基于Kubernetes部署MatterMost实践

作者 |Lizeyang
来源 |DevOps云学堂（ID：idevopsvip）

本文主要讲解使用Helm在K8S中部署MatterMost，涉及到一些坑需要修改chart模板文件。点击上面图片，免费获取视频教程。

Mattermost

Mattermost是为开发团队推动创新而构建的开源消息传递平台。支持私有云部署在不牺牲隐私的情况下提供了现代通信的优势。Mattermost为企业提供了自治能力和可扩展性，使他们能够在满足需求的同时提高生产力IT和安全团队的要求。

Mattermost可轻松与流行的DevOps工具集成，例如Jira，Jenkins，GitLab，Trac，Redmine和Bitbucket。免费提供数十种开源集成，包括交互式bot应用程序(例如Hubot和whatmost-bot)以及其他通信工具。

Mattermost支持DevOps工作流程,许多DevOps工作流程都依赖实时协作。团队在关键时刻使用消息传递来提高效率—设置基础架构，合并代码分支或解决紧急错误。Mattermost统一了人员，工具，系统数据和自动化，以帮助您的组织发挥最佳性能。

Mattermost驱动DevOps生命周期

消息传递是DevOps团队合作的核心。这是工作流融合，进行关键交互并制定决策的地方。Mattermost通过实现与团队现有的DevOps工具和系统的集成，使您的工作流协作更加强大。

Plan计划：最重要的是有关功能，决策，技术等等的团队对话的记录系统。每个人都保持最新状态，并就项目状态和后续步骤保持一致。

Code代码：开发人员使用Mattermost进行协作和支持，使他们能够轻松地提出问题，解决问题，讨论技术方法并查看代码。

Build构建：平台集成使构建过程变得简单而透明。开发人员在Mattermost渠道中手动触发构建，然后团队会收到有关其成功或失败的通知。

Test测试：DevOps团队将他们最喜欢的CI和错误跟踪工具与Mattermost集成在一起，从而创建了一个强大的测试中心。该平台会自动触发测试并发布有关新错误的警报。

Release发布：发布构建后，DevOps团队将依靠Mattermost中的通知来告知他们发布已成功，因此他们可以加快功能和修补程序的交付。

Deploy部署：将代码投入生产后，DevOps团队会通过Mattermost进一步接收通知和数据。他们可以轻松跟踪哪些服务器接收到该代码并查看任何相关统计信息。

Monitor监控：DevOps监视工具可跟踪应用程序的运行状况和生产性能。使数据在Mattermost上可见可以帮助团队获得见解并制定决策。

通过上述的简介，相信大家已经对Mattermost有了简单的了解。

Mattermost安装

Mattermost Server支持Ubuntu、CentOS、Windows、Docker、Kubernetes部署，本次我们采用CentOS系统进行部署。

Mattermost Client提供了全终端支持。

参考文档：https://docs.mattermost.com/install/install-rhel-7.html

软件下载链接：https://mattermost.com/download-b/

Helm 部署

添加helm源

# helm repo add mattermost https://helm.mattermost.com
"mattermost" has been added to your repositories
# helm repo list
NAME        URL
stable      http://mirror.azure.cn/kubernetes/charts/
gitlab      https://charts.gitlab.io
mattermost  https://helm.mattermost.com

# helm search repo -l mattermost/mattermost-team-edition
NAME                                CHART VERSION  APP VERSION  DESCRIPTION
mattermost/mattermost-team-edition  3.10.0         5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.9.1          5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.9.0          5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.8.3          5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.8.2          5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.8.1          5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.8.0          5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.7.0          5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.6.2          5.13.2       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.6.0          5.13.0       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.5.1          5.12.4       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.4.1          5.11.0       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.4.0          5.11.0       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.3.0          5.10.0       Mattermost Team Edition server.
mattermost/mattermost-team-edition  3.2.0          5.10.0       Mattermost Team Edition server.

下载源码进行自定义

helm fetch mattermost/mattermost-team-edition --version=3.10.0

创建namespace

kubectl create ns mattermost

创建两个PV存储数据

新建mattermost-data用于存储数据，mattermost-plugins用户存储插件。

apiVersion: v1
kind: PersistentVolume
metadata:
  name: mattermost-data
  namespace: mattermost
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/data/devops/mattermost/data"
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: mattermost-plugins
  namespace: mattermost
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/data/devops/mattermost/plugins"

[root@zeyang-nuc-service mattermost-team-edition]# kubectl create -f pv.yaml
persistentvolume/mattermost-data created
persistentvolume/mattermost-plugins created
[root@zeyang-nuc-service mattermost-team-edition]# kubectl get pv -n mattermost
NAME                 CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS      CLAIM                              STORAGECLASS   REASON   AGE
mattermost-data      10Gi       RWO            Retain           Available                                      manual                  9s
mattermost-plugins   1Gi        RWO            Retain           Available                                      manual                  9s

创建数据库

准备一个PG数据库，然后添加账号。

postgres=# CREATE DATABASE mattermost;
CREATE DATABASE
postgres=# CREATE USER mmuser WITH PASSWORD 'mmuser-password';
CREATE ROLE
postgres=# GRANT ALL PRIVILEGES ON DATABASE mattermost to mmuser;
GRANT
postgres=# \q
could not save history to file "/var/lib/pgsql/.psql_history": No such file or directory
[postgres@zeyang-nuc-service ~]$ exit
logout

自定义value.yml

添加PV设置

##
persistence:
  ## This volume persists generated data from users, like images, attachments...
  ##
  data:
    enabled: true
    size: 10Gi
    ## If defined, volume.beta.kubernetes.io/storage-class: <storageClass>
    ## Default: volume.alpha.kubernetes.io/storage-class: default
    ##
    storageClass: manual
    accessMode: ReadWriteOnce
  # existingClaim: ""
  plugins:
    enabled: true
    size: 1Gi
    ## If defined, volume.beta.kubernetes.io/storage-class: <storageClass>
    ## Default: volume.alpha.kubernetes.io/storage-class: default
    ##
    storageClass: manual
    accessMode: ReadWriteOnce
  # existingClaim: ""

配置Ingress

ingress:
  enabled: true
  path: /
  annotations: 
    kubernetes.io/ingress.class: nginx
    #### To use the nginx cache you will need to set an http-snippet in the ingress-nginx configmap
    #### http-snippet: |
    ####     proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;
  hosts:
    - mm.idevops.site
  tls:
    # - secretName: mattermost.example.com-tls
    #   hosts:
    #     - mattermost.example.com

连接外部数据库

mysql示例：

## If use this please disable the mysql chart by setting mysql.enable to false
externalDB:
  enabled: true
  ## postgres or mysql
  externalDriverType: "mysql"
  ## postgres:  "postgres://<USERNAME>:<PASSWORD>@<HOST>:5432/<DATABASE_NAME>?sslmode=disable&connect_timeout=10"
  ## mysql:     "<USERNAME>:<PASSWORD>@tcp(<HOST>:3306)/<DATABASE_NAME>?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"
  externalConnectionString: "xxxx:xxxxx@tcp(xxxx:3306)/mattermost?charset=utf8mb4,utf8\u0026readTimeout=30s\u0026writeTimeout=30s"

postgres示例:(这是我们使用的)

## If use this please disable the mysql chart by setting mysql.enable to false
externalDB:
  enabled: true
  ## postgres or mysql
  externalDriverType: "postgres"
  ## postgres:  "postgres://<USERNAME>:<PASSWORD>@<HOST>:5432/<DATABASE_NAME>?sslmode=disable&connect_timeout=10"
  ## mysql:     "<USERNAME>:<PASSWORD>@tcp(<HOST>:3306)/<DATABASE_NAME>?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s"
  externalConnectionString: "postgres://mmuser:mmuser-password@192.168.1.200:5432/mattermost?sslmode=disable&connect_timeout=10"

验证数据库可以正常访问

psql -h 192.168.1.200 -p 5432 -d mattermost  -U mmuser

部署

helm install mattermost-server --namespace mattermost ./mattermost-team-edition
helm delete mattermost-server --namespace mattermost ./mattermost-team-edition

FAQ

err=pq: no pg_hba.conf entry for host \"10.244.0.148\", user \"mmuser\", database \"mattermost\", SSL off"}

修改pg_hba.conf、 postgres.conf

## pg_hba.conf
host   all             all            192.168.1.0/24              md5
host   all             all            10.244.0.1/24              md5
##  postgres.conf
listen_addresses = '*'

网页配置

访问：http://mm.idevops.site.

创建用户：输入邮箱、用户名称、密码。admin:Devops.com123

创建一个新的团队,输入团队名称。

创建完成

设置中文

write file: open /mattermost/config/config.json: read-only file system"}

解决配置文件无法写入问题：

创建一个pv持久化/mattermost/config目录

mkdir -p /data/devops/mattermost/config

---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: mattermost-config
  namespace: mattermost
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: 1Gi
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/data/devops/mattermost/config"
---
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mattermost-config-pvc
  namespace: mattermost
spec:
  storageClassName: manual
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

修改templates/deployment.yaml

#挂载pvc
volumeMounts:
- mountPath: /mattermost/config/config.json
  name: config-json
  subPath: config.json
- mountPath: /mattermost/config
  name: mattermost-config
--------------------------------------------
volumes:
- name: config-json
  secret:
    secretName: {{ include "mattermost-team-edition.fullname" . }}-config-json
- name: mattermost-config
  persistentVolumeClaim:
    claimName: {{ .Values.persistence.config.existingClaimName }}  
--------------------------------------------
#删除 24行配置
checksum/config: {{ include (print $.Template.BasePath "/secret-config.yaml") . | sha256sum }}
--------------------------------------------
#删除 templates/secret-config.yaml
--------------------------------------------
# 在values.yaml中定义config pvc的名称（注意名称要与创建的一致）
persistence:
  ## This volume persists generated data from users, like images, attachments...
  ##
  config:
    existingClaimName: mattermost-config-pvc

helm delete  mattermost-server --namespace mattermost ./mattermost-team-edition
kubectl delete -f ./mattermost-team-edition/config-pvc.yaml
kubectl delete -f ./mattermost-team-edition/pv.yaml
kubectl create -f ./mattermost-team-edition/config-pvc.yaml
kubectl create -f ./mattermost-team-edition/pv.yaml
helm install  mattermost-server --namespace mattermost ./mattermost-team-edition

ChatOps是一种以对话为中心的协作式工作方式，Mattermost ChatOps将不同的工具和工作流程整合在一起，以提供共享的控制台，以简化协作，缩短反馈循环并自动执行重复的手动任务。