在 Kubernetes 中部署 Azure SQL Edge 容器Deploy an Azure SQL Edge container in Kubernetes

Azure SQL Edge 既可以通过 Kubernetes 上运行的 Azure IoT Edge 作为 IoT Edge 模块部署在 Kubernetes 容器上,也可以作为独立的容器 Pod 部署在 Kubernetes 容器上。Azure SQL Edge can be deployed on a Kubernetes cluster both as an IoT Edge module through Azure IoT Edge running on Kubernetes or as a standalone container pod. 本文的其余部分将重点介绍如何在 Kubernetes 群集上部署独立容器。For the remainder of this article, we will focus on the standalone container deployment on a kubernetes cluster. 有关在 Kubernetes 上部署 Azure IoT Edge 的信息,请参阅 Kubernetes 上的 Azure IoT Edge(预览版)For information on deploying Azure IoT Edge on Kubernetes, refer Azure IoT Edge on Kubernetes (preview).

本教程演示如何在 kubernetes 群集上的容器中配置高度可用的 Azure SQL Edge 实例。This tutorial demonstrates how to configure a highly available Azure SQL Edge instance in a container on a kubernetes cluster.

  • 创建 SA 密码Create an SA password
  • 创建存储Create storage
  • 创建部署Create the deployment
  • 使用 SQL Server Management Studio (SSMS) 进行连接Connect with SQL Server Management Studio (SSMS)
  • 验证故障和恢复Verify failure and recovery

Kubernetes 1.6 及更高版本支持存储类永久性卷声明Azure 磁盘卷类型Kubernetes 1.6 and later has support for storage classes, persistent volume claims, and the Azure disk volume type. 可以在 Kubernetes 中本机创建和管理 Azure SQL Edge 实例。You can create and manage your Azure SQL Edge instances natively in Kubernetes. 本文中的示例介绍如何创建部署,以实现类似于共享磁盘故障转移群集实例的高可用性配置。The example in this article shows how to create a deployment to achieve a high availability configuration similar to a shared disk failover cluster instance. 在此配置中,Kubernetes 充当群集业务流程协调程序的作用。In this configuration, Kubernetes plays the role of the cluster orchestrator. 容器中的 Azure SQL Edge 实例发生故障时,业务流程协调程序会启动附加到同一永久性存储的容器的另一实例。When an Azure SQL Edge instance in a container fails, the orchestrator bootstraps another instance of the container that attaches to the same persistent storage.

Kubernetes 群集中的 Azure SQL Edge

在上图中,azure-sql-edgePod 中的容器。In the preceding diagram, azure-sql-edge is a container in a pod. Kubernetes 协调群集中的资源。Kubernetes orchestrates the resources in the cluster. 副本集可确保在节点发生故障后自动恢复 Pod。A replica set ensures that the pod is automatically recovered after a node failure. 应用程序会连接到服务。Applications connect to the service. 在这种情况下,该服务表示负载均衡器,承载着 azure-sql-edge 发生故障后保持不变的 IP 地址。In this case, the service represents a load balancer that hosts an IP address that stays the same after failure of the azure-sql-edge.

在下图中,azure-sql-edge 容器发生了故障。In the following diagram, the azure-sql-edge container has failed. 作为业务流程协调程序,Kubernetes 可保证副本集中正常实例的计数正确,并根据配置启动新容器。As the orchestrator, Kubernetes guarantees the correct count of healthy instances in the replica set, and starts a new container according to the configuration. 业务流程协调程序会在同一节点上启动新 Pod,并且 azure-sql-edge 会重新连接到同一个永久性存储。The orchestrator starts a new pod on the same node, and azure-sql-edge reconnects to the same persistent storage. 该服务会连接到重新创建的 azure-sql-edgeThe service connects to the re-created azure-sql-edge.

Pod 出现故障后 Kubernetes 群集中的 Azure SQL Edge

在下图中,托管 azure-sql-edge 容器的节点发生了故障。In the following diagram, the node hosting the azure-sql-edge container has failed. 业务流程协调程序在不同的节点上启动新 Pod,并且 azure-sql-edge 重新连接到同一个永久性存储。The orchestrator starts the new pod on a different node, and azure-sql-edge reconnects to the same persistent storage. 该服务会连接到重新创建的 azure-sql-edgeThe service connects to the re-created azure-sql-edge.

节点出现故障后 Kubernetes 群集中的 Azure SQL Edge

先决条件Prerequisites

  • Kubernetes 群集Kubernetes cluster

    • 本教程需要使用 Kubernetes 群集。The tutorial requires a Kubernetes cluster. 这些步骤使用 kubectl 来管理群集。The steps use kubectl to manage the cluster.

    • 就本教程而言,我们将使用 Azure Kubernetes 服务来部署 Azure SQL Edge。For the purpose of this tutorial, we will be using Azure Kubernetes Service to deploy Azure SQL Edge. 若要使用 kubectl 在 AKS 中创建单节点 Kubernetes 群集并连接到此群集,请参阅部署 Azure Kubernetes 服务 (AKS) 群集See Deploy an Azure Kubernetes Service (AKS) cluster to create and connect to a single-node Kubernetes cluster in AKS with kubectl.

    备注

    若要防范节点发生故障,Kubernetes 群集需要使用多个节点。To protect against node failure, a Kubernetes cluster requires more than one node.

  • Azure CLIAzure CLI

    • 本教程中的说明已针对 Azure CLI 2.10.1 进行了验证。The instructions in this tutorial have been validated against Azure CLI 2.10.1.

为 SQL Edge 部署创建 kubernetes 命名空间Create a kubernetes namespace for SQL Edge deployment

在 kubernetes 群集中创建新的命名空间。Create a new namespace in the kubernetes cluster. 此命名空间将用于部署 SQL Edge 和所有必需项目。This namespace will be used to deploy SQL Edge and all the required artifacts. 有关 Kubernetes 命名空间的详细信息,请参阅命名空间For more information on Kubernetes namespaces, refer namespaces.

kubectl create namespace <namespace name>

创建 SA 密码Create an SA password

在 Kubernetes 群集中创建 SA 密码。Create an SA password in the Kubernetes cluster. Kubernetes 可以管理敏感的配置信息,例如密码(即密钥)。Kubernetes can manage sensitive configuration information, like passwords as secrets.

以下命令可为 SA 帐户创建密码:The following command creates a password for the SA account:

kubectl create secret generic mssql --from-literal=SA_PASSWORD="MyC0m9l&xP@ssw0rd" -n <namespace name>

使用复杂的密码替换 MyC0m9l&xP@ssw0rdReplace MyC0m9l&xP@ssw0rd with a complex password.

创建存储Create storage

请在 Kubernetes 群集中配置永久性卷永久性卷声明Configure a persistent volume and persistent volume claim in the Kubernetes cluster. 请完成下列步骤:Complete the following steps:

  1. 请创建清单以定义存储类和永久性卷声明。Create a manifest to define the storage class and the persistent volume claim. 清单可指定存储配置程序、参数和回收策略The manifest specifies the storage provisioner, parameters, and reclaim policy. Kubernetes 群集使用此清单来创建永久性存储。The Kubernetes cluster uses this manifest to create the persistent storage.

    以下 yaml 示例定义了存储类和永久性卷声明。The following yaml example defines a storage class and persistent volume claim. 存储类配置程序为 azure-disk,因为此 Kubernetes 群集位于 Azure 中。The storage class provisioner is azure-disk, because this Kubernetes cluster is in Azure. 存储帐户类型为 Standard_LRSThe storage account type is Standard_LRS. 永久性卷声明的名称为 mssql-dataThe persistent volume claim is named mssql-data. 永久性卷声明元数据包含将其连接回存储类的注释。The persistent volume claim metadata includes an annotation connecting it back to the storage class.

    kind: StorageClass
    apiVersion: storage.k8s.io/v1
    metadata:
         name: azure-disk
    provisioner: kubernetes.io/azure-disk
    parameters:
      storageaccounttype: Standard_LRS
      kind: managed
    ---
    kind: PersistentVolumeClaim
    apiVersion: v1
    metadata:
      name: mssql-data
      annotations:
        volume.beta.kubernetes.io/storage-class: azure-disk
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 8Gi
    

    保存文件(例如,pvc.yaml )。Save the file (for example, pvc.yaml).

  2. 在 Kubernetes 中创建永久性卷声明。Create the persistent volume claim in Kubernetes.

    kubectl apply -f <Path to pvc.yaml file> -n <namespace name>
    

    <Path to pvc.yaml file> 是保存文件的位置。<Path to pvc.yaml file> is the location where you saved the file.

    永久性卷自动创建为 Azure 存储帐户,并绑定到永久性卷声明。The persistent volume is automatically created as an Azure storage account, and bound to the persistent volume claim.

    永久性卷声明命令的屏幕截图

  3. 验证永久性卷声明。Verify the persistent volume claim.

    kubectl describe pvc <PersistentVolumeClaim>  -n <name of the namespace>
    

    <PersistentVolumeClaim> 是永久性卷声明的名称。<PersistentVolumeClaim> is the name of the persistent volume claim.

    在上述步骤中,永久性卷声明的名称为 mssql-dataIn the preceding step, the persistent volume claim is named mssql-data. 要查看有关永久性卷声明的元数据,请运行以下命令:To see the metadata about the persistent volume claim, run the following command:

    kubectl describe pvc mssql-data  -n <namespace name>
    

    返回的元数据包含一个名为 Volume 的值。The returned metadata includes a value called Volume. 此值映射到 blob 的名称。This value maps to the name of the blob.

    返回的元数据(包括卷)的屏幕截图

  4. 请验证永久性卷。Verify the persistent volume.

    kubectl describe pv -n <namespace name>
    

    kubectl 返回有关自动创建并绑定到永久性卷声明的永久性卷的元数据。kubectl returns metadata about the persistent volume that was automatically created and bound to the persistent volume claim.

创建部署Create the deployment

在此示例中,托管 Azure SQL Edge 实例的容器被描述为 Kubernetes 部署对象。In this example, the container hosting the Azure SQL Edge instance is described as a Kubernetes deployment object. 部署会创建副本集。The deployment creates a replica set. 副本集会创建 Pod。The replica set creates the pod.

在此步骤中,请创建一个清单,用于基于 Azure SQL Edge Docker 映像描述容器。In this step, create a manifest to describe the container based on the Azure SQL Edge Docker image. 该清单引用 mssql-data 永久性卷声明以及已应用于 Kubernetes 群集的 mssql 密钥。The manifest references the mssql-data persistent volume claim, and the mssql secret that you already applied to the Kubernetes cluster. 清单还将描述一项服务The manifest also describes a service. 此服务是负载均衡器。This service is a load balancer. 负载均衡器保证在恢复 Azure SQL Edge 实例后 IP 地址仍保持不变。The load balancer guarantees that the IP address persists after Azure SQL Edge instance is recovered.

  1. 创建用于描述部署的清单(YAML 文件)。Create a manifest (a YAML file) to describe the deployment. 下面的示例描述了部署,包括基于 Azure SQL Edge 容器映像的容器。The following example describes a deployment, including a container based on the Azure SQL Edge container image.
apiVersion: apps/v1
kind: Deployment
metadata:
  name: sqledge-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sqledge
  template:
    metadata:
      labels:
        app: sqledge
    spec:
      volumes:
        - name: sqldata
          persistentVolumeClaim:
            claimName: mssql-data
      containers:
        - name: azuresqledge
          image: mcr.microsoft.com/azure-sql-edge:latest
          ports:
            - containerPort: 1433
          volumeMounts:
            - name: sqldata
              mountPath: /var/opt/mssql
          env:
            - name: MSSQL_PID
              value: "Developer"
            - name: ACCEPT_EULA
              value: "Y"
            - name: SA_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mssql
                  key: SA_PASSWORD
            - name: MSSQL_AGENT_ENABLED
              value: "TRUE"
            - name: MSSQL_COLLATION
              value: "SQL_Latin1_General_CP1_CI_AS"
            - name: MSSQL_LCID
              value: "1033"
      terminationGracePeriodSeconds: 30
      securityContext:
        fsGroup: 10001
---
apiVersion: v1
kind: Service
metadata:
  name: sqledge-deployment
spec:
  selector:
    app: sqledge
  ports:
    - protocol: TCP
      port: 1433
      targetPort: 1433
      name: sql
  type: LoadBalancer

请将上述代码复制到名为 sqldeployment.yaml 的新文件中。Copy the preceding code into a new file, named sqldeployment.yaml. 请更新以下值:Update the following values:

  • MSSQL_PID value: "Developer":设置容器以运行 Azure SQL Edge 开发人员版。MSSQL_PID value: "Developer": Sets the container to run Azure SQL Edge Developer edition. Developer 版本未获得生产数据许可。Developer edition is not licensed for production data. 如果部署是用于生产,请将版本设置为 PremiumIf the deployment is for production use, set the edition to Premium.

  • persistentVolumeClaim设置用户帐户 :此值需要 claimName: 的条目,该条目映射到用于永久性卷声明的名称。persistentVolumeClaim: This value requires an entry for claimName: that maps to the name used for the persistent volume claim. 本教程使用 mssql-dataThis tutorial uses mssql-data.

  • name: SA_PASSWORD设置用户帐户 :请配置容器映像以设置 SA 密码,如本部分中所定义。name: SA_PASSWORD: Configures the container image to set the SA password, as defined in this section.

    valueFrom:
      secretKeyRef:
        name: mssql
        key: SA_PASSWORD 
    

    Kubernetes 部署容器时,它引用名为 mssql 的密钥以获取密码的值。When Kubernetes deploys the container, it refers to the secret named mssql to get the value for the password.

备注

使用 LoadBalancer 服务类型,可在端口 1433(通过 Internet)远程访问 Azure SQL Edge 实例。By using the LoadBalancer service type, the Azure SQL Edge instance is accessible remotely (via the internet) at port 1433.

保存文件(例如 sqledgedeploy.yaml)。Save the file (for example, sqledgedeploy.yaml).

  1. 创建部署。Create the deployment.

    kubectl apply -f <Path to sqledgedeploy.yaml file> -n <namespace name>
    

    <Path to sqldeployment.yaml file> 是保存文件的位置。<Path to sqldeployment.yaml file> is the location where you saved the file.

    部署命令的屏幕截图

    部署和服务现已创建。The deployment and service are created. Azure SQL Edge 实例位于连接到永久性存储的容器中。The Azure SQL Edge instance is in a container, connected to persistent storage.

    若要查看 Pod 的状态,请键入 kubectl get pod -n <namespace name>To view the status of the pod, type kubectl get pod -n <namespace name>.

    获取 Pod 命令的屏幕截图

    在上图中,Pod 的状态为 RunningIn the preceding image, the pod has a status of Running. 此状态表示容器已准备就绪。This status indicates that the container is ready. 此过程可能需要几分钟时间。This may take several minutes.

    备注

    创建部署后,可能需要几分钟时间才能看到 Pod。After the deployment is created, it can take a few minutes before the pod is visible. 延迟是因为群集从 Docker 中心拉取 Azure SQL Edge 容器映像。The delay is because the cluster pulls the Azure SQL Edge container image from the Docker hub. 在第一次拉取映像后,如果是向已缓存了映像的节点进行部署,则后续部署的速度可能更快。After the image is pulled the first time, subsequent deployments might be faster if the deployment is to a node that already has the image cached on it.

  2. 请验证服务是否正在运行。Verify the services are running. 运行以下命令:Run the following command:

    kubectl get services -n <namespace name>
    

    此命令会返回正在运行的服务,以及该服务的内部和外部 IP 地址。This command returns services that are running, as well as the internal and external IP addresses for the services. 请记下 mssql-deployment 服务的外部 IP 地址。Note the external IP address for the mssql-deployment service. 请使用此 IP 地址连接到 Azure SQL Edge。Use this IP address to connect to Azure SQL Edge.

    获取服务命令的屏幕截图

    有关 Kubernetes 群集中的对象状态的详细信息,请运行:For more information about the status of the objects in the Kubernetes cluster, run:

    az aks browse --resource-group <MyResourceGroup> --name <MyKubernetesClustername>
    

连接到 Azure SQL Edge 实例Connect to the Azure SQL Edge instance

如果按照描述配置了容器,则可以从 Azure 虚拟网络外部连接应用程序。If you configured the container as described, you can connect with an application from outside the Azure virtual network. 请使用服务的 sa 帐户和外部 IP 地址。Use the sa account and the external IP address for the service. 请使用配置为 Kubernetes 密钥的密码。Use the password that you configured as the Kubernetes secret. 有关连接到 Azure SQL Edge 实例的详细信息,请参阅连接到 Azure SQL EdgeFor more information on connecting to an Azure SQL Edge instance, refer Connect to Azure SQL Edge.

验证故障和恢复Verify failure and recovery

若要验证故障和恢复,则可以删除 Pod。To verify failure and recovery, you can delete the pod. 请执行以下步骤:Do the following steps:

  1. 请列出运行 Azure SQL Edge 的 Pod。List the pod running Azure SQL Edge.

    kubectl get pods -n <namespace name>
    

    请记下运行 Azure SQL Edge 的 Pod 的名称。Note the name of the pod running Azure SQL Edge.

  2. 删除 Pod。Delete the pod.

    kubectl delete pod sqledge-deployment-7df66c9999-rc9xl
    

    sqledge-deployment-7df66c9999-rc9xl 是从上一步返回的 Pod 名称的值。sqledge-deployment-7df66c9999-rc9xl is the value returned from the previous step for pod name.

Kubernetes 会自动重新创建 Pod 以恢复 Azure SQL Edge 实例,并连接到永久性存储。Kubernetes automatically re-creates the pod to recover an Azure SQL Edge instance, and connect to the persistent storage. 使用 kubectl get pods 验证是否部署了新的 Pod。Use kubectl get pods to verify that a new pod is deployed. 使用 kubectl get services 验证新容器的 IP 地址是否相同。Use kubectl get services to verify that the IP address for the new container is the same.

总结Summary

本教程介绍了如何将 Azure SQL Edge 容器部署到 Kubernetes 群集以实现高可用性。In this tutorial, you learned how to deploy Azure SQL Edge containers to a Kubernetes cluster for high availability.

  • 创建 SA 密码Create an SA password
  • 创建存储Create storage
  • 创建部署Create the deployment
  • 使用 Azure SQL Edge Management Studio (SSMS) 进行连接Connect with Azure SQL Edge Management Studios (SSMS)
  • 验证故障和恢复Verify failure and recovery

后续步骤Next steps