target Kubernetes cluster. |
| Installation Machine | The machine where you access the launcher service via a browser to complete the guided installation of Guance. |
| kubectl | The command-line client tool for Kubernetes, installed on the operations machine. |
1.3 Deployment Steps Architecture¶
2 Resource List¶
Note
1. The "Minimum Configuration" is only suitable for POC scenarios, just for functional validation, not suitable for production environments.
2. The "Recommended Configuration" is suitable for scenarios with less than 150,000 time series in InfluxDB and fewer than 7 billion documents (the total sum of log, trace, RUM PV, and event documents) in Elasticsearch.
3. For production deployment, assess based on the actual data volume being ingested. The more data ingested, the higher the storage and specification requirements for InfluxDB and Elasticsearch.
4. If using self-built TDengine and OpenSearch, they need to be added to the CCE node pool. Self-built OpenSearch nodes require 3 coordinating nodes (4c8g) and 3 data nodes (8c32g), totaling 6 nodes.
| Resource | Specification (Minimum Configuration) | Specification (Recommended Configuration) | Quantity | Notes |
|---|---|---|---|---|
| CCE | Standard Managed Cluster Edition | Standard Managed Cluster Edition | 1 | Version: 1.23 |
| CCE Node Pool | 4C8G (Single System Disk 80GB) | 8C16G (Single System Disk 120GB) | 4 | Deploy Huawei Cloud CCE Managed Cluster |
| 2C4G (Single System Disk 80GB) | 4C8G (Single System Disk 120GB) | 2 | Deploy Dataway | |
| NAT Gateway | Small NAT Gateway | Small NAT Gateway | 1 | Used for CCE cluster outbound traffic |
| ELB | Shared Type | Shared Type | 1 | Before Kubernetes Ingress |
| RDS | 2C4G 50GB | 4C8G 100GB (Master-Slave) | 1 | MySQL 8.0 |
| Redis | 4G | 8G (Standard Master-Slave Dual Replicas) | 1 | Version: 6.0 |
| TDengine | InfluxDB | 4C16G 300GB | 8C32G 500GB (Cluster Edition) | 1 | TDengine (Self-built) Version: 2.6+ InfluxDB Version: 1.7.x |
| Elasticsearch|OpenSearch | 4C16G 1T (Single Node) | 16C64G 2T (3 Nodes) | 1 | Elasticsearch Version: 7.10.2 OpenSearch (Self-built) Version: 2.3 |
| Domain | - | - | 1 | Main domain needs to be registered, eight subdomains under one main domain |
| SSL Certificate | Wildcard Domain Certificate | Wildcard Domain Certificate | 1 | - |
3 Infrastructure Deployment¶
3.1 Deployment Description¶
RDS, Redis, InfluxDB, Elasticsearch should be created according to the configuration requirements, all within the same region under the same VPC network.
3.2 Steps One, Two, Three: CCE Service Creation¶
3.2.1 Step One: Purchase CCE Cluster¶
Go to the official website, select Product in the navigation bar, choose Container, click Cloud Container Engine CCE, and create a CCE cluster.
- It must be in the same region as the RDS, InfluxDB, and Elasticsearch resources created later.
- Choose the cluster scale based on your own situation, then create the worker nodes afterward.
3.2.2 Step Two: Worker Node Configuration¶
Mainly select ECS specifications and quantity. Specifications can be created according to the requirements in the resource list or assessed based on actual conditions, but they cannot be lower than the minimum configuration requirements. The number of worker nodes should be at least 3 or more, and it is recommended that the data disk size should not be less than 100GiB.
3.2.3 Step Three: Plugin Management¶
The everest and coredns plugins are already created by default when purchasing the k8s cluster. Here, it is recommended to add two more plugins for installation. To ensure cluster resources and avoid additional costs, it is suggested to delete the ICAgent plugin.
Install nginx-ingress plugin
1) Configure CPU and memory resource limits.
2) Create Load Balancer ELB.
If needed, you can choose a dedicated elastic load balancer. In this article, we choose the shared type. Note: Choose Elastic Public IP and use an existing one if possible. Alternatively, create a new IP with a bandwidth of 300Mbit/s billed by traffic.
- Differences between dedicated and shared types can be found in the following link:
https://support.huaweicloud.com/productdesc-elb/elb_pro_0004.html
3) Configure nginx-ingress plugin content related to nginx forwarding.
# Add the following content
{
"allow-backend-server-header": "true",
"client-header-buffer-size": "32k",
"enable-underscores-in-headers": "true",
"forwarded-for-header": "X-Forwarded-For",
"generate-request-id": "true",
"ignore-invalid-headers": "true",
"keep-alive-requests": "100",
"large-client-header-buffers": "4 32k",
"proxy-body-size": "20m",
"proxy-connect-timeout": "20",
"reuse-port": "true",
"server-tokens": "false",
"ssl-protocols": "TLSv1 TLSv1.1 TLSv1.2 SSLv3",
"ssl-redirect": "false",
"use-gzip": "true",
"worker-cpu-affinity": "auto"
}
Install node-local-dns plugin
- Enable DNS Config Injection function.
Note
Add the label node-local-dns-injection=enabled to the namespace to enable the DNS cache feature.
Delete ICAgent plugin (Optional)
Choose AOM Application Operations Management, uninstall the ICAgent plugin, and turn off the switches for continued log and metrics collection.
3.4 Step Four: Cache Service¶
- You can choose to use the default built-in caching service. If you do not use the default built-in caching service, configure Redis as follows:
- Distributed caching service (Redis version).
- Redis version: 6.0, standard master-slave architecture, supporting dual replicas.
- Configure Redis password.
- Add the ECS internal network IP automatically created by CCE to the Redis whitelist.
3.5 Step Five: GuanceDB for Metrics¶
3.6 Step Six: Elasticsearch¶
- Name: Cloud Search Service CSS
- Version: 7.10.2
- Enable security mode to set up administrator account and password.
- Add the ECS internal network IP automatically created by CCE to the Elasticsearch whitelist.
3.7 Step Seven: RDS¶
- Name: Cloud Database RDS
- Version: 8.0, Standard Master-Slave Edition
- Set MySQL root user password.
- Add the ECS internal network IP automatically created by CCE to the MySQL whitelist.
4 kubectl Installation and Configuration¶
4.1 Install kubectl¶
kubectl is a command-line client tool for Kubernetes, which can be used to deploy applications, check and manage cluster resources, etc. Our Launcher is based on this command-line tool for application deployment. For specific installation methods, refer to the official documentation:
You can also click on the cluster and find kubectl Click to View.
4.2 Configure kube config¶
Whether to use public or private kubeconfig depends on whether your operations machine has connectivity to the cluster's internal network. Determine the connection method based on the following use cases.
5 Start Installation¶
After completing the operations, refer to the manual Start Installation