一、Pig架构(该图来自Pig白皮书中的基础架构图)
二、CI/CD架构图
# 服务Jenkins流水线
pipeline {
agent {
label "master"
}
tools {
maven 'maven3'
jdk 'java1.8'
}
options {
ansiColor('xterm')
timestamps()
disableConcurrentBuilds()
buildDiscarder(logRotator(numToKeepStr: '3',artifactDaysToKeepStr: '3'))
}
parameters {
gitParameter branchFilter: 'origin/(.*)', defaultValue: 'master', name: 'BRANCH', type: 'PT_BRANCH'
choice choices: ['uat', 'prod'], description: '选择部署环境', name: 'ENV'
choice choices: ['uat', 'prod'], description: '选择部署namespace,UAT环境选择uat,PROD环境选择prod', name: 'NS'
}
environment {
APP_NAME = "pig-register"
REGISTRY = "reg.istak.com"
HARBOR_NAMESPACE = "demo"
HARBOR_KEY = "harborkey"
}
stages {
stage('Git clone') {
steps {
git branch: "${params.BRANCH}", credentialsId: 'root', url: 'https://gitlab.istack.com/pig/pig-register.git'
}
}
stage('Maven pack') {
steps {
sh 'mvn clean install -Dmaven.test.skip=true -gs /root/maven/conf/settings-pig.xml'
}
post {
success {
archiveArtifacts allowEmptyArchive: true, artifacts: '**/target/*.jar', fingerprint: true, followSymlinks: false
}
}
}
stage('Docker image build') {
steps {
echo 'Build images'
sh '''
cd $WORKSPACE
docker build -t $REGISTRY/$HARBOR_NAMESPACE/$APP_NAME:v$BUILD_NUMBER -f ./pig-register/Dockerfile ./pig-register/target
'''
echo 'Push images'
sh 'docker push $REGISTRY/$HARBOR_NAMESPACE/$APP_NAME:v$BUILD_NUMBER'
echo 'Clean images'
sh 'docker rmi $REGISTRY/$HARBOR_NAMESPACE/$APP_NAME:v$BUILD_NUMBER'
}
}
stage('Deploy') {
when {
expression {
currentBuild.result == null || currentBuild.result == 'SUCCESS'
}
}
steps {
script {
if ( "${params.ENV}" == "uat" ) {
echo ('Deploy to uat')
sh """
cd $WORKSPACE
sed -i -e 's#{APP_NAME}#${env.APP_NAME}#g;s#{NS}#${params.NS}#g;s#{REGISTRY}#${env.REGISTRY}#g;s#{HARBOR_NAMESPACE}#${env.HARBOR_NAMESPACE}#g;s#{BUILD_NUMBER}#${env.BUILD_NUMBER}#g;s#{HARBOR_KEY}#${env.HARBOR_KEY}#g' ./pig-register/deploy/*.yaml
/usr/local/bin/kubectl --kubeconfig /tke/uat-config apply -f ./pig-register/deploy/
"""
} else {
echo ('Deploy to prod')
sh """
cd $WORKSPACE
sed -i -e 's#{APP_NAME}#${env.APP_NAME}#g;s#{NS}#${params.NS}#g;s#{REGISTRY}#${env.REGISTRY}#g;s#{HARBOR_NAMESPACE}#${env.HARBOR_NAMESPACE}#g;s#{BUILD_NUMBER}#${env.BUILD_NUMBER}#g;s#{HARBOR_KEY}#${env.HARBOR_KEY}#g' ./pig-register/deploy/*.yaml
/usr/local/bin/kubectl --kubeconfig /tke/prod-config apply -f ./pig-register/deploy/
"""
}
}
}
}
}
}
三、云端与IDC数据中心网络架构图
云端访问IDC数据中心网络,配置云端子网路由指向云端N2N服务器;IDC数据中心访问云端网络,配置IDC子网指向数据中心N2N服务器
四、TKE集群创建(托管集群类型/区域:北京/运行时:Docker/GlobalRouter网络模式/集群规格:L20)
1、集群Woker节点资源规划
2、购买(组件:TCR)
参考:https://cloud.tencent.com/document/product/457
3、MySQL、Redis、Ckafka、Elasticsearch、EMR等产品购买参考腾讯云网关(产品购买时注意选择事先规划好的子网及安全组)
五、Pig部署
1、根据Pig服务启动顺序部署服务(register-->stellar-upms-->gateway-->auth)
# Register服务Deployment和Service
apiVersion: apps/v1
kind: Deployment
metadata:
name: pix-register
spec:
selector:
matchLabels:
app: pix-register
replicas: 1
template:
metadata:
labels:
app: pix-register
spec:
containers:
- name: pix-register
image: reg.istack.com/demo/pix-register:v1
env:
- name: MYSQL_USER
value: "root"
- name: MYSQL_PWD
value: "root"
imagePullPolicy: Always
ports:
- containerPort: 8848
protocol: TCP
livenessProbe:
failureThreshold: 3
tcpSocket:
port: 8848
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
tcpSocket:
port: 8848
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: "1000m"
memory: "1Gi"
limits:
cpu: "2000m"
memory: "4Gi"
imagePullSecrets:
- name: harborkey
hostAliases:
- ip: "10.16.10.143"
hostnames:
- "pig-mysql"
---
apiVersion: v1
kind: Service
metadata:
name: pix-register
labels:
app: pix-register
spec:
selector:
app: pix-register
type: NodePort
ports:
- port: 8848
protocol: TCP
targetPort: 8848
# 其他后端服务Deployment和Service模板
apiVersion: apps/v1
kind: Deployment
metadata:
name: {APP_NAME}
spec:
selector:
matchLabels:
app: {APP_NAME}
replicas: 1
template:
metadata:
labels:
app: {APP_NAME}
spec:
containers:
- name: {APP_NAME}
image: {REGISTRY}/{HARBOR_NAMESPACE}/{APP_NAME}:v{BUILD_NUMBER}
imagePullPolicy: Always
ports:
- containerPort: 4000
protocol: TCP
livenessProbe:
failureThreshold: 3
tcpSocket:
port: 4000
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
tcpSocket:
port: 4000
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: "1000m"
memory: "1Gi"
limits:
cpu: "2000m"
memory: "4Gi"
imagePullSecrets:
- name: {HARBOR_KEY}
---
apiVersion: v1
kind: Service
metadata:
name: {APP_NAME}
labels:
app: {APP_NAME}
spec:
selector:
app: {APP_NAME}
type: NodePort
ports:
- port: 4000
protocol: TCP
targetPort: 4000
2、pig-ui服务
apiVersion: apps/v1
kind: Deployment
metadata:
name: pig-ui
spec:
selector:
matchLabels:
app: pig-ui
replicas: 1
template:
metadata:
labels:
app: pig-ui
spec:
containers:
- name: pig-ui
image: reg.istack.com/demo/pig-ui:v1
imagePullPolicy: Always
ports:
- containerPort: 80
protocol: TCP
livenessProbe:
failureThreshold: 3
tcpSocket:
port: 80
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
tcpSocket:
port: 80
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: "1000m"
memory: "1Gi"
limits:
cpu: "2000m"
memory: "4Gi"
volumeMounts:
- name: timezone
mountPath: /etc/localtime
imagePullSecrets:
- name: harborkey
volumes:
- name: timezone
hostPath:
path: /usr/share/zoneinfo/Asia/Shanghai
---
apiVersion: v1
kind: Service
metadata:
name: pig-ui
labels:
app: pig-ui
spec:
selector:
app: pig-ui
type: NodePort
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
nodePort: 30080
六、Pod水平自动伸缩(基于内存和CPU)
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: {APP_NAME}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {APP_NAME}
minReplicas: 2
maxReplicas: 4
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 60
- type: Resource
resource:
name: memory
target:
type: AverageValue
averageValue: 3072Mi
七、Pod垂直伸缩
apiVersion: autoscaling.k8s.io/v1
kind: VerticalPodAutoscaler
metadata:
name: {APP_NAME}
spec:
targetRef:
apiVersion: "apps/v1"
kind: Deployment
name: {APP_NAME}
updatePolicy:
updateMode: "Off"
八、TKE接入Kuboard
参考:https://kuboard.cn/install/v3/install.html
