AWS SNS/SQS

关于AWS SNS/SQS pubsub组件的详细文档

配置

要为 发布/订阅设置 AWS SNS/SQS,您需要创建一个类型为 pubsub.snssqs 的组件。 See this guide on how to create and apply a pubsub configuration.

  1. apiVersion: dapr.io/v1alpha1
  2. kind: Component
  3. metadata:
  4.   name: snssqs-pubsub
  5.   namespace: default
  6. spec:
  7.   type: pubsub.snssqs
  8.   version: v1
  9.   metadata:
  10.     - name: accessKey
  11.       value: "AKIAIOSFODNN7EXAMPLE"
  12.     - name: secretKey
  13.       value: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
  14.     - name: region
  15.       value: "us-east-1"
  16.     - name: sessionToken
  17.       value: "TOKEN"
  18.     - name: messageVisibilityTimeout
  19.       value: 10
  20.     - name: messageRetryLimit
  21.       value: 10
  22.     - name: messageWaitTimeSeconds
  23.       value: 1
  24.     - name: messageMaxNumber
  25.       value: 10

Warning

以上示例将密钥明文存储, It is recommended to use a secret store for the secrets as described here.

元数据字段规范

字段必填详情Example
accessKeyY具有SNS和SQS适当权限的AWS账户的ID。 可以用secretKeyRef来引用密钥。“AKIAIOSFODNN7EXAMPLE”
secretKeyYAWS用户的密钥。 可以用secretKeyRef来引用密钥。“wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY”
regionYAWS区域到实例。 有效区域请参见本页面:https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html。 确保该地区有SNS和SQS。“us-east-1”
终结点N该组件要使用的AWS端点, 仅用于本地开发。 仅用于本地开发。 当对生产环境的AWS,endpoint是不需要的。http://localhost:4566
sessionTokenN要使用的 AWS 会话令牌。 只有当您使用临时安全凭证时才需要会话令牌。“TOKEN”
messageVisibilityTimeoutN消息发送至订阅者后,隐藏接收请求的时间,以秒为单位。 默认值:1010
messageRetryLimitN在处理消息失败后,从队列中删除该消息之前,重新发送消息的次数。 默认值:1010
messageWaitTimeSecondsN等待收到消息后再提出请求的时间 默认值:11
messageMaxNumberN每次从队列中接收消息的最大数量。 默认值:10,最大值:1010

创建SNS/SQS实例

对于本地开发来说,可以用localstack项目集成AWS SNS/SQS。 按照这里的说明安装localstack CLI。

In order to use localstack with your pubsub binding, you need to provide the endpoint configuration in the component metadata. 当在AWS生产环境上运行时,endpoint是不需要的。

See Authenticating to AWS for information about authentication-related attributes

  1. apiVersion: dapr.io/v1alpha1
  2. kind: Component
  3. metadata:
  4.   name: snssqs-pubsub
  5. spec:
  6.   type: pubsub.snssqs
  7.   version: v1
  8.   metadata:
  9.     - name: endpoint
  10.       value: http://localhost:4566
  11.     # Use us-east-1 for localstack
  12.     - name: region
  13.       value: us-east-1

要在Kubernetes上运行localstack,可以应用以下配置。 Localstack is then reachable at the DNS name http://localstack.default.svc.cluster.local:4566 (assuming this was applied to the default namespace) and this should be used as the endpoint

  1. apiVersion: apps/v1
  2. kind: Deployment
  3. metadata:
  4.   name: localstack
  5.   namespace: default
  6. spec:
  7.   # using the selector, we will expose the running deployments
  8.   # this is how Kubernetes knows, that a given service belongs to a deployment
  9.   selector:
  10.     matchLabels:
  11.       app: localstack
  12.   replicas: 1
  13.   template:
  14.     metadata:
  15.       labels:
  16.         app: localstack
  17.     spec:
  18.       containers:
  19.       - name: localstack
  20.         image: localstack/localstack:latest
  21.         ports:
  22.           # Expose the edge endpoint
  23.           - containerPort: 4566
  24. ---
  25. kind: Service
  26. apiVersion: v1
  27. metadata:
  28.   name: localstack
  29.   labels:
  30.     app: localstack
  31. spec:
  32.   selector:
  33.     app: localstack
  34.   ports:
  35.   - protocol: TCP
  36.     port: 4566
  37.     targetPort: 4566
  38.   type: LoadBalancer

为了在AWS中运行,你应该创建一个具有SNS和SQS服务权限的IAM用户。 使用AWS account IDAWS account secret,并使用Kubernetes密钥和secretKeyRef将它们插入组件元数据中的accessKeysecretKey

相关链接